Search results

Difference (implementation-wise) between ISO 13485 and ISO 9001

There is no difference in the implementation process between ISO 9001 and ISO 13485. Those two standards can run together. However, since ISO 13485:2016 does not have a high level structure as ISO 9001:2015 does, you just need to take into consideration the numbering of the requirements. At the end of the ISO 13485:2016, in Annex B you can find Correspondence between ISO 13485:2016 and ISO 9001:2015. 

On the following links you can find some useful articles:

• Similarities and differences between ISO 9001:2015 and ISO 13485:2016 https://advisera.com/9001academy/blog/2015/01/21/iso-9001-vs-iso-13485/
• Checklist of ISO 13485 implementation and certification steps - https://advisera.com/13485academy/knowledgebase/checklist-of-iso-13485-implementation-and-certification-steps/

• Number of procedures required by ISO 13485:2016

  The number of procedures depends on the type of your medical device. Requirements in the standard are prepared for all types of medical devices, so not all requirements are applicable for each medical device. 

  On the following link, you can find the list of mandatory documents from ISO 13485 https://advisera.com/13485academy/blog/2017/01/18/list-of-mandatory-documents-required-by-iso-134852016/

  Of course, if you do not have certain processes (for example sterilization, or your product is not software), then there is no need to prepare and have those documents in your quality management system.

  Furthermore, I would like to point out that these are mandatory documents and definitely some additional documents can be necessary (for example: some policies, organizational charts, some plans and so on). 

• Generating quality documentation

  1. Can I generate quality documentation and have at least two other people in the R&D group review and approve them?

  Yes, you can generate quality documentation on your situation. Design and development for medical devices have to deal with relevant regulations, product safety, and risk controls on product defects in addition to the usual application requirements, specification requirements, and end-customer needs. 

  Here is the list of mandatory documents from ISO 13485 https://advisera.com/13485academy/blog/2017/01/18/list-of-mandatory-documents-required-by-iso-134852016/

  Of course, if you do not have certain processes (for example sterilization, or your product is not software), then there is no need to prepare and have those documents in your quality management system. 

  The following articles can be helpful:

  • What is ISO 13485? - https://advisera.com/13485academy/what-is-iso-13485/
  • How to manage design and development of medical devices according to ISO 13485:2016 https://advisera.com/13485academy/blog/2017/08/24/how-to-manage-design-and-development-of-medical-devices-according-to-iso-134852016/

  2. Can Quality Manual be revised as often as needed to reflect our developing stages?

  Yes, the Quality manual can be revised as often as you need. The quality manual must be the reflection of your current state.

  For more information, please see the following links:

  • How to manage the Quality Manual according to ISO 13485:2016 requirements https://advisera.com/13485academy/knowledgebase/how-to-manage-the-quality-manual-according-to-iso-13485-requirements/
  • ISO 13485: How to write a short quality manual https://advisera.com/13485academy/knowledgebase/iso-13485-how-to-write-a-short-quality-manual/

  • Is dental software considered as a medical device?

    1. Is dental software considered as a medical device?

    According to the Medical device regulation MDR 2017/745, a medical device is any instrument, apparatus, appliance, software, implant, reagent, material, or other article intended by the manufacturer to be used, alone or in combination, for human beings for one or more of the following specific medical purposes:

    • diagnosis, prevention, monitoring, prediction, prognosis, treatment or alleviation of disease
    • diagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or disability
    • the investigation, replacement or modification of the anatomy or of a physiological or pathological process or state
    • providing information by means of in vitro examination of specimens derived from the human body, including organ, blood, and tissue donations
    • and which does not achieve its principal intended action by pharmacological, immunological or metabolic means, in or on the human body, but which may be assisted in its function by such means.

    So if you can define your software within this explanation, then it is a medical device. Each medical device must have the proper classification, and classification is determined by rules The rule that is applicable for software is Rule 11 which states the following:

    Rule 11

    Software intended to provide information which is used to make decisions with diagnosis or therapeutic purposes is classified as class IIa, except if such decisions have an impact that may cause:

    • death or an irreversible deterioration of a person’s state of health, in which case it is in class III; or
    • a serious deterioration of a person’s state of health or surgical intervention, in which case it is classified as class IIb.
    • Software intended to monitor physiological processes is classified as class IIa, except if it is intended for monitoring of vital physiological parameters, where the nature of variations of those parameters is such that it could result in immediate danger to the patient, in which case it is classified as class IIb.

    All other software is classified as class I.

