Notified Body not issuing 'Improvement Potentials' anymore (ISO 13485)

Marcelo

Inactive Registered Visitor
#11
Isn't it just semantics? Why wouldn't a preventive action be considered "improvement"? And vice versa - almost any "pure" improvement can be presented as some sort of preventive action. Can't it?
Nope.

The theory is, improvement is related to a change of status quo - everything is working correctly, but you want to achieve another level of performance. Say, the output of a production device is performing as expected, but you want to have it output more. Then you improve your process to get a better performance. But the important thing is - there´s no problem here.

In the case of preventive action, things seems to be working correctly but it´s detected that, given some circumstances, things can go wrong. Then you act to prevent the problem from happening.

So, theoretically OFIs should be really suggestions for improvements. It really should not have anything to to with preventive or corrective actions.

however, much of I´m used to see is the NC threat where the auditor say something like - look, this is somewhat good, but if you do not get it better, it will probably be an NC on the next visit.

This has nothing to do with improvement.

This is what pisses me off, because in my opinion it´s one of the aspects that help people think of a quality system as just paperwork :)
 
Elsmar Forum Sponsor

Marcelo

Inactive Registered Visitor
#12
As an auditor, I think one of the key problems is that you are always aware of the implications of an NC, and in particular the time frame for real corrective action. If this is beyond the limits allowed by the certification body (typically 3 months), and auditor would be reluctant to raise an issue as a formal NC. Thus, an "Improvement potential" was a way to flag issues without formally raising an NC.

Of course, the problem is that if it is a real NC, then the issue should be formally raised, regardless of the implications.

I believe that this problem was addressed by allowing the manufacturer to reply to an NC with an action plan rather than real correction action, but this probably depends on the certification body's rules, and also the scheme or regulation.
This is another point of endless debate. In my opinion, this comes from the fact that:

1 - people have a hard time understanding the difference between correction and corrective action.

2 - people have a hard time understating that an NC can lead to a corrective action, but that it also may not need corrective action(only to correction).
 

Ronen E

Problem Solver
Staff member
Moderator
#13
As an auditor, I think one of the key problems is that you are always aware of the implications of an NC, and in particular the time frame for real corrective action. If this is beyond the limits allowed by the certification body (typically 3 months), and auditor would be reluctant to raise an issue as a formal NC. Thus, an "Improvement potential" was a way to flag issues without formally raising an NC.

Of course, the problem is that if it is a real NC, then the issue should be formally raised, regardless of the implications.

I believe that this problem was addressed by allowing the manufacturer to reply to an NC with an action plan rather than real correction action, but this probably depends on the certification body's rules, and also the scheme or regulation.
I am not aware of any such generic "3 months rule" in the regulation or NBs collective policy; could you please kindly provide a pointer to a document declaring such rule or policy, if you know of one? :thanks:

Naturally there may be such individual NB policies / practices in place. However, an alternative approach (which I've seen in action with several NBs) requires manufacturers to come up with a corrective action plan which may extend beyond any generic time frame, provided that risks are properly analysed and mitigated in the meantime (mitigation means could be interim steps of the bigger plan). In such cases NBs would monitor / verify the implementation / effectiveness of such corrective plans on their annual follow-up audits, or in dedicated (earlier) audits, should the circumstances warrant such.
 

Ronen E

Problem Solver
Staff member
Moderator
#14
Nope.

The theory is, improvement is related to a change of status quo - everything is working correctly, but you want to achieve another level of performance. Say, the output of a production device is performing as expected, but you want to have it output more. Then you improve your process to get a better performance. But the important thing is - there´s no problem here.

In the case of preventive action, things seems to be working correctly but it´s detected that, given some circumstances, things can go wrong. Then you act to prevent the problem from happening.

So, theoretically OFIs should be really suggestions for improvements. It really should not have anything to to with preventive or corrective actions.

however, much of I´m used to see is the NC threat where the auditor say something like - look, this is somewhat good, but if you do not get it better, it will probably be an NC on the next visit.

This has nothing to do with improvement.

