Training ISO 13485

What is ISO 13485?

ISO 13485 is a stand-alone QMS standard, derived from the internationally recognized and accepted ISO 9000 quality management standard series. ISO 13485 adapts the ISO 9000 process-based model for a regulated medical device manufacturing environment. While ISO 13485 is based on the ISO 9001 process model concepts of Plan, Do, Check, Act, it is designed for regulatory compliance. Thus it is more prescriptive in nature and requires a more thoroughly documented quality management system.

ISO 13485 was written to support medical device manufacturers in designing quality management systems that establish and maintain the effectiveness of their processes. It ensures the consistent design, development, production, installation, and delivery of medical devices that are safe for their intended purpose.

A medical device manufacturer’s quality management system is the foundation for maintaining regulatory compliance, driving improvement, effectiveness and achieving stakeholder confidence in the manufacturer and their products. The requirements of ISO 13485 provide the model quality management system building blocks of success.

High performing organizations expect ISO 13485 auditing to be thorough, fair, competent, relevant and challenging of the manufacturers quality management systems, effective auditing drives significant benefits to the manufacturer.

The beneficial outputs of an effective audit include:

Meaningful feedback on the effectiveness of the quality management system
Confidence in compliance with regulations
Identification of areas requiring attention
Confirmation that best practice is achieved
Detection of areas of non-compliance and possible risk
Reporting and certification that is valuable and recognized

Risk Management ISO 14971

Risk management is a key component and requirement for ISO 13485 certification. ISO 14971 is a risk management system standard, and was designed to be compatible with ISO 13485. It helps manufacturers meet the increasing global requirements and expectations to implement not only quality, but full risk management systems throughout the entire life cycle of the medical devices they manufacture.

ISO 14971 (risk management standard) is a helpful tool for manufacturers in identifying and controlling not only the risks associated with their medical devices, but also evaluating interactions with other devices. Increasingly, ISO 14971, in the footsteps of ISO 13485, is becoming an international requirement for medical device manufacturers to meet regulatory expectations globally.

The importance of ISO 13485

ISO 13485 is important to designers, manufacturers, and distributors of medical devices. In addition, suppliers and service providers can enhance an organization's marketability as more and more manufacturers require certification in order to do business with a vendor.

When it comes to medical device manufacturing, patient safety greatly depends on the quality and consistency of medical products, and ensuring effectiveness, control and maintenance of your quality management system is critical to customers, stakeholders, patients and users, and regulatory agencies.

The value of ISO 13485 is not just in the implementation, but also in providing a tool for a thorough audit to test the effectiveness of the system. It provides the manufacturer a higher level of confidence in the ability to consistently achieve and maintain compliance with regulatory requirements. Also it can help to minimize surprises and failures which might adversely affect patient safety and damage a manufacturer's reputation.

ISO 13485 and CE marking

ISO 13485 is the best internationally-accepted model a medical device organization can implement to help demonstrate compliance to laws and regulations of the medical device industry.

ISO 13485 is the quality management system standard accepted as the basis for CE marking medical devices under European Directives. Increasingly, ISO 13485 is being required, or is at least beneficial, in supporting regulations around the world, including the Health Canada Canadian Medical Device Regulations CMDCAS programme.

Although ISO 13485 certification is not a direct requirement for CE marking medical devices under the European Medical Device Directives, it is recognized as a harmonized standard by the European Commission. Therefore compliance with ISO 13485 provides a presumption of conformity with the basic European Union (EU) quality assurance requirements for CE marking (additional EU requirements apply).

Key activities for ISO 13485

Get top management involved

Top management involvement is a requirement for ISO 13485 and must be clearly demonstrated by providing evidence of its commitment to the standard by determining customer requirements, establishing a quality policy, and ensuring relevant, useful, and measurable objectives, as well as focusing on responsibility, representation, communication, and review of medical devices.

Adopt the process model

Rather than focusing on each individual clause of the standard, read the requirements in terms of inputs and outputs. ISO 13485 uses the Plan, Do, Check, Act methodology, and each key area of the standard, such as quality system, management responsibility, resource management, product realization, and measurement, must be read in terms of inputs to the requirement (i.e., resource requirements) and outputs to the requirement (i.e., measurements).

