Differences Between ISO 13485 and ISO 9001


Published on

Thanks to ASQ, FDA, ISO, Elsmar web information.

Published in: Technology, Business
1 Comment
  • I appreciate your post. I also wrote that SMS advertising provides a cost effective method of targeting promotions to specific customer profiles. You might want to remind customers of specific events or promotions, but for whatever reasons, SMS allows you to pass information directly to the right customer at very affordable prices and fast delivery.
    iso 9000
    Are you sure you want to  Yes  No
    Your message goes here
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Differences Between ISO 13485 and ISO 9001

  1. 1. ISO13485:2003 VS ISO 9001:2000 Ritesh Chintakuntla
  2. 2. Why not adopt ISO 9001:2000 ?   The Medical Device Industry did not agree with all the changes to ISO 9001:2000   Harmonizing with the QSR (GMP) requirements   ISO 9001:2000 places an emphasis on Continual Improvement and Customer Satisfaction   Harmonizing EN 4600X Standards with ISO 13485   Not user friendly   Lacked Process orientation   Could not tailor ISO to scope of registration (service)
  3. 3. What they wanted to accomplish in the ISO 13485:2003   Useable by organizations of all sizes   Specific to the Medical Device Community   Easily Understood   Compatible with “other” management systems   9001:2000, ISO 14001   Direct relationship with the activities involved in running the business
  4. 4. ISO 13485 Series Standards - QMS   ISO 9000: Quality management system fundamentals and vocabulary   Except as noted in section 3 of 13485   ISO 13485: Quality Management System Requirements   combines ISO 13485 and 13488   limitations will be indicated on certificate   ISO/TS 14969: Quality Management Systems-Medical Devices-Guidance on the Application of ISO 13485
  5. 5. What has Changed? ISO 13485 now has a totally new structure,   ‘20 elements’ is too linear,   Adopted ‘process’ approach   Emphasis is now on regulatory requirements for a quality management system rather than a quality assurance system.   Increased attention to production of a conforming product and delivery of a conforming service is included in and is part of the quality management system.   There is now only one management system requirement standard, i.e. ISO 13485, where previously there were two requirement standards: ISO 13485 and ISO 13488.
  6. 6. 2003 Changes Continued   Went from 20 elements to 8   Elements 4-8 contain all the requirements   Emphasis on Consistency through Documentation   Does Allow for permissible exclusions   Exclusions need justification!   Organization replaces supplier to refer to the company implementing the standard   Supplier replaces subcontractor when referring to companies that your company purchases goods and services from
  7. 7. 2003 Changes - Continued   Top Management must be involved in establishing and communicating the purpose and direction of the organization   The management system begins and ends with objectives established by Top management   Top management – responsibility for profit or loss*   Top Management needs to create an atmosphere in which people are not afraid to become involved, and desire to help the company meet its goals and objectives
  8. 8. Why Can’t the FDA change Part 820 to harmonize it with 9000:2000   The FDA and medical device regulators take issue with following ISO 9001:2000 philosophies:   Customer Satisfaction- goes above and beyond the safety and efficacy of medical devices. Evaluating customer satisfaction beyond safety is not FDA’s purpose   Continuous Improvement- done simply for the sake of operating more efficiently is outside the scope of medical device regulatory agencies.   Documentation- documentation is needed to know what a company intends to do and what they actually did- ISO 9001:2000 requires less documentation than does 13485:2003   Process Approach- FDA does not feel its necessary for companies to change the structure of their documentation.   FDA is assuming the purpose of the change in ISO is a change in documentation and that companies do not already use the process approach.
  9. 9. FDA/QSR harmonization with the ISO Standards   The FDA is planning on some level of harmonization with ISO 13485 in late 2002 – early 2003.   Provided that ISO 13485 will remain more true to the medical device/regulatory viewpoint   Many other countries rely on ISO standards in regulating medical devices.   Promotes International Consistency.   FDA and device regulatory agencies from other countries can more readily rely on one another's inspections and exchange inspection reports if the quality system requirements are similar.
