ISO Internal Audit Process

Core Compliance provides consulting expertise for ISO compliance to ISO 13485 (Medical Devices) ISO 14971 (Risk Management) are relative standards for medical device companies. We can update or transition your current management system for ISO, or start from scratch in building a management system for your organization. This ISO standards outlines the requirements related to quality or risk management for an organization’s need to demonstrate its ability to provide medical devices and related services that consistently meet customers’ and regulatory FDA requirements.

ISO Internal Audit Process

Our expert quality system consultants implement a ISO management system:

1. Gap analysis audit – We evaluate your management system to determine your current level of compliance with ISO 13485:2016. If you already have ISO 13485 certification, you are probably 80% or more compliant with the new requirements. However, it’s important to know where you stand. The gap analysis supports the development of a list of action items to adopt the new standard, also known as a quality plan.
2. Quality plan – The quality plan is a documented list of tasks your organization must accomplish to comply with ISO 13485:2016. In addition, there is more emphasis on quality planning in the new standard, so this is an excellent way to get started! Our consultants develop a detailed quality plan tailored to your company.
3. Risk-based approach – ISO 13485:2016 places much more emphasis on risk management. Our consultants evaluate your system to ensure your risk assessment and decision-making measures are as robust as possible.
4. Pre-assessment audits – If you plan to complete the work necessary to upgrade in-house, we can perform a pre-assessment audit several weeks prior to your Notified Body or Registrar certification audit. We can also conduct on-site ISO 13485:2016 training for your key employees to ensure ongoing compliance.

ISO Internal Audit Process

Preparation- Core Compliance educate med-device companies on expectations for ISO 13485 requirements FDA compliance a layout the road map with objectives and milestones. We work with designated management Representatives, for and educational training approach to be taken, for buy-in from company employees. We coordinate with the ISO 13485 QMS road map with designated representatives through online webinars and/or onsite F2F consultation.

Discovery- Gathering current related QMS documentation onsite related to ISO 13485 requirements, along with providing QM, QP QO’s, procedures, work instructions, forms/exhibits.

Gap Analysis- Current state of Quality Management Systems compared to ISO 13485 requirements. Update road map based upon findings for clear next steps and milestones for ISO 13485 certification. On completion of approved QMS, we move to implementation.
Implementation/Training- of QMS system with company and provide onsite or webinar training.

Internal Audit- Provide internal audit services to meet ISO standard requirements.

A certification body, also referred to as a “registrar”, performs an audit to assess compliance with the standard and the organization’s declared management system. Upon a successful audit, the organization is granted a certificate of compliance from the trusted third party registrar. The organization undergoes additional but lesser surveillance audits at least annually thereafter for 3 years until the certification then expires and requires a re-certification.

ISO Standards