Preparing for Unannounced Inspections from Notified Bodies



Similar documents
Frequently Asked Questions. Unannounced audits for manufacturers of CE-marked medical devices. 720 DM a Rev /10/02

ISO 9001 (2000) QUALITY MANAGEMENT SYSTEM ASSESSMENT REPORT SUPPLIER/ SUBCONTRACTOR

ISO 9001:2000 Gap Analysis Checklist

DNV GL Assessment Checklist ISO 9001:2015

ISO 9001:2000 AUDIT CHECKLIST

Medical Devices. Notified Bodies and the CE certification Process for Medical Devices. European Surgical Robotics Demonstration Day

ISO 13485:201x What is in the new standard?

Want to know more about the Notified Body?

CHECKLIST OF COMPLIANCE WITH THE CIPFA CODE OF PRACTICE FOR INTERNAL AUDIT

Quality Thinking in other Industries. Dominic Parry Inspired Pharma Training. WEB GMP BLOG inspiredpharmablog.

Internal Quality Management System Audit Checklist (ISO9001:2015) Q# ISO 9001:2015 Clause Audit Question Audit Evidence 4 Context of the Organization

QUALITY MANUAL ISO 9001:2015

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

DIRECTIVE 2014/32/EU OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

FINAL DOCUMENT. Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device Manufacturers Part 1: General Requirements

ISO 9001:2008 Quality Management System Requirements (Third Revision)

Update: Proposed Medical Device Regulation (MDR) & IVD Regulation (IVDR)

Row Manufacturing Inc. Quality Manual ISO 9001:2008

Total Product Lifecycle Solutions from NSF Health Sciences Medical Devices

Medical Device Training Program 2015

ISO 9001 : 2008 QUALITY MANAGEMENT SYSTEM AUDIT CHECK LIST INTRODUCTION

R000. Revision Summary Revision Number Date Description of Revisions R000 Feb. 18, 2011 Initial issue of the document.

CP14 ISSUE 5 DATED 1 st OCTOBER 2015 BINDT Audit Procedure Conformity Assessment and Certification/Verification of Management Systems

ISO-9001:2000 Quality Management Systems

AUDITOR GUIDELINES. Responsibilities Supporting Inputs. Receive AAA, Sign and return to IMS with audit report. Document Review required?

ISO 9001:2015 Internal Audit Checklist

UTZ Certified Certification Protocol

QUALITY MANAGEMENT SYSTEM REQUIREMENTS General Requirements. Documentation Requirements. General. Quality Manual. Control of Documents

ISO 9001 Quality Systems Manual

TGA key performance indicators and reporting measures

ISO :2005 Requirements Summary

BLOOM AND WAKE (ELECTRICAL CONTRACTORS) LIMITED QUALITY ASSURANCE MANUAL

Guidance Notes for Applicants of the Certificate for Clinical Trial on Medical Device

Micro Plastics, Inc. Quality Manual

Quality Management System Manual

Implementation of a Quality Management System for Aeronautical Information Services -1-

PUBLICATIONS. Introduction

COMMISSION OF THE EUROPEAN COMMUNITIES REPORT FROM THE COMMISSION ON MONITORING THE APPLICATION OF COMMUNITY LAW (2003) OVERALL POSITION

Guideline on good pharmacovigilance practices (GVP)

Title:: Effective GMP AUDITS for APIs and Formulation Pharma Companies By G.Sundar-Director/Consultant PharmQA Compliance solutions

Quality Management System Manual ISO9001:2008

Quality Management System Manual

3 Terms and definitions 3.5 client organization whose management system is being audited for certification purposes

UNDERSTANDING THE EC DIRECTIVE 98/79/EC ON IN VITRO DIAGNOSTIC MEDICAL DEVICES

ISO 9001: A Quality Manual for the Transition Period and Beyond

COMPANY NAME. Environmental Management System Manual

Vigilant Security Services UK Ltd Quality Manual

BSI Unannounced Audits

Guideline on good pharmacovigilance practices (GVP)

ISO 9001: 2008 Boosting quality to differentiate yourself from the competition. xxxx November 2008

Stakeholder Meeting, 7 th June 2013 An inspector s perspective considerations for patient support and reimbursement programmes

Safeguarding public health The Regulation of Software as a Medical Device

The right people. The right solution. The first time.

