ISO 21502:2020 Clause 7.16 Information and documentation management

Project Management 12 Minutes

7.16.1 Overview

The purpose of information and documentation management is to enable relevant and reliable information (physical and digital) to be available to those undertaking work and making decisions.
Information and documentation management comprises the secure and timely collection, storage, analysis, distribution and maintenance of accurate information necessary for activities such as planning, undertaking and auditing work, and supporting lessons learned and knowledge management. Information and documentation should be available and accessible for historical reference. Activities should include the establishment of a system for receiving, securely storing and identifying information and documentation, which needs to be managed and accessible. Project-related information and document management can need to be undertaken in accordance with the organization’s information management and retention policies.

Information and documentation management in project management refer to the systematic process of creating, organizing, storing, retrieving, sharing, and controlling project-related information and documentation throughout the project lifecycle. It involves managing various types of information, including project plans, schedules, requirements, progress reports, communication records, contracts, and other relevant documents. Effective information and documentation management are essential for ensuring transparency, accountability, collaboration, and knowledge transfer within project teams and with stakeholders. Key aspects of information and documentation management include:

  1. Creation and Capture: This involves generating project-related information and documentation, such as project charters, scope statements, work breakdown structures (WBS), schedules, and reports. Information and documents may be created by project team members, stakeholders, or through automated systems and tools.
  2. Organization and Classification: Information and documentation should be organized and classified in a logical and systematic manner to facilitate easy retrieval and reference. This may involve creating folders, directories, or databases with clear naming conventions, metadata, and taxonomy to categorize and label documents appropriately.
  3. Storage and Repository: Project information and documentation should be stored in secure and accessible repositories or document management systems. These systems may include cloud-based platforms, shared network drives, or project management software tools that offer version control, access controls, and backup capabilities to ensure data integrity and availability.
  4. Access and Permissions: Access to project information and documentation should be controlled to ensure confidentiality, integrity, and privacy. Role-based access controls (RBAC) may be implemented to restrict access to sensitive or proprietary information to authorized individuals or groups based on their roles and responsibilities.
  5. Retrieval and Search: Project team members and stakeholders should be able to retrieve and search for relevant information and documentation quickly and efficiently. This may involve using search functionalities, filters, or indexing systems to locate specific documents based on keywords, metadata, or content.
  6. Distribution and Sharing: Information and documentation should be distributed and shared with project team members, stakeholders, and other relevant parties as needed. This may include sending reports, updates, or deliverables via email, collaboration platforms, project portals, or formal meetings.
  7. Version Control and Change Management: Version control mechanisms should be implemented to track changes, revisions, and updates made to project documentation over time. This helps prevent confusion, errors, or inconsistencies resulting from outdated or conflicting versions of documents.
  8. Retention and Archiving: Project information and documentation should be retained and archived according to project requirements, organizational policies, and legal/regulatory obligations. This ensures that valuable project knowledge and historical records are preserved for future reference, audits, or compliance purposes.
  9. Disposal and Destruction: At the end of the project or document lifecycle, information and documentation should be disposed of or destroyed securely and in compliance with data protection and privacy regulations. This may involve shredding physical documents or securely deleting digital files to prevent unauthorized access or disclosure.
  10. Quality Assurance and Compliance: Information and documentation management processes should adhere to quality assurance standards, best practices, and compliance requirements relevant to the project, industry, or organization. This may involve conducting regular audits, reviews, or assessments to ensure adherence to standards and guidelines.

Overall, effective information and documentation management are essential for supporting project execution, decision-making, collaboration, and knowledge sharing, ultimately contributing to project success and organizational effectiveness.

The purpose of information and documentation management is to enable relevant and reliable information (physical and digital) to be available to those undertaking work and making decisions.

Information and documentation management in project management involves the systematic organization, storage, retrieval, and dissemination of project-related information and documents throughout the project lifecycle. Here are key aspects of information and documentation management:

  1. Organization: Information and documents are organized in a structured manner according to project requirements, such as project plans, schedules, contracts, technical specifications, reports, and communication records. This ensures easy access and retrieval when needed.
  2. Storage: Information and documents are stored securely in appropriate repositories, which may include document management systems, cloud storage platforms, project management software, or physical filing systems. Storage solutions should facilitate version control, access control, and backup to prevent data loss and ensure data integrity.
  3. Retrieval: Stakeholders should be able to retrieve relevant information and documents quickly and efficiently. This requires implementing effective search functionalities, indexing systems, and categorization methods to locate specific documents or information based on keywords, metadata, or attributes.
  4. Dissemination: Information and documents should be disseminated to relevant stakeholders in a timely and controlled manner. This involves determining the appropriate recipients, distribution channels, and frequency of communication to ensure that stakeholders have access to the information they need to perform their roles effectively.
  5. Version Control: Managing document versions is crucial to avoid confusion and ensure that stakeholders are working with the latest information. Version control mechanisms track changes, revisions, and updates to documents, allowing stakeholders to access the most recent versions and review revision history if needed.
  6. Access Control: Access to sensitive or confidential information should be restricted to authorized individuals or groups based on their roles and responsibilities. Access control mechanisms ensure that only approved users can view, edit, or delete certain documents, protecting sensitive data from unauthorized access or disclosure.
  7. Security: Information and document management systems should implement security measures to protect data from unauthorized access, tampering, or theft. This includes encryption, authentication, audit trails, and regular security assessments to identify and mitigate potential vulnerabilities.
  8. Retention and Disposal: Establishing policies for document retention and disposal ensures compliance with legal, regulatory, and organizational requirements. Documents should be retained for the necessary duration and disposed of securely once they are no longer needed to minimize risk and ensure compliance.
  9. Collaboration: Information and documentation management facilitates collaboration among project team members, stakeholders, and external partners by providing a centralized platform for sharing, reviewing, and collaborating on documents. Collaboration features such as commenting, version tracking, and real-time editing enhance teamwork and productivity.
  10. Audit Trails: Maintaining audit trails and logs of document activities, such as access, edits, and approvals, provides transparency and accountability. Audit trails help track document history, identify potential issues or discrepancies, and facilitate compliance with regulatory requirements or audits.

Effective information and documentation management are essential for ensuring that project stakeholders have access to accurate, up-to-date information to support decision-making, collaboration, and project success. By implementing robust information management practices, project organizations can streamline workflows, enhance communication, and mitigate risks associated with information overload, miscommunication, or data loss.

Information and documentation management comprises the secure and timely collection, storage, analysis, distribution and maintenance of accurate information necessary for activities such as planning, undertaking and auditing work, and supporting lessons learned and knowledge management.

This description aptly summarizes the comprehensive nature of information and documentation management in project management. Here’s a breakdown of the key components highlighted:

  1. Secure Collection: Ensuring that information is collected securely involves implementing measures to protect data integrity and confidentiality from the point of capture. This may include encryption during data transfer, secure data entry processes, and authentication mechanisms to verify the source of information.
  2. Storage: Information and documentation should be stored in a secure manner to prevent unauthorized access, tampering, or loss. This involves utilizing secure data storage systems, such as encrypted databases or cloud storage solutions, with appropriate access controls and backup mechanisms in place.
  3. Analysis: Analyzing the collected information involves processing and interpreting data to extract meaningful insights and trends. This may include statistical analysis, data visualization techniques, or qualitative analysis methods to derive actionable intelligence from the information gathered.
  4. Distribution: Timely distribution of information is crucial for ensuring that stakeholders have access to relevant data when needed. This involves establishing efficient communication channels and dissemination methods to deliver information to the right people at the right time, using formats and platforms that suit their preferences and accessibility.
  5. Maintenance: Regular maintenance of information and documentation is necessary to keep data accurate, up-to-date, and relevant. This includes updating records, revising documents as needed, and archiving obsolete or redundant information to ensure the integrity and usability of the repository over time.
  6. Accuracy: Maintaining the accuracy of information is essential for ensuring the reliability and credibility of project data. This involves verifying the completeness and correctness of data through validation processes, cross-referencing with other sources, and ensuring that information is free from errors or discrepancies.
  7. Support for Activities: Information and documentation management support various project activities, including planning, execution, monitoring, and control. By providing access to relevant information and resources, project teams can make informed decisions, track progress, and address issues effectively throughout the project lifecycle.
  8. Lessons Learned and Knowledge Management: Information and documentation management also play a critical role in capturing lessons learned and facilitating knowledge management initiatives. By documenting project experiences, best practices, and insights gained, organizations can leverage this knowledge to improve future project performance and decision-making.

Overall, effective information and documentation management are essential for enabling project success by ensuring that stakeholders have access to accurate, timely, and relevant information to support decision-making, collaboration, and learning processes. By implementing robust management practices, project organizations can optimize their information resources and enhance project outcomes.

Information and documentation should be available and accessible for historical reference.

