Table of Contents. Preface 1.0 Introduction 2.0 Scope 3.0 Purpose 4.0 Rationale 5.0 References 6.0 Definitions



Similar documents
FINAL DOCUMENT. Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device Manufacturers Part 1: General Requirements

PROPOSED DOCUMENT. Quality management system Medical devices Nonconformity Grading System for Regulatory Purposes and Information Ex-change

CP14 ISSUE 5 DATED 1 st OCTOBER 2015 BINDT Audit Procedure Conformity Assessment and Certification/Verification of Management Systems

European Forum for Good Clinical Practice Audit Working Party

FINAL DOCUMENT. Title: Quality Management System Medical Devices Guidance on the Control of Products and Services Obtained from Suppliers

NOTICE. Re: GD210: ISO 13485:2003 Quality Management System Audits Performed by Health Canada Recognized Registrars

DRAFT GUIDANCE. This guidance document is being distributed for comment purposes only. Document issued on: July 2015

P-01 Certification Procedure for QMS, EMS, EnMS & OHSAS. Procedure. Application, Audit and Certification

General Rules for the certification of Management Systems

Procedure PS-TNI-001 Information Security Management System Certification

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

Certification Procedure of RSPO Supply Chain Audit

Abu Dhabi EHSMS Regulatory Framework (AD EHSMS RF)

ED FAGAN INC. QUALITY SYSTEM MANUAL

OVERVIEW OF THE PREQUALIFICATION OF DIAGNOSTICS ASSESSMENT PROCESS. Prequalification of Diagnostics

Certification Process Requirements

3 Terms and definitions 3.5 client organization whose management system is being audited for certification purposes

Accredited Retail Certification Program (RCP ) Procedure for Certification

ORACLE CONSULTING GROUP

EMS Example Example EMS Audit Procedure

CONTROL PROCESS NATURAL ORIGIN AND ORGANIC CANDLES AND HOME FRAGRANCES

IRCA Certificated QMS Lead Auditor Training Course. Programme

ISO 9001 Quality Management Systems. Tips for Internal Auditing

ISO 13485:201x What is in the new standard?

General Rules for the Certification of Management Systems Code: RG

NABET Accreditation Criteria for QMS Lead Auditor Training Course

FINAL DOCUMENT. Global Harmonization Task Force

NABET Criteria for INFORMATION SECURITY MANAGEMENT SYSTEMS (ISMS) Lead Auditor Training Courses

Criminal Justice Offender Tracking System Certification Program Requirements

NABET Criteria for OH&S Lead Auditor Training Course

EXAM PREPARATION GUIDE

DQS UL ASSESSMENT AND CERTIFICATION REGULATIONS

Network Certification Body

TOTAL QUALITY MANAGEMENT II QUALITY AUDIT

WORKPLACE HEALTH AND SAFETY AUDITING GUIDELINES

Aerospace Guidance Document

International Requirements for Organic Certification Bodies (IROCB)

Competency Unit: Exemplar Global AU Management Systems Auditing

Implementing ISO 9000 Quality Management System

AUDITOR GUIDELINES. Responsibilities Supporting Inputs. Receive AAA, Sign and return to IMS with audit report. Document Review required?

Section 5: Quality Systems Regulation (QSR) and Good Manufacturing Practice (GMP)

Copyright, Language, and Version Notice The official language of this [Certification Protocol] is English. The current version of the [Certification

EXAM PREPARATION GUIDE

AGREEMENT ON TECHNICAL BARRIERS TO TRADE. Having regard to the Uruguay Round of Multilateral Trade Negotiations;

HONG KONG ENVIRONMENTAL ELECTRICAL APPLIANCE COMPANY. Environmental Procedure

MEAT GRADING AND CERTIFICATION BRANCH QUALITY MANUAL

UL s Medical Quality Management System Registration

Registration of Class B Medical Devices

Guidance Notes for Applicants of the Certificate for Clinical Trial on Medical Device

CENTRIS CONSULTING. Quality Control Manual

Medical Device Training Program 2015

Quality Management System Manual

QUALITY SYSTEM REQUIREMENTS FOR PHARMACEUTICAL INSPECTORATES

COMBINE. Part B. Manual for Marine Monitoring in the. Programme of HELCOM. General guidelines on quality assurance for monitoring in the Baltic Sea

THE QUALITY AUDITOR SOLUTIONS TEXT

1. Scope This SOP covers requirements for PHARMCO-AAPER s Quality Management System

GUIDE 62. General requirements for bodies operating assessment and certification/registration of quality systems

