Information on Process-based Internal Auditing Needed

#1
Can anyone share information on the the process based internal audit ?

Abdulkareem

Moderator Note: post and first response were moved to their own thread.
 
Last edited by a moderator:
Elsmar Forum Sponsor

Jen Kirley

Quality and Auditing Expert
Leader
Admin
#2
Christina
I hope you are ok
Can you or anyone share information on the the process based internal audit ?

Abdulkareem
Welcome Abdulkareem!

A process audit focuses on the process instead of just asking questions as read directly from the standard. Most people still find the standard's language to be too complicated. It is our job to verify process and system effectiveness without confusing the auditees.

Elsmar Cove has a number of attachments regarding process auditing. I did a search and came up with this list. Rather than repeat the discussions I will invite you to also see what people were saying in the threads where those attachments were placed. For example, see the thread ISO 9001 - Requirement for Process Audits. It is an old thread and it is about ISO 9001, but the subject of a process audit is the same between standards and has not changed much, if at all.

I hope this helps.
 

cscalise

Starting to get Involved
#4
I believe your question is related to the medical device single audit program.

I have been performing MDSAP internal audits since 2019. The current FDA document: MDSAP Audit Approach AU P0002.007 clearly outlines the 7 process chapters, related tasks and associated ISO13485 clauses and country regulations. You can download and use during an audit. I had a copy printed for easy reference. You can also find this and other MDSAP documents on the FDA website. There are organizations that also provide auditor training for MDSAP that are very helpful. Before I started auditing for this, I took a course.

The audits I perform are either 5 days and I audit all 7 chapters or the chapters are split throughout the year so that all process chapters are audited at least once during a 12 month schedule. My notes/evidence follow the chapter tasks and are retained as a record of the audit. I also provide a summary report. You can modify it based on the applicable countries for the organization.

My best suggestion is to download and read through the MDSAP Audit Approach and have a copy of ISO13485.

If your question is related to just performing a process-based ISO13485 audit the above information can be helpful. Another way to approach it is to create a table with the clauses listed on the left and the organization's defined QMS processes as columns across the top. Use a check mark to identified all clauses related to each process. Clauses may apply to more than one process. Make sure all clauses are captured at least once (unless justified as nonapplicable). From this you can plan your audit based the process and ensure that conformance assessment is made to the associated clauses.

Hope this helps.
 

Jim Wynne

Leader
Admin
#5
I believe your question is related to the medical device single audit program.
Thanks for the information, but I'm not sure how you came to this conclusion. Process-based audits are common in all standardized quality management systems. Outside of medical devices, of which I know next to nothing, internal audits should generally be based on the organization's own requirements and not clauses of the standard(s).
 

cscalise

Starting to get Involved
#6
The email message I received had the following header "MDSAP Internal Audit Program example wanted" so I replied with that in mind. then looking at the thread it linked to I wasn't sure so I tried to answer both. I have over 500 days of combined auditing experience is ISO13485, 9001, MDSAP, EU MDR, EU IVDR, 21CFR820 (3rd, 2nd and 1st party audits). I only audit using a processed based approach. The clause-based checklist is helpful but ineffective at addressing process linkages and interactions.
 

Jim Wynne

Leader
Admin
#7
The email message I received had the following header "MDSAP Internal Audit Program example wanted" so I replied with that in mind. then looking at the thread it linked to I wasn't sure so I tried to answer both. I have over 500 days of combined auditing experience is ISO13485, 9001, MDSAP, EU MDR, EU IVDR, 21CFR820 (3rd, 2nd and 1st party audits). I only audit using a processed based approach. The clause-based checklist is helpful but ineffective at addressing process linkages and interactions.
This thread was created because the original post here had been tacked on to the thread with the title you cite, and was irrelevant to that topic.
 
