The Cove Business Standards Discussion Forums
Monitor the Elsmar Forum
Courtesy Quick Links

Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services

International Quality Services

Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum

Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining

Ajit Basrur
Claritas Consulting, LLC

International Standards Bodies - World Wide Standards Bodies

AIAG - Automotive Industry Action Group

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology

Single Post View
Old 16th May 2018, 11:58 AM
regork's Avatar

Total Posts: 18
Look! ISO 13485:2016 Registration - NC on full cycle of internal audits

Help, FYI, etc;
During our registration audit to ISO 13485:2016 of a medical device software manufacturer we got a minor ding for not completing a full audit cycle on our processes based on the ISO 13485 2016 revision of the standard. Instead of doing the audits, we developed a comprehensive audit plan to perform a gap analysis of changes, identify the changes, make the changes, establish the changes, and verify that the changes have been established. The elements of the plan against related procedures (and changes) were based on risk of meeting product quality and regulations.

We also had our audits planned at justified intervals over the next three years of the ISO certification period. All internal audits have been complete on time as required by our internal audit SOP.

I justified to the auditor that we transitioned to the new revision of the standard using a quality plan that included verification that the updated / new SOPs and QS documentation have been established. We agreed that we had no evidence that people were actually following the new procedures, in which the auditor said that the registration audit should not even be happening.

After licking our wound and understand that this transition to the new standard for everybody, what gives?

1. I do agree that we need to conduct internal audits to verify we conform to the standard and the updated requirements within, but what is your experience on the implicit time requirement of completing the full audit cycle before ISO 13485:2016 registration?

2. Have you used a quality plan to transition to rev 2016 to include verification the changed SOPs have been established instead of internal audit execution and records?

3. The standard has no requirement for conducting internal audits within a time frame or even that all internal audits have to take place within one year; however most auditors have an opinion that a company must conduct their internal audits each year for every process. I am very curios to get an updated view of this topic based on the new 2016 revision.

4. To solve the CAR, the auditor told us that we need to complete a full audit cycle of all our processes. I am of the mindset that our completed, verified quality plan for the transition is enough. what would you do to resolve the NC or escalate?

TIA - Regork.

Sponsored Links

The time now is 01:21 PM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.

Misc. Internal Links

NOTE: This forum uses "Cookies"