The ISO 13458:2016 Internal Audit Checklist

An internal audit can be an invaluable way of improving your quality management system with proper preparation. CQ has provided an all-in-one checklist to assist your team and certify auditors.

The ISO 13458:2016 internal audit checklist covers six essential areas that must be checked for compliance:

1. Documentation

Documentation is one of the key factors when auditing your own quality management system. Medical device manufacturers must maintain thorough documentation that proves their processes comply with ISO 13485:2016 standards and FDA Quality System Regulations (QSR).

A major aspect of the 2016 revision is that medical devices must now be protected from theft, alteration or damage. There are also new requirements regarding how an organization manages outsourced processes.

This checklist offers auditors a platform for reviewing documentation specific to an audit. Furthermore, it serves as an avenue to record any non-compliances encountered during an inspection.

2. Process Controls

This section addresses audit questions intended to ensure your company firmly controls the design and development of processes, as well as verifying they meet intended uses and specified requirements.

The next section ensures that medical device production meets quality standards, as well as verifying whether there are protocols in place to prevent product contamination.

Finally, this section requires objective parties to conduct internal audits. Objectivity is especially crucial in large organizations where employees are accountable for all aspects of a process. A quality management system with audit management workflows may assist here.

3. Design and Development

The design and development sections of the ISO 13458:2016 internal audit checklist help verify that your company adheres to design transfer and approvals processes that ensure medical device production meets user needs and adheres to intended use and specified requirements. These processes also prevent software issues or any other obstacles to producing compliant products.

Internal audits involve an independent auditor reviewing random records to gain an in-depth perspective of an area of your business. The Irish NSAI provides a free 13485 audit preparation checklist which clients can use to complete pre-audit planning, prepare their records and anticipate on-site evaluation by an independent auditor.

4. Training

Training is a key area that auditors examine during a quality audit. They verify that employees involved in managing processes have received adequate training on their specific job tasks as well as on the medical device organization’s quality policies and objectives. They review records as well as training manuals.

Verifying that top management has established and authorized a management representative is key in ensuring an effective quality management system is implemented and maintained, typically accomplished through reviewing management processes, documentation and controls – this step typically comprises stage two auditing that may last several days.

5. Documentation of Complaints
An organization must implement documented procedures for handling customer complaints (4.2.4). If a serious incident requires reporting to regulatory authorities, they too must have documented notification procedures (5.2.2).

Utilize this comprehensive ISO 13458 internal audit checklist to ensure compliance with its unique requirements. It covers all key sections of the standard, such as Clauses 4-8. Download it free from Qualio’s information portal for use during an ISO 13485:2016 audit or to help enhance quality processes within your company.

6. Supplier Evaluation

Supplier evaluation is an integral component of ensuring your organization receives products and services from quality vendors. It involves evaluating each supplier based on financial stability, manufacturing capacity, quality control procedures, delivery timelines and customer service capabilities.

Implementing these elements into an effective assessment process can help mitigate supplier risk, improve business practices and mitigate third-party risks; while also helping supply chain management improve and decrease dependency on a single supplier.

To maximize this process, it’s essential to establish clear performance indicators, classify suppliers, centralize data, collaborate on feedback mechanisms and develop actionable plans based on your evaluation results.