The ISO 13485 audited under ISO17021-1 part one and is an essential part of becoming and staying ISO 13485 certified, that is based around ISO9001 It will help you:

• Ensure your Medical Management System complies with the ISO 13485 standard
• Identify and address any issues with your Quality Management System
• Identify potential improvements to your system
• Ensure your organisation takes appropriate action to meet its quality objectives.

Internal audits of your quality management system should be considered prime opportunities for you to monitor the effectiveness of your processes. Again, referring to the Deming Cycle, internal audits are a means to do, study, and act.

Internal audits should be conducted at planned intervals and documented in some type of internal audit schedule. My advice is to spread your internal audits throughout the calendar year and to group similar/related processes.

A big mistake that I’ve seen way too many times is that companies conduct internal audits simply to check a box to satisfy the requirement. And oftentimes they will save all internal audits until the end of the year and rush to get through them. If this is your approach, you are not getting value out of your internal audits.

Document the results of your internal audits. And if you identify a systemic issue to be addressed, consider escalation in the form of a corrective or preventive action (CAPA) investigation. 

Internal audits are an area to consider using a risk-based approach too. For example, if you determine certain processes are well-established, stable, and understood (corroborated with objective evidence, of course), this may be a lower risk area that requires less frequent audit cycles. On the other hand, the opposite scenario might mean a higher risk area where more frequent auditing would be warranted.

ABOUT US