Employee Training and Qualification - Major Non-conformance - ISO 13485, Cl 6.2.2

[terranceyu]

Hello covers,

As per the last audit from third party auditor, to qualify we are the right supplier acc. to ISO 13485:2003 and ISO 9001:2008, we have been received a major non-conformance, which I copy and paste the findings from the auditor, to help you understand the findings.

Quoted:"The organization failed to demonstrate that it has determined the necessary competence for personel performaing work affecting product quality in accordance with ISO 13485:2003, 6.2.2a in that the training needs for each emplyee has not been defined. The origanization further failed to deomonstrate that the training or other actions were undertaken, documened, and its effectiveness verified. For example, in five of five employee training and qualification files observed for members of Quality Assurance Dept, including (deleted the names..) and Quality Assurance Manager / Manager Representative (deleted my boss name), the organizarion was unable to consistently product appropriate records of education, training, skills, and experience.
Further, there is no correlation between the employee job descriptions and the training matrices to demonstrate that employees have been trained to perform their job functions.

Additionally, individual training records of training activities for the organization’s Standard Operating Procedures are not maintained in accordance with ISO13485:2003, 6.2.2 and 4.2.4 in that the training coordinator stated that employees do not complete training records for the SOPs for which they are responsible.

Records demonstrating the competence and training of Internal and External Auditors were incomplete, in that descriptions of course content were unavailable.

In my understanding, the auditor wants all levels of employess have to read the related procedures & sop matching their job description bullet points with the related SOP/Procedure. How should we verify the effectiveness to show each employee are really understand and competence enough after self-reading the SOPs?

And for the last sentence from findings, auditors has been sent out for auditor's training each year, and the record remained properly, and shown the the auditor, I don't understand what it really means.

All helps and suggestions are welcomed.

 

[DannyK]

Re: Major Non-conformance at ISO 13485:2003, 6.2.2, Employee training and qualificati

It is very hard to comment on the major finding issued since I was not there.
However if you feel strongly that the finding has not been graded correctly, you can appeal. Each registrar has to maintain an appeals process.

From your description, and the way the finding was written, it does appear as if the auditor went a bit too far.

 

[harry]

Re: Major Non-conformance at ISO 13485:2003, 6.2.2, Employee training and qualificati

I'll like to know how your training procedure is written. The way this NC is written looks familiar and that's because many organizations over here include these things (many of which are not required by the standard) in their procedure.

 

[terranceyu]

Re: Major Non-conformance at ISO 13485:2003, 6.2.2, Employee training and qualificati

I may have been confusing you guys with the "major" term in the subject title. I just have a discussion with the auditor through e-mail, major finding which he stated are those which have the potential of posing moderate risk to product/quality/compliance and would probably result in written observation in a regulatory inspection report, and may result in enforcement action if representative of a pattern, which is under the organization (which he represented )definitions.

IMO, i would think this is somewhat equal to Minor Nonconformity in the original ranking system we used to talk about (major, minor , observation), not the absence of or total breakdown of a system to meet an ISO requirement. I appealed to him, and he agreed to that, however he insisted, the priorities are no different, and the findings cannot be reclassified. Based on the definitions, the classifications are appropriate. What can I say, I have to accept it, since there is no major non-conformance issued. :mg:

However, I am still in doubt, whether I should accept this comment stated in the last sentence highlighted in red. see the first thread. If I have more than 150 sops, meaning I have to provide the training course agenda x150 times, which I think the course description / or we call agenda already spelled out well in the training materials, before training. Isn't it be enough? Please advise.

 

[DrM2u]

Re: Major Non-conformance at ISO 13485:2003, 6.2.2, Employee training and qualificati

I may have been confusing you guys with the "major" term in the subject title. I just have a discussion with the auditor through e-mail, major finding which he stated are those which have the potential of posing moderate risk to product/quality/compliance and would probably result in written observation in a regulatory inspection report, and may result in enforcement action if representative of a pattern, which is under the organization (which he represented )definitions.

IMO, i would think this is somewhat equal to Minor Nonconformity in the original ranking system we used to talk about (major, minor , observation), not the absence of or total breakdown of a system to meet an ISO requirement. I appealed to him, and he agreed to that, however he insisted, the priorities are no different, and the findings cannot be reclassified. Based on the definitions, the classifications are appropriate. What can I say, I have to accept it, since there is no major non-conformance issued. :mg:

IMHO, it makes no difference if it is a major or a minor other than the amount of time you have to respond and whether it triggers a follow-up audit or not. I do not have all supporting evidence for the finding but my understanding is that there is a general failure in your training system (enogh grounds for a 'major' finding). The ISO 13485 does not specifically require a documented procedure for training but does mention that other applicable regulations may require it. Therefore the first thing is to review the need for a procedure, if you have one. The second thing is to review how quailfications are established and experience/training requirements identified (i.e. job descriptions). Then look at how a gap analysis between the training requirements and the actual qualifications is done to identify training needs. Last but not least look at how the training needs are addressed, how training effectiveness is evaluated and what records are retained. Keep in mind that one way to evaluate training effectiveness (and probably the most relevant) is to observe the implementation of knowledge from class to actual activities.

If you are interested, I could provide a sample job description for your reference.

