rangani_rj
Involved In Discussions
I am also interested to know steps NB would take in auditing subcontractor having many customers. What if subcontractor is having 25 customers. 2 inspections every month?:mg:
Thanks
EU Commission requires NB (Notified Body) Unannounced Visits
- Thread starter parr05
- Start date
I am also interested to know steps NB would take in auditing subcontractor having many customers. What if subcontractor is having 25 customers. 2 inspections every month?:mg:
Thanks
I'm told that if several customers use the same NB, then one inspection will do for all those customers buying the same type of product/service.
So if Customer A, Customer B, and Customer C all use TUV as their NB, TUV's first inspection will do for the rest for products in the same family for all three..
this is word of mouth though, I have not seen this in writing.
Wes Bucey
Prophet of Profit
When I owned and ran a high tech contract machining company in the 90s, our big brag and marketing hook was that we were ALWAYS ready for a customer visit 24/7. We made it clear that they could visit any time and see anything that pertained to them or the products we made for them, but they would get whoever was free on the shift at the time of the visit as the guide/escort. Sometimes it would be the "ghost tender" who watched over the highly automated shop when it ran "lights out." The ghost tender would tend to a machine when a sensor set out an alert that it was in need (more raw stock, worn tool bit, job complete, etc.)
Everybody in our shop, from the CEO down to the janitor could operate the computer to display records. The records were coded so ONLY records pertinent to a single customer would display, but there was really no reason for them to come to the shop to look at records, since they were available in real time (at first through a direct dial up, then over a virtual private network.) We had one customer whose own shop was about a mile away from ours who came frequently on the ghost shift (about 5 am), bringing doughnuts for our break room. Turned out we were a "port in a storm" since his own place didn't open until 6 am.
Mostly, though, because we made our claim, very few took us up on it over a ten year span, reasoning that we were not causing any other hiccups with quality or delivery, so we didn't need oversight.
Because we WERE making aerospace parts for some customers, we were aware FAA could drop in on us at any time. The local FAA office was less than 10 minutes away and NEVER visited. We were directly FDA registered and similarly never experienced an FDA visit in ten years even though their local office was less than 20 minutes away. My guess is that only "squeaky wheels" (some other problems of quality or delivery) trigger visits from folks (regulators and customers) who do NOT get extra money for visiting. The fact that the unannounced visits we are discussing in this thread are done by third party auditors who generate income with each visit makes me very suspicious of ulterior motives. If I were a small shop where a visit would barely justify 2 or 3 man hours of billable time, I'd worry less about drop-ins than if I were a large shop which would generate 2 or 3 man days of billing.
Everybody in our shop, from the CEO down to the janitor could operate the computer to display records. The records were coded so ONLY records pertinent to a single customer would display, but there was really no reason for them to come to the shop to look at records, since they were available in real time (at first through a direct dial up, then over a virtual private network.) We had one customer whose own shop was about a mile away from ours who came frequently on the ghost shift (about 5 am), bringing doughnuts for our break room. Turned out we were a "port in a storm" since his own place didn't open until 6 am.
Mostly, though, because we made our claim, very few took us up on it over a ten year span, reasoning that we were not causing any other hiccups with quality or delivery, so we didn't need oversight.
Because we WERE making aerospace parts for some customers, we were aware FAA could drop in on us at any time. The local FAA office was less than 10 minutes away and NEVER visited. We were directly FDA registered and similarly never experienced an FDA visit in ten years even though their local office was less than 20 minutes away. My guess is that only "squeaky wheels" (some other problems of quality or delivery) trigger visits from folks (regulators and customers) who do NOT get extra money for visiting. The fact that the unannounced visits we are discussing in this thread are done by third party auditors who generate income with each visit makes me very suspicious of ulterior motives. If I were a small shop where a visit would barely justify 2 or 3 man hours of billable time, I'd worry less about drop-ins than if I were a large shop which would generate 2 or 3 man days of billing.
T
tdeardorff
It is my perception that the entire medical device industry is now going to pay (LITERALLY) for the deception of the implant company. The requirement for unannounced audits has always been there but not enforced. It should only be implemented based on product risk. Is a class I dental device really up there with a breast implant in the realm of importance to public health? No. Most of us have been struggling to maintain compliance to the ever changing MDD/ISO/Regulatory world, we don't have the desire nor the energy to intentionally deceive our auditors. This is the equivalence of punishing the whole "class" for the actions of one deceptive and unruly student....just my 
It is my perception that the entire medical device industry is now going to pay (LITERALLY) for the deception of the implant company. The requirement for unannounced audits has always been there but not enforced. It should only be implemented based on product risk. Is a class I dental device really up there with a breast implant in the realm of importance to public health? No. Most of us have been struggling to maintain compliance to the ever changing MDD/ISO/Regulatory world, we don't have the desire nor the energy to intentionally deceive our auditors. This is the equivalence of punishing the whole "class" for the actions of one deceptive and unruly student....just my
I understand your pain, but...
In the space between all-abiding manufacturers and deceitful outlaws there are many manufacturers who *generally* comply at audit time (announced audits) but are not really up to the mark on a daily basis.
