ISO Auditing

You can conduct multiple individual process audits or you can conduct one full quality system audit, but which solution is better?

What are individual process audits?

There are 25 processes that require procedures for compliance with the US FDA quality system regulations and ISO 13485:2016 has 28 required procedures. Individual process audits focus on one of these procedures, the process it controls, the equipment and software used by that process, the work environment where the process is performed, the people responsible for the process, the records resulting from that process, and any metrics or quality objectives associated with that process. An individual process audit can be completed in remotely or on-site, and these audits will be much shorter in duration than a full quality system audit. Another way to think of an individual process audit is to realize that a full quality system audit is comprised of many individual process audits scheduled back-to-back. Auditing one process might be as short in duration as 30 minutes (e.g. control of records) but individual process audits can take as long as four hours (e.g. design controls and technical file audits).

What is a full quality system audit?

A full quality system audit is typically a single audit conducted annually to address all the requirements for conducting an internal audit of your quality system. In this type of audit, all of the procedures and processes should be covered. Therefore, full quality system audits are necessarily longer. If the person assigned to conduct the full quality system audit is an employee, that person cannot audit their own work. This can be addressed in two ways: 1) the audit can be a team audit, and the other team members can audit areas the lead auditor was responsible for; and 2) the process(es) that the lead auditor is responsible for can be audited as individual process audits by another auditor at another time.

If the person assigned to conduct the full quality system audit is a consultant from outside the company, there is still potential for conflicts regarding independence. If the consultant audited the company in the previous year, then the auditor cannot audit last year’s internal audit. In our consulting firm we address this issue in two ways: 1) we rotate who is assigned to audits so that the same auditor does not conduct a full quality system audit two years in a row, or 2) we assign another auditor in our company to conduct the audit of internal auditing as a team member.

How do you evaluate auditing effectiveness?

Some companies perceive that auditing is a necessary evil and they want to put as little effort and resources into the audit as possible. In this situation, auditing might be evaluated based upon whether it was completed on-time, by how much the audit cost the company, and the fