Essential Tips for Preparing for Your ISO 13485:2016 Stage 1 Audit
An ISO 13485:2016 audit is a comprehensive evaluation process conducted to verify that a medical device manufacturer’s quality management system (QMS) meets the requirements of the ISO 13485:2016 standard. This standard specifies the requirements for a QMS that demonstrate the ability to consistently meet customer and regulatory requirements applicable to medical devices and related services.
An ISO 13485:2016 certification is not a simple undertaking: It requires thorough preparation, financial allocations, and time during the audits. However, it provides medical device companies with a plethora of opportunities, including entry into other regulatory markets, potential partnerships, supplier confidence, and affirmation of strong QMS.
The initial ISO 13485:2016 certification process involves several stages: preparation (including gap analysis and implementation of necessary processes), Stage 1 audit (readiness review) for documentation and preliminary evaluation, Stage 2 audit (comprehensive on-site assessment), and the certification decision based on audit findings. To maintain ISO 13485:2016 certification, annual surveillance audits are conducted to ensure ongoing compliance. A full recertification audit is required every three years to renew the certification.
This blog post will focus on the Stage 1 audit of the ISO 13485:2016 initial certification process, which is a critical initial step in achieving certification.
ISO 13485:2016 – Stage 1 Audit
An ISO 13485:2016 Stage 1 audit, also known as a “readiness review,” is the initial part of the certification process for the ISO 13485:2016 standard. It is conducted by an external certification body and is primarily a document review and preliminary evaluation to determine if the organization is prepared for the Stage 2 audit, which is the more detailed, comprehensive assessment.
Objectives of a Stage 1 Audit
Review Documentation:
- Assessing the organization’s quality management system (QMS) documentation to ensure it meets the requirements of ISO 13485:2016.
- Checking the quality manual, procedures, work instructions, and records.
Evaluate Location and Site-Specific Conditions:
- Understanding the site-specific conditions and preparedness for the Stage 2 audit.
- Evaluating the scope of the QMS, including roles, exclusions, and applicability.
Assess the Organization’s Readiness:
- Determining whether the organization is ready for the Stage 2 audit.
- Identifying areas of concern that could be classified as nonconformities during the Stage 2 audit.
Verify the Implementation Status:
- Ensuring that the organization has implemented the QMS according to the requirements of ISO 13485:2016.
- Checking if the QMS has been in operation for a sufficient period to provide evidence of its effectiveness.
Tasks Performed During a Stage 1 Audit
- Documentation Review: Analyze the quality manual, policies, procedures, and records to ensure they align with ISO 13485:2016 requirements.
- Site Tour: Conduct a brief tour of the facility to understand the context and complexity of operations. If Stage 1 is conducted virtually, this might be completed in the form of a Zoom tour, pre-recorded videos or photographs.
- Interviews: Conduct preliminary discussions with key personnel to gauge their understanding and implementation of the QMS.
- Assessment of Preparedness: Evaluating the organization’s readiness for the more detailed Stage 2 audit, identifying any potential issues, and providing feedback for improvement.
Outcomes of a Stage 1 Audit
The outcomes of the Stage 1 audit include an audit report summarizing the findings, highlighting areas of concern or potential non-conformities. It also includes an action plan with recommendations for addressing any gaps or issues identified to ensure readiness for the Stage 2 audit. Additionally, a go/no-go decision is made to determine if the organization is ready to proceed to the Stage 2 audit or if further actions are needed to achieve readiness. This stage is crucial for identifying major issues early in the certification process, allowing the organization to address them before the more rigorous Stage 2 audit.
How to Prepare for Stage 1 Audit
Preparation for the Stage 1 audit should be robust. The Stage 1 audit sets the tone for the remainder of the audit, and it is important to make a good impression on the auditor with complete and compliant documents and a thorough understanding of how the QMS functions.
We recommend hosting a Management Review 1-3 months prior to your Stage 1 audit. This will ensure that you have covered all required inputs and outputs of the QMS and had sufficient time to address your action items.
We also recommend having your Internal Audit focused on the ISO 13485:2016 standard and ensure that any gaps are closed prior to the Stage 1 audit. If your internal audit has already been conducted, we recommend completing a gap analysis to ensure you have identified and resolved any gaps.
Through these two tasks, you will naturally review common gaps – expired supplier reevaluations/certifications, insufficient training records, generation of an external standards list, etc. The Management Review and Internal Audit are required annual quality events but can be utilized as tools to ensure your company is prepared for ISO Stage 1.
Look to Rook
Rook Quality Systems can support clients in preparing for a Stage 1 ISO 13485:2016 audit by conducting a thorough gap analysis to identify any deficiencies in their current QMS. We provide expert guidance on implementing necessary processes and documentation to meet ISO 13485:2016 requirements. Additionally, our team offers comprehensive training and internal auditing services to ensure readiness for the Stage 1 audit, addressing any potential nonconformities before the certification process progresses.