    For more information, please see the following:

    • EU MDR Annex 8 – classification rules https://advisera.com/13485academy/mdr/classification-rules/

    2. If yes do we need to approach Health Canada for Licensing as a medical device?

    Yes, each medical device, regardless of classification, must be registered in the local authority for medical devices, in your case Health Canada.

  • Questions to check gap analysis to 17025:2017

    All the requirements so the new revision should be checked as audit criteria. If the laboratory is already accredited to ISO 17025:2005, then the major changes in the 2017 version need to be focussed on. For example Clause 8.5 Addressing Risks and Opportunities. Questions must be asked to seek objective evidence. Two example are “Did the laboratory consider risks and opportunities associated with laboratory activities in order to: Give assurance that the management system can achieve its intended results?” and “Does the laboratory plan and take actions to address these risks and opportunities?”

    Your Accreditation Assessment Body would have policies, guidelines and checklists for transition requirements. For example a laboratory would need to ensure that effective implementation of all ISO 17025:2017 requirements have been assessed through the audit programme and gaps closed.

    Have a look at the ISO 17025 document template: Internal Audit Checklist, which is an appendix to the main document, Internal Audit Procedure. The checklist has a list of questions required to ensure the management system is implemented and maintained. It includes more than 100 questions to ensure each requirement of the ISO 17025 standard is implemented and maintained within the Laboratory Quality Management System, and includes the ability for you to add additional questions to suit additional needs. It is available at https://advisera.com/17025academy/documentation/internal-audit-checklist/

  • Queries about ISO 13485

    1. What is the basis of this business and the key point?

    If your question considers the business of producing medical devices, the key point is to ensure the safety and performance of the medical device. The ISO 13485:2016 specifies requirements for a quality management system for organizations involved in one or more stages of the life-cycle of a medical device, including design and development, production, storage and distribution, installation, servicing and final decommissioning and disposal of medical devices, and design and development, or provision of associated activities (e.g.technical support).

    2. How to start easiest and how can we understand 13485

    First of all, you need to educate yourself about this standard. You can find some courses about it, find a consultant, and educate yourself with online articles. We recommend that the best start is to read our articles in the ISO 13485 Knowledge database which you can find on the following link: https://advisera.com/13485academy/knowledgebase/ 

    Here I can specify the following articles:

    • What is ISO 13485? https://advisera.com/13485academy/what-is-iso-13485/
    • How to get ISO 13485 certified? - https://advisera.com/13485academy/iso-13485-certification/
    • Checklist of ISO 13485 implementation and certification steps https://advisera.com/13485academy/knowledgebase/checklist-of-iso-13485-implementation-and-certification-steps/
    Furthermore, you can find useful articles on our ISO 13485 Blog: https://advisera.com/13485academy/blog/

    Among all articles on that blog, for starters I can recommend the following articles:

    • ISO 13485 structure and requirements https://advisera.com/13485academy/what-is-iso-13485/
    • How to define roles and responsibilities within an ISO 13485-based QMS https://advisera.com/13485academy/blog/2017/11/16/how-to-define-roles-and-responsibilities-within-an-iso-13485-based-qms/
    • Production and service provision process in ISO 13485 - https://advisera.com/13485academy/blog/2017/12/13/production-and-service-provision-process-in-iso-13485/

    3. and how can we apply it completely easiest?

    This depends on how much time and resources you have. You can hire a consultant or you can buy a predefined documentation toolkit where all requirements are already described and your job is to and it is your job to adapt them to your processes, products, people, and more.

    Here is the link to our ISO 13485 Documentation Toolkit: https://advisera.com/13485academy/iso-13485-documentation-toolkit/

    Depending on which package you buy, you can get different levels of expert help.

    Here are some more useful articles:

    • How to choose a consultant for ISO 13485 implementation https://advisera.com/13485academy/blog/2019/04/04/how-to-choose-a-consultant-for-iso-13485-implementation/
    • Implementing ISO 13485:2016 with a consultant vs. DIY approach https://info.advisera.com/13485academy/free-download/implementing-iso-13485-2016-with-a-consultant-vs-diy-approach

    • ISO 9001 Presenting Quality System to Top Management

      It seems that the closest thing that we have are these documents: Matrix of Key Performance Indicators; Data Analysis Report and Management Review Minutes. You can find them related with this - Procedure for Management Review - https://advisera.com/9001academy/documentation/procedure-management-review/