AS9100:2016 Transition Guide

ISO 9001:2008 Audit Checklist

Client information note Assessment process Management systems service outline

GUIDELINES ON MEDICAL DEVICES

ISO 9001:2008 Requirements Explained - An Adobe PDF File for Use on a Network System

Copyright, Language, and Version Notice The official language of this [Certification Protocol] is English. The current version of the [Certification

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

QUALITY MANUAL 3 KENDRICK ROAD WAREHAM, MA FAX

GUIDE TO IMPLEMENTING A REGULATORY FOOD SAFETY AUDITOR SYSTEM

Auditing Process-based Quality Management Systems. Charlie Cianfrani and Jack West

Operations. Group Standard. Business Operations process forms the core of all our business activities

Statistics on E-commerce and Information and Communication Technology Activity

ISO/TS 16949:2002 Guidance Document

Abu Dhabi EHSMS Regulatory Framework (AD EHSMS RF)

Network Certification Body

TOTAL QUALITY MANAGEMENT II QUALITY AUDIT

Internal Audit Manual

European Forum for Good Clinical Practice Audit Working Party

GUIDELINE NO. 22 REGULATORY AUDITS OF ENERGY BUSINESSES

Quality Manual. UK Wide Security Solutions Ltd. 1 QM-001 Quality Manual Issue 1. January 1, 2011

Certification Process Requirements

This interpretation of the revised Annex

ABSTRACT. The Guidelines Section F is related to the Purchasing requirements of NSQ100 (Chapter 7.4). Summary

MSC Group Chain of Custody (CoC) Guidance for Non-Reduced Risk Groups

New changes to cleanroom & clean air device classifications: ISO & 2

OUTSOURCING STRATEGIES & RISKS FROM AN ISO PERSPECTIVE. Amera-Veritas. Amera-Veritas. Experts in in Quality, Safety & Supply Chain Assurance

APPENDIX: CHECKLIST COMPLIANCE WITH THE CODE

ISO 9001:2008 STANDARD OPERATING PROCEDURES MANUAL

New Guidelines on Good Distribution Practice of Medicinal Products for Human Use (2013/C 68/01)

ICH guideline Q10 on pharmaceutical quality system

ISO/IEC 27001:2013 Your implementation guide

Quality Manual ISO 9001:2015 Quality Management System

Jonathan Wilson. Sector Manager (Health & Safety)

1

Care service inspection report

Certification Procedure of RSPO Supply Chain Audit

NORTH AMERICA OPERATIONS. (Fairmont and Montreal Facilities) QUALITY MANUAL. Prepared to comply with the requirements of ISO 9001:2008

QUALITY MANUAL ISO Quality Management System

BSI Road Show: September 8 th to 15 th, 2014

13 ENVIRONMENTAL AND SOCIAL MANAGEMENT SYSTEM

CENTRIS CONSULTING. Quality Control Manual

IS INTERNATIONAL STANDARD. -Nag. Guidelines for environmental auditing - Audit procedures - Auditing of environmental management systems

The Application and Inspection Process What to Expect

Auditing Health and Safety Management Systems. 4th Edition

Approaching the Response to Audit Observations

Transcription:

Preparing for Unannounced Inspections from Notified Bodies Europe has introduced further measures for unannounced audits of manufacturers by notified bodies. With this in mind, James Pink, VP Europe-Health Sciences Medical Devices at NSF International, provides a little help to prepare for them. Background There are two important documents that are concerned with unannounced inspections: European Commission (EC) recommendation of September 24, 2013 concerning unannounced audits by notified bodies in the field of medical devices Team NB's Code of Conduct for Notified Bodies version 3.0 October 2012, Pages 21-23 Unannounced inspections are already being undertaken by notified bodies and competent authorities are preparing for them to become mainstream by early 2014. Consider the following steps to ensure that you are prepared for EU notified body unannounced inspections. Step 1: Be prepared Establish and review the sources of information for unannounced inspections; in particular, ensure you create links with other companies in the area with the same notified body and products. Review your contract with your notified body and ensure you identify when you are manufacturing product. Communicate this through your organization and to your notified body. Step 2: Plan for unannounced audits Undertake formal business continuity planning activities to ensure you consider worst-case scenarios and develop procedures that can be used later for drills, exercises and simulations. These procedures can then serve as the basis of your business continuity strategy.

