To get a FREE consultation, email info@orielstat.com or call 800.472.6477 Impacts and Opportunities Presented by the Major Changes in ISO 13485:2016 1. The clause structure of the new ISO 13485:2016 standard is not aligned with the clause structure of ISO 9001:2015. Impact and Opportunity: Organizations holding certifications to both standards should assume that future certification audits will require more time to complete, as the auditors will be working with different standard structures. Internal audits will also take more to time to conduct. The new standard will eliminate the use of italicized text to indicate changes in relation to ISO 9001. Organizations can find the correspondence between ISO 13485:2016 and ISO 9001:2015 in Annex B (informative) of ISO 13485:2016. e Revised ISO 13485:2016 Has Been Published MARKET UPDATE: FEBRUARY 25, 2016 The good news is that organizations do not have to align their documentation to the clause structure of either standard. This freedom offers an opportunity to take a step back and design a quality system that reflects your organization’s business processes and complies with requirements. 2. The new standard addresses risk from a broader perspective across multiple clauses. The current standard addresses risk only in Clause 7 (Product Realization). Impact and Opportunity: Clause 4.1 – General Requirements still functions as the anchor clause of the standard. It requires the organization to “apply a risk-based approach to the control of the appropriate processes needed for the quality management system.” In the areas of monitoring and measurement, under Clause 8.2.1 – Feedback, the standard anticipates that the feedback process will generate input for risk management. Effective risk management demands the involvement of senior management. The new risk requirements present an opportunity to encourage top management to take an active role in managing the QMS and aligning it with business strategy. 3. There are significant new requirements related to supplier management, an area of great concern to global regulators. Impact and Opportunity: The new standard clearly states that the organization retains responsibility for conformity. It includes more explicit requirements related to the criteria for evaluation and selection of suppliers. These criteria must consider elements such as the supplier’s ability to provide products that meet requirements, supplier performance, the impact of the supplied product on the quality of the medical device, and associated risks. Organizations have an opportunity to establish more robust supplier agreements that reflect underlying risk. The new requirements provide the needed push to reexamine supplier criteria, selection, and management. ISO 13485 is evolving to keep up with the changes in the medical device industry. First released in 2003, a revised ISO 13485 was published on February 25, 2016. The revised standard comes with a large number of new requirements that better align it with FDA’s 21 CFR 820. Your ability to recognize these changes and take appropriate, timely action will help you successfully comply with regulatory requirements (especially in the US).
Transcript
To get a FREE consultation, email [email protected] or call 800.472.6477
Impacts and Opportunities Presented by the Major Changes in ISO 13485:20161. The clause structure of the new ISO 13485:2016 standard is
not aligned with the clause structure of ISO 9001:2015.
Impact and Opportunity: Organizations holding certifications to both standards should assume that future certification audits will require more time to complete, as the auditors will be working with different standard structures. Internal audits will also take more to time to conduct. The new standard will eliminate the use of italicized text to indicate changes in relation to ISO 9001. Organizations can find the correspondence between ISO 13485:2016 and ISO 9001:2015 in Annex B (informative) of ISO 13485:2016.
The Revised ISO 13485:2016 Has Been Published
MARKET UPDATE: FEBRUARY 25, 2016
The good news is that organizations do not have to align their documentation to the clause structure of either standard. This freedom offers an opportunity to take a step back and design a quality system that reflects your organization’s business processes and complies with requirements.
2. The new standard addresses risk from a broader perspective across multiple clauses. The current standard addresses risk only in Clause 7 (Product Realization).
Impact and Opportunity: Clause 4.1 – General Requirements still functions as the anchor clause of the standard. It requires the organization to “apply a risk-based approach to the control of the appropriate processes needed for the quality management system.” In the areas of monitoring and measurement, under Clause 8.2.1 – Feedback, the standard anticipates that the feedback process will generate input for risk management.
Effective risk management demands the involvement of senior management. The new risk requirements present an opportunity to encourage top management to take an active role in managing the QMS and aligning it with business strategy.
