Supplier Qualification Audit on site or off site?

Z

zhang126

Hi,

Is there any regulation say supplier qualification audit must be done on site? For a supplier who has many good certificates, e.g. ISO 13485, is it good enough to have a paper audit in distance to qualify it as our supplier?
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
zhang126 said:
For a supplier who has many good certificates, e.g. ISO 13485, is it good enough to have a paper audit in distance to qualify it as our supplier?
Click to expand...
A certificate that a quality system is in compliance with a standard, e.g., ISO 13485, should NEVER be the only criteria to qualify a supplier. Provided that the certificate is trustworthy and you can have confidence in it, it can (and should be) used as a COMPONENT of a supplier oversight process. How critical is the supplier? What risks do they represent to you? Have you had any history with them? What is their historical performance? There are many other issues that should be evaluated when selecting and maintaining suppliers.
 
Kales Veggie

Kales Veggie

People: The Vital Few
Sidney Vianna said:
A certificate that a quality system is in compliance with a standard, e.g., ISO 13485, should NEVER be the only criteria to qualify a supplier. Provided that the certificate is trustworthy and you can have confidence in it, it can (and should be) used as a COMPONENT of a supplier oversight process. How critical is the supplier? What risks do they represent to you? Have you had any history with them? What is their historical performance? There are many other issues that should be evaluated when selecting and maintaining suppliers.
Click to expand...

Exactly.
 
Ajit Basrur

Ajit Basrur

Leader
Admin
zhang126 said:
Hi,

Is there any regulation say supplier qualification audit must be done on site? For a supplier who has many good certificates, e.g. ISO 13485, is it good enough to have a paper audit in distance to qualify it as our supplier?
Click to expand...

If a supplier has a ISO 13485 cert, he fulfils your basic requirements but auditing that supplier is required to check for other aspects mainly on his technical capabilities. The ISO 13485 is a quality management system and may not reveal his technical competence which is very vital for your product / part, isnt it ? :D
 
R

rclanzillotto

To your question Zhang..no there is no such regulation requirirng you to do an on-site evalutation. I agree with the others in that supplier qualification should not be based on ISO 13485 certification alone. However it is an excellent starting point. I personally do not go in and conduct a redundant quality audit but instead zero in in the procedures and processses directly relating to the component i am receiving. Best regards
 
B

brahmaiah

zhang126 said:
Hi,

Is there any regulation say supplier qualification audit must be done on site? For a supplier who has many good certificates, e.g. ISO 13485, is it good enough to have a paper audit in distance to qualify it as our supplier?
Click to expand...
There is no requirement in the standard(ISO 9001) that you should audit your supplier at site.All that is required is you should evaluate your supplier before purchasing as per a documented critaria for approval and records of supplier evaluation shall be available.Read the standard:

"The organization shall evaluate and select suppliers based on their ability to supply product in accordance with
the organization's requirements. Criteria for selection, evaluation and re-evaluation shall be established.
Records of the results of evaluations and any necessary actions arising from the evaluation shall be maintained
(see 4.2.4)".
V.J.Brahmaiah
 
Sidney Vianna

Sidney Vianna

Post Responsibly
Leader
Admin
brahmaiah said:
There is no requirement in the standard(ISO 9001)
Click to expand...
Please note that this thread was placed in the ISO 13485 Forum. The OP asked about regulatory requirements that would force an organization to physically assess their suppliers "in loco". Regulation examples: USA FDA QSR, EU Medical Device Directive, etc.
 
Ajit Basrur

Ajit Basrur

Leader
Admin
brahmaiah said:
There is no requirement in the standard(ISO 9001) that you should audit your supplier at site.All that is required is you should evaluate your supplier before purchasing as per a documented critaria for approval and records of supplier evaluation shall be available.Read the standard:

"The organization shall evaluate and select suppliers based on their ability to supply product in accordance with
the organization's requirements. Criteria for selection, evaluation and re-evaluation shall be established.
Records of the results of evaluations and any necessary actions arising from the evaluation shall be maintained
(see 4.2.4)".
V.J.Brahmaiah
Click to expand...


The question refers to the suppliers catering to the medical device industry. This is a heavily regulated industry and the requirements of ISO 9001 may not hold valid.
 
K

koes0030

There is no requirement that an on-site audit must be performed. It is up to your company to establish supplier approval and monitoring requirements commensurate with the criticality/risk of the product/service being provided.

Just to give you an example of what we do... we have our suppliers broken up into 3 tiers based on criticality. The Level 1's are the most critical suppliers (implants, sterilization)... these suppliers are audited on-site at least every 2 years, more if we have concerns with their quality. Level 2's are moderate criticality (instrument manufacturers, calibration labs, passivation, etc.)... in order to be approved, an on-site audit is required. Every year we we review the Level 2's to determine what kind of monitoring is needed. We then document what monitoring method will be used and justify why. Some are audited on-site, some we do a performance/record review, some we do a very focused desk audit. Level 3's are low risk (pest control, printing companies, UPS, etc.). Some initial evaluation is needed during the approval process, but no audit is needed.

In summary, use a risk-based approach to determine when audits are needed. When audits are over-kill, determine some other suitable method for evaluation, and document why that is OK. As long as you can justify it and it makes good sense, you should be fine.
 
Z

zhang126

Thank you all above!

By using FDA's phrase, "it depends ..."

If we got enough documented evidance by paper audit in distance, it may be a good chance to skip audit on site until FDA or an EU competent authority say "you need more of ..."

Do you agree?
 
You must log in or register to reply here.

Similar threads

T
Subcontractors audit
Replies
3
Views
204
ttylda
T
S
13485 Internal auditor qualifications
Replies
7
Views
585
SamKD
S
Q
Leveraging Audit Report from Previous Job
2
Replies
14
Views
873
Golfman25
G
P
Facility Preparation
2
Replies
13
Views
650
DanMann
D
M
AS9100 v. AS9120 and Contract Manufacturing
Replies
4
Views
135
Sidney Vianna
Sidney Vianna
Top Bottom