ISO 13485, Clause 4.1.2 b)

SGquality

Quite Involved in Discussions
We are in an ISO 13485 audit and the auditor is questioning why we have not included "Distribution" process under risk based process.

Section 4.1.2 b) mentions to apply a risk based approach to the control of the "appropriate" processes needed for the QMS.

I explained to the auditor that we have identified Software, Internal Audits, frequency of Management Review, Training etc. and did not feel that "Distribution" needs to be risk based as the product does not have any special storage/handling requirements but he seems persistent on that.

What do you feel?
 

John C. Abnet

Teacher, sensei, kennari
Leader
Super Moderator
We are in an ISO 13485 audit and the auditor is questioning why we have not included "Distribution" process under risk based process.

Section 4.1.2 b) mentions to apply a risk based approach to the control of the "appropriate" processes needed for the QMS.

I explained to the auditor that we have identified Software, Internal Audits, frequency of Management Review, Training etc. and did not feel that "Distribution" needs to be risk based as the product does not have any special storage/handling requirements but he seems persistent on that.

What do you feel?

Good day @SGquality ;
I want to first be clear that "we" do not see what the auditor sees....i.e. "we" are not intimate with what your organization has in place and what is being called into question.

Having said that, ....you are correct in regards to the "risk" controls being applied to "appropriate processes needed for the QMS".
Has your organization had a history of nonconformances related to "distribution"?
Can the auditor state (he /she MUST) the actual ISO 13485 clause which they are claiming is not being conformed to?

Based on the LIMITED information we have here, it appears that the auditor is reaching beyond the requirements of the standard.

Also- It should be noted that "risk" in the context of ISO 13485 is different than within ISO 9001 (for example). Here is the statement in 0.2 of 13485 intended to clarify...
"When the term “risk” is used, the application of the term within the scope of this International
Standard pertains to safety or performance requirements of the medical device or meeting
applicable regulatory requirements"

Hope this helps.
Be well.
 
Last edited:

SGquality

Quite Involved in Discussions
Good day @SGquality ;
I want to first be clear that "we" do not see what the auditor sees....i.e. "we" are not intimate with what your organization has in place and what is being called into question.

Having said that, ....you are correct in regards to the "risk" controls being applied to "appropriate processes needed for the QMS".
Has your organization had a history of nonconformances related to "distribution"?
Can the auditor state (he /she MUST) the actual ISO 13485 clause which they are claiming is not being conformed to?

Based on the LIMITED information we have here, it appears that the auditor is reaching beyond the requirements of the standard.

Also- It should be noted that "risk" in the context of ISO 13485 is different than within ISO 9001 (for example). Here is the statement in 0.2 of 13485 intended to clarify...
"When the term “risk” is used, the application of the term within the scope of this International
Standard pertains to safety or performance requirements of the medical device or meeting
applicable regulatory requirements"

Hope this helps.
Be well.

Thats the perfect answer :applause:
 

yodon

Leader
Super Moderator
I don't disagree with anything said so far on this thread but there's sometimes there are some nuggets that can be gleaned. So just to play devil's advocate, why *isn't* there any risk with distribution? Can the product be damaged, can there be a mix-up of product shipped, can there be a loss of information regarding to whom the product was shipped?
 

SGquality

Quite Involved in Discussions
I don't disagree with anything said so far on this thread but there's sometimes there are some nuggets that can be gleaned. So just to play devil's advocate, why *isn't* there any risk with distribution? Can the product be damaged, can there be a mix-up of product shipped, can there be a loss of information regarding to whom the product was shipped?

Totally understand but was trying to understand the requirements per Clause 4.1.2 (b). How do companies typically handle distribution of finished medical device that is a simple device - is it part of the PFMEA?
 

yodon

Leader
Super Moderator
is it part of the PFMEA?

Yes, that's certainly one way (and a good one, IMO)! But it goes back a bit further into packaging design as well (we do shipping validation on our packages to ensure the device is adequately protected throughout storage and distribution - implying that devices are packaged as part of the manufacturing process).
 
Top Bottom