Internal audits are one of the most important process within a Quality Management System for Medical Device manufacturers and having an ISO 13485 Audit Checklist is an essential tool that could be used to prepare and manage the internal audit process. The absence of Internal Audit or Internal Audit Plan is often considered a major non-conformity in the framework of an ISO 13485.
Internal Audit Requirements According to 21 CFR 820
Quality Audit requirements according FDA Quality System Regulation are reported in the section 21 CFR 820.22. The text of the section is reported below:
Each manufacturer shall establish procedures for quality audits and conduct such audits to assure that the quality system is in compliance with the established quality system requirements and to determine the effectiveness of the quality system. Quality audits shall be conducted by individuals who do not have direct responsibility for the matters being audited. Corrective action(s), including a reaudit of deficient matters, shall be taken when necessary. A report of the results of each quality audit, and reaudit(s) where taken, shall be made and such reports shall be reviewed by management having responsibility for the matters audited. The dates and results of quality audits and reaudits shall be documented.
Based on this text of the regulation it is possible to basically summarise the key requirements for the internal audit process:
- Quality Audits shall be performed to ensure compliance of the Quality System to the applicable regulatory requirements
- Independence of the auditors shall always be demonstrated
- The link between Internal Audits and CAPA process shall be properly demonstrated and documented
- Internal Audit Plan and reports shall be documented.
Internal Audit Requirements According to ISO 13485:2016
The section related to internal audit within ISO 13485:2016 is the clause 8.2. There are mainly the same requirements already explained in the previous section related to FDA Quality System Regulation. However, in addition to what has already be mentioned in the previous paragraph, there are some additional requirements which is important to mention.
Specifically, one of the most important requirement is the risk-based approach in the planning of the internal audits. In fact, ISO 13485 requires internal audits to be planned “taking into consideration the status and importance of the processes and area to be audited, as well as the results of previous audits“. This is very important and it can be included in the framework of those requirements that go in the direction of the implementation of risk management principles in the Quality Management System of an organization.
It is very important to document an audit plan which takes in consideration the internal audits to be performed through the whole year. In the audit plan, the specific processes to be audited need to be mentioned along with the timing on when that specific audit is planned. Moreover, it definitely makes sense to include the specific audit criteria for each specific process to be audited.
Also within ISO 13485 there is the requirements associated to the link between the internal audit process and the CAPA process. In fact, the text of the ISO standard reports:
The management responsible for the area being audited shall ensure that any necessary corrections and corrective actions are taken without undue delay to eliminate detected nonconformities and their causes.
This sentence includes a very important requirements related to the implementation of corrections and corrective action “without undue delay“. Sometimes, to cover this specific requirement, the timing for the opening of a CAPA following an audit findings shall be defined in the Quality System Procedure; this timing may be different based on the type findings which have been raised during audit (remarks, minor non-conformities, major non-conformities).
For an efficient and straightforward internal audit process according to ISO 13485:2016, or in the framework of the preparation of a specific Internal or External audit, the ISO 13485 Audit Checklist is Ann essential tool. In the next section we will go through the characteristics of this compliance checklist.
ISO 13485 Audit Checklist
The ISO 13485 Audit Checklist reports all the requirements of the ISO 13485 version 2016 in a tabular form. For each requirements, there are some indications to suggest which documentation shall be reviewed by the auditor to ensure the specific requirement has been properly implemented in the organization.
The checklist is divided into different sectors which do basically correspond to the sections of the ISO 13845. Specifically:
Often internal audits are performed on one or more specific process of the Quality System, thus it is important to have the checklist divided into different sections, so that only the part relevant to the specific audit is taken in consideration.
Conclusions
In conclusion with this post we have been talking about one essential tool that can be used in the framework of the internal audit process for medical device organization. This tool is the ISO 13485 Audit Checklist, which includes the list of the whole requirements associated to ISO 13485 version 2016 along with specific suggestions on how to verify that requirement.
Subscribe to QualityMedDev Newsletter
QualityMedDev is an online platform that provides extensive support to medical device manufacturers and consultancy companies in the field of regulatory compliance. We publish blog posts on quality management system topics and provide extensive documentation ready to be downloaded to support the implementation and maintenance of the quality system or product-related certification.
We publish a periodic newsletter aimed at sharing information on the new articles or documents which have been made available through the QualityMedDev website.
If you would like to stay updated with the last news and analysis from the regulatory world for medical device sector, do not forget to subscribe to our newsletter.
Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.qualitymeddev.com/2021/04/05/iso-13485-audit-checklist/