NABET Accreditation Criteria for 3 Day Modular OH&S Auditor Training Course

QSIT Management Controls. QSIT Workshops

Quality Management System Manual

COMPANY NAME. Environmental Management System Manual

Empowering the Quality and Regulatory Compliance Functions

Regulations for the certification of environmental management systems in conformity with UNI EN ISO 14001:2004

MEDICAL DEVICES INTERIM REGULATION

DNV GL Assessment Checklist ISO 9001:2015

Summary of Requirements for ISO 14001:2004 February 24, 2005

Title:: Effective GMP AUDITS for APIs and Formulation Pharma Companies By G.Sundar-Director/Consultant PharmQA Compliance solutions

Quality Management System MANUAL. SDIX, LLC Headquarters: 111 Pencader Drive Newark, Delaware 19702

Quality Management System MANUAL. SDIX, LLC Headquarters: 111 Pencader Drive Newark, Delaware 19702

ETSI TS V2.1.1 ( )

QUALITY MANUAL ISO Quality Management System

ISO 9001 Quality Systems Manual

ETSI EN V2.2.2 ( )

Checklist. Standard for Medical Laboratory

ISO 9001:2000 AUDIT CHECKLIST

General Regulations. Part Ⅱ - Quality Management System Rules ENGLISH VERSION 5.0

ISO 9001:2008 Audit Checklist

QUALITY ASSURANCE MANUAL JPM OF MISSISSIPPI, INC.

Quality Agreement. by and between. Supplier Name. Address: and. Client Name: Address:

GUIDELINES FOR FOOD IMPORT CONTROL SYSTEMS

Health Canada s GCP Compliance Program Part 2. GCP Information Sessions November 2010

Company Quality Manual Document No. QM Rev 0. 0 John Rickey Initial Release. Controlled Copy Stamp. authorized signature

General Conditions for the Certification of Management System

TG TRANSITIONAL GUIDELINES FOR ISO/IEC :2015, ISO 9001:2015 and ISO 14001:2015 CERTIFICATION BODIES

IAF Mandatory Document for the Application of ISO/IEC in Medical Device Quality Management Systems (ISO 13485)

QUALITY CONTROL AND QUALITY ASSURANCE IN CLINICAL RESEARCH

Comparison between FDA QSR and ISO 13485

Revision Date Author Description of change Jun13 Mark Benton Removed Admin. Manager from approval

Rules for the certification of event sustainability management system

TEXTUAL PROPOSAL TECHNICAL BARRIERS TO TRADE (TBT) Article 1 Objective and Scope

TRANSPORT FOR LONDON (TfL) LOW EMISSIONS CERTIFICATE (LEC) GUIDANCE NOTES FOR THE COMPANY AUDIT PROCESS. LEC (Company Audit) Guidance Notes

Rules for the certification of asset management systems

Regulations for certification of quality management systems

Application of ISO/IEC for the Accreditation of Food Safety Management Systems (FSMS) Certification Bodies

REQUIREMENTS FOR CERTIFICATION BODIES TO DETERMINE COMPLIANCE OF APPLICANT ORGANIZATIONS TO THE MAGEN TZEDEK SERVICE MARK STANDARD

Frequently Asked Questions. Unannounced audits for manufacturers of CE-marked medical devices. 720 DM a Rev /10/02

ISO 9001:2008 STANDARD OPERATING PROCEDURES MANUAL

Audit Report AS/NZS ISO 9001:2008. RRW and Co Pty Ltd trading as National On Site Training

FSSC Certification scheme for food safety systems in compliance with ISO 22000: 2005 and technical specifications for sector PRPs PART II

Transcription:

Table of Contents Preface 1.0 Introduction 2.0 Scope 3.0 Purpose 4.0 Rationale 5.0 References 6.0 Definitions 7.0 Objectives and User Needs of a Regulatory Audit Report 7.1 Audit report objectives 7.2 User needs for the auditing organization/regulatory authority 7.3 User needs for the designating authority that oversees the auditing organizations 7.4 User needs for the manufacturer and/or auditee 8.0 Main points of a Regulatory Audit Report 8.1 Data concerning auditee 8.2 Data concerning audit 8.3 Audit trail 8.4 Conclusion 8.5 Signature and dating of report 8.6 Attachments October 2, 2007 Page 2 of 11