If a manufacturer is truly compliant, as a way of life, the total added price of such unannounced visit is not much more than the escort during audit. If some NCs are found and some resources are put into rectifying them, then this is generally a good thing that needed to happen anyway, sooner or later. From the public's interest perspective I think that the added cost is a reasonable one if the outcome is a more trustworthy industry as a whole.
And yes, I agree with you that the entire auditing system should be risk based - I believe that the NBs are doing that anyway, and will continue to do so.
Cheers,
Ronen.
R
Reg Morrison
I believe the European Commission did a lot of soul searching in terms of NB seriousness after the PIP scandal. Before they came out with the "stronger" advice for the performance of unannounced audits, I could bet some money that they have probably assessed if the NB's were doing risk-based audits and performing unannounced audits. Very likely, they realised that there was very little of risk-based oversight and "surprise" auditing, thus the new guidance.
Notified Bodies, looking for additional revenue generation, will probably swing the pendulum the other way now and start doing a LARGE number of unannounced audits, using the excuse of being mandated to do so.
I was referring more to the low risk end (which is apparently the main interest of the poster I was responding to), meaning that NBs did not spend as much time on low risk manufacturers. I also believe that even with unannounced audits, the level of scrutiny (and audit duration) would be lighter on the low risk end. That is, if NBs don't take a cynical advantage of the situation (as you might have suggested).
There is already a level of risk stratification - class I's have no notified body oversight and therefore are not subject to unannounced audits from notified bodies.
In reality the unannounced audits will be risk based....not because NB's are "doing the right thing" but for the simple fact that they do not have the resource.
Everything I am hearing at the moment with UK NBs is that they are stretched to the limit, technical file review lead times are massive, backlogs are massive. The oversight they are under from the MHRA/CAs at the moment is causing them problems, they are having to react to new requirements/interpretations on a regular basis. Simply, there is not enough resource avaliable and the time it will take to upskill and adequately resource is too long.
Also consider that these changes are just a small step compared to the proposed changes in the regulation....If/When that is enacted, the NB's will be placed under even more burden....Hopefully they will have anticipated the change and appropriately resourced themselves, but I think the industry as a whole will struggle to keep up
In my mind, the concern should not be about the burden unannounced audits will place on you, but on the delay to new technical file reviews and the impact on launch schedules.
In reality the unannounced audits will be risk based....not because NB's are "doing the right thing" but for the simple fact that they do not have the resource.
Everything I am hearing at the moment with UK NBs is that they are stretched to the limit, technical file review lead times are massive, backlogs are massive. The oversight they are under from the MHRA/CAs at the moment is causing them problems, they are having to react to new requirements/interpretations on a regular basis. Simply, there is not enough resource avaliable and the time it will take to upskill and adequately resource is too long.
Also consider that these changes are just a small step compared to the proposed changes in the regulation....If/When that is enacted, the NB's will be placed under even more burden....Hopefully they will have anticipated the change and appropriately resourced themselves, but I think the industry as a whole will struggle to keep up
In my mind, the concern should not be about the burden unannounced audits will place on you, but on the delay to new technical file reviews and the impact on launch schedules.
I would concur with pkost - the NBs are being stretched.
We have a renewal audit later this year - about 5 months later than we expected. And the duration has gone up from 2 days to 3.5 plus off-site Technical file review beforehand (previously done during the audit).
Add to that we have been warned that Notified Body costs will increase by 20-30% averaged over a 3 year period.
What do they need to do to remedy this situation?
Well the simple thing would be to recruit more auditors, but the qualifications of auditors are being stringently examined. An auditor needs both paper qualification and experience, which takes time and means that there is a very limited supply of suitable people.
We have a renewal audit later this year - about 5 months later than we expected. And the duration has gone up from 2 days to 3.5 plus off-site Technical file review beforehand (previously done during the audit).
Add to that we have been warned that Notified Body costs will increase by 20-30% averaged over a 3 year period.
What do they need to do to remedy this situation?
Well the simple thing would be to recruit more auditors, but the qualifications of auditors are being stringently examined. An auditor needs both paper qualification and experience, which takes time and means that there is a very limited supply of suitable people.
My understanding of this is different, based on webinars from a couple of different NBs (not necessarily representative, of course). They have said the main goal is to visit the legal manufacturer, not critical subcontractors/crucial suppliers, but that in some (implied to be "occasional") instances, if there's a high risk, they may visit these subcontractors/suppliers. They've said that there may be overlap (i.e., one contractor working for several companies), and that they'll try to 'calibrate' it, but as these visits are very product-specific it may not be possible...that said, they may try to time it so they're at one site for a few days to cover multiple companies, minimizing the disruption.
Also, my understanding is that the audit of the subcontractor/supplier would be intended to fulfill the obligation to visit the manufacturer. I.e., they wouldn't visit both you and your supplier in one cycle, just one or the other.
As others have said here, I think the NBs are more concerned with being able to fit these audits in at all, let alone do over and above what's being asked. BSI stated that they are planning 300 unannounced audits this year alone - and of course, these are over and above their obligation to perform their "regular" audits. The amount of work involved is astounding.
Similar threads
