QMS AUDITING
1. Purpose
This document provides the process for Internal auditing
This document covers Internal auditing in compliance with ISO13485
2. Approval
(Version at end of page)
Signed V10 AA 19.08.2021 Approved 25.05.2022 SCR (RP)
3. Scope
The process covers all documents, process and products as defined in the SOP
4. Responsibilities
Author of the document, Alexis Arhondonis, medicines; RP SC Rudolph-Shortt
5. Definitions
Audit - Systematic, independent and documented process for obtaining evidence and evaluating it objectively to determine the extent to which agreed criteria are fulfilled.
Internal - processes defined in QMS
External - suppliers, regulators, Conformity Assessment Bodies (CAB) and customers; including other interested parties
Self-Inspection - an inspection of system, processes and product and their state of compliance with the GMP, In-house procedures and various National and International Guidelines as applicable. The inspection team consists of personnel identified from the same site
Conformance - in line with the QMS, process, procedures, practices
Compliance - in line / acceptable to regulations / legislative requirements
Factual approach to decision making - Effective decisions are based on the analysis of data and information.
Follow-up on audits - An evaluation carried out in order to determine the adequacy and effectiveness of preventive/corrective action taken after an audit has been carried out.
Findings - positive or negative conformances of evidence to criteria
6. Abbreviations
PCA - Preventative and Corrective Action
QMS - Quality Management System
SHEQ - Safety, Health, Environment and Quality
NCR – Non Conformance Record
NCCA- Non Conformance Corrective Action
7. References
ISO13485 clauses 8.2.4 & 5.6
PROCEDURE FOR PREVENTIVE AND CORRECTIVE ACTION AND HANDLING OF NONCONFORMING PRODUCT
8. Procedure
INTERNAL AUDIT (ISO13485 8.2.4) including External and medicines Self-Inspection
8.1 General
Regular monitoring and measuring the key characteristics of operations and activities that can have significant impacts on quality and safety are performed and therefore audited for compliance to regulations and ISO13485.
Evaluation of compliance with relevant laws and regulations and applicable standards shall be done.
This procedure includes performance data, relevant operational controls, and adherence to identified objectives and targets.
8.2 Requirement
The organization conducts internal audits at planned intervals as per Quality Audits Schedule, to determine whether the quality management system:
a) conforms to planned and documented arrangements, requirements of this International Standard, quality management system requirements established by the organization, and applicable regulatory requirements;
b) is effectively implemented and maintained.
8.3 Responsibilities
The organization shall document a procedure to describe the responsibilities and requirements for planning and conducting audits and recording and reporting audit results refer Responsibilities point 4 above
8.4 Audit Features
An audit program is planned as a Quality Audits Schedule, taking into consideration the status and importance of the processes and area to be audited, as well as the results of previous audits using a risk feature refer Schedule where Scope / Area Risk Levels (H= "Large number of NC, can have a HIGH impact on product / system", MED = "low of NC or low impact on product / system" " and LOW= "low of NC or no impact on product / system" H= each IA, M= 2nd IA, and LOW - ONE (1) IA /per annum. )
The audit;
criteria is the SOP, ISO13485 or regulations are relevant to the process / activities,
scope will be as per the audit plan,
intervals as per the Quality Audits Schedule, and
methods follow interviews, observations and testings, as relevant to the process / activities
The selection of auditors is a consultant , refer SOP Purchasing, or qualified persons (trained or experienced) competent to audit, and conduct of audits ensure objectivity and impartiality of the audit process. Auditors shall not audit their own work.
8.5 Findings
Findings are categorised as a
1. Minor nonconformity, relates to a single identified lapse, which in itself would not indicate a breakdown in the management system's ability to effectively control the processes for which it was intended. It is necessary to investigate the underlying cause of any issue to determine corrective action.
2. Major finding is where there is a process / system omission or failure that can adversely affect the quality management system and/or the product/ service.
The management responsible for the area being audited shall ensure that any necessary corrections and corrective actions are taken without undue delay to eliminate detected nonconformities and their causes. Follow-up activities shall include the verification of the actions taken and the reporting of verification result
8.6 Types of Audits
This procedure is followed for ALL types of audits.
a) Internal / External Supplier audits, for either supply of materials, components or products that are deemed significant as per SOP Purchasing / External providers.
b) Internal audits, not limited to, of processes, procedures, practices, documents, products and materials within the company
c) External / Third Party audits; for contract compliance and non-conformance reporting, if required e.g. Principal audits, Conformity assessment bodies and / or the Regulation
d) Medicines self inspection
8.7 Audit Schedule
The Management Representative prepares an Quality Audits Schedule.
