Question on using audit checklist ISO 13485:2016

duff999

Involved In Discussions
#1
I'm looking for advice on using an audit checklist for ISO 13485, this will be our first audit (Stage 1). In the past I typically use a checklist with the following:

- Element of ISO 13485:2016
- A Question relating to the element of the standard (Does the QMS support claims of the conformity of the standard, etc etc).
- Observations, comments, documents reviewed
- Results (Conforms, OFI, Minor, Major)

I have all the elements listed, but I have been reading through some posts and seeing some comments about MDSAP. Is MDSAP something I have to consider while developing this checklist? This is uncharted waters for me, so any advice is appreciated.
 
Elsmar Forum Sponsor

adir88

Involved In Discussions
#2
It depends on the scope of your audit. If you’re getting certified to MDSAP, then yes. But it doesn’t sound like you’re since you’re only realizing this by reading the posts here.
 

John C. Abnet

Teacher, sensei, kennari
Staff member
#3
audit checklist for ISO 13485, this will be our first audit (Stage 1).
Good day @duff999 ;
I'm a little confused. If I understand correctly,...
1- your CB will be conducting a "Stage 1" audit, in preparation for your organization's certification.
2- In order to provide the necessary readiness and evidence, your organization is going to perform internal audits (prior to the CB Stage 1).

Is this correct?

If indeed you are speaking of internal audits, remember, the current revision of ISO 13485 (consistent with other ISO management system standards) now emphasizes a "Process Approach". I would caution against getting caught in the old/previous trap of auditing in "silos" and focusing on/viewing through, the clauses of the ISO standard.

The intent, is to identify your organization's processes, their sequence, and their interaction. One process often affects another. For that reason and the proper goal of utilizing a process approach, I would council that your organization should audit the identified PROCESSES. Often, multiple ISO clauses can/will apply to multiple processes. Focus on the processes and their inputs and outputs. Are these functioning as intended? Are the applicable requirements applied by ISO for control, management, records/evidence being met within each of those processes?

Auditing to the "clause" is one of the approaches the authors are trying to stop by "introduction"/directing towards the Process Approach. They got it right, and the process approach is a much more comprehensive/robust approach ....especially in the context of internal auditing.

Hope this helps.

Be well.
 

duff999

Involved In Discussions
#4
Good day @duff999 ;
I'm a little confused. If I understand correctly,...
1- your CB will be conducting a "Stage 1" audit, in preparation for your organization's certification.
2- In order to provide the necessary readiness and evidence, your organization is going to perform internal audits (prior to the CB Stage 1).

Is this correct?

If indeed you are speaking of internal audits, remember, the current revision of ISO 13485 (consistent with other ISO management system standards) now emphasizes a "Process Approach". I would caution against getting caught in the old/previous trap of auditing in "silos" and focusing on/viewing through, the clauses of the ISO standard.

The intent, is to identify your organization's processes, their sequence, and their interaction. One process often affects another. For that reason and the proper goal of utilizing a process approach, I would council that your organization should audit the identified PROCESSES. Often, multiple ISO clauses can/will apply to multiple processes. Focus on the processes and their inputs and outputs. Are these functioning as intended? Are the applicable requirements applied by ISO for control, management, records/evidence being met within each of those processes?

Auditing to the "clause" is one of the approaches the authors are trying to stop by "introduction"/directing towards the Process Approach. They got it right, and the process approach is a much more comprehensive/robust approach ....especially in the context of internal auditing.

Hope this helps.

Be well.
Excellent information, I appreciate the input.
 

LUFAN

Involved In Discussions
#5
I have all the elements listed, but I have been reading through some posts and seeing some comments about MDSAP. Is MDSAP something I have to consider while developing this checklist? This is uncharted waters for me, so any advice is appreciated.
What is the scope of your QMS? Do you make medical devices or components? Do you have regulatory obligations from someone like FDA?

