We just finished with our reassessment audit and passed with no NCs and 2 OFIs.:)

Congratulations, take a deep breath and enjoy the serenity!

Indeed, Doug!! That's quite an accomplishment (from my limited experience :lol:) and definitely something to be proud of.... :applause:

We just finished with our reassessment audit and passed with no NCs and 2 OFIs.:)

Doug,

Congratulations! :applause: :applause:

A significant raise for you is deserved...:agree1:

Stijloor.

Congratulations on your success.

Congratulations on a job well done.

Ensure that everyone at your organization understands that certification is just the beginning.

It takes a lot of effort to maintain the quality management system and keep everyone motivated to work with it.

Congratulations Doug.

Can you give us a bit more information about the audit:
Was there a noticeable change in emphasis (focus on hot topics etc) from previous major ISO audits?
What was the audit team like (in terms of knowledge, coverage, and interaction with you)?
What were your areas of weakness, how are you addressing them?

Congratulations Doug.

Can you give us a bit more information about the audit:
Was there a noticeable change in emphasis (focus on hot topics etc) from previous major ISO audits?
What was the audit team like (in terms of knowledge, coverage, and interaction with you)?
What were your areas of weakness, how are you addressing them?

Thanks to all for the kind words.

We had a one person auditor team and this was the third time he has audited us. He is a microbiologist and seems very knowledgeable and fair - doesn't play "gotcha" and comes across as being geniunely interested in helping our organization.

There was a hightened emphasis on risk management and a "suggestion" that, rather than mainly relying on the number of complaints to assess customer satisfaction, we utilize other measurment tools such as customer satisfaction surveys.

Our two OFIs were related to not using a large enough sample size for the employee training portion of our internal audit and for failing to adequately document the reason for extending the due date on a CAPA.

I believe we could improve our CAPA efforts in general, particularly in the area of root cause analysis. We are also looking at software to improve the document control process.

Congrats Doug. We are looking to start down the road of 13485 certification. I am alos looking at software to handle document managment. So far i have looked at ISOExpress, Quality Collaboration By Design, and possibly Grand Avenue. All have pros and cons. What are you looking at for software? Thanks.

Mike

That's good to hear.

Risk management is definitely under the spotlight, even though it is far from a new issue. I'm gradually seeing compliance and improvement across the industry, with a few companies implementing excellent systems (that are actually functional rather than just being "pretty'! :D).


Customer feedback/customer satisfaction is still fairly weak around the place, with - as you indicated - a bit too much tunnel-vision on complaint management.


I'm seeing a gradual increase in electronic QMS, but the major integrated systems are generally still too costly for the small/medium businesses that form the bulk of the medical device industry. The odd module (e.g. document management) is seen fairly often.

Some of the integrated systems are jaw-droppingly good though, and likely to be the way forward for an increasing proportion of companies in the future. So I think I'd like to see a bit more long-term planning in this area, especially from companies that intending to grow significantly over the next few years.

So far i have looked at ISOExpress, Quality Collaboration By Design, and possibly Grand Avenue. All have pros and cons. What are you looking at for software? Thanks.

Mike

I recommend looking at MQ1 by CEBOS. I have used it in the past, and they are very good at linking things together (which is the benefit of not going modular), as well as continually improving the software. I have seen others that do minimal improvements and are really starting to lose their luster.

Congrats Doug. We are looking to start down the road of 13485 certification. I am alos looking at software to handle document managment. So far i have looked at ISOExpress, Quality Collaboration By Design, and possibly Grand Avenue. All have pros and cons. What are you looking at for software? Thanks.

Mike

We have checked out Knowledge Tree, Alfresco, and SharePoint amongst others, but have not made any decisions yet.

:applause:Congrats! We're getting ready for our first ISO certification audit in July. I hope we do as well as you!

:applause:Congrats! We're getting ready for our first ISO certification audit in July. I hope we do as well as you!

Thanks and good luck with your certification. There is alot of valuable info and insight here on the Cove that you can draw on if you need help with your preparations.

Doug - thanks for the info. The solutions I am looking at include doc management as part of a quality management system.