Step 3: Undertake your own mock unannounced audits There is nothing better than actually undertaking mock audits. Utilize NSF Health Sciences expert audit team to help kick off unannounced inspections so you can learn lessons from the best in the business and refine your contingency procedures. Step 4: Implement procedures for unannounced inspections It is imperative that you have procedures that inform and train all personnel involved in unannounced inspections so that they can implement them as soon as an unannounced inspection occurs. Do not forget that this also needs to extend to your supply chain! Step 5: Raise awareness and train your people and suppliers for managing inspections Practice makes perfect. Simulation, exercises, drills, scenarios whatever you call them, there is nothing better than training your people and suppliers so that you can use assessment methods to understand whether they are able to contingency plan, apply unannounced audit procedures and, more importantly, effectively respond to notified body requests during the audit. Do not underestimate the importance of having competent and confident people on hand during the audit. Step 6: Maintain compliance to the EU medical device directives Are your devices classified correctly? Do your declarations of conformity actually cover every medical device? Is your technical file updated with the appropriate information so that it shows you are on top of things? If not, you need to ensure that you have a technical file review, a risk management review and post-market surveillance summaries that are current and responding to your data. Consider the scenario of a notified body suspecting that your device is not in accordance with the medical device directive s essential requirements How do you prove it is, do you have the evidence and do you have access to the relevant tests and information? Step 7: Use the team for support Whether regulatory strategy, regulatory science, quality assurance, training, auditing or testing, we can help you. We are only a phone call away. Each of these steps is addressed in more detail below. Step 1: Be Prepared! It s going to happen Get used to it! Predicting when the inspection will occur

The minimum frequency for an unannounced inspection is once in a three-year cycle and potentially more frequently for Class III products. If your company or supplier has introduced cause for concern with a European competent authority or your notified body, you will receive an unannounced inspection regardless of the recommended frequencies. Competent authorities are expecting a relatively quick implementation of this requirement. For example, the Medicines and Healthcare Products Regulatory Agency (MHRA) has agreed to a six-month implementation period (by March 2014) and the Netherlands prefers a timeframe yet in 2013. In order to execute unannounced inspections within a framework of limited financial resources, the notified body will probably look to group audits based on the audit team competence and the location where the unannounced audit is going to take place. Hence, striking up a relationship with a competitor in the area with the same notified body may enable you to share information and get a head s up when the inspectors come knocking. Predicting the focus of the inspection An assortment of intelligence will begin to be generated reasonably early in the process, including the case studies of where unannounced inspection has worked (with respect to safeguarding public health) and the counter intelligence surrounding what the notified body auditors are actually looking for and at. In order to stay ahead of the game, we suggest you look at various communication forums, professional groups and your own notified body communications to keep abreast of what is happening. Important communities to be involved in include: LinkedIn group on notified body unannounced inspections o http://www.linkedin.com/groups?viewmembers=&gid=6546505&sik=13 83578005051 Eucomed newsletters o http://www.eucomed.com/media-centre/newsletters Team NB website o http://www.team-nb.org/ Competent authority websites o http://ec.europa.eu/health/medical-devices/files/list-of-contactpoints-within-the-national_en.pdf Keep checking in at www.nsf.org (Medical Devices) too as we are committed to gathering and maintaining intelligence with respect to unannounced inspections. Ensuring the correct agreements are in place

You should establish that your supplier agreements and internal quality agreements will allow for unannounced audits. Step 2: Plan for the unannounced inspection Murphy s law If it can go wrong, it will! In the context of unannounced inspections, you need to prepare for the most inconvenient situations and timing as they will be a disruption to your normal business operations. Consider business continuity planning so that you can prepare for the likely situations that you may encounter during an unannounced inspection and then create formal procedures that consider appropriate contingencies such as: Who will manage the inspection from the manufacturer s side (even at a subcontractor location)? Who will access critical IT and information systems if people who usually have access are not available? How will we know if a critical supplier is having an unannounced inspection, but on behalf of another customer? What if the inspection occurs during the only week that every manager is out? It may be helpful to take a look at business continuity principles to help you formulate your plan so that you consider all of the things that are not at the forefront of your mind when trying to deal with these situations. Use business continuity principles (Take a look at ISO22301:2012) The most basic principles around business continuity include: Undertaking a business impact analysis Establishing a risk analysis considering people, infrastructure, technology, resources and of course the items required to be reviewed by the notified bodies in question. (See pages 21-23 of the Team NB Code of Conduct) Preparing business continuity strategies (for you, your manufacturing locations and your subcontractors/suppliers) Preparing an emergency response (What happens after the knock on the door at head office, an authorized representative or remote facility or critical supplier location?) Implementing business continuity plans (lining up the interim management team) and assigning responsibilities Conducting awareness and training programs Simulating and auditing plans and actions so the organization knows how to execute them