  10. 10. Why Would Medical Device Manufacturers want to maintain ISO 9001:2000 Certification as well as 13485:2003   Customers (Doctor’s, Hospitals, OEM’s) perceive a level of security in knowing they are buying from a manufacturer that has an ISO 9001 certified system.   Helps companies obtain product certification CE mark,   Companies do not have to be ISO certified to get CE Mark   Depending on the product or service companies could opt for ISO 17025
  11. 11. Permissible Exclusions - Allowable   (7.5.3) Identification and traceability - only partially applicable where there is no specific traceability requirement for the organization’s product   (7.5.2) Customer property - Nothing is provided from the customer to the supplier in the realization of its products or processes   (7.6) The organizations needs no measuring and test equipment to provide evidence of conformity
  12. 12. Differences
  13. 13. Guidance standards ISO 14969:200X will be the guidance document for implementation to 13485:2003   Section 3 of ISO 13485 has additional Terms and Definitions not included in ISO 9000:2000 ISO 9000:2000 and ISO 9004:2000 used as “consistent pair”
  14. 14. Differences: Section 4.1   13485: "Maintain the Effectiveness of these processes"   Records that you are meeting requirements and stated objectives   9001:2000: “Continual Improvement of these Processes“
  15. 15. Differences: Section 4.2.3   Organization must define the period for retention of obsolete documents   Duration must be for the life of the device   or as specified by relevant regulatory requirements (GMP/GLP)   9001:2000 Does not specify retention times
  16. 16. Differences: Section 4.2.4 Additional Requirement in Section 4.2.4 13485:2003 that are not in 9001:2000   "Records shall be established and maintained to provide evidence of conformity to requirements and of the effective operation of the quality management system. records shall remain legible, readily identifiable and retrievable. A documented procedure shall be established to define the controls needed for the identification, storage, protection, retrieval, retention time and disposition of records.   Records from suppliers which demonstrate conformance to specified requirements and the effective operation of the quality management system shall be maintained. The organization shall retain the records for a period of time at least equivalent to the lifetime of the medical device as defined by the organization, but not less than 2 years from the date of last shipment from the organization.   NOTE National or regional regulations may require a period longer than 2 years. The organization shall establish and maintain a record for each batch of medical devices that provides traceability   to the extent specified in 7.5.3 and identifies the quantity manufactured and quantity approved for distribution. The batch record shall be verified and approved.   NOTE A batch may be a single medical device."
  17. 17. Differences: Section 5   Section 5.1 of 13485:2003 does not require "Continually Improving its effectiveness"   ISO 9001:2000 does.   Section 5.2 of 13485:2003 focus is on meeting the customers needs   9001:2000 is focused on meeting and exceeding the customers needs.   Section 5.3 of 13485:2003 emphasizes maintaining the system   9001:2000 talks about continual improvement
  18. 18. Differences: Section 6   Section 6.2.2 of 13485:2003 Requires a procedure for training where as ISO 9001:2000 does not.   Section 6.4 Work Environment of 13485:2003 is more detailed (i.e. health records, cleanliness of clothing and personnel, environmental monitoring) than the same section in 9001:2000
  19. 19. Differences: Section 7   Section 7.3 Design and Development of 13485:2003 references ISO 14971 (Risk Analysis) 9001:2000 does not.   Section 7.5.1 of 13485:2003 has added sub-clause G, which talks about packaging and labeling.   Section Cleanliness of Product and contamination control (Cleaning of product) is added for 13485:2003   Section Installation (Installing the Device) is added for 13485:2003   Section Servicing (After the Device is installed) is added for 13485:2003
  20. 20. Differences: Section 7 - cont’d   Section 7.5.2 Validation of processes for production and service provision- additional requirements for 13485:   “The organization shall establish and maintain documented procedures for the validation of the application of computer software (and changes to such software and/or its application) for production and service operations and measuring and monitoring operations (see 8.2) that affect the ability of the product to conform to specified requirements. Such software applications shall be validated prior to initial use. The results of validation shall be recorded (see 4.2.4).” Particular requirement for sterile medical devices:   “The organization shall subject the medical device to a validated sterilization process and record all the process parameters of the sterilization process (see 4.2.4).”