3. There are significant new requirements related to supplier management, an area of great concern to global regulators.
Impact and Opportunity: The new standard clearly states that the organization retains responsibility for conformity. It includes more explicit requirements related to the criteria for evaluation and selection of suppliers. These criteria must consider elements such as the supplier’s ability to provide products that meet requirements, supplier performance, the impact of the supplied product on the quality of the medical device, and associated risks.
Organizations have an opportunity to establish more robust supplier agreements that reflect underlying risk. The new requirements provide the needed push to reexamine supplier criteria, selection, and management.
ISO 13485 is evolving to keep up with the changes in the medical device industry. First released in 2003, a revised ISO 13485 was published on February 25, 2016. The revised standard comes with a large number of new requirements that better align it with FDA’s 21 CFR 820.
Your ability to recognize these changes and take appropriate, timely action will help you successfully comply with regulatory requirements (especially in the US).
To get a FREE consultation, email [email protected] or call 800.472.6477
4. The new standard raises the bar in the areas of design verification and design validation.
Impact and Opportunity: Clauses 7.3.6 (Design Verification) and 7.3.7 (Design Validation) include new requirements for verification and validation plans. These plans need to include the methodology, acceptance criteria, and – as appropriate – statistical techniques with the rationale for the sample size. In addition, the new standard has explicit requirements for medical devices that connect to or interface with other medical devices.
These changes present an opportunity for organizations to improve their design and development processes and consider the role of statistical techniques.
5. There are additional requirements related to software validation.
Impact and Opportunity: The anchor clause, 4.1 – General Requirements, requires organizations to document procedures for the validation of computer software used in their quality systems. Organizations must validate the software before use and, as appropriate, after making any changes to it or its application.
The use of software in medical device manufacturing is growing, and it impacts the full life cycle of development. These software validation requirements provide an opportunity for organizations to ensure that their design and development processes support this increased usage.
6. There are expanded feedback expectations with more prescriptive requirements for complaint handling and reporting to regulatory authorities.
Impact and Opportunity: The new standard expands the clause related to Monitoring and Measurement (Clause 8.2), adding two subclauses. Clause 8.2.2 for Complaint Handling requires documented procedures for the timely handling of complaints. Organizations must also define the responsibilities for related activities, including receiving, evaluating, investigating, and determining reporting needs. Clause 8.2.3 requires documented procedures for contacting the appropriate authorities when such notification is required.
Organizations need to reexamine their existing complaint-handling processes against the new requirements. This assessment presents an opportunity to improve existing
processes and clearly define responsibilities. Due to the number of functions involved in complaint handling, organizations can include more employees in this effort, thus increasing employee ownership of the processes.
TIMELINES
The current timelines for updating ISO 13485 certifications are:
Organizations with certifications to ISO 9001:2008 and ISO 13485:2003
Up to three years to upgrade to ISO 9001:2015 * and ISO 13485:2016
Organizations certified to ISO 13485 only
By 2019
* To learn more about ISO 9001:2015, see our Market Update “Understanding the New Requirements of ISO 9001:2015 – Changes and Opportunities for Your Organization.”
SUGGESTED NEXT STEPS
Prepare your team.In our new course Transition to ISO 13485:2016 you can review the revised standard and assess its impact in an engaging environment with your industry peers.
Conduct a baseline assessment.Your organization needs to examine its current ISO 13485 QMS and identify the gaps. We will provide an objective assessment and deliver a formal report that documents what you need to do to attain compliance to the revised standard.
Implement needed changes.Get help updating and improving your QMS to meet the new requirements.
Questions or concerns about preparing for the revised standard? You don’t have to make the transition alone. Oriel STAT A MATRIX offers a full range of training courses and consulting services that cover the major areas of focus in the revised standard, including risk management, supplier management, supply chain audits, gap assessments, and quality system documentation development.
Visit www.orielstat.com to learn more about how we support medical device manufacturers.