Preface Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device This document was produced by the Global Harmonization Task Force, a voluntary group of representatives from medical device regulatory agencies and the regulated industry. The document is intended to provide nonbinding guidance for use in the regulation of medical devices, and has been subject to consultation throughout its development. There are no restrictions on the reproduction, distribution or use of this document; however, incorporation of this document, in part or in whole, into any other document, or its translation into languages other than English, does not convey or represent an endorsement of any kind by the Global Harmonization Task Force. 1.0 Introduction This document gives guidance to regulators, auditing organizations and auditors on the content of audit reports. However, it may also help the auditee understand and respond to the audit findings. Potential benefits for the regulators and auditing organizations include: Greater consistency in audit reports both among auditors within an auditing organization and between auditing organizations Greater collaboration between regulators/auditing organizations in regard to regulatory audits Increased confidence in audits performed by an auditing organization and acceptance of those audits by other regulators Saving resources Guidance for countries developing medical device regulatory systems Potential benefits for the manufacturer of medical devices include: Improved communication that results in improved quality management systems and product quality and safety Greater consistency in audit reports Reducing the number of times a single manufacturer undergoes audits Saving resources Increased confidence in, and acceptability of, audit reports This document has been prepared by GHTF Study Group 4 Regulatory Auditing. Comments or questions about the use of this guidance document should be directed to the Chair of SG 4 whose contact details may be found on the GHTF web page (www.ghtf.org). October 2, 2007 Page 3 of 11

2.0 Scope This document is intended to be used by regulators and auditing organizations as a guide for writing a report of a regulatory medical device quality management system audit. Such audits will be based on the process approach to quality management system requirements (e.g. ISO 13485:2003 and 21 CFR Part 820). This is described in Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device, Part 2: Regulatory Auditing Strategy. It may be necessary to address additional regulatory requirements to meet the needs of the regulators receiving and using the audit report. The level of detail in the audit report will vary according to its likely use. This guideline describes a report which can be exchanged with other regulatory or auditing organizations with which the auditing organization has a formal relationship concerning confidentiality. 3.0 Purpose The purposes of this document are to harmonize the content of audit reports and to provide guidance on best practices for reporting audit results. 4.0 Rationale This guideline promotes consistency in audit reports important in harmonization and mutual acceptance of audit results. The audit report should demonstrate that quality management system and regulatory requirements were audited and that the audit was sufficiently thorough and complete. This guideline will provide a structure for audit reports that may be used in multiple jurisdictions, promoting consistency and uniformity and will assist the auditor in preparing a report for use by multiple regulators and/or auditing organizations. Having reports that are consistent in content will facilitate the review and exchange of audit reports. Acceptance of audit reports by multiple regulators should eventually reduce the number of audits for manufacturers. This document may also be used in support of bilateral and multilateral agreements. October 2, 2007 Page 4 of 11

5.0 References GHTF/SG4/N28R2: Guidelines for Regulatory Auditing of Quality Systems of Medical Device Part 1: General Requirements (1999) GHTF/SG4/N30R18: Guidelines for Regulatory Auditing of Quality management systems of Medical Device Part 2: Regulatory Auditing Strategy (final document 16 February 2006) GHTF/SG2/N36R7: Manufacturer s Trend Reporting of Adverse Events US FDA 21 CFR Part 820 Quality System Regulation (October 7, 1996, Federal Register 61 FR 52602) ISO 9000:2005: Quality Management Systems Fundamentals and Vocabulary ISO 13485:2003: Medical devices Quality Management Systems - Requirements for Regulatory Purposes ISO 19011:2002: Guideline for Quality and/or Environmental Management Systems Auditing 6.0 Definitions Adverse event: An Adverse Event is either a malfunction or a deterioration in the characteristics or performance of a sold medical device [including accessory(s) and labeling] or use error, which either has caused or could have caused or contributed to death, or serious injury to health of patients or other persons. (GHTF SG 2/N36R7) Audit findings Results of the evaluation of the collected audit evidence against audit criteria Note: Audit findings can indicate either conformity or nonconformity with audit criteria or opportunities for improvement (ISO 19011:2002) Compliance / Conformity Fulfillment of regulatory requirements Note: In this document the terms compliance and conformity are used interchangeably whereas in some jurisdictions they may have distinct and different meanings. October 2, 2007 Page 5 of 11