  21. 21. Differences: Section 7 - cont’d   Section 7.5.3 Identification and Traceability- additional requirements for 13485:   Particular requirements for active implantable medical devices and implantable medical devices:   a) “When defining the extent of traceability, the organization shall include all components and materials used, and records of the environmental conditions when these could cause the medical device not to satisfy its specified requirements.”   b) “The organization shall require that its agents or distributors maintain records of the distribution of medical devices with regard to traceability and that such records are available for inspection.”   c) “The organization shall ensure that the name and address of the shipping package consignee is recorded (see 4.2.4).”
  22. 22. Differences: Section 7 - cont’d Section 7.5.5 Preservation of product- additional requirements for 13485:  ”The organization shall establish and maintain documented   procedures for the control of product with a limited shelf-life or requiring special storage conditions. Such special storage conditions shall be controlled and recorded.” (FIFO)
  23. 23. Differences: Section 8   Section 8.1 Measurement, analysis and Improvement- additional Requirements for 13485:   If statistical techniques are used, organization shall establish and maintain documented procedures to implement and control their application.
  24. 24. Differences: Section 8 - cont’d   Section 8.2.1 Customer Feedback- Additional Requirements for 13485:   “The organization shall establish and maintain a documented feedback system to provide early warning of quality problems and for input into the corrective and preventive action system [see 7.2.3c)].”   “If regulations require the organization to gain experience from the post- production phase, the review of this experience shall form part of the feedback system (see 8.5.1).”
  25. 25. Differences: Section 8 - cont’d Section 8.2.4 Monitoring and measurement of Product- additional requirements for 13485: Particular requirement for active implantable devices and implantable devices:    “The organization shall record (see 4.2.4) the identity of personnel performing any inspection or testing.” Section 8.3 Control of nonconforming product- additional requirements for 13485:  “If product needs to be reworked (one or more times), the organization shall document the rework in a work instruction that has undergone the same authorization and approval procedure as the original work instruction. Prior to authorization and approval, a determination of any adverse effect of the rework upon product shall be made and documented.”
  26. 26. Requirements for Documents – 92K   ISO 9001:2000 requires a minimum of 6 procedures.   Quality Manual   4.2.3 Control of Documents   4.2.4 Control of Records   8.2.2 Internal Audit   8.5.2 Corrective Action   8.5.3 Preventive Action
  27. 27. Requirements for documents 13485 ISO 13485:2003 requires a minimum of 19 procedures!   Quality Manual   4.2.3 Control of Documents   4.2.4 Control of Records   6.2.2 Competence, awareness and training   7.3 Design and Development   7.4.1 Purchasing Process  Installation activities (if applicable)  Servicing activities (when required)  Identification  Traceability   7.5.5 Preservation of Product   7.6 Control of Measuring and Monitoring Devices   8.1 Statistical Techniques (if used)   8.2.2 Internal Audits   8.3 Control of nonconforming product   8.4 Analysis of Data   8.5 Improvement   8.5.2 Corrective Action   8.5.3 Preventive Action
  28. 28. ISO 13485:2003 Certification = Certification to ISO 9001:2000???   ISO 13485 is a stand alone standard   It is based on ISO 9001:2000.   Primary objective of ISO13485 is to facilitate harmonized medical device regulatory requirements.   Includes some particular requirements for medical devices and excludes some of the ISO 9001:2000 requirements   These exclusions prevent users from claiming conformity with ISO9001:2000!
  29. 29. Thanks for reading!!! Feedback Welcome.