ISO 13485 QUALITY MANAGEMENT SYSTEMS FOR MEDICAL DEVICES
Our simple approach to ISO 13485 compliance:
Are you interested in becoming ISO 13485 certified?
ISO 13485 is the recognised standard for quality management in medical device design, manufacture and distribution. Becoming ISO 13485 certified is a significant accolade and can open doors to new business opportunities. Many organisations have heard of the ISO 13485 standard but still only a minority have actually achieved approval. Would you like to add UKAS accredited ISO 13485 certification to your business credentials? This page is all about about the ISO process, including ISO 13485 audits and ISO 13485 consultancy. For help with ISO 13485 or to speak with an ISO 13485 consultant, use the enquiry button at the bottom of the page.
What is ISO 13485 and why is it important?
ISO 13485 is an internationally recognised standard for the design, development and implementation of a quality management system (QMS). It can be applied to any type or size of organization in the medical device sector. Its clauses define the baseline requirements for a QMS in functional terms, i.e. it describes what you need to control without telling you how to run your business. The importance of ISO 13485 derives from its universal recognition as a badge of commitment to quality and patient safety, coupled with a declared intent to maintain medical device safety and performance. Of all the quality programmes available, ISO 13485 is the most suitable for SMEs entering the medical technology sector as designer, manufacturer or elsewhere in the supply chain.
Already certified but need to simplify or modernise?
If you are one of those more mature businesses for whom ISO 13485 has long been a fact of life, we invite you to consider if your current quality management system has evolved with your business and taken advantage of the changes in the ISO 13485 standard that allow a more integrated approach. QFactorial is adept at modernising and simplifying legacy quality management systems to meet the changing needs of organizations as their business context evolves and stakeholders, regulators and other interested parties become more demanding.
Benefits of ISO 13485, quality management systems and certification
Most business leaders answer this in terms of customer and market demand. “I need ISO 13485 to prequalify for a tender process” or “In this market we are up against competitors who already have ISO 13485, and this seems to give them an edge.” Even if neither are true, you may have an opportunity to get ahead of the competition by being the first to be awarded an ISO 13485 certificate. But the certificate is only half the story. The real value is in having a quality management system that brings control, compliance, governance, assurance and continual improvement to the way you design, manufacture and manage your supply chain. With or without certification, ISO 13485 is a great starting point for developing a mature QMS to support your business strategy and objectives.
Key features and requirements of the ISO 13485 standard
ISO 13485 is partially aligned with ISO 9001. This means that the basic structure and overarching management controls are the same, so you can integrate your ISO 13485 solution with your ISO 9001 solution. There are of course some specific technical additions focused on patient safety, however the overlaps in management areas are worth exploiting to minimise the administrative burden. Some of the key features of ISO 13485 are more detailed and onerous than ISO 9001, including: management commitment, infrastructure, work environment, design controls, purchasing controls, production controls, contamination and sterilisation controls, validation and verification, identification and traceability, medical device file, regulatory compliance and reporting, risk management, nonconformance control, management of change, monitoring and measurement, and corrective and preventive action (CAPA).
Certification and accreditation
The first thing you need to know about certification and accreditation is that ISO certificates are not all created equal. The world is not a perfect place and there are good and bad ISO certificates. The bad ones are those that cost a few pounds/dollars and require virtually no work to gain and retain. Obviously, these have no real value and carry the risk of embarrassment or loss of a contract if anyone checks the credentials of the “certification body”. To avoid this minefield, make sure you get a UKAS-accredited certificate. The UKAS accreditation mark is an important indicator of the validity of any ISO 13485 certificate issued in the UK. It demonstrates that the certification body awarding the certificate is approved (accredited) by UKAS to carry out audits and issue certificates. Other international accreditations may be valid by multi-national agreement, but only UKAS has this authority granted directly by the UK Government.
Choosing an ISO 13485 consultant
There are many good reasons for partnering with an experienced and knowledgeable consultant when implementing ISO 13485. The first is that it is very easy to over-egg the ISO pudding if you try to implement the standard clause by clause instead of using a risk-based approach. You must also avoid consultants who clone solutions from templates or impose standard documentation that doesn’t look or feel like the way you want the business to run. A good consultant will translate and interpret the jargon of ISO 13485 into business language in the most cost-effective and pragmatic way for your business. A good consultant will give you the tools to make your QMS work and show you how to use them. Finally, a good consultant will challenge you during internal audits and be your advocate in external audits.
Choosing an ISO 13485 auditor (certification body)
An important task for any ISO consultant is to advise you on the selection and appointment of a suitable UKAS-accredited certification body. This should be done with due diligence, just like any other critical purchase. One of the founding fathers of quality management, W Edwards Deming, said we should end the practice of awarding business on price alone. This rule should apply equally when selecting auditors – and indeed consultants! Other factors include sector experience, resource availability, peer recognition, geographical coverage and scope of accreditation.
Working with your ISO 13485 consultant - the QFactorial approach
At QFactorial we have a very simple approach to ISO projects, regardless of the size or type of client, the maturity of your QMS or the complexity of your systems and processes. We use our unique Q!Diagnostic method to generate a detailed and specific Quality Roadmap. We start by carrying out a gap assessment from which we create an action plan. During this process we gather information to write your quality manual and lead you through the ISO certification project in the most pragmatic way. This work will feed into the next phase: the collaborative design, development and implementation of your new or revised quality management system (QMS). If you are looking for an experienced ISO13485 consultant in Basingstoke, Hampshire, London, the South of England or UK generally, look no further than QFactorial.
Stage 1 ISO certification – passing the desktop audit
All certification bodies follow a two-stage model, starting with the Stage 1 documentation audit. This is often known as a desktop audit as it mainly consists of the auditor visiting your premises to read and review the documents that describe and demonstrate your policies, objectives, metrics (KPIs), processes, procedures, instructions, plans, decisions, check points and other QMS controls. The general approach during the ISO 13485 Stage 1 audit is “explain how you have implemented each element of the standard and where you have documented it in your QMS”. Questions will be asked at this stage, but detailed investigation and evidence of the QMS in action is reserved for Stage 2.
Stage 2 ISO certification – passing the physical audit
Having established the theoretical compliance of the QMS with ISO 13485 during the Stage 1 audit, Stage 2 is more about checking that the QMS is fully and consistently implemented in practice. Typically, this will involve interviews with members of your team at all levels of the organisation, sampling from a range of processes and functions. The general approach during the ISO 13485 Stage 2 audit is “tell me how this works, take me to where it happens, introduce me to the people, show me the evidence”.
Remote ISO consultancy and remote audit under Covid-19 restrictions
During the coronavirus pandemic the ISO audit process has moved online with both stages taking place via MS Teams, Zoom or other video conferencing tools. These have become widely known as remote audits and are considered just as valid as the site visits previously undertaken. Now that remote auditing has been proven to work, it is expected to remain as part of the audit toolbox, especially for Stage 1 and perhaps Stage 2 where there is only office activity and no production, construction or service delivery to be witnessed.
To learn more about gaining ISO 13485 certification or upgrading your quality management system, simply click the enquiry button and a QFactorial consultant will contact you to discuss your specific needs.
Speak with a Qfactorial expert