      My recommendation is: follow the topics from ISO 9001:2015 clause 9.3.2. Also, put yourself in the shoes of top management: what does top management value more? What is pain for top management? So, show topics about productivity, costs, downtime, complaints, sales, new customers, lost costumers

      You can find more information below:

      • How to make Management Review more useful in the QMS - https://advisera.com/9001academy/blog/2014/01/21/make-management-review-useful-qms/
      • How to Make Management Review More Practical - https://advisera.com/9001academy/blog/2013/12/10/make-management-review-practical/
      • Free webinar – How to perform management review according to ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-perform-management-review-according-to-iso-9001-2015-free-webinar-on-demand/
      • ISO 9001 document template: Procedure for Management Review - https://advisera.com/9001academy/documentation/procedure-management-review/
      • Enroll for free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
      • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
         

    • ISO 9001 Benefits, scope and main requirements

      which ISO should the best we apply for? 

      Answer:

      Does your organization want to use certification as a marketing tool? To whom does your organization want to influence? Consumers? Distribution companies? Other bottlers that may want to outsource their production to your organization? Check which ISO standard is more valued by each interested party: 9001; 14001 or 22000.

      What is the best benefit and scope of ISO 9001?

      Answer:

      About the scope, as you can see in this free webinar on demand - ISO 9001:2015 clause 4 - Context of the organization, interested parties, and scope - https://advisera.com/9001academy/webinar/iso-90012015-clause-4-context-of-the-organization-interested-parties-and-scope-free-webinar-on-demand/ - it is a management decision, not a technical decision. The webinar explains some if the nuances behind different scopes. About the benefits, please check in this article - Six Key Benefits of ISO 9001 Implementation -https://advisera.com/9001academy/knowledgebase/six-key-benefits-of-iso-9001-implementation/ - which benefits are more valuable for your organization considering its particular situation and context.

      What are the main requirements of ISO 9001?

      Please check this article - ISO 9001 Requirements and Structure - https://advisera.com/9001academy/knowledgebase/iso-9001-requirements-and-structure/

      You can find more information below:

      • What are the benefits of ISO 9001 for your employees? - https://advisera.com/9001academy/blog/2016/06/14/what-are-the-benefits-of-iso-9001-for-your-employees/
      • How to budget an ISO 9001 implementation project - https://info.advisera.com/9001academy/free-download/how-to-budget-an-iso-9001-implementation-project?utm_source=script-for-iso-9001-lead-implementer-course&utm_medium=downloaded-content&utm_content=lang-en&utm_campaign=free-downloads-9001
      • Free webinar on demand - Overview of ISO 9001 implementation steps - https://advisera.com/9001academy/webinar/overview-of-iso-9001-implementation-steps-free-webinar-on-demand/
      • Free online training ISO 9001:2015 Foundations Course – https://advisera.com/training/iso-9001-foundations-course/
      • Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/
         

    • Equipment calibration certificate/test report

      You asked

      according to iso 17025:2017, who in the laboratory is responsible for: 1- reviewing equipment calibration certificates?

      I assume you are referring to a testing not calibration laboratory, meaning that “reviewing equipment calibration certificates” refers to review of calibration certificates supplied to you by an accredited calibration laboratory.

      The person responsible for the performance of test methods influenced by the calibrated apparatus is responsible, or alternatively the technical or laboratory manager. All personnel using the calibrated apparatus should however understand the certificate and know how the result outcome (performance) could impact on the validity of the performed test methods. The review of the certificate should ensure a) the supplier is / was competent,  b) the required metrological traceability is evident (traceable to International standards),  c) the necessary uncertainty and performance parameters are reported suitably to make an objective decision on the performance and risks and d) the specification and measured performance is acceptable to use the apparatus for the purpose intended.

      You also asked

      according to iso 17025:2017, who in the laboratory is responsible for: 2- signing of test report?"

      Typically an appointed and competent “signatory” is assessed by the laboratory’s accreditation body and they take responsibility for the technical validity of results. Often the laboratory manager will co-sign a test report, taking overall responsibility for the approval of a report to go to a customer. The laboratory’ s quality assurance process should specify this, meaning what objective checks and responsibility does a “signature” indicate. A laboratory should also document responsibility for confirming the validity of the results after evaluating control parameters such as internal and external quality control monitoring and data transcription (integrity). Who this is, will depend on the organisational structure.

      The following Academy ISO 17025 document template: Testing Report Procedure may be of interest, available at https://advisera.com/17025academy/documentation/testing-report-procedure/ It outlines the requirements for writing test reports, to meet the requirements of ISO/IEC 17025:2017 for reporting test results.