CALL US +44 1502 449001
CountryCountry

ISO 13485 Knowledge base

'. get_the_author_meta('first_name'). ' '.get_the_author_meta('last_name').'

Checklist of ISO 13485 implementation and certification steps

Author: Waqas Imam

Now that your company is thinking about implementing a QMS (Quality Management System) and getting certified against ISO 13485, you may be wondering about where – and how – to get started. To get you going on the right track, I’ve compiled this list of the 13 steps you need to take so that you don’t miss anything as you work through your implementation and get ready for certification.

1) Get management support. This step is number one for a reason: without management support, your ISO 13485 implementation project is doomed to failure (if it gets started at all). You’ll need to craft a well-though-out presentation outlining the benefits your company can realize through ISO 13485 implementation, and get your management team on board right from the start. To help you get organized, check out this article on Six Key Benefits of ISO 13485 Implementation.

2) Identify requirements. The next critical step toward a successful implementation is making sure that you ascertain all the requirements you need to satisfy with your QMS. Such requirements usually include legal and regulatory requirements, customer requirements, and other requirements depending on your company’s needs and culture.

3) Define the scope. You want to avoid applying the QMS to areas of your business that don’t pertain to quality, but you don’t want to make the scope so narrow that the company sees no benefit. When you define your QMS scope, you will have a better idea of what needs to be done, and the boundaries of your implementation. Your best tools to help you with scope definition are the quality policy and quality manual, so these need to be the first documents you develop for your QMS.

4) Define processes and procedures. The ISO 13485 standard defines certain mandatory procedures that must be part of your QMS, but you will also need to determine what processes and procedures within your company must be defined in order to ensure adequate and consistent quality. The first thing to do is to define all of your company’s processes, and then see how they interact with each other. These interactions are often where problems become evident.

5) Implement processes and procedures. For most companies, all that needs to happen is the documentation of existing processes and procedures to ensure consistent quality that meets requirements. You don’t have to document every process, but you do need to decide which processes need a documented procedure in order to guarantee consistency in the quality of products and services. For more explanation, see Mandatory Documentation Required by ISO 13485:2016.

6) Deploy training and awareness programs. It is vital to the success of your Quality Management System that every employee in your organization understands how the QMS works, and where they fit into the mix. All personnel need to be trained on the basics of ISO 13485, so they get an idea of the purpose of implementation; in addition, they need to be aware of any changes to be made in the processes they are a part of.

7) Choose a certification body. The right certification body can make all the difference, because this is the company that comes in after your implementation to audit your Quality Management System, and determine whether or not it conforms to ISO 13485 requirements. In addition, they will also decide how effective your QMS is, and whether it shows continual improvement. For help on choosing the right certification body for your company, take a look at this List of questions to ask an ISO 13485 Certification Body.

8) Operate the QMS / Measure the system. This is when you will collect the records that will be required in audits to show that your processes meet the requirements set out for them, that they are effective, and that improvements are being made in your QMS as needed. Certification bodies need this to happen over a certain length of time, which they will identify, in order to ensure that the system is mature enough to show compliance.

9) Conduct internal audits. After you have operated the QMS for the prescribed length of time, but before the certification body conducts their audit, you will need to perform an internal audit of each process. This will tell you whether or not the processes are performing as planned, and if not, you’ll have the opportunity to take corrective action to resolve any issues you find. For more information, check out Five main steps in ISO 13485 Internal Audit.

10) Conduct management review. Not only must management be supportive of the company’s ISO 13485 implementation – it is imperative that they stay involved in the ongoing maintenance of the Quality Management System. During the management review, they will examine data from the QMS activities to make sure that all processes have the resources they need to continue to be effective, and to improve over time. Take a look at How to perform management review according to ISO 13485 for more details.

11) Take corrective action. Here is where you look for the root cause of the problems discovered during internal audits, measurements, and management review, and then take the necessary action to correct the problems at the source. This is a crucial step in the continual improvement of the Quality Management System, which is a key aim of ISO 13485.

12) Perform the stage 1 certification audit. Now is the time for the auditors from your chosen certification body to review your documentation and verify that – at least on paper – all of the ISO 13485 requirements have been addressed in your QMS. You’ll receive an audit report detailing the areas in which you are compliant, as well as those in which you have problems. You will then be given an opportunity to implement the necessary corrective actions to resolve the problems. This is often done during the same timeframe given for the initial operation of the Quality Management System.

13) Stage 2 certification audit. During this audit, the certification body will send auditors to have a look at the records you have collected through the operation of QMS processes. These records will include those from management review, internal audits, and corrective actions. When the review is completed, which often takes a few days, the auditors will provide you with an audit report that outlines their findings, including their determination as to whether or not your QMS appears to be effective, and if it complies with the requirements of the ISO 13485 standard. If they find that your QMS meets all of the requirements set out for it, the auditors will recommend you for certification. If they have found any major nonconformance, you will have an opportunity to implement corrective action to make sure the problems are resolved, and that you are ready for certification.

A sound plan will go a long way toward helping you set up your ISO 13485-based Quality Management System. So, take the necessary time to make a plan and determine the necessary resources, as this will translate to savings in both time and resources down the line.

For a graphical representation of the implementation process, check out this free Diagram of ISO 13485:2016 Implementation Process.

If you enjoyed this article, subscribe for updates

Improve your knowledge with our free resources on ISO 13485 standard.

You may unsubscribe at any time.

For more information on what personal data we collect, why we need it, what we do with it, how long we keep it, and what are your rights, see this Privacy Notice.

Leave a Reply

Your email address will not be published. Required fields are marked *

FREE ISO 13485 CONSULTATION
Strahinja Stojanovic
Lead ISO 13485 Expert,
Advisera

GET FREE ADVICE

OUR CLIENTS

OUR PARTNERS

  • Advisera is Exemplar Global Certified TPECS Provider for the IS, QM, EM, TL and AU Competency Units.
  • ITIL® is a registered trade mark of AXELOS Limited. Used under licence of AXELOS Limited. All rights reserved.
  • DNV GL Business Assurance is one of the leading providers of accredited management systems certification.