Critical supplier A critical supplier is a supplier delivering materials, components, or services, that may influence the safety and performance of the product. Designating Authority (DA) Body established within government or empowered by government to designate auditing organizations, suspend or withdraw their designation or remove their suspension from designation. Nonconformity Nonfulfilment of a requirement (ISO 9000:2005) Note: For explanation of the term major nonconformity see SG4N28 Regulatory audit: The audit of a quality management system to demonstrate conformity with quality management system requirements for regulatory purposes. Note: For the purpose of these guidelines, audit means a regulatory audit. (GHTF/SG4/N30R20:2006) Regulatory audit report The regulatory audit report is a document or set of documents from the regulatory audit team containing administrative data, a summary of the locations, functions or processes that were audited, audit findings and conclusions. Note: For the purpose of these guidelines, audit report means a regulatory audit report Regulatory requirements Any part of a law, ordinance, decree, or other regulation which applies to medical device manufacturers. Note 1: Guidelines, draft documents or the like should not be used as regulatory documents and should not be construed as such unless formally promulgated. [GHTF/SG4/(99)28] Note 2: For the purpose of this guidance regulatory requirements are restricted to those pertaining to the quality management system. 7.0 Objectives and User Needs of a Regulatory Audit Report 7.1 Audit report objectives The audit report comprises the documented evidence of a regulatory audit. It should contain sufficient information: October 2, 2007 Page 6 of 11

To document the audit scope, type of audit, audit objectives, the audit criteria, what was covered during the audit, and the audit findings To evaluate the auditee s compliance status, the effectiveness of the implementation of the quality management system, and draw audit conclusions To allow the exchange of audit reports between regulators and/or auditing organizations 7.2 User needs for the auditing organization/regulator The auditing organization/regulators may use audit reports for the following: To provide a record of the auditing activities To evaluate the auditee s compliance with regulatory requirements To evaluate the conformity of the quality management system against the audit criteria To provide evidence for a regulatory decision To prepare for the next audit To provide an audit history To trend compliance history for the auditee To trend compliance for the industry To follow up on adverse event reports To exchange information between auditing organizations/regulators To evaluate the performance of the auditor(s) To improve consistency between auditors 7.3 User needs for the designating authority that oversees the auditing organizations The designating authority that oversees the auditing bodies uses audit reports: To assess the competence of the auditing organization and their auditors To monitor the performance of the auditing organizations and their auditors To improve consistency between auditing organizations and their auditors 7.4 User needs for the manufacturer and/or auditee The manufacturer and/or auditee use audit reports: To provide a record of the auditing activities and audit scope To provide evidence of compliance to regulatory requirements To learn about the status of the quality management system (including nonconformities) To get feedback for further improvement of the quality management system To prepare for the next audit To provide an audit history To trend compliance history October 2, 2007 Page 7 of 11

To provide evidence of compliance to regulatory authorities/auditing organizations as part of product registration/license activities To carry out necessary corrective and preventive actions 8.0 Main points of a Regulatory Audit Report The auditing organization/regulator may adopt reporting procedures that suit its needs. The items contained in this chapter should be included in the audit report as a minimum requirement. The report shall be typed and may be in a format that can be stored and transferred electronically. Trade secrets and proprietary information should be identified in the report to ensure confidentiality. This guideline provides a recommended order of report elements as described in sections 8.1 through 8.6 below. Note: The language of the report should be agreed upon between the auditee and the auditing organization prior to the start of the audit. In many cases, the ultimate use of the report will dictate the language of the report. 8.1 Data concerning auditee 8.1.1 Auditee s name, address, phone #, fax #, e-mail 8.1.2 Company s identification or registration number for each regulatory authority covered by this audit (if applicable) 8.1.3 Description of the auditee (e.g., approximate number of employees covered by the audit scope, organization chart, hours of operations, shifts, and any seasonal variations, device name(s) and estimated number or percent of device(s) exported, listed by country). If a facility other than the main site of the auditee exists and/or is being audited, then the relationship of that site to the main site should be given. 8.1.4 The corporate identity and company names of the manufacturer 8.1.5 Status of any relevant certification 8.1.6 Products scope/product families and classifications covered by the audit (using an applicable nomenclature system, e.g. Global Medical Device Nomenclature (GMDN), where feasible) 8.1.7 Name, location and activity of critical suppliers, if applicable 8.1.8 Management representative responsible for the quality management system 8.1.9 Information from previous audit including date, name of auditing organization, name of auditor(s), audit criteria, subsystems covered and result, if applicable 8.1.10 Additional information regarding compliance history of the auditee, if relevant 8.1.11 Auditee s representative or key contact person(s) (if different from 8.1.8) for a. Arranging the audit b. Receiving the final audit report c. Receiving regulatory correspondence October 2, 2007 Page 8 of 11

