Skip to content

Internal Audit Report

Audit Identification: IA202509
Area: Document Control
Audit Date: 26th September 2025
Auditor: Sean Ashton
Date Completed: 26th September 2025
Findings: 0 Non-conformities, 0 Observations
Scope: Clause 7.5 (Documented Information)
Document Number: FORM_INTAR001 Rev 1 ID 01/09/2025

Executive Summary

The internal audit of Document Control processes has confirmed full compliance with the requirements of ISO 9001:2015, ISO 14001:2015, and ISO 45001:2018 Clause 7.5 (Documented Information). The audit assessed both document and records management systems, finding robust procedures in place with effective implementation. The transition to cloud-based storage completed in June 2025 has enhanced accessibility whilst maintaining control. No findings requiring corrective action were identified during this audit.

Introduction

This audit examined A M Water Services Limited's Document Control system as part of the comprehensive internal audit programme. The audit focused on the creation, approval, distribution, retention, and control of both internal and external documented information across the Integrated Management System. The assessment covered both document management (S.O.P_4.6) and records control (S.O.P_4.7) procedures.

Aims & Objectives

  1. Verify compliance with ISO Clause 7.5 requirements for documented information
  2. Assess the effectiveness of document control procedures and their implementation
  3. Confirm proper management of both internal documents and external standards
  4. Evaluate records retention and protection mechanisms
  5. Review GDPR compliance for sensitive documentation
  6. Determine the effectiveness of cloud-based storage systems implemented in June 2025

Audit Method

  • Document Review: S.O.P_4.6 Document Control (Issue 2, 01/06/2025), S.O.P_4.7 Control of Records (Issue 2, 01/06/2025), Master Document & Record Index (current version), APP_02 ISO Clause Application Matrix (Issue 1, 01/06/2025), sample of controlled documents with revision tracking
  • Interviews Conducted: HSQE Consultant, Administrative staff, Site Supervisors
  • Observations: Cloud storage system demonstration, document approval process, records filing procedures, external document management
  • Sampling: Document revisions from past 3 months, training records, site inspection reports, external standards register

Non-conformities

No non-conformities identified.

Observations

No observations identified.

Corrective Action Summary

Not applicable - no non-conformities identified.

Conclusions

The Document Control system demonstrates effective management of documented information across all three ISO standards. The structured approach implemented through S.O.P_4.6 and S.O.P_4.7 provides clear processes that are being followed consistently.

Areas meeting requirements:

  • Document creation and approval processes functioning effectively with appropriate authorisation
  • Master Document & Record Index maintained and current
  • Cloud-based storage providing secure, accessible document management
  • Retention periods clearly defined and being observed
  • GDPR requirements incorporated into sensitive document handling
  • External documents identified and managed appropriately
  • Version control preventing use of obsolete documents
  • Periodic review processes functioning as designed
  • Subscription tracking for external standards maintained

The system shows particularly strong integration with operational needs, with documents readily accessible to field teams via cloud storage whilst maintaining control. The recent system implementation in June 2025 has been well-embedded, with staff demonstrating good understanding of document access procedures.

The balance between control and accessibility is appropriate for a company of this size, avoiding unnecessary bureaucracy whilst ensuring compliance. The involvement of both directors in the approval process ensures senior management oversight without creating bottlenecks.

Recommendations

  1. Implement visual status indicators on site notice boards showing current document revision numbers for key operational procedures, enabling quick field verification of document currency

  2. Develop a quarterly document control bulletin summarising any significant document changes, to be included in toolbox talks, enhancing operative awareness of system updates

  3. Create a simple one-page guide for new starters explaining how to access documents via the cloud system and the importance of checking revision status

  4. Consider establishing document owner roles for critical procedures, assigning specific individuals responsibility for periodic review reminders and content accuracy

Feedback & Acknowledgments

Full cooperation was received from all personnel during the audit. The administrative team demonstrated comprehensive knowledge of document control requirements and showed clear pride in maintaining organised, accessible records. Particular note should be made of the smooth transition to cloud-based storage, accomplished without any reported issues or loss of document control.

Audit Report Prepared By

Name Position Signature Date
Sean Ashton HSQE Consultant S. Ashton 26/09/2025
Aaron Mason Director A. Mason 26/09/2025

Corrective Action Close Out

Not applicable - no corrective actions required.