Going further offtopic about ISO...
At my graduation place we had ISO9001 stuff too. All footprints, symbols , datasheets, etc. should be 'released' (thus verified) and organized on the servers. So we don't update datasheets, we like to work with outdated ones (the documentation for 'updating' an datasheet is horrible).
Even more funny was that yes we release stuff, but the idea of releasing verified and examined material was never performed. If I looked in the workshop with past prototypes, lots of bodges and most of them were incorrect footprints or symbols. Classic mistakes. On my boards too, despite everything was verified and checked (as I was to believe). The ISO didn't help in that at all, it only gave extra paperwork and signing to do..
I hate it too. It can be useful, but then all procedures should be thought off clearly and also followed. ISO was required there because they wanted to manufacture high-tech and medical equipment, where it apparently is required or boosts sales ('confidence factor'), which I understand
Edit:@GK; that's how it works. You know how ISO certification went at grad company? One guy looks at your procedures, your product(s) and other crap. To reduce 'audit' time, they decided it was a great idea to drive 70km to a restaurant in Amsterdam, spent 1.5 hours dinner there, and drive 70km back again. "There were no issues"
Total lunch time: ~4 hours. Total audit time: ~2 hours. Now the day is 'over' (6 hours mate? Where do I sign?) and he left.