Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
    • GP-001 Control of documents
    • GP-002 Quality planning
    • GP-003 Audits
      • Templates
    • GP-004 Vigilance system
    • GP-005 Human Resources and Training
    • GP-006 Non-conformity, Corrective and Preventive actions
    • GP-007 Post-market surveillance
    • GP-008 Product requirements
    • GP-009 Sales
    • GP-010 Purchases and suppliers evaluation
    • GP-011 Provision of service
    • GP-012 Design, Redesign and Development
    • GP-013 Risk management
    • GP-014 Feedback and complaints
    • GP-015 Clinical evaluation
    • GP-016 Traceability and identification
    • GP-017 Technical assistance service
    • GP-018 Infrastructure and facilities
    • GP-019 Software validation plan
    • GP-020 QMS Data analysis
    • GP-021 Communications
    • GP-022 Document translation
    • GP-023 Change control management
    • GP-024 Cybersecurity
    • GP-025 Corporate Governance
    • GP-026 Product requirements for US market
    • GP-027 Product requirements for UK market
    • GP-028 Product requirements for the Brazilian market
    • GP-050 Data Protection
    • GP-051 Security violations
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-100 Business Continuity (BCP) and Disaster Recovery plans (DRP)
    • GP-101 Information security
    • GP-200 Remote Data Acquisition in Clinical Investigations
  • Records
  • TF_Legit.Health_Plus
  • Licenses and accreditations
  • External documentation
  • Procedures
  • GP-003 Audits

GP-003 Audits

Purpose​

To define the systematic procedure for planning, performing, reporting, recording and monitoring of all the audit activities, both internal and external.

Scope​

All the audit activities related to our Quality Management System and medical devices manufacturing process.

Responsibilities​

JD-001​

To annually approve the audits program, the internal audit plans and the internal auditors.

JD-004​

To notify and plan the audits, archive the audit records and monitor the non-conformities, corrective and preventive actions.

Internal or external Auditor​

To execute the audit and make the audit report.

Inputs​

  • Previous internal audit reports.
  • All the information (not just documental) about the monitoring and measuring processes.
  • ISO 13485 8.2.4 section requirement
  • Customer requests for audits

Outputs​

  • T-003-001 Audit program
  • T-003-002 Internal auditor qualification
  • T-003-003 Internal audit plan
  • T-003-004 Internal audit checklist
  • T-003-005 Internal audit reports
  • External audits plans and reports
  • Non-conformities and corrective and preventive actions of the QMS.

Development​

Audits program​

We have an specific calendar (T-003-001 Audit program) for the different audits to be performed, internal audits or external audits (as suppliers by our clients or as manufacturers by the different Competent Authorities). This program icludes a gannt diagram with all the activities, and a Google calendar included in our QMS, that allows us to set up alarms and to share the events with the required emmployees.

The JD-004, at least annually, review and update the Audit program and inform the other employees when the audits will be held.

Internal audits​

Procedure flowchart​

Internal auditor selection​

To evaluate all the activities related to the established processes, annually, the JD-004 selects the appropriate auditor to ensure objectivity and impartiality of the audit process, and this auditor is approved by the JD-001.

The auditor shall be one of our employees independent of the process audited or be external. Only qualified personnel may perform internal audit activities. The requirements to develop an auditor tasks are defined below and must be checked for every auditor and recorded in the T-003-002 Internal auditor qualification.

Skills​
  • Good interpersonal Skills
  • Analytical capacity
  • Organizational and planning Skills
Minimum requirements​
  • Knowledge on ISO 13485 and/or ISO 9001.
  • Quality experience.
  • Knowledge of internal processes.
  • Training on MDR 2017/745.

Internat audit performance​

The JD-004 together with the auditor and the rest of the involved personnel agree on a date for the audit. The auditor prepares the T-003-003 Internal audit plan or external equivalent document, where it is described which areas and activities are audited in each audit day and time slot, considering previous audits results and the status and importance of the process and areas to be audited. In this T-003-003 Internal audit plan, the scope, criteria and methods of the audit are recorded (UNE-EN ISO 13485:2018).

Then the JD-004inform all the personnel involved about the schedule for the process.

