Excellent job.
To add to your reference library is this link Investigations Operations Manual 2007
http://www.fda.gov/ora/inspect_ref/iom/, in the past it is updated
in March.
for medical device companies Chapter 5 is the ground rules for the Auditor.
I am not sure if one should be overly concerned about this, but it appears that for your Internal Audit program and Managment Review, you provided quite a bit of information.
Under 21 CFR 820.180(c) - (c) Exceptions. This section does not apply to the reports required by 820.20(c) Management review, 820.22 Quality audits, and supplier audit reports used to meet the requirements of 820.50(a) Evaluation of suppliers, contractors, and consultants, but does apply to procedures established under these provisions. Upon request of a designated employee of FDA, an employee in management with executive responsibility shall certify in writing that the management reviews and quality audits required under this part, and supplier audits where applicable, have been performed and documented, the dates on which they were performed, and that any required corrective action has been undertaken.
So basically when this subject matter comes out you have a upper management type to sign certifying that this activities are done.
Plus, it has been my experience that the Internal Audits being done and some outputs of Managment review show up in the CAPA system.
Still not sure if this is a point of concern . Your way of handling it should have been less adversarial, then some of the encounters I have witnessed for these sections of 21 CFR 820.