EXTERNAL PROVIDERS (Purchasing & Supplier Management)

1. Purpose 

This document provides the process for all purchases of goods and services which are authorised and purchased from Approved Suppliers and to provide for the evaluation of suppliers.

This document covers the process for Purchasing / Control of External Providers and provides the basis for selection, evaluation, re-evaluation of suppliers and the procedure and documentation for purchasing and product verification in compliance of ISO13485 .

2. Approval

(Version at end of page)

Signed V2 NG 01.07.2025

3. Scope

The process covers all documents and process and products as defined in the SOP. The purpose is to provide for the evaluation of suppliers, re-evaluation of suppliers and the procedure and documentation for purchasing and product verification. This SOP does not cover administrative purchases e.g. stationary

4. Responsibilities

Approval: Bruce Manuel

Changes: Nicholas Gilbert

5. Definitions

External Provider - Supplier or subcontractors that provide materials or services

PRINCIPAL - Legal and Labelled manufacturer of the product

6. Abbreviations

SOP – Standard Operating Procedure

COA - Certificate of Analysis

COC - Certificate of Conformance

QA - Quality Assurance

QMS - Quality Management System 

7. References

ISO13485 Clause 7.4

Provider Supplier Contracts Quality Agreements

Non Conformance Corrective Action

8. Procedure

8.1 Purchasing Procedure (7.4.1)

1. Process: 

a) Supplier Evaluation, 

b) Supplier Selection, 

c) Purchasing Information (and acquisition), 

d) Incoming Goods verification, 

e) Supplier monitoring and 

f) Supplier re-evaluation if required

2. The process covers acquisition of materials and / or products which require specifications and verification activities that affect product Quality, safety and performance of the medical device

3. Outsourced activities e.g. Pest Control, Safety equipment, Auditing via a consultant are through contracts or appointment, as relevant

4. The procedure does not cover Consumables, capital items and auxiliary items, which do not require specifications and verification activities and do not affect product Quality, safety and performance.

8.2 Supplier Management

1. Once a critical supplier is approved by management, their details are recorded, as are non-critical suppliers where appropriate 

2. Critical suppliers are the suppliers of critical components, products or components that affect quality, safety and / or performance or are the only supplier - refer RISK  8.4

3. The evaluation is as per the SUPPLIER  EVALUATION FORM   and re-evaluation may be based on quality, price and delivery and as per SUPPLIER  EVALUATION FORM 

4. Records are maintained as reports and / or copies of the ISO certification retained.

5. The supplier evaluations / re-evaluations are followed in Monthly Quality Objectives Measurement as an input to SOP Management Review  to analyse supplier performance

6. Auditing of the supplier may be decided and follows the Internal Audit SOP

7. Any Non-conforming findings follow the same route as for the Non Conformance SOP

8. SUPPLIER MONITORING is done on incoming inspection and the Non Conformance SOP

8.3 Supplier Selection

Before a supplier is listed, the management member will take the following into consideration where relevant:

1. On site assessment and / or evaluation report of the supplier's capability and/or quality systems

2. Evaluation of product samples

3. Past history with similar supplies

4. Inspection / Test results of similar supplies

5. Published experience of other users

6. Service suppliers – skills evaluation

7. On time delivery

8. Price

8.4 Provider Risk Assessment

Suppliers of manufactured products where the supplier is an contract agent or the organisation is a subsidiary and monitored as per an exclusive contract agreement is the  Level 0  is assigned where no ISO13485 7.3 process selection, evaluation and re-evaluation; including a QA agreement, is followed.

Outsourced manufacturing for PMB products follow level 0 and the requirement for QA agreement maybe waived in the management acceptance for ISO and SAHPRA certification. PMB product's are class B

Risk is classified as Level 1 (Significant/Critical), Level 2 (Moderate) and Level 3 (Low) where the criteria is:

8.5 Purchasing Documentation (7.4.2)

1. Purchasing documents contain information to describe the product to be purchased, including where appropriate;

a. requirements for approval of product, procedures, processes and equipment, 

b. requirements for qualification of personnel, and 

c. quality management system requirements

2. The above 3 items are covered in the sub-contractor agreements and part of financial practices e.g. Purchase Order, Delivery Notes. 

3. The purchasing records must be sufficient to provide for traceability; which may include Sterilization certificates/ COA/ COC.

8.5.1 QA Agreements

Purchasing information includes, as applicable, a written agreement that the supplier notify the organization of changes in the purchased product prior to implementation of any changes that affect the ability of the purchased product to meet specified purchase requirements.

This aspect also applies to OUTSOURCED activities (ISO 13485 4.1.5) see below

The template QA Agreement  can be applied

Note that the contract must specify roles and responsibilities, although not actually record the title 'Contract Giver' and 'Contract Acceptor' the;

Contract Giver - PMB Health and Safety Services (CC)

Contract Acceptor - the external providers name

The contract maybe in the format of the External Provider as the contract giver to PMB Health and Safety Services (CC), as the contract acceptor in terms of financial obligations however, PMB Health and Safety Services (CC) will ensure any aspects related to  safety and performance/ efficacy of the health product is covered.

8.6 Verification of Purchased Product (7.4.3)

1. PMB using outsourced subcontract manufacturers  (OSM) use the ISO QMS system of the supplier to release product to market under PMB label.

8.7 Essential Requirements

1. The organization provides this procedure to ensure that purchased products and materials specified purchase requirements generally in the format of agreed specifications, which is followed by the OSM .

2. The type and extent of control applied to the supplier and the purchased product  depends on the effect of the purchased product on subsequent product realization or the final product

3. The organization or OSM evaluates and selects suppliers based on their ability to supply product with the organization's requirements and Risk as per 8.4. Criteria for selection, evaluation and re-evaluation are defined and the results of evaluations and any necessary actions arising from the evaluation are reported

9. Risk Based Approach

In the event of non compliance follow SOP  NON CONFORMANCE CORRECTIVE ACTION

Risk Based Approach Report

[Risk Assessment to is found in SOP PREVENTIVE ACTION RISK ASSESSMENT   refer Document]

9.1 Trend Analysis and Continual Improvement

The analytical reviews of supplier performance, and any other quality related matters, are reported to management and as part of the input to management review refer Data Analysis

The Trend analysis may identify any potential and recurring incidents, where corrective action must be reported at the management review to facilitate continual improvement.

 10. Revision History

Revision 2 NG 01.07.2025 change ownership 

Revision 1 New HJM 5.09.2024

11. Records

Name Retained by/ in Retention period Hard copies Destroyed by

Suppliers Orders, Delivery notes, Certificates Finance 5 years n/a

SUPPLIER  EVALUATION FORM Google Site indefinite n/a

SUPPLIER EVALUATION RECORD Google Site indefinite n/a

SUPPLIER QUESTIONNAIRE  Google Site indefinite n/a

SUPPLIER RECORD sheet Google Site indefinite n/a

QA Agreement refer SUPPLIER folders indefinite  n/a

OUTSOURCED ACTIVITIES refer SUPPLIER folders indefinite  n/a