Only through careful study and understanding of the process model can you achieve this effective thinking approach.

Important questions to consider for inputs are:

Who does this process?
How are they trained?
What records are kept?

Important questions to consider for outputs are:

How are customer concerns captured?
How are regulatory requirements met?
How are they summarized?
Who receives the summary report?
What metrics are outputs of the process?
How are these reviewed or monitored?

Conducting an internal audit

When an organization adopts ISO 13485, it commits to establishing, documenting, implementing, and maintaining a quality management system, which includes a commitment to an effective internal audit program. There are four steps to conducting a complete and effective internal audit.

Plan

Planning is an important component to the ISO 13485 standard.

Organizations must consider product realization, ISO 13485 in its entirety, and quality management system requirements established by the organization. This is in addition to all of the activities related to the product, such as planning of the product, customer requirements, design, purchasing, production, storage, and measuring, and any additional requirements.

Conduct

Conducting internal audits is one of the biggest areas of nonconformity seen in support of the ongoing process over time.

As costs rise and enthusiasm for an effective system fades, organizations begin to falter. However, in order to maintain an effective quality management system, an organization must press on and conduct its internal audit plan.

Measure

Once an internal audit is conducted, the results are reported, and actions to correct deficiencies must be processed immediately and any causes for nonconformities must be eliminated.

Questions to consider are:

Have deficiencies been corrected?
Were they corrected effectively and in a timely manner?
Were the causes well understood and eliminated?
Were there any trends noted in the process or in the product?

Correct

The final step in conducting an effective internal audit is focusing on understanding and measuring the effectiveness of the actions taken, and understanding and measuring the effectiveness of the internal audit process.

Questions to consider here are:

Do we need more people?
Do we have the right people?
Are the people trained effectively?
Are we seeing and understanding the right areas of the organization to detect and see the corrections that will make our devices safer and prevent defects from getting on the market?

ISO 13485:2016 training courses

Introduction to ISO 13485 Medical Devices

MRM’s Introduction to ISO 13485 course provides an insight into the use of ISO 13485 as the basis for a Quality Management System (QMS) implemented by medical device manufacturers. Time is spent reviewing the requirements of ISO 13485 and making comparisons to ISO 9001. Participants will also gain an awareness of the relationship between ISO 13485 and ISO 14971, Risk Management to Medical Devices.

Course duration: 1 day

Internal Auditor ISO 13485:2016 Medical Devices

MRM's Internal Auditor ISO 13485 course is designed to give you the relevant skills and knowledge to carry out audits of Quality Management Systems for Medical Devices (ISO 13485) and evaluate the effectiveness of the quality management system in their organization.

This intensive course teaches the principles and practices of effective quality management systems process audits in accordance with the ISO 13485 and ISO 19011 “Guidelines for Quality and/or Environmental Management Systems Auditing.”

The trainer guides you through the internal audit process, from planning an audit to reporting on audit results and following up on corrective actions.

On training completion you will be able to:

Understand the requirements of ISO 13485:2003, and the quality system requirements of Directives 93/42/EEC and 98/79/EC;
Understand the role of internal audit in the maintenance and improvement of management systems;
Possess in-depth knowledge of the ISO 13485:2003 audit and certification process;
Have the skills and knowledge needed to plan and conduct third party audits against the requirements of the ISO 13485:2003 and report the compliance of the management systems against the standard requirements so that any corrective action can be undertaken.

Course duration: 2 days

NB. We're in process to obtain IRCA registration for this course. If this will be honored participants will have the option to register themselves in the IRCA dbase.

Lead Auditor ISO 13485 Medical Devices

MRM’s Lead Auditor ISO 13485 course teaches the principles and practices of effective quality management systems and process audits in accordance with ISO 13485 and ISO 19011. Trainer guide you through the entire audit process, from managing an audit programme to reporting on audit results.

Course duration: 5 days