Information on Process-based Internal Auditing Needed

A

Abdulkareem

Registered
Can anyone share information on the the process based internal audit ?

Abdulkareem

Moderator Note: post and first response were moved to their own thread.
 
Last edited by a moderator:
Jen Kirley

Jen Kirley

Quality and Auditing Expert
Leader
Admin
Abdulkareem said:
Christina
I hope you are ok
Can you or anyone share information on the the process based internal audit ?

Abdulkareem
Click to expand...
Welcome Abdulkareem!

A process audit focuses on the process instead of just asking questions as read directly from the standard. Most people still find the standard's language to be too complicated. It is our job to verify process and system effectiveness without confusing the auditees.

Elsmar Cove has a number of attachments regarding process auditing. I did a search and came up with this list. Rather than repeat the discussions I will invite you to also see what people were saying in the threads where those attachments were placed. For example, see the thread ISO 9001 - Requirement for Process Audits. It is an old thread and it is about ISO 9001, but the subject of a process audit is the same between standards and has not changed much, if at all.

I hope this helps.
 
M

Mike S.

Happy to be Alive
Trusted Information Resource
"Most people still find the standard's language to be too complicated. "

Amen.
 
cscalise

cscalise

Starting to get Involved
I believe your question is related to the medical device single audit program.

I have been performing MDSAP internal audits since 2019. The current FDA document: MDSAP Audit Approach AU P0002.007 clearly outlines the 7 process chapters, related tasks and associated ISO13485 clauses and country regulations. You can download and use during an audit. I had a copy printed for easy reference. You can also find this and other MDSAP documents on the FDA website. There are organizations that also provide auditor training for MDSAP that are very helpful. Before I started auditing for this, I took a course.

The audits I perform are either 5 days and I audit all 7 chapters or the chapters are split throughout the year so that all process chapters are audited at least once during a 12 month schedule. My notes/evidence follow the chapter tasks and are retained as a record of the audit. I also provide a summary report. You can modify it based on the applicable countries for the organization.

My best suggestion is to download and read through the MDSAP Audit Approach and have a copy of ISO13485.

If your question is related to just performing a process-based ISO13485 audit the above information can be helpful. Another way to approach it is to create a table with the clauses listed on the left and the organization's defined QMS processes as columns across the top. Use a check mark to identified all clauses related to each process. Clauses may apply to more than one process. Make sure all clauses are captured at least once (unless justified as nonapplicable). From this you can plan your audit based the process and ensure that conformance assessment is made to the associated clauses.

Hope this helps.
 
Jim Wynne

Jim Wynne

Leader
Admin
cscalise said:
I believe your question is related to the medical device single audit program.
Click to expand...
Thanks for the information, but I'm not sure how you came to this conclusion. Process-based audits are common in all standardized quality management systems. Outside of medical devices, of which I know next to nothing, internal audits should generally be based on the organization's own requirements and not clauses of the standard(s).
 
cscalise

cscalise

Starting to get Involved
The email message I received had the following header "MDSAP Internal Audit Program example wanted" so I replied with that in mind. then looking at the thread it linked to I wasn't sure so I tried to answer both. I have over 500 days of combined auditing experience is ISO13485, 9001, MDSAP, EU MDR, EU IVDR, 21CFR820 (3rd, 2nd and 1st party audits). I only audit using a processed based approach. The clause-based checklist is helpful but ineffective at addressing process linkages and interactions.
 
Jim Wynne

Jim Wynne

Leader
Admin
cscalise said:
The email message I received had the following header "MDSAP Internal Audit Program example wanted" so I replied with that in mind. then looking at the thread it linked to I wasn't sure so I tried to answer both. I have over 500 days of combined auditing experience is ISO13485, 9001, MDSAP, EU MDR, EU IVDR, 21CFR820 (3rd, 2nd and 1st party audits). I only audit using a processed based approach. The clause-based checklist is helpful but ineffective at addressing process linkages and interactions.
Click to expand...
This thread was created because the original post here had been tacked on to the thread with the title you cite, and was irrelevant to that topic.
 
You must log in or register to reply here.

Similar threads

Crusader
AS9100 Internal Audit Frequency - Audit all AS9100 elements within a specific timeframe?
2 3 4
Replies
30
Views
1K
4theindustry
4
Crusader
Internal Audit AS9100 - all elements within a 3 year cycle…required or not?
2
Replies
11
Views
2K
Randy
Randy
N
ICT Department
Replies
2
Views
217
Nashi
N
G
Responding to Customer Audit
2
Replies
16
Views
567
ED76
E
A
Internal audits of multi-site companies
Replies
2
Views
135
Randy
Randy
Top Bottom