However, I am still in doubt, whether I should accept this comment stated in the last sentence highlighted in red. see the first thread. If I have more than 150 sops, meaning I have to provide the training course agenda x150 times, which I think the course description / or we call agenda already spelled out well in the training materials, before training. Isn't it be enough? Please advise.

The auditor is not questioning if the auditors review all the internal SOPs or whether you are sending the auditors for training or not, but the content of the auditor training material and course. In other words, how do you know that the training is suitable and appropriate? This can easily be addressed in a few ways. One way is to check and document if the auditor training course is accredited (i.e.. by ANAB) or if it is provided by a qualified source (i.e. certified auditor, registrar, accredited training provider, etc). Another way is to have on-hand an outline or description of the course and what topics it covers. If you are training the auditors internally then all you have to prove is that you are qualified to do so (i.e. certified/accredited auditor + train the trainer).

By the way, if you have 150 SOPs I can confidently say that you have too many. Too many procedures constrain the process and limit flexibility and improvement. You might want to review what is requried and what is necessary. Get rid of the documentation that is redundant, unnecessary and cumbersome.

 

[jkuil]

Re: Major Non-conformance: ISO 13485:2003, Cl 6.2.2 - Employee training and qualifica

Quoted:"The organization failed to demonstrate that it has determined the necessary competence for personel performing work affecting product quality in accordance with ISO 13485:2003, 6.2.2a in that the training needs for each emplyee has not been defined...

...Further, there is no correlation between the employee job descriptions and the training matrices to demonstrate that employees have been trained to perform their job functions.

What you can do here is to specify a list of procedures and work instruction an employee needs to be trained on in order to perform the assigned tasks as specified in the job description: i.e. a training curriculum (TC). That training curriculum is used to determine training need for new employees in that function. It also helps you to identify the employees that need to be trained if the procedure or work instruction is reviced. And finaly it helps the managers to evaluate if an employee has completed all required training activities.

The origanization further failed to demonstrate that the training or other actions were undertaken, documented, and its effectiveness verified...
...Additionally, individual training records of training activities for the organization’s Standard Operating Procedures are not maintained in accordance with ISO13485:2003, 6.2.2 and 4.2.4 in that the training coordinator stated that employees do not complete training records for the SOPs for which they are responsible.

If an employee takes a training that should be recorded in evidence. If the training consists of document training (read and understood the procedure or WI) a signed statement (form) by the employee is adequate. A training attendence form can be signed by the trainees and trainer of a class room training. If the training consists of a qualification of a specific task, the batches/lots which the trainee processed under supervision of the trainer can be recorded.
Evectiveness can be demonstrated in a number of ways. A written exam can be taken at the and of a course. A practical exam must be taken a to complete a qualification. Whether an employee realy has understood the document (s)he has read can be demonstrated by the fact that no non-conformities are noted in the results of his/her daily practice (demonstrated by the QC activities)

Records demonstrating the competence and training of Internal and External Auditors were incomplete, in that descriptions of course content were unavailable

You may sent out the auditors to annual external auditor training, but if that training consists of irrelevant topics it is ineffective for the required competence of the auditors. You can maintain in the training file the leaflet of the training, specifying in short the content of the training. The leaflet will also specify the supplier of the training, so it can be verified if it is a competent supplier for that training. It helps when the training supplier is accredited for that training.

 

[vinh_lex - 2010]

Re: Major Non-conformance: ISO 13485:2003, Cl 6.2.2 - Employee training and qualifica

In my understanding, the auditor wants all levels of employess have to read the related procedures & sop matching their job description bullet points with the related SOP/Procedure. How should we verify the effectiveness to show each employee are really understand and competence enough after self-reading the SOPs?

Though I agree that the auditor has gone bit too far in this case, Major or minor wouldn't bother much, unless it's the reason they suspend your certificate. You have to do CA in either case.

IMHO, sticking to 6.2.2a is really troublesome if you want to set up some thing new in you plant. Competency is not there for you and you'll need numerous version of training program to keep that person up to the required level, and then update the competence/JD again

 

[sixsigmais]

Re: Major Non-conformance: ISO 13485:2003, Cl 6.2.2 - Employee training and qualifica

Not going to talk whether this NC is major or minor, but it is NC.
Just correct the NC and it will fine in future. Audti is giving direction to correct the mistake and elimilate from re-occur.

This cases basically is just the documentation problem since the auditor are not finding any proof that the employee give risk to the company due to the training or lack of skill.

So,first to review the job description, make changing if necessary. If it is ok, make sure all the related employee provide the copy of certificate as per job description required. Second, prepare a training curriculum, or saying training plan...whatever...
Follow up with the plan, keep record once the training done.

 

[Randy]

COMPETENCE is what is being looked for, plain as day

Do you have records that provide evidence that people can consistantly perform necessary tasks in the manner they are to be performed?

COMPETENCE = demonstrated ability to apply knowledge and skill

Training is not an end or a result or the desired output here, Competence is.

The thing about the records is this....if you say that you are going to keep a training record for everything, then you must keep one. The standard requires appropriate records of training and guess what? You determine what is appropriate, not the auditor, unless there is some underlying issue that the lack of records cause.