You don't have to join MDSAP, unless you're selling into Canada. That said your internal audit should cover 13485 + whatever regulatory jurisdictions are applicable. Your 13845 auditor would not write you a NC for not auditing against your scope outside of 13485, but an internal auditor certainly would, and if that regulatory jurisdiction was also performing their own inspection/audit or if it was an MDSAP audit, that's definitely a Major/Grade 3+ NC.
 

duff999

Involved In Discussions
#6
What is the scope of your QMS? Do you make medical devices or components? Do you have regulatory obligations from someone like FDA?

You don't have to join MDSAP, unless you're selling into Canada. That said your internal audit should cover 13485 + whatever regulatory jurisdictions are applicable. Your 13845 auditor would not write you a NC for not auditing against your scope outside of 13485, but an internal auditor certainly would, and if that regulatory jurisdiction was also performing their own inspection/audit or if it was an MDSAP audit, that's definitely a Major/Grade 3+ NC.
Our current audit scope would be ISO 13485:2016. We are a manufacturer of a component that will end up being part of a kit and sent to the final manufacturer, so this is not the final device. I'm struggling a bit to understand the process approach rather than using a checklist that has each clause listed.
 

John C. Abnet

Teacher, sensei, kennari
Staff member
#7
I'm struggling a bit to understand the process approach rather than using a checklist that has each clause listed.
Consider this example...
Company name is "Make A Pizza"

Your processes (oversimplified) are as follows...

PROCESSES Applicable Clauses
Take Order 4.2; 7.2; ;
Dice- 4.2; 7.5.1; 7.5.2; 7.5.8;
Assemble- 4.2; 7.5.1; 7.5.2; 7.5.8;
Bake- 4.2; 7.5.1; 7.5.2; 7.5.8; 7.6
Cut- 4.2; 7.5.1; 7.5.2; 7.5.8;
Box- 7.5.1; 8.3
Deliver 8.5.1; 8.2.6; 8.3; 8.3.3; 8.5.2

Audit to your stated PROCESS . The additional column of "applicable clauses" is not necessary, but might help you understand how the standard requirements are threaded throughout your various processes. This example, of course, is an over simplification, but ....

Hope this helps.
Be well.
 

LUFAN

Involved In Discussions
#9
Great example, I appreciate the response here!
John's post is a good one. I'll just add from the house keeping point of view. Make sure you are not auditing any process in which you are involved, and that you have undergone a training to perform internal audits to 13485. I have issued NCs for my component suppliers for both of those things. That is said with the understanding that a lot of these company's are small and therefore it's often hard to actually have autonomy over certain processes.
 

duff999

Involved In Discussions
#10
John's post is a good one. I'll just add from the house keeping point of view. Make sure you are not auditing any process in which you are involved, and that you have undergone a training to perform internal audits to 13485. I have issued NCs for my component suppliers for both of those things. That is said with the understanding that a lot of these company's are small and therefore it's often hard to actually have autonomy over certain processes.
Good advice. I do have questions related to this.

If I am the one creating the SOP's, work instructions, forms, etc. for a certain process, does this exclude me from performing the audit. I may not be the actual operator of the process, but I have authored it.

Also, If I am the one who is tasked to perform the internal audit, and have gone through a formal training course from an outside consulting group on how to perform internal audits , is this enough evidence that I have gone through the proper training?
 
