Remote / Virtual Audits - Internal or Vendor Audits - Audit Plan

Audit Plan (published in advance of audit; for a one day audit' smaller company):

AUDIT PLAN

I plan for a basic one day remote / virtual ISO 13485 compliance audit to follow the ISO 13485:2016 International Quality Management Standard for Medical Devices, per your request.

Preliminary Schedule:

[Note:  If any of the following can be segregated or collected prior, it would facilitate the thoroughness of the audit].   Times are approximate.

Since this is a remote / virtual audit, much information will be by question and answer, e-copies and/or PDF’s of some documents, and possibly live camera shots of some areas, documents, etc.

8:00  AM         Approximate arrival by Zoom. 

8:05  AM         Meet with Company / Quality Management Team:

                        o  Review Audit Plan; make any desired changes in focus / emphasis

                        o  Review corporate history, relationship, management/Org Chart(s),                                      product line, registrations / certifications, marketing ads /claims.

8:30 AM        “Tour” of facility, review of physical activities, gathering of any forms,                     supporting documentation not previously obtained, develop rough                        flow chart -- preferably in the following order:

                        1. ‘Back office’/support staff activities (purchasing, customer service);

                        2.  Raw material, parts components receipt/  QC;

                        3.  Manufacturing/assembly/processing, test / QC, operations;

                        4.  Product shipment / QA;

                        5.  R&D;

6.  Engineering;

7.  QA/RA;

8.  Senior Management and documented involvement in QMS.

9:30 AM          Review all applicable ISO 13485 requirements per Check List.

10:30 AM       Detailed review of company QMS-related SOPs / written documentation    

and/or forms, Work Instructions, Quality Manual (SOPs and QM previously provided), e.g.:

                        1.  Purchasing/POs;

                        2.  Receiving documentation, Invoice verification/control;

                        3.  Inventory, non-conformance (rejects, damaged parts/product...) control;

                        4.  Product assembly, test procedures and/or work instructions;

                        5.  Packaging, shipping, servicing, returns...);

                        6.  Validation Reports;

                        7.  Design and Development Planning / Files;

                        8.  Device Risk Management Files, ISO 14971:2019;

                        9.  Use Engineering Files, IEC 62366-1:2015, if applicable;

                        10.  Other Audits (Internal, Vendor, Regulatory…);

All applicable activities addressed by SOP, WI, and followed, proved by documentation. 

12:00 Noon     Lunch Break (start draft report)

1:00  PM        Review any outstanding issues

 1:45  PM        Dismiss team;  Start drafting the Audit Report / Regulation Sub-Clause Matrix 

4:30  PM       Close-out meeting with QMS team/senior management (as available).

 5:00 PM        Conclusion.    

 Note:  Sequences approximate, based on areas requiring in depth review; but audit content will basically follow outline above.  In order to better benefit from this audit, the company’s QMS Team should review ISO 13485:2016 and our supplied Check List and Plan to get a flavor of the audit’s areas of emphasis.

After the Draft’s findings have been agreed to, a Corrective Action Plan will be drafted.

Assistance in Corrective Action is not part of this Plan.

The Final / Formal Audit Report will be mailed in approximately two weeks following audit’s conclusion. 

-- jel@jelincoln.com