This is what pisses me off, because in my opinion it´s one of the aspects that help people think of a quality system as just paperwork :)
Thanks for that. I think I see where our interpretations differ. The explanation you provided on improvement related to the term in its broader context (i.e. including yields etc.), whilst I referred to it in the narrower strict QMS context. I think that in this latter context the difference (if there's actually any) is very vague, because in a QMS context if something is "wrong" it's a NC, otherwise ("nothing is wrong") any change to get things better or prevent potential problems (same thing to me) could be equally termed as "improvement" or "preventive action". Just my angle :)
 

Peter Selvey

Staff member
Super Moderator
#15
From EN ISO 17021:2006:

9.1.15 The certification body shall confirm, prior to making a decision, that
...
b) it has reviewed, accepted and verified the effectiveness of correction and corrective actions, for all nonconformities that represent
1) failure to fulfil one or more requirements of the management system standard, or
2) a situation that raises significant doubt about the ability of the client's management system to achieve its intended outputs;
c) it has reviewed and accepted the client's planned correction and corrective action for any other nonconformities.
So it depends on the type of non-conformity, but it appears that a corrective action plan would not be sufficient in serious cases. Most certification bodies would like to have the audit "closed" within 3 months of the audit, so that puts a timeframe for the corrective action to be implemented for serious cases.
 

Ronen E

Problem Solver
Staff member
Moderator
#16
From EN ISO 17021:2006:



So it depends on the type of non-conformity, but it appears that a corrective action plan would not be sufficient in serious cases. Most certification bodies would like to have the audit "closed" within 3 months of the audit, so that puts a timeframe for the corrective action to be implemented for serious cases.
Thanks for that reference.

I'm not too familiar with the implementation subtleties of this standard (and the above clause in particular), but I can see how it can be read to allow implemented interim risk-mitigation means to serve as temporary substitute for the comprehensive, longer-term corrective action*; such means could then be reviewed and verified within 3 months, whilst the complete corrective action plan may be implemented, reviewed and verified for effectiveness by the next annual audit.

*) Should, of course, the NB be interested in that... :lol:
 

Sidney Vianna

Post Responsibly
Staff member
Admin
#17
As we can tell, the simple fact of a CB/NB auditor potentially identifying opportunities for improvement can be very controversial. Imagine what could happen when ISO 17022:2012 becomes enforced and bring both requirements and suggestions, such as
The audit report should include a statement on risks (if any) that may affect, if applicable, the
a) conformity to management systems requirements;
b) conformity to statutory/regulatory requirements;
c) performance of the organization's management system(s).​
NOTE 1 When describing the identified risks, it can also be important, if applicable, to:
indicate that a significant risk is not being managed;
indicate that risks have been misrepresented.
NOTE 2 Identifying risks does not imply risk assessment in accordance with ISO 31000.
 

Doug Tropf

Quite Involved in Discussions
#18
As we can tell, the simple fact of a CB/NB auditor potentially identifying opportunities for improvement can be very controversial. Imagine what could happen when ISO 17022:2012 becomes enforced and bring both requirements and suggestions, such as
It would seem that the GHTF's proposed SG3(PD)/N19 would add to the controversy (or confusion).
 