The phases of the audit are:

  • Opening meeting, to inform the auditee in detail of the object, scope and review schedule of the audit.
  • Audit development
    • Review of documentation (QMS documentation structure).
    • Verify the compliance with processes established in the documentation and verify that it is suitable.
    • Any audit will begin systematically with the review of the correction of previous audits, both internal and external. For this reason, the JD-004 will provide the auditor with the reports of the last internal and external audit.
    • To facilitate the internal audit, it is recommended that the auditor uses the T-003-004 Internal audit checklist (or external equivalent document) as a guide to ensure coverage of the topics to be audited, always based on the standard UNE-EN ISO 13485:2018.
  • Closing meeting, the auditor presents all the findings, nonconformities and observations identified during the audit.

Internat audit evaluation​

When the audit finishes, the auditor prepares an T-003-005 Internal audit report (or external equivalent document) with a copy of the T-003-004 Internal audit checklist (or external equivalent document) and submits it to the JD-004. In case that the audit was carried out by external personnel, the JD-004 is responsible for claiming and collecting all the relevant information of these activities as it is described in this procedure.

The JD-004 distributes copies of the report to the JD-001 and and to the personnel of the areas that were directly involved in the audit by means that allows leaving written evidence or in a meeting in which they are all present.

In the case of outsourced audits, the formats provided by the external company can be used and their documents will be registered with the same validity than the equivalents of our QMS.

The JD-004 raises all premises shown in this report and manages and determines if immediate actions, corrective actions or preventive actions are required in accordance with the Procedure GP-006 Non-conformity. Corrective and Preventive actions. Likewise, from this report it can be reported different types of findings:

  • Non-conformities
  • Opportunities for improvement
  • Strengths
  • Observations

When any type of non-conformity appears, it is mandatory to open an action. In the cases of opportunities for improvement or observations, the JD-004 decides if it is necessary to implement a corrective or preventive action, registering it in accordance with the Procedure GP-006 Non-conformity. Corrective and preventive actions.

Internar audit monitoring​

The JD-004 establishes who is responsible for addressing the solution of incidents shown in the internal audit by the assignation of the T-006-001 Non-conformity report, and the due date required to accomplish with the task.

The audited area responsible is in charge of executing determined actions without undue delay. If they observe any problem or inconvenience, they should immediately inform the JD-004, who checks the action and its conditions to solve the problem.

All the T-003-005 Internal audit report (or external equivalent document) are collected together with the related documentation to plan the next internal audit and to evaluate the monitoring and measuring of the processes of the company in the management review meetings, assessing the actions taken in accordance to the Procedure GP-006 Non-conformity. Corrective and preventive actions.

External audits​

External audits procedure is the same as described for the internal ones. We can have two types of external audits:

  • Performed by our clients, a supplier audit, being us the supplier.
  • Performed by the corresponding Competent Authorities: AEMPS for the manufacturing license, and the selected Notified Body for the ISO13485 and 2017/745 compliance.

The auditors contact the JD-004 to appoint a date for the audit and send the audit plan, that is shared with the departments and responsibles involved. Then, the JD-004 collect and archive the documents related to the audit, as the audit plan and the audit report. Then the JD-004 is responsible of performing the audit evaluation and monitoring as explained for the internal audit development procedure.

Audits records​

All audits records will be archived within the. Each audit will have its own folder named as the date of the audit performance, and it will contain all the records generated during the planning, development, evaluation and monitoring of the audit.

Associated documents​

  • T-003-001 Audit program
  • T-003-002 Internal auditor qualification(or external equivalent document)
  • T-003-003 Internal audit plan(or external equivalent document)
  • T-003-004 Internal audit checklist(or external equivalent document)
  • T-003-005 Internal audit reports(or external equivalent document)
  • GP-006 Non-conformity. Corrective and preventive actions
  • T-006-001 Non-conformity report

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

  • Author: Team members involved
  • Reviewer: JD-003, JD-004
  • Approver: JD-001
Previous
T-002-009 Regulatory requirements review report
Next
Templates
  • Purpose
  • Scope
  • Responsibilities
    • JD-001
    • JD-004
    • Internal or external Auditor
  • Inputs
  • Outputs
  • Development
    • Audits program
    • Internal audits
      • Procedure flowchart
      • Internal auditor selection
        • Skills
        • Minimum requirements
      • Internat audit performance
      • Internat audit evaluation
      • Internar audit monitoring
    • External audits
    • Audits records
  • Associated documents
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI LABS GROUP S.L.)