Thread starter Similar threads Forum Replies Date
D Calibration tolerance question using Pipettes Medical Device and FDA Regulations and Standards News 3
Q Is anyone using MasterControl Spark? I have a question ISO 13485:2016 - Medical Device Quality Management Systems 9
H Assessment Question - We are using another company's procedures ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
C Using CSSGB/CSSBB as a Title - Six Sigma Question Six Sigma 3
K Risk Assessment / FMEA - Using the same Risk Opportunities - Opinion Question AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 9
S Determining the Total Sample Size using AQL - AQL Lot Quantity question AQL - Acceptable Quality Level 8
S Using Statistical Tables for Normal Distribution - Question and hopefully answers Statistical Analysis Tools, Techniques and SPC 5
D A Test Lab Using ISO 17025 - Question About Nonconforming Work ISO 17025 related Discussions 22
M Checking a male taper using a female air gage fixture - Air Gaging question Inspection, Prints (Drawings), Testing, Sampling and Related Topics 5
C Pin Gauge Calibration using a Micrometer - Accuracy & Calibration Level Question General Measurement Device and Calibration Topics 10
D Hey! Quick question, are any of these companies using 6 Sigma? Six Sigma 4
8 Drawing Feature Question Inspection, Prints (Drawings), Testing, Sampling and Related Topics 8
D Question: How to analyze numerical and attribute data Reliability Analysis - Predictions, Testing and Standards 11
D Question on electronic signatures and initials on batch records ISO 13485:2016 - Medical Device Quality Management Systems 3
A Special Characteristic question from Automotive CSR Customer and Company Specific Requirements 9
Ron Rompen GDT Question - is this even correct? Inspection, Prints (Drawings), Testing, Sampling and Related Topics 3
A PPAP question for audit APQP and PPAP 16
C ISO Question - Do you say "I-S-O" or "I-Soh"? Misc. Quality Assurance and Business Systems Related Topics 14
D Question regarding where "validations" fit according to ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1
D Question on Supplier Quality (SCAR) ISO 13485:2016 - Medical Device Quality Management Systems 3
A +0/-.001 Tolerance question - Feature size is 1.249 +0/-.001 - Actually measures 1.2493 (.0003 OHL Inspection, Prints (Drawings), Testing, Sampling and Related Topics 12
D Question and advice for a supplier self audit questionnaire ISO 13485:2016 - Medical Device Quality Management Systems 6
D Question on Documented Calibration versus ISO 17025 Accredited Calibration ISO 13485:2016 - Medical Device Quality Management Systems 2
A Design Change/ECO Related Question 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
S Configuration Item definition question AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
C Quality Management System Question ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 32
Q ISO 9001/IATF 16949 Audit Finding Question - Document Retention IATF 16949 - Automotive Quality Systems Standard 11
J IATF 16949 Calibration/Verification records question ISO 26262 - Road vehicles – Functional safety 6
I IMDS Error Message Question RoHS, REACH, ELV, IMDS and Restricted Substances 1
lanley liao Question regarding the calibration of monitoring and measure equipment. Oil and Gas Industry Standards and Regulations 3
C Gauge R&R Question Using Minitab Software 1
J IATF 16949 Internal Audit question - Auditor's responsibility Internal Auditing 6
K Question on MDR classification EU Medical Device Regulations 4
D Question on equipment - when to use reference only or research only stickers ISO 13485:2016 - Medical Device Quality Management Systems 5
D Work Instruction Question ISO 13485:2016 - Medical Device Quality Management Systems 5
M Clinical Decision Support Software Question 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
John C. Abnet VDA 6.3 - Question 7.3 - "blocking of parts" VDA Standards - Germany's Automotive Standards 6
D Approved supplier list - Distributors question ISO 13485:2016 - Medical Device Quality Management Systems 6
D Equipment Register and PM question ISO 13485:2016 - Medical Device Quality Management Systems 2
D Question regarding "storage and distribution" ISO 13485:2016 - Medical Device Quality Management Systems 1
D Question regarding customer feedback process ISO 13485:2016 - Medical Device Quality Management Systems 3
D Equipment Register related question ISO 13485:2016 - Medical Device Quality Management Systems 1
S Study sign off question / responsibilities ISO 13485:2016 - Medical Device Quality Management Systems 3
S Qualification question - ISO 13485 - Setting up a small lab Reliability Analysis - Predictions, Testing and Standards 2
M Question for Auditors - "Off the Record" Conversation? General Auditing Discussions 14
D Question regarding ECO process, specifically for Life Science products and defining form fit and function ISO 13485:2016 - Medical Device Quality Management Systems 1
R Accelerated Aging - Creating test samples - Implantable medical device Question Other Medical Device Related Standards 4
A Question on Authorized Representative in Malaysia Other Medical Device Regulations World-Wide 3
D Limited Scope for second site Question? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
I ISO 2233:2000 Question - Medical Device Shipping/Transportation Validation Other ISO and International Standards and European Regulations 1

Similar threads

Top Bottom