Search results

17025 accreditation

Indeed, if you are referring to your organisation performing the testing, ISO 17025 accreditation will demonstrate that the method is valid, and your laboratory operates competently. This will provide confidence in your work internationally.  Standardising a method would involve engaging with other experts in testing laboratories and applying to your sector-specific standards body or national standards body. A technical committee is formed to coordinate /manage the process.

For more information on ISO 17025 see the article What is ISO 17025? at https://advisera.com/17025academy/what-is-iso-17025/

When is there a need to open and handle a complaint?

No, you do not need to initiate the complaint in the case that you have described. However, this situation is an input to your design and development process and also for the risk analysis. Responsible persons from these two processes (D&D and risk management) must be informed about the cause and a change process probably need to be initiate. 

Following articles can be helpful:

• How to manage design and development of medical devices according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/08/24/how-to-manage-design-and-development-of-medical-devices-according-to-iso-134852016/
• How to use ISO 14971 to manage risks for medical devices https://advisera.com/13485academy/blog/2017/09/21/how-to-use-iso-14971-to-manage-risks-for-medical-devices/

• IATF 16949 for software companies

  IATF 16949: 2016 standard; In the scope definition section in 1.1 Scope, stated as follows for the embedded software. '' Automotive supplemental to ISO 9001: 2015 this Automotive QMS Standard defines the quality management system requirements for the design and development, production and, when relevant, assembly, installation, and services of automotive-related products, including products with embedded software. ''In other words, companies that produce software embedded in the product can also apply for an IATF certificate. As you know, the product, which is embedded software, must be installed on the OEM or OES vehicle.
  If the company produces an embedded software product for the automotive industry; the IATF 16949: 2016 standard requires the following in clause 8.3.2.3.

  8.3.2.3 Development of products with embedded software

  The organization shall use a process for quality assurance for their products with internally developed embedded software. A software development assessment methodology shall be utilized to assess the organization's software development process. Using prioritization based on risk and potential impact to the customer, the organization shall retain documented information of a software development capability self-assessment.  The organization shall include software development within the scope of its internal audit program (see Section 9.2.2.1).

• Is it mandatory to write a specific procedure for impartiality?

  There is no mandatory requirement to have a procedure or documented procedure regarding impartiality. Typically you will ensure safeguarding impartiality through stating your commitment and approach in a Quality Policy as well as the Quality Manual (if you have one).

  Other processes that include considering and evaluating risks to impartiality are Internal Audits, Addressing Risk and Opportunities, and Management Review. Risk assessments must be used to demonstrate the ongoing attention and identification of impartiality risks.

  Have a look at the Article  How to ensure impartiality in an ISO 17025 laboratory at https://advisera.com/17025academy/blog/2020/10/12/ensuring-impartiality-in-an-iso-17025-laboratory/ for Five steps to ensure impartiality.

• ROSI - interpreting calculated value

  First is important to note that the interpretation will depend on how the formula considers the incident costs and security control costs.

  For example, in the formula:

  ROSI = cost of a realized incident - the cost of needed security controls

  the results can be interpreted as you said (i.e., a positive result means that the implementation of security controls is worthy, and a negative result means the implementation is not worthy).

  In case the formula is:

  ROSI = cost of needed security controls - the cost of a realized incident

  The results interpretation would be inverse.

  These articles will provide you a further explanation about ROSI:

  • Is it possible to calculate the Return on Security Investment (ROSI)? https://advisera.com/27001academy/blog/2011/06/13/is-it-possible-to-calculate-the-return-on-security-investment-rosi/
  • How to make your investment in ISO 27001 profitable https://advisera.com/27001academy/blog/2015/07/13/how-to-make-your-investment-in-iso-27001-profitable/

  This material can also help you:

  • Free Return on Security Investment Calculator https://advisera.com/27001academy/free-tools/free-return-security-investment-calculator/

• All documents required by QMS for ISO13485

  This is not the list of internal documents. This is just a form where each manufacturer needs to put all their internal documents: https://advisera.com/9001academy/documentation/list-internal-documents/

  The list of internal documents are all documents that you will prepare for your Quality management system (documented procedures). Records are documents that arise as a result of some work, testing, reports, and similar.

  For more information, please see the following article:

  • How to structure Quality Management System documentation according to ISO 13485 https://advisera.com/13485academy/knowledgebase/how-to-structure-quality-management-system-documentation-according-to-iso-13485/

  If you need a list of all documents that is necessary to prove the compliance with ISO 13485:2016, please see following article:

  • List of mandatory documents required by ISO 13485:2016 https://advisera.com/13485academy/blog/2017/01/18/list-of-mandatory-documents-required-by-iso-134852016/

  List of all documents that are part of our documentation toolkit, you can find on this link, under the headline Toolkit documents:

  • ISO 13485:2016 Documentation Toolkit https://advisera.com/13485academy/iso-13485-documentation-toolkit/

  • Matrix for Requirements against Process/Department

    For internal audit you can definitively use our Internal audit checklist from our ISO 13485:2016 Documentation toolkit. The Internal Audit Checklist is the list of questions required to ensure the management system is implemented and maintained. The listing includes more than 100 questions to ensure each requirement of the ISO 13485 standard is implemented and maintained within the Quality Management System and includes the ability for the company to add additional questions to suit individual needs. Of course within these 100 questions are questions regarding production, warehouse, quality control, and so on. Therefore, you can find questions applicable to your medical devices.

    Here is the link for the Internal audit checklist: https://advisera.com/13485academy/documentation/internal-audit-checklist-iso-13485-2016/

    For more information about conducting the internal audit, please see the following links:

    • Five main steps in the ISO 13485:2016 internal audit https://advisera.com/13485academy/knowledgebase/five-main-steps-in-the-iso-134852016-internal-audit/
    • How to create a checklist for an ISO 13485 internal audit for your QMS https://advisera.com/13485academy/knowledgebase/how-to-create-a-checklist-for-an-iso-13485-internal-audit-for-your-qms/
    On following link you can see which documents and records our ISO 13485:2016 Internal audit toolkit has: https://advisera.com/13485academy/iso-13485-internal-audit-toolkit/