Wednesday, 18 May 2022

Key Steps Involved in ISO 13485 Internal Auditing Practices


ISO 13485:2016 specifies necessities for a quality management system where an organization wants to prove its capability to deliver medical devices and related services that constantly meet consumer and applicable regulatory requirements. Such organizations can be involved in one or more stages of the life-cycle, with design and development, production, storage and supply, installation, or servicing of a medical device and design and development or provision of associated activities. ISO 13485:2016 can also be used by suppliers or external parties that deliver product, including quality management system-related services to such organizations.

The ISO 13485 internal audit process as one more essential evil required for ISO 13485 certification and maintenance. Some think of it as a waste of time, simply duplicating the work of the certification body; others see it as a witch hunt, looking for mistakes, or searching for someone to blame or discipline. In truth, the internal audit is neither of these things, these are certainly not the intent.

Steps to Follow During ISO 13485 Audit

The purpose of the internal audit is to inspect processes more closely and try to identify areas for improvement. As a process owner, it can be very helpful to step away for a moment and permit a second set of eyes to look for opportunities that may have missed. The purpose is not to criticize, but rather to find ways to streamline processes so that they work more efficiently. So, here are the five key steps in the internal audit process, with tips for how to best use this process to the advantage of company.

·     Plan and announce the ISO 13485 audit schedule: The audit is not about surprising people so “catch them in the act” of doing something wrong. When do that, top management sends a clear message that they don’t trust their employees, and in turn, employees may try to protect themselves by hiding data or giving false information. So, with this in mind, it is significant to set up a clear audit schedule, and make sure that everybody knows when each process will be audited – even if it’s just a rough guideline to start. The ISO 13485 Audit shows an assurance from management to supporting employees in their efforts to improve their processes. It also permits those in charge of a process to finish up any improvements they are currently working on, so they can get a clear view of the influence of those changes, and also process owners may wish to make special requests for the auditor to look for particular information associated to other planned improvements.

·    Plan the individual process audits: Now that everybody has an idea of when to expect an ISO 13485 audit, need to plan and schedule the audits of each individual process. This permits both auditor and auditee to find a time that works for each, and a timeline that is comfortable. This is also a good time to go over previous ISO 13485 audit checklist reports to determine what follow-up might be required, and to talk about any areas that either party would like to pay extra attention to. Taking the time to plan the audit well is the best way to make sure that both the company and the process owner will advantage from the audit process.

·      Conduct the ISO 13485 audit: To begin, the auditor and process owner should meet to discuss the audit plan, and make sure it is complete and ready to go. Then, the auditor can go to work gathering the evidence they want to determine whether the process is functioning as it should, according to the Quality Management System for Medical devices, and if it is producing the desired results. This information can be assembled through analyzing key process data, reviewing records, talking with employees, or observing the process itself. During the process, it is appreciated if the ISO 13485 auditor can point out any areas that do not have sufficient evidence that they are functioning as expected, or any areas they notice that could be enhanced.

·    Report on the audit: The ISO 13485 audit is complete, then the auditor should hold a closing meeting with the process owner to communicate any findings right away, such as any faintness in the process, any particularly positive observations, or any areas that are functioning as expected, but that could be better. A written report should be provided as documentation.

·     Improvements: Of course, just like any other part of the QMS in medical device manufacturers, improvements are key to a successful audit. If problems were found, and corrective actions taken, it is critical to follow up and assure that the problems were truly addressed. If improvement projects were implemented based on opportunities found during the audit, then assembly data to see just how much the process has enhanced will motivate employees and management to look for more opportunities for improvement.

The internal audit as a necessary evil for maintaining compliance in the organization, a management or quality personnel can use the ISO 13485 internal auditor training as a way to understand, monitor and improve upon company’s processes. As ISO 13485 places heavy emphasis on process improvement within the Quality Management System, this should be a key motivator for company, not to mention the other benefits that go along with improvement, like enhanced efficiency in terms of costs and time. Allow internal audit to bring value to QMS, and to company.

3 comments:

  1. Amazing details given. Thanks for sharing such a great blog Keep posting..
    iso 13485 malaysia

    ReplyDelete
  2. Thanks you for sharing this unique useful information content with us. Really awesome work.iso 13485 internal auditor training

    ReplyDelete
  3. Good content, The ISO 22000 Awareness Training course can help to understand the ISO standard, as well as structure of ISO 22000, along with the new changes in the standard.

    ReplyDelete