Version control is the single most common reason auditors write up a nonconformance — not missing procedures, not bad ones, but the wrong one still being followed on the floor. The scenario repeats itself across ISO 9001, BRCGS, and CQC inspections alike: a technician is using SOP Rev C, the approved version is Rev E, and nobody can explain when or why the update happened. For maintenance teams, where a superseded lockout-tagout or cleaning procedure carries real safety risk, that gap isn't paperwork — it's the actual finding.
Give Every SOP One Current Version, Everywhere
Controlled revisions, e-signature approval, and training records linked to the exact version a technician saw — audit-ready by default.
What "Version-Controlled" Actually Requires
ISO 9001 Clause 7.5 doesn't ask for more documents — it asks for control over the ones you already have. Every SOP needs a unique identifier, a review and approval step before release, a traceable record of what changed and why, and a way to stop anyone from working off an obsolete copy once a new one is issued.
| Requirement | What An Auditor Checks |
|---|---|
| Unique identification | Document number, title, revision level, and date on every SOP |
| Review and approval | Who approved it, when, and evidence they had the authority to |
| Revision history | What changed between versions, and the reason for the change |
| Obsolete document control | Old versions withdrawn from use the moment a new one is issued |
| Availability at point of use | The current version reachable where the work is actually done |
Same Requirement, Different Regulator
ISO 9001
Clause 7.5 requires approval before use, a traceable change record, and only the current version accessible to staff.
BRCGS
Food safety procedures must be current, controlled, and matched to what staff are actually trained and observed doing.
CQC
Policies and procedures must be kept up to date, with staff able to demonstrate they're working from the current version.
Maintenance Teams
Lockout-tagout, permit, and calibration SOPs carry safety consequences if the wrong revision reaches the floor.
The SOP Lifecycle, End To End
Draft & Review
A change is proposed, drafted against the existing SOP, and reviewed for technical accuracy before it goes further.
Approve & Sign
An authorised approver signs off the new revision, and that signature, timestamp, and reason are logged permanently.
Train & Record
Affected technicians are trained on the new version, and completion is logged against their individual training record.
Revise & Retire
The previous revision is locked from active use and archived, so it can be referenced but never followed by mistake.
Stop Finding Out About Version Gaps From An Auditor
Automatic obsolete-version lockout, e-signature approval, and training records tied directly to each SOP revision.
How OxMaint Manages SOP Version Control
Controlled Revision History
Every change, approver, and timestamp is logged automatically, with nothing editable outside the approval workflow.
E-Signature Approval
Authorised approvers sign off each new revision electronically, with authority level recorded alongside the signature.
Training Records Linked To Version
Completed training is tied to the exact SOP revision a technician was trained on, not just the document name.
Obsolete Version Lockout
Superseded SOPs are removed from active circulation the moment a new revision is approved, everywhere they're accessed.
A signed SOP that no one can prove was trained against is still a finding waiting to happen. Sign up free to see revision history, sign-off, and training records held together instead of across three separate systems.
Frequently Asked Questions
What does ISO 9001 actually require for SOP version control?
Clause 7.5 requires unique identification, review and approval before use, a traceable record of changes, and controls that prevent obsolete versions from being used unintentionally.
Why is version control the most common audit finding?
The typical failure isn't a missing procedure, it's an operator working from a superseded copy while the approved revision sits somewhere else, which auditors specifically test for.
Do maintenance-specific SOPs need the same version control as quality SOPs?
Yes, and often with higher stakes, since a superseded lockout-tagout or permit procedure carries a direct safety risk if it's followed instead of the current version.
How should training records be linked to SOP revisions?
Each training record should reference the specific revision a technician was trained on, so a version update automatically flags who needs retraining rather than assuming everyone is current.
Can a spreadsheet-based document register satisfy version control requirements?
It can technically work, but manual renaming and tracking are exactly where audit trails break down, which is why most growing teams move to a controlled electronic system instead.
Make Version Control An Audit Non-Issue
Controlled SOPs, e-signature approval, and training records in one system built for ISO 9001, BRCGS, and CQC evidence.







