Search results

Clean room requirements standards for ISO 13485:2016

ISO organization has following standards dedicated to clean rooms, outlining the practices and procedures required to manage the risk of contamination, and provide the framework for classifying and monitoring the cleanliness of the air in cleanrooms:

• ISO 14644-1:2015, Cleanrooms and associated controlled environments – Part 1: Classification of air cleanliness by particle concentration https://www.iso.org/standard/53394.html
• ISO 14644-2:2015, Cleanrooms and associated controlled environments – Part 2: Monitoring to provide evidence of cleanroom performance related to air cleanliness by particle concentration https://www.iso.org/standard/53393.html.

More information about managing the cleanliness of a product and contamination control according, you can find on the following link:

• Managing cleanliness of a product and contamination control according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/07/04/managing-cleanliness-of-a-product-and-contamination-control-according-to-iso-134852016/

Also, the following article may be useful:

• Managing medical device infrastructure requirements according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/06/28/managing-medical-device-infrastructure-requirements-according-to-iso-13485/

• Making evidence to RPO and RTO

  The Recovery Point Objective (RPO) and Recovery Time Objective (RTO) are identified and documented during the Business Impact Analysis.

  When identifying which impacts can occur to a business process due to a disruptive event, and how they evolve over time, you can gather evidence to support the definition of RPO and RTO.

  In the Business Impact Analysis toolkit you bought, there is a Business Impact Analysis Questionnaire you can use to document the information needed to define the RPO and RTO.

  This article will provide you a further explanation about RTO and RPO:

  • What is the difference between Recovery Time Objective (RTO) and Recovery Point Objective (RPO)? https://advisera.com/27001academy/knowledgebase/what-is-the-difference-between-recovery-time-objective-rto-and-recovery-point-objective-rpo/

  This material will also help you regarding RTO and RPO:

  • Book Becoming Resilient: The Definitive Guide to ISO 22301 Implementation https://advisera.com/books/becoming-resilient-the-definitive-guide-to-iso-22301-implementation/

• ISO 9001 Mandatory Core Policies and Procedures

  In this article - List of mandatory documents required by ISO 9001:2015 - https://advisera.com/9001academy/knowledgebase/list-of-mandatory-documents-required-by-iso-90012015/ - you can see that ISO 9001:2015 has no mandatory procedures. Concerning mandatory documents, the list is very small (the scope, the quality policy and the quality objectives). All the rest is up to each organization. Please consider that the list of mandatory records is larger.

  You can find more information about documents and records below:

  • How to structure quality management system documentation - https://advisera.com/9001academy/knowledgebase/how-to-structure-quality-management-system-documentation/
  • New approach to document and record control in ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/06/30/new-approach-to-document-and-record-control-in-iso-90012015/
  • Free online training ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
  • Book - Managing ISO Documentation: A Plain English Guide - https://advisera.com/books/managing-iso-documentation-plain-english-guide/
     

   

• Documents required by MDSAP and FDA in ISO 13485 Documentation Toolkit

  1. Do you have in your 13485 & MDR package documents required by MDSAP? If no, where I can get them.

  In our ISO 13485 & MDR documentation toolkit, we have all the necessary documentation for the internal audit which is very similar to MDSAP Documents. These are the following documents:

  • Procedure for Internal audit
  • Internal audit checklist
  • Internal audit program<
  • Internal audit plan
  • Internal audit report

  On this link you can see the list of the documents that we have in our Documentation toolkit https://advisera.com/13485academy/iso-13485-internal-audit-toolkit/: 

  The list of MDSAP audit procedures and forms you can find on the following link: https://www.fda.gov/medical-devices/medical-device-single-audit-program-mdsap/mdsap-audit-procedures-and-forms

  More information on ISO 13485:2016 internal audit process you can find in the following articles:

  • Five main steps in the ISO 13485:2016 internal audit https://advisera.com/13485academy/knowledgebase/five-main-steps-in-the-iso-134852016-internal-audit/
  • How to create a checklist for an ISO 13485 internal audit for your QMS https://advisera.com/13485academy/knowledgebase/how-to-create-a-checklist-for-an-iso-13485-internal-audit-for-your-qms/

  2. The same question about your 13485 & MDR package documents required by FDA?"

  Medical device regulation is applicable to all medical devices that want to be placed on the EU market. Necessary Technical documentation is described in Annex 2 and Annex 3 of the MDR 2017/745.

  Here are the links to that Annexes:

  • EU MDR Annex 2 – Technical documentation - https://advisera.com/13485academy/mdr/technical-documentation/
  • EU MDR Annex 3 – Technical documentation on post-market surveillance – https://advisera.com/13485academy/mdr/technical-documentation-on-post-market-surveillance/

  We, in our ISO 13485 & MDR Documentation Toolkit have prepared the obligatory procedures and reports. Other test reports depend on the type of medical device and it was not possible to standardize it. Below you can see listed these documents:

  • Procedure for clinical evaluation and related documents
  • Procedure for post-market surveillance and related documents
  • Technical documentation procedure and related documents

  A 510(k) is the technical dossier required by the US Food and Drug Administration (FDA) to sell a medium-risk medical device or IVD in the United States. It is formally called a Pre-market Notification. A 510(k) contains detailed technical, safety, and performance information about a medical device. The documentation must demonstrate the device in question is "substantially equivalent" to a predicate device (i.e. a product already cleared for sale in the US). The FDA must review the 510(k) and "clear" your device before you can legally sell or distribute it in the United States.

  Here is the link to the content of the 510(k):

  • Content of a 510(k)  https://www.fda.gov/medical-devices/premarket-notification-510k/content-510k
  • Premarket Notification 510(k) https://www.fda.gov/medical-devices/premarket-submissions/premarket-notification-510k

  Differences between MDR and FDA 510(k) are in some definitions, classes, and in the clinical investigation trials. Therefore, you can use our templates from our documentation toolkit. However, once again I repeat that this documentation is not all the required documents, and plans, reports, and results of different tests can not be standardized.

• ISO 9001 Internal and External Parties and their Needs

  Please check this picture with a list of different interested parties:

  

  Please check this example of what can be the needs of an interested party:

  

  Both images were taken from this free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/

  You can find more information below:

  • How to determine interested parties and their requirements according to ISO 9001:2015 - https://advisera.com/9001academy/blog/2015/11/10/how-to-determine-interested-parties-and-their-requirements-according-to-iso-90012015/
  • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
  • Book – Discover ISO 9001:2015 Through Practical Examples – https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
     

• Impact details for each ISO 27001 control

  Please note that impact details of ISO 27001 controls, and impacts of not implementing them, will depend on the results of your risk assessment (i.e., which impacts and likelihood are related to the risks), the controls you decide to apply (some controls may be more effective when used together), and applicable legal requirements (even if there are not relevant risks you may need to implement a control due to a legal requirement). Since these depend on the context of each organization, it is unfeasible to define a generic overview.

  These articles will provide you a further explanation about impact and requirements identification:

  • How to identify ISMS requirements of interested parties in ISO 27001 https://advisera.com/27001academy/blog/2017/02/06/how-to-identify-isms-requirements-of-interested-parties-in-iso-27001/
  • How to assess consequences and likelihood in ISO 27001 risk analysis https://advisera.com/27001academy/iso-27001-risk-assessment-treatment-management/#assessment