evidence

Evidence in industrial and regulated environments commonly refers to documented, objective information used to demonstrate that specific processes, controls, or requirements have been implemented and are functioning as intended.

In practice, evidence can take many forms, such as records, system logs, completed checklists, calibration certificates, training records, change tickets, production batch reports, or screenshots from MES, ERP, or quality systems. The key characteristic is that the information is reliable, traceable, and can be independently reviewed.

Use in audits and inspections

Auditors and inspectors request evidence to verify compliance with internal procedures, external standards, and regulatory requirements. For example, in an ISO 27001 or ISO 9001 context, evidence is used to show that controls are in place, risk assessments are performed, and corrective actions are tracked. In manufacturing, evidence often supports topics such as batch genealogy, equipment maintenance, change control, and training effectiveness.

Evidence may be:

• Documentary: procedures, specifications, test reports, deviation reports
• Recorded data: sensor data, electronic batch records, audit trails, system logs
• Operational records: work orders, maintenance logs, nonconformance reports, CAPA records
• Objective observations: inspection results, photos, or notes captured during walkthroughs

Evidence is often subject to document control and record retention rules, including how long it is kept, how it is protected, and how changes are tracked.

Operational considerations

In day-to-day operations, planning for evidence typically involves:

• Defining which records or data points demonstrate that a requirement is met
• Ensuring systems (MES, QMS, ERP, IT/OT logs) reliably capture and retain those records
• Ensuring traceability to products, batches, equipment, users, and timestamps
• Making evidence retrievable in a structured way for audits, investigations, or management review

Common confusion

Evidence vs. documentation: Documentation usually refers to written procedures, instructions, or policies. Evidence is the resulting proof that these documents are followed in practice, for example a completed record or log.

Evidence vs. justification: Justifications explain why a decision was made. Evidence supports that the decision was implemented and monitored as described.

Link to the ISO 27001 context

In an ISO 27001 information security management system, evidence commonly includes risk assessments, statements of applicability, access reviews, incident logs, backup test records, and change records. Auditors review recent and sometimes historical evidence to confirm that controls are operating consistently and that decisions documented in the management system are applied in practice.