Thread starter Similar threads Forum Replies Date
Ed Panek Notified Body Substantial Change MDD EU Medical Device Regulations 1
M Spain Notified Body Medical Device and FDA Regulations and Standards News 0
M Notified Body Spain Other ISO and International Standards and European Regulations 0
M Spanish Notified Body - Spanish language CE Marking (Conformité Européene) / CB Scheme 2
K MDR Class 1 Self Certification - Competent Authority or Notified Body? EU Medical Device Regulations 6
P Notified Body Approval of Change EU Medical Device Regulations 2
K Adding the Notified Body Number CE Marking (Conformité Européene) / CB Scheme 2
A NB (Notified Body) Audit of Standards ISO 13485:2016 - Medical Device Quality Management Systems 3
J Conflict of Interest Registrar/Notified Body/Testing House Quality Manager and Management Related Issues 4
R Change Notification - Registrar vs Notified body ISO 13485:2016 - Medical Device Quality Management Systems 1
Watchcat "Disappeared" Linkedin Notified Body Rant EU Medical Device Regulations 2
M Notified Body audits -Class Ia medical device product EU Medical Device Regulations 4
R Notified Body for MDD 1Q20 - Florida Company Registrars and Notified Bodies 4
M Informational EU – New notified body designated under the MDR – NB 2797 BSI Group The Netherlands B.V. Netherlands Medical Device and FDA Regulations and Standards News 0
M Informational EU – New notified body designated under the MDR – NB 1912 – DARE!! Services B.V. – Netherlands Medical Device and FDA Regulations and Standards News 0
N Customer asking if their notified body can audit us ISO 13485:2016 - Medical Device Quality Management Systems 5
N MDR review process by notified body - How many steps exist in the review process EU Medical Device Regulations 0
Ed Panek CAPA against Notified Body? EU Medical Device Regulations 5
M Informational EU – First IVDR designated Notified Body – DEKRA Certification GmbH Medical Device and FDA Regulations and Standards News 0
N Regular meetings with Notified Body EU Medical Device Regulations 13
M Informational EU – New designated Notified Body under the MDR – TÜV Rheinland LGA Products GmbH Medical Device and FDA Regulations and Standards News 0
M Informational New designated Notified Body for Regulation (EU) 2017/745 (MDR) included in Nando – IMQ ISTITUTO ITALIANO DEL MARCHIO DI QUALITÀ S.P.A. Medical Device and FDA Regulations and Standards News 3
M Informational EU – Next Notified Body designated to the MDR 2017/475 is IMQ S.p.A from Italy Medical Device and FDA Regulations and Standards News 0
M Informational EU – DEKRA Certification GmbH is the third Notified Body designated under the MDR Medical Device and FDA Regulations and Standards News 0
JoshuaFroud The withdrawal of Lloyd’s Register MDD & IVDD Notified Body Status CE Marking (Conformité Européene) / CB Scheme 1
M Measurement Unit Rounding Nonconformity - Notified Body Audit Registrars and Notified Bodies 6
M Informational From RAPS – Another Notified Body Bows Out Ahead of EU MDR: ‘Investment Too High’ Medical Device and FDA Regulations and Standards News 2
M Authorized Rep (AR), competent authority, NCA and notified body - Differences EU Medical Device Regulations 9
R How long to wait for Notified Body Response - Potentially significant change to a medical device CE Marking (Conformité Européene) / CB Scheme 6
M Informational New Notified Body designated under the MDR – TÜV SÜD Product Service GmbH Zertifizierstellen Medical Device and FDA Regulations and Standards News 1
shimonv Non-significant notice of change to notified body EU Medical Device Regulations 4
S Difficulty Finding A Notified Body for CE Marking - No Capacity Registrars and Notified Bodies 5
P Notified body located in an other country than manufacturing company ISO 13485:2016 - Medical Device Quality Management Systems 2
M BSI – Want to know more about the Notified Body? Registrars and Notified Bodies 0
M Start-Up Company looking for ISO 13485 Certification Body and Medical Device CE Mark Notified Body Registrars and Notified Bodies 6
M Medical Device News BSI achieves Designation for its Netherlands Medical Devices Notified Body EU Medical Device Regulations 2
C Attestation of QA certificate from foreign (EU) Notified Body Other Medical Device Regulations World-Wide 6
D Notified body - CE Certification Class 2a Products in India CE Marking (Conformité Européene) / CB Scheme 4
M Notified Body Involvement with Self Declared Products EU Medical Device Regulations 7
C QR Code on Medical Device Packaging and Notification to Notified Body EU Medical Device Regulations 1
H Clinical investigation - Role of Notified Body (NB) EU Medical Device Regulations 6
S Certification Body, Registrar, Notified Body - What is the difference? Registrars and Notified Bodies 3
D CE Mark with same NB (Notified Body)? CE Marking (Conformité Européene) / CB Scheme 4
Sam Lazzara Expedited, fast-track Notified Body Technical File reviews EU Medical Device Regulations 3
Sam Lazzara Notified Body CE Project Manager - Worst job ever? EU Medical Device Regulations 6
K Notified Body - Minor Nonconformances - They have withheld all certificates General Auditing Discussions 3
R Non-Conformity Report from Notified Body - MEDDEV Guide is not Legally Binding EU Medical Device Regulations 16
JoCam Required Frequency of Notified Body reviews of Technical Files EU Medical Device Regulations 6
R ISO 13485 Certificate Scope modified by Notified Body EU Medical Device Regulations 9
S Literature Search - Notified Body Had Questions About our Rationale CE Marking (Conformité Européene) / CB Scheme 9

Similar threads

Top Bottom