Thread starter Similar threads Forum Replies Date
L Documented Information in Internal Audits Process (9.2) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
M Medical Device News EU MDR – Information on stages in designation process from Team-NB Medical Device and FDA Regulations and Standards News 5
P Seeking Information on ISO 15504 - Information Technology Process Assessment Other ISO and International Standards and European Regulations 3
A Information Technology Process Mapping per ISO 13485 - example wanted Process Maps, Process Mapping and Turtle Diagrams 1
J Assembly Traveler Process Information Requirements Manufacturing and Related Processes 3
Q RCA (Request for Corrective Action) on an Information Transaction Process Problem Solving, Root Cause Fault and Failure Analysis 2
B DIACAP (DoD Information Assurance Certification and Accreditation Process) and CON Various Other Specifications, Standards, and related Requirements 2
M Risk Analysis using FMEA Process Flow Chart - Health Care Information System FMEA and Control Plans 6
D Information Technology Process Audit - Suggestions for Auditing IT IATF 16949 - Automotive Quality Systems Standard 12
A GM Supplier Quality Focus Process Information Supplier Quality Assurance and other Supplier Issues 3
V 9001 Amendment Process Information - ISO 9001 and the current revision process ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
T Xerox's Problem Solving Process information Quality Tools, Improvement and Analysis 3
D FMEA and Control Plan Characteristics Column - Product / Process Information FMEA and Control Plans 2
M Information about Manufacturing Process Self Control and its potential risks Quality Tools, Improvement and Analysis 3
V Process FMEA Information - PDF file or web site about PFMEA FMEA and Control Plans 3
A Seeking 'Process Performance' information and resources QS-9000 - American Automotive Manufacturers Standard 5
A Manufacturing process design input vs Design information checklist Design and Development of Products and Processes 1
S Students trying find information on Producation Part Approval Process - ABC of PPAP APQP and PPAP 2
R Finding Equivalent Material Information Manufacturing and Related Processes 1
G Confidentiality of information during MD registration worldwide Other Medical Device Regulations World-Wide 0
S Risk control through Information for safety ISO 14971 - Medical Device Risk Management 8
B Documented information - Should be controlled? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 10
J PQ Systems User Community information? Using GAGEpack Software 12
B PSW - Organization Manufacturing Information APQP and PPAP 0
H Do you repeat information throughout your documentation submission? EU Medical Device Regulations 4
A Can a organization use a disclaimer "pending AS9100 Certification" in Marketing Information? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 4
D FDA Information - Revising the Instructions for Use US Food and Drug Administration (FDA) 0
M Need Help With Information Security Asset Risk Register IEC 27001 - Information Security Management Systems (ISMS) 2
S Mechanical Test Under FDA Freedom of Information Act Medical Device and FDA Regulations and Standards News 5
Watchcat Summary of De Novo Biocompatibility Information, 2015-2018 Other US Medical Device Regulations 0
Q Self-assessment audit information Quality Management System (QMS) Manuals 6
Sidney Vianna Release of ISO 10013:2021, Quality management systems – Guidance for documented information Other ISO and International Standards and European Regulations 0
W How long do you keep information about equipment no longer used? Document Control Systems, Procedures, Forms and Templates 2
R What information do i need to get from the device manufacturer 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 0
T Types of confidential information ISO 17025 related Discussions 8
D Preservation of Electronic Data / Information Technology ISO 13485:2016 - Medical Device Quality Management Systems 5
SANTHSH API Spec.Q1 Standards Version in Purchasing Information Oil and Gas Industry Standards and Regulations 1
eule del ayre Documented Information - Periodic Review of Documents? IATF 16949:2016 / ISO 9001:2015 IATF 16949 - Automotive Quality Systems Standard 34
R Information on obtaining a market authorization for China China Medical Device Regulations 2
B SN95 Respirator Approval Information Other Medical Device Related Standards 0
R Risk assessment on IT containers and the information they contain IEC 27001 - Information Security Management Systems (ISMS) 4
O EN 301 489-1 and EN 301 489-17 - Where do we get the information of the Published versions? CE Marking (Conformité Européene) / CB Scheme 1
K Article 18: Implant Card and information to be communicated. EU Medical Device Regulations 5
K EU MDR Annex 1 Chapter III: Information in the Instructions for Use-23.4 (e) the performance characteristics of the device; EU Medical Device Regulations 2
A GMDN Registration Basic preliminary Information EU Medical Device Regulations 0
J Controlled information versus defined documents / records ISO 13485:2016 - Medical Device Quality Management Systems 3
A Medical device Reporting : Good Faith Effort for Additional information Other US Medical Device Regulations 2
P Cenelec updated standard information CE Marking (Conformité Européene) / CB Scheme 1
Richard Regalado Automotive News TISAX - VDA ISA (information security assessment) VDA Standards - Germany's Automotive Standards 6
JoCam False information provided for Medical Device Registration - What are the implications? Other Medical Device Related Standards 3

Similar threads

Top Bottom