Maintaining accessibility and availability of information and documentation for historical reference is crucial for several reasons:

  1. Learning from Past Experiences: Historical project data and documentation serve as valuable sources of lessons learned and best practices. By analyzing past projects, teams can identify successes, challenges, and areas for improvement, enabling continuous learning and refinement of project management practices.
  2. Facilitating Audits and Compliance: Retaining historical records ensures compliance with regulatory requirements and industry standards. Auditors may require access to project documentation to verify compliance with legal, financial, or quality assurance standards, and having historical data readily available streamlines the auditing process.
  3. Supporting Decision-Making: Access to historical information provides context and insights that can inform decision-making on current and future projects. Project managers and stakeholders can reference past performance metrics, outcomes, and stakeholder feedback to make more informed decisions and mitigate risks.
  4. Resolving Disputes and Claims: In the event of disputes or claims arising during or after a project, historical documentation can serve as evidence to support or refute claims. Having access to comprehensive records helps project teams defend against potential legal or contractual disputes and protect the organization’s interests.
  5. Preserving Institutional Knowledge: Retaining historical documentation preserves institutional knowledge within the organization. As team members come and go, maintaining access to past project information ensures continuity and prevents loss of critical knowledge and expertise.

To ensure the availability and accessibility of information for historical reference, organizations should establish robust documentation management practices, including:

  • Implementing a centralized repository or document management system to store and organize project documentation.
  • Establishing clear naming conventions, file structures, and metadata tagging to facilitate search and retrieval of historical records.
  • Regularly backing up and archiving project data to protect against loss or corruption.
  • Establishing policies and procedures for document retention and disposal to ensure compliance with legal and regulatory requirements.
  • Providing training and guidance to project teams on the importance of documenting project activities and maintaining historical records.

By prioritizing the availability and accessibility of information for historical reference, organizations can harness the full value of their project data to drive continuous improvement, informed decision-making, and long-term success.

Activities should include the establishment of a system for receiving, securely storing and identifying information and documentation, which needs to be managed and accessible.

Establishing a robust system for receiving, securely storing, identifying, and managing information and documentation is fundamental for effective project management. Here are key activities involved in this process:

  1. Establishing a Centralized Repository: Implement a centralized repository or document management system where all project-related information and documentation can be securely stored. This repository should be easily accessible to authorized stakeholders and include features such as version control and access controls.
  2. Defining Information Management Policies: Develop clear policies and procedures governing the management of information and documentation throughout the project lifecycle. These policies should address aspects such as data security, confidentiality, retention periods, access controls, and document naming conventions.
  3. Creating a Classification System: Develop a systematic classification system for organizing and categorizing information and documents based on their type, purpose, and relevance to the project. This classification system should make it easy for users to locate and retrieve specific documents when needed.
  4. Implementing Security Measures: Implement robust security measures to protect sensitive or confidential information from unauthorized access, tampering, or disclosure. This may include encryption, access controls, user authentication, data masking, and regular security audits to ensure compliance with security standards.
  5. Establishing Version Control: Implement version control mechanisms to manage changes to documents and ensure that stakeholders are always working with the latest versions. Version control systems track revisions, updates, and modifications to documents, preventing confusion and discrepancies caused by outdated information.
  6. Developing Metadata Standards: Define metadata standards and attributes to accompany each document, providing additional context and information for effective management and retrieval. Metadata may include details such as document title, author, creation date, keywords, and related project phase or category.
  7. Training and Awareness: Provide training and awareness programs to project team members and stakeholders on the importance of information management practices. Ensure that all users understand their roles and responsibilities in adhering to information management policies and procedures.
  8. Regular Review and Maintenance: Establish processes for regular review and maintenance of the information repository to ensure that documents remain accurate, up-to-date, and relevant. Remove obsolete or redundant documents, update outdated information, and archive historical records as necessary.
  9. Ensuring Accessibility and Availability: Ensure that the information repository is accessible to authorized stakeholders whenever they need to retrieve or reference project-related information. This may involve providing remote access, implementing user-friendly search functionalities, and ensuring uptime and reliability of the system.
  10. Monitoring and Continuous Improvement: Monitor the effectiveness of information management practices and solicit feedback from users to identify areas for improvement. Continuously refine and enhance information management processes based on lessons learned and emerging best practices.

By systematically addressing these activities, project organizations can establish a robust system for receiving, securely storing, identifying, and managing information and documentation, ensuring that project-related data is effectively managed and accessible throughout the project lifecycle.

Project-related information and document management can need to be undertaken in accordance with the organization’s information management and retention policies.