The Audit Schedule may be changed because (not limited to):
•The Audit highlight a weakness in a department, process or system
•The number of corrective action reports raised against a department, process or system increases.
•No Auditors are available
8.8 Audit Plan
The Management Representative on preparation of the audit, completes an Audit Plan
Then goes to the the Google drive Quality Audits Schedule to >File >email collaborators and emails link to the Audit plan as a notice of the audit via email not less than within 2 days of the audit to the Auditor and Auditee (supplier / department manager)
8.9 Auditor Team / Selection
The Management Representative and/or Consultant can conduct the audits with any trainee auditor present. The team will also include the department manager or any other necessary person.
The Management Representative appoints qualified Auditors who are:
•Free from bias.
•Not auditing their own work or Department
•Free of influences that could affect objectivity.
8.10 Audit Preparation
The Management Representative and/or Consultant agree with the Auditee the Audit Plan (agenda) containing the date for and scope of the audit. Any relevant documentation for preparation maybe requested
Prior to the audit the Auditor prepares for the audit and ensures that all documentation needed is available; documentation can include and not limited to; Procedures, Work Instructions, Previous audit reports, etc.
The Auditor may prepare an audit checklist, if required, which may be a procedure, work instruction, etc. and a copy is filed with the Management Representative.
8.11 Audit Process
The Auditor determines, using the prepared checklist or following the Quality Audits Schedule requirements:
•The conformance with specified requirements
•The effectiveness of the Quality System
The Auditor looks for evidence of conformity or nonconformity to the system and records the findings. The Auditor records all findings in the Audits Report and categorizes them as follows:
•Opportunities for improvement (OFI)
•Non-conformance (NCR) findings recorded for a NON CONFORMANCE CORRECTIVE ACTION
8.12 Audit Report
At the end of the audit, the Auditor completes the Audits Report (Link), issues any necessary NCR following SOP Non Conformance Corrective Action and discusses the contents with the Auditee.
Both the Auditor and Auditee decide on NCR closure dates
If necessary the Management Representative schedules the re-audit date.
The results of all Internal Quality Audits are analyzed and discussed at the Monthly Meetings and Management Review Meeting.
The management responsible for the area being audited shall ensure that any necessary corrections and corrective actions are taken without undue delay to eliminate detected nonconformities and their causes
8.13 Records
Internal Audits; follow records in the google drive Audits Report Link
External Audits; can be filed in a secure folder or on the server or in the Google Drive Folder
8.14 Follow-up
Follow-up activities include the verification of the actions taken and the reporting of verification results, which may occur at an agreed time, follow-up audit or any other means with a record as evidence
The follow up can be:
a new audit within 30 days
audit at next schedule date
email confirmation with evidence e.g. copy of document or picture
9. Risk Based Approach
In the event of non compliance follow SOP NON CONFORMANCE CORRECTIVE ACTION
[Risk Assessment to is found in SOP PREVENTIVE ACTION RISK ASSESSMENT refer Document]
9.1 Trend Analysis and Continual Improvement
The analytical reviews with data analysis of internal audits, and any other quality related matters, are reported to management and as part of the input to management review
The Trend analysis may identify any potential and recurring incidents, where corrective action must be reported at the management review to facilitate continual improvement.
Quality Audits Schedule , to be monitored monthly as per risk assessment
10. Revision History
Revision 10, 19.08.2021 - AA 25.05.2022 SCR RP inclusion of self-inspection
Revision 9, 19.08.2021 - AA - updating Information
Revision 8, 01.07.2021 - TNA - updating responsibilities
Revision 7, 03.05.2021 - AA Approved
Revision 6, 29.04.2021 - TNA - New format with Approval, Scope, Responsibilities, Risk based approach and Records added and new google site format. Amending links.
Revision 5, Digitally signed on 20.11.2019 by AA
Revision 1-4, unknown due to google site change to new google site
11. Records
Name Retained by/ in Retention period Hard copies Destroyed by
Quality Audits Schedule Google Site indefinite n/a
Audits Report Google Site indefinite n/a
Audit Plan Google Site indefinite n/a