Thanks! You've successfully subscribed to the BONEZONE®/OMTEC® Monthly eNewsletter!

Please take a moment to tell us more about yourself and help us keep unwanted emails out of your inbox.

Choose one or more mailing lists:
BONEZONE/OMTEC Monthly eNewsletter
OMTEC Conference Updates
Advertising/Sponsorship Opportunities
Exhibiting Opportunities
* Indicates a required field.

The Internal Quality Audit Process for Orthopaedic Medical Device Companies: Risk Indicators and Uncertainties

The Basic Audit Process Points for Consistency (and To Minimize Risk)

A. AUDIT PREPARATION - The Quality Auditor reviews applicable change control records subsequent to a design transfer, any FDA clearance delay information, recall records, standard manufacturing procedures, device histories, complaint history, device labels and inserts, previous audits with results, follow-up audits, plus any other document relative to the audit.

B. AUDIT INITIATION - The Quality Auditor prepares/updates an audit checklist for systematic examination of the area to be audited, informs the Manager of the department being audited at the start of the audit, and reviews any observations.

C. AUDIT ANALYSIS -The Quality Auditor reviews the data gathered, verifies important details and writes an audit report according to the format delineated in the internal audit work instruction.

D. ISSUANCE OF AUDIT REPORT - The Quality Auditor issues the written audit report to Management with Executive Responsibility. Audit reports shall be stamped "Confidential.”

E. CORRECTIVE ACTION - The appropriate process owner shall be responsible for developing a schedule for correcting deficiencies cited in the audit report and submitting same within five working days to the Quality Auditor. Included in the correction schedule shall be the responsible individual, and the date by which corrective action will be completed.

F. AUDIT FOLLOW-UP -The Quality Auditor maintains a log listing deficiencies, responsible individual, target date for corrective action and actual date of correction. If the same deficiency occurs on a second follow-up audit, Management with Executive Responsibility shall be notified in writing by the Quality Auditor.

Setting the Risk-based Stage

The popularity and usefulness of ISO 14971:2007 (a guideline for risk management) is geometrically increasing in the medical device industry. Historically, risk was primarily relegated to the design process when analyzing whether the medical device conformed to defined user needs and intended uses during design validation. Risk management can be (and is) used during at least the product realization phases, and is linked to other aspects of a total quality system, e.g., training, auditing, complaint handling, corrective actions, servicing, customer feedback, etc.

With the advent of the cGMP-QS Regulation and ISO 13485:2003, all processes within this Regulation and Standard, respectively, “should be considered as to how they provide input to, or benefit from the results of, risk management activities.” That being said, there is a natural and direct linkage with measuring, monitoring and reviewing the suitability and effectiveness of the quality management system (at defined intervals). Because there are always related uncertainties in every quality system of every medical device company, the use of the “auditing tool” is not only required. but an important way to:

  • measure the effectiveness of the quality system
  • provide objective evidence that adequate controls are in place
  • assure that products and processes conform with specifications


Security code