Adherence to the organization’s information management and retention policies is crucial for ensuring that project-related information and documents are managed in a compliant and consistent manner. Here’s how project-related information and document management align with organizational policies:

  1. Compliance: Project teams must ensure that their information management practices align with the organization’s overarching information management policies, as well as any relevant industry regulations or standards. This includes adhering to data protection laws, privacy regulations, and industry-specific compliance requirements.
  2. Retention Policies: Organizations typically have established retention policies dictating how long certain types of information or documents must be retained before they can be securely disposed of. Project teams must familiarize themselves with these policies and ensure that project-related documents are retained for the appropriate duration.
  3. Security Standards: Information security is paramount in managing project-related information and documents. Organizations often have strict security standards and protocols governing data protection, access controls, encryption, and secure transmission. Project teams must comply with these standards to safeguard sensitive or confidential information.
  4. Records Management: Many organizations have formal records management frameworks outlining the processes and procedures for managing records throughout their lifecycle, from creation to disposition. Project-related documents may fall under the purview of these records management practices, requiring adherence to classification, storage, and disposal guidelines.
  5. Information Governance: Information governance encompasses the policies, procedures, and controls governing the creation, use, storage, and disposition of information assets within an organization. Project teams should ensure that their information management practices align with the broader information governance framework established by the organization.
  6. Legal and Regulatory Compliance: Project-related information and documents may be subject to various legal and regulatory requirements, such as discovery requests, audits, or litigation proceedings. Adhering to organizational policies ensures that project teams are prepared to respond to legal and regulatory obligations in a timely and compliant manner.
  7. Training and Awareness: Organizations should provide training and awareness programs to project teams on information management and retention policies to ensure that all team members understand their responsibilities and obligations. This training may cover topics such as data handling procedures, privacy requirements, and security best practices.
  8. Auditing and Monitoring: Organizations may conduct regular audits or reviews of information management practices to ensure compliance with policies and identify any areas of non-compliance or improvement opportunities. Project teams should actively participate in these audits and implement corrective actions as needed.

By adhering to the organization’s information management and retention policies, project teams can effectively manage project-related information and documents in a manner that ensures compliance, minimizes risk, and protects the organization’s interests and assets.

Published by Pretesh Biswas

Pretesh Biswas has wealth of qualifications and experience in providing results-oriented solutions for your system development, training or auditing needs. He has helped dozens of organizations in implementing effective management systems to a number of standards. He provide a unique blend of specialized knowledge, experience, tools and interactive skills to help you develop systems that not only get certified, but also contribute to the bottom line. He has taught literally hundreds of students over the past 5 years. He has experience in training at hundreds of organizations in several industry sectors. His training is unique in that which can be customized as to your management system and activities and deliver them at your facility. This greatly accelerates the learning curve and application of the knowledge acquired. He is now ex-Certification body lead auditor now working as consultancy auditor. He has performed hundreds of audits in several industry sectors. As consultancy auditor, he not just report findings, but provide value-added service in recommending appropriate solutions. Experience Consultancy: He has helped over 100 clients in a wide variety of industries achieve ISO 9001,14001,27001,20000, OHSAS 18001 and TS 16949 certification. Industries include automotive, metal stamping and screw machine, fabrication, machining, assembly, Forging electrostatic and chrome plating, heat-treating, coatings, glass, plastic and rubber products, electrical and electronic equipment, assemblies & components, batteries, computer hardware and software, printing, placement and Security help, warehousing and distribution, repair facilities, consumer credit counseling agencies, banks, call centers, etc. Training: He has delivered public and on-site quality management training to over 1000 students. Courses include ISO/TS -RAB approved Lead Auditor, Internal Auditing, Implementation, Documentation, as well as customized ISO/TS courses, PPAP, FMEA, APQP and Control Plans. Auditing: He has conducted over 100 third party registration and surveillance audits and dozens of gap, internal and pre-assessment audits to ISO/QS/TS Standards, in the manufacturing and service sectors. Other services: He has provided business planning, restructuring, asset management, systems and process streamlining services to a variety of manufacturing and service clients such as printing, plastics, automotive, transportation and custom brokerage, warehousing and distribution, electrical and electronics, trading, equipment leasing, etc. Education & professional certification: Pretesh Biswas has held IRCA certified Lead Auditor for ISO 9001,14001 and 27001. He holds a Bachelor of Engineering degree in Mechanical Engineering and is a MBA in Systems and Marketing. Prior to becoming a business consultant 6 years ago, he has worked in several portfolios such as Marketing, operations, production, Quality and customer care. He is also certified in Six Sigma Black belt .

Published

Leave a ReplyCancel reply