There are three permissions relating to the Change Control module:
All three permissions are included in the user groups, Global Editor (excluding admin and personnel records) and Global Editor (excluding admin).
The permission, Change Control: View Changes is included in the roles, Global Viewer (excluding admin and personnel records) and Global Viewer (excluding admin).
Site Admins automatically have these permissions.
As with records in other modules, to delete a change control record, a user requires the permission, Records:Delete Records.
In addition to conventional permissions, the Change Control module allows users to EDIT a specific change record if they:
In the same manner, users are allowed to VIEW a specific change record if they submitted the request.
There are external forms available for users and non-users of iPassport to report Incidents, Non Compliances and Change Control Requests. This section focuses on change control requests; more details about external forms are available in the user guide, System Preferences.
The forms can be enabled or disabled according to company practices. If they are enabled, it is necessary to declare a default Organisational Unit to ensure all the forms have an initial landing place. The New Change Control form has an OU field for those who know where to direct the request so the default OU is there as a safety net.
To set up availability of New Change Control forms:
The link to the form can be circulated as required; it’s created by adding the suffix, ‘/request_changes’ to the account URL (e.g., https
The whole change control process is driven by tasks to ensure any given project doesn’t end up unattended. The first step after a change control request is submitted is to triage it. This section allows selecting who should be informed when an external form is submitted to their OU. It also allows defining a list of users who will be tasked with performing the triage of the incoming request. Once one of the users completes the triage, the tasks become invalid for the rest of the triage team.
There are also some security settings for the PDF copies of any printed change control projects. Each OU can have different users and settings for their departments.
To set up the users responsible for receiving new Change Control requests in a given OU:
and then, to select the triage team:
The Triage Team (Triage Users) is only responsible for new Change Control requests submitted to its OU.
When a new form is submitted all members of the triage team will be tasked to triage the change control request. Only one person may actually perform the triage and once completed, any tasks for other team members will be automatically invalidated.
It is not necessary to set up a triage team. Any user with permission to edit change control records (in the record’s OU) can triage new records, they just will not receive ‘Change Control Triage’ tasks when new requests are submitted.
Please refer to the next article for Risk Assessment settings.