I have been blogging about ISO9001 over the past couple of weeks, where does ISO13485 fit?
ISO13485 is the standard for medical manufacturers. It extends ISO9001 to an extreme. It requires all of the procedures identified in ISO9001, and then adds more. If you are not sure if you need a procedure written for some activity, then it should be written.
Both ISO9001 and ISO13485 require a quality management system [a quality document]. Companies need to have a procedure in place for maintaining [updating] their quality document.
During an audit, you must be able to show the auditor your quality manual. You must be able to show them your procedure for maintaining your quality document. You must be able to prove that the procedure is being followed. You must be able to show approvals [signatures].
You are likely to have quality steps in many of your procedures – those will be called out in your quality manual.
During an audit, you must be able to show the auditor all of your procedures and you must be able to show that your procedures are being followed. You must be able to show the auditor any documents that they might wish to see.
New to ISO9001 but not new to ISO13485 is risk management. Not only should you have a procedure for risk management, many of your existing processes should require a risk analysis step.
Whether your company is a medical manufacturer or just a manufacturer, risk management activities will pay for themselves in the long haul. It should help you make some ‘right’ choices as well as keep you out of court.
You can be compliant without using software, but your audits will be time consuming and disruptive. Software can mitigate that. Companies have several software choices including PLM software. At a minimum, managing ISO13485 requires that your software includes features that will provide document management and business process management.
Contact me if you would like some help…