Preparation with your NB including updating your contract The EC recommendation calls upon your notified body to contact you to update your contract if necessary to allow for unannounced audits, including your critical subcontractors. This includes the provision that the manufacturer should continuously inform the NB of periods when manufacturing will not be taking place. The above contact is an excellent opportunity to find out more about your NB s intentions for implementing this Commission recommendation. There has been much discussion about the practicalities of the NB obtaining visas to visit countries where a sponsor invitation is necessary, but this problem is nowhere near resolved. Step 3: Prepare through mock audits Understanding the basic vulnerabilities in staging unannounced visits A suggested way to prepare for unannounced inspection is to begin your own series of unannounced inspections in-company and at your critical suppliers with a minimum of two people. A useful audit checklist has been developed in Team NB's Code of Conduct for Notified Bodies on pages 21-23. It is important that you create your own internal audit strategies to mock audit the suggested focus in the code of conduct and ensure you update your annual audit agenda to make provisions for internal unannounced audits. The Commission recommendation says that the NB should check a recently produced adequate sample, preferably taken from the ongoing manufacturing process for conformity. This will involve scrutiny of...all the relevant technical documentation including previous test protocols and results. (One wonders how the NB will manage to complete all this, together with all the items below, during a two or four person-day audit!) It is also clear that the audit should include the following: Product assessment (Annex I) o Appropriate qualification as a medical device, in particular whether a proper medical purpose has been assigned o Appropriate classification and consultation with relevant bodies (for instance, the European Medicines Agency) o Appropriate product coverage on the CE certificates linking to unequivocal identification of all devices and variants including linkage to the declarations of conformity o Evidence of compliance with the essential requirements o Appropriate Design, Manufacturing and Packaging specification

o o o Appropriate Risk Management file (up to date and in line with all postmarket surveillance, post-market clinical follow-up and complaints data) Risk controls/safety principles compatible with the state of the art as defined in current product standards and/or by other similar products currently on the market Up-to-date clinical evaluation responding to post-market surveillance data and post-market clinical follow-up or in the case of IVDs, a corresponding up-to-date performance evaluation report Quality system assessment o Risk-based approach to each device s critical subcontractors and crucial suppliers o Outline of the tests that may be required to demonstrate that the product conforms to its specification (as this is likely to be requested by the notified body if it suspects any deficiency in the quality system) o Quality manual and procedures that are relevant and applicable to the device under consideration o An organizational structure that can sustain a safe medical device o A management team and personnel qualified to conduct their activities o An internal audit program capable of monitoring the effectiveness of the QMS o A critical subcontractor and crucial supplier monitoring program capable of controlling product safety o Appropriate metrological traceability, particularly associated with reference standards or other measurement confirmation systems where accuracy and precision are essential to device performance o Sound change control procedures, consistent with the design and development procedure o Material specification development, purchasing and goods inwards verification as well as the controls applied to consolidate materials received with manufactured product o Control of the environment to produce a safe medical device o Application of suitable methods for validation, batch identification, sterilization, product quality control and batch release o Systematic review of complaints and post-market surveillance data and effective corrective action and change control o Proper implementation of the procedures for clinical evaluation and its update via post-market surveillance; for IVDs, correct execution of working procedures for performance evaluation including traceability to appropriate reference materials

Step 4: Implement procedures for managing aspects of the unannounced inspection Developing and implementing basic procedures will help companies manage various aspects of unannounced inspections. When developing these procedures, think about the unannounced inspection lifecycle: What happens upon announcement and arrival of the NB audit team Who will cover the product design aspects Who will cover the regulatory/technical documentation Who will cover the supplier control aspects Who will cover the QMS aspects Who will cover the manufacturing and release aspects Who will cover the product surveillance and vigilance aspects How the auditees will work and communicate Who the auditees will work with each other and the auditing body How the audit will be documented by the internal organization The work instructions for dealing with NB audit scenarios Step 5: Raise awareness through in-company training You will need to ensure that you have appropriate people who can manage the unannounced inspection. They need to be prepared and ready to act across your internal organization and your supply chain. As a result, you will need to provide timely communication in several phases: Straight away right now, as soon as you read this o Consider a simple awareness program for all personnel likely to be involved in an unannounced inspection. This way they can begin to discuss their contingencies and draw up a resource plan. Upon completion of your continuity strategy o Train your core teams and the people who are now responsible for initiating contingency plans. Get them aware of the software, information resources and the sequence and interactions so that they can respond with confidence to a notified body auditor enquiry without unnecessary delay. o Work with your supply chain (particularly those identified through product risk management) to implement a robust strategy for unannounced inspections where the supplier is likely to be involved. (This needs to be considered if the subcontractor or supplier is considered critical to other medical device companies too.) Step 6: Stay compliant with the EU medical device directives

Warning! This step makes a very basic assumption that you already comply with the European medical devices directives. Prior to implementing any of these recommendations, you should ensure that the following processes are working well, continually updating and responding: Classification and conformity assessment Risk management Design control Change control Clinical evaluation Process control Supplier control Product surveillance Post-market surveillance and vigilance Organizational structures and personnel competencies Step 7: If you are still concerned, talk to the experts NSF Health Sciences is committed to helping you deal with unannounced audits as easily as possible. Through the following services, we can support you: White papers o We are committed to producing white papers throughout 2014 that deal with all aspects of European notified body unannounced audits. Study days o We will be holding a regulatory study day that discusses, among other things, the practical aspects for manufacturers dealing with unannounced inspections. Regulatory strategy o Our people have the necessary expertise to help you ensure that your devices are appropriately classified and subjected to the appropriate regulatory requirements. Regulatory science o If you require an up-to-date risk management, biological evaluation, product testing strategy, clinical evaluation or other help demonstrating your product fulfils the essential requirements of the medical devices directives, we have a team of European renowned experts on hand to help in any capacity you require. Quality systems/remediation o Our people understand what it takes to build effective quality management systems and to ensure that those systems operate in the most optimum way and to the varying regulatory inputs that modern medical device regulatory frameworks demand. We are able to help you implement quality system improvements, class-leading processes

for change control, design control, process control, corrective and preventive action as well as help you manage any remediation activities resulting from EU notified body or competent authority action. Auditing o Our auditors have worked for over 15 years each in the world s leading European medical device notified bodies. Our mock unannounced inspections accurately test your systems and provide honest and reliable feedback about the capability of your organization and its supply chain to withstand unannounced inspections. We provide: Technical file reviews Product quality and test method reviews Risk management Supply chain management Full unannounced audits undertaken globally Training o We run a series of courses that can be delivered at your company locations most likely to receive unannounced audits: Developing a business continuity plan for unannounced audits Preparing for unannounced audits Planning and conducting mock unannounced audits Qualified Person program o NSF Health Sciences has a class-leading program of education for today s quality and regulatory affairs professionals. If you want to prove your competence, enroll in our flexible post-graduate quality and regulatory modules: Module 1 EU Regulatory Frameworks Module 2 EU Medical Device Design and Risk Management Module 3 Clinical Evaluation for Medical Devices Module 4 Developing and Maintaining Technical Documentation Module 5 Quality Management Systems for Medical Devices Module 6 Post-Market Surveillance and Vigilance for Medical Devices Module 7 Working with EU Regulatory Stakeholders as Part of the EU Conformity Assessment Process o Take our Qualified Person viva and prove to a board of experts that you are indeed qualified to undertake your duties and responsibilities in medical device quality assurance and regulatory affairs. Learn more about range of medical device services

Copyright 2013 NSF International. This document is the property of NSF International and is for NSF International purposes only. Unless given prior approval from NSF, it shall not be reproduced, circulated or quoted, in whole or in part, outside of NSF, its committees and its members. Cite as: Preparing for Unannounced Inspections from Notified Bodies NSF: Ann Arbor, MI

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information