Mike :)

Check out Arena Solutions. It's web based, inexpensive and easily deployed.

Congratulations!!!!!!!!:applause:

What did your auditor consider to be an adequate sample size?

What did your auditor consider to be an adequate sample size?

A minimum on one employee's training records from each of our job classifications.

Congratulations! This is a great achievement and something your company should be proud of!

Greetings from Mexico
A. Rios

Congratulations! This is a great achievement and something your company should be proud of!

Greetings from Mexico
A. Rios

Thanks. We have a plant located in Laredo, Texas so I get to go down there and audit each year.

Doug, Congratulations. Did your Registrar audit you using "Process Audit" techniques or "Element Auditing"? Did the Registrar strictly audit ISO 13485:03 or did the Lead Auditor also look at the Regulatory and Statutory Requirements? Example: 21 CFR 820? Thank you.:rolleyes:

We just finished with our reassessment audit and passed with no NCs and 2 OFIs.:)

Doug,
Does your auditor look at OFIs during the next audit, if no action was taken, then consider them a nonconformance?

Phil

I'll be interested in seeing Doug's response, this one can certainly be contentious.

For myself, I like to see a formal system - whatever form that takes* - to review our non-NCR audit findings (aka Observations, OFIs, feedback, commentary, etc etc).
After all, the requirement in 5.6.2 (a) is "results of audits". It doesn't say "review of NCRs".


Now maybe the OFI is reviewed and it is considered that no action needs to be taken. Or perhaps that it's a great idea - but that the company can't dedicate the resources to it this year.
Or maybe even that the auditor is talking complete rubbish. :notme:


But to have no evidence that the OFIs have been reviewed at all? I don't like that.
Is it an automatic Minor CAR against 5.6.2 (a)? Clearly not, it depends on the situation.


*that can perhaps be a post-audit review meeting, part of Management Review, all OFIs automatically entered into the CAPA programme...whatever the company likes.

Obviously if action (probably preventive action) needs to be taken, then that should be managed, resourced and evaluated for effectiveness like any other project.


But, like I said, this one can be contentious. :)

Our registrar (SGS) practices this method. All nonconformance’s and OFI are reviewed and addressed in some manner. I am not sure of all of the nuances, this is an area that my boss the Director of QA/RA addresses.

Phil

I work as a contract third party auditor for ISO 13485 and I don't raise OFI to NC's unless a true NC exists. It is up to the company to consider OFI's

Thanks for your reply Doug,

If you ever need help during audits in Nuevo Laredo Mexico or another local town please let me know. I work as a contract auditor for two registrars, mostly doing Medical Device assessments.

Take care
A. Rios

Doug, Congratulations. Did your Registrar audit you using "Process Audit" techniques or "Element Auditing"? Did the Registrar strictly audit ISO 13485:03 or did the Lead Auditor also look at the Regulatory and Statutory Requirements? Example: 21 CFR 820? Thank you.:rolleyes:

The audit was conducted using the process technique for the most part. In addition to auditing ISO 13485:03, ISO 11135-01:2007 was also covered.

Doug,
Does your auditor look at OFIs during the next audit, if no action was taken, then consider them a nonconformance?

Phil

Phil, These were the first OFIs we have received from this particular auditor so I'm not sure what actions he will take at our next audit. Although we do not have a formal procedure for addressing audit OFIs, we do always evaluate their merits and act accordingly.

I work as a contract third party auditor for ISO 13485 and I don't raise OFI to NC's unless a true NC exists. It is up to the company to consider OFI's

Ola Alberto, que pasa? Long time no speak!

I don't think anyone is arguing that NCs should be written as OFIs. (Disclaimer - occasionally a client will fix a NC whilst I'm onsite, including addressing the root cause. In those circumstances I will often raise a comment to that effect, just for completeness.)


However, my question to you is: if the company hasn't considered the OFIs...what do you do?
Do you spend your time tracking down the previous issues to see if an NC now exists?
Or is it an automatic NC that they haven't reviewed feedback on the status on the quality management system? (e.g. against 8.5.1, failure to analyse data)
Or something else?


(As a devious sort, I can probably argue it coherently from all sides :lmao:)