8.1.12 Language(s) of operation 8.1.13 Exclusions and non-application of requirements in the quality management system 8.2 Data concerning audit 8.2.1 Type of audit (e.g. initial, surveillance, special audit) 8.2.2 Audit scope, objectives, and criteria against which the audit was conducted (regulation(s) and standard(s)) 8.2.3 On-site audit dates and time 8.2.4 Total audit time (auditor days) 8.2.5 Identification of the auditing organization and audit team members (including technical experts) and their roles and responsibilities 8.2.6 Language(s) of the audit 8.2.7 Identification of interpreter(s), if applicable 8.2.8 Observer(s) and their organization, if applicable 8.2.9 List of documentation reviewed prior to the audit, including document identification and revision status 8.3 Audit trail 8.3.1 Description of activities covered during the audit. Write a summary of the key elements for each of the subsystems audited: Management Design and Development (describe the project(s) reviewed) Product Documentation Production and Process Controls (describe product and process/es reviewed) Corrective and Preventive Actions (report data sources available for review, and which ones were reviewed) Purchasing Controls Documentation and Records Customer Related Processes Note: These are the subsystems in GHTF/SG4/N30, Guidelines for Regulatory Auditing of Quality Management Systems of Medical Device Part 2: Regulatory Auditing Strategy. The subsystem summary (ies) should include: Areas of the site visited (e.g., incoming inspection, manufacturing areas, quality control laboratories, etc) and, where relevant, persons interviewed Activities and processes evaluated, including the reason for their selection Documents reviewed, including document number, revision etc Specific references to records reviewed, e.g., complaints files, batch records etc October 2, 2007 Page 9 of 11

Specific references to products reviewed, e.g., work in progress, components etc Statement concerning compliance with the standard or regulation(s) being audited, e.g., o conforming o comments for improvement, if applicable o nonconformity (including major nonconformities) Note: If a comment for improvement is recorded in the audit report which suggests non-compliance but does not lead to a nonconformity, it should be clear why a nonconformity was not raised. If a checklist without any further information is used to demonstrate coverage in a particular area then this should be described in the written narrative report. 8.3.2 Description of recalls, field safety corrective actions, product removals, or product replacements since the last audit, if applicable 8.3.3 Description of major changes to products or significant changes to processes, organizational structure, ownership, key personnel and quality management system since the last audit 8.3.4 Description of any follow-up on specific complaints or adverse event reports performed by the auditee 8.3.5 Identification of any requested information that was refused and any obstacles encountered that could compromise the reliability of the audit findings and conclusions 8.3.6 Identification of nonconformities, including: i) details of each nonconformity ii) the audit criterion or the specific regulatory requirement to which it applies iii) the relative significance with respect to regulatory requirements iv) the date for submission of any corrective action plans 8.3.7 Details of any corrective action(s) taken during the audit Note: When a nonconformity is found, a record of this should be completed even if the auditee corrects the nonconformity during the audit. 8.3.8 Verification of effective implementation of corrective action(s) from previous audit 8.3.9 Description of any items or comments for improvement not given in list of nonconformities, if applicable 8.3.10 The proposed time frame for responding to the nonconformities, if applicable 8.3.11 Follow-up items for the next audit 8.3.12 Details of information provided during the closing meeting, including auditee s responses 8.3.13 Unresolved diverging opinions between audit team and auditee 8.3.14 Any areas not audited although within the audit scope October 2, 2007 Page 10 of 11

8.4 Conclusion 8.4.1 Summary and conclusions regarding the conformity of the auditee s quality management system with each set of audit criteria 8.4.2 Summary and conclusions regarding the effectiveness of the quality management system in meeting quality objectives 8.4.3 Auditor s recommendation to the auditing organization (as applicable): a) Follow up action(s) including proposed time schedule(s) b) For the initial or continued certification 8.4.4 Confirmation that audit objectives have been met or an explanation as to why not 8.5 Signature and dating of report 8.5.1 Date of the audit report 8.5.2 Audit team members names, titles and organizations (signature and/or stamp of auditors on report) 8.6 Attachments (used to support the content of the report) Audit plan(s) (if applicable) Attendance sheet for opening and closing meetings (if applicable) Relevant auditing organization documents Evidence available to support the nonconformities Checklist used by the auditor Nonconformity reports if issued separately October 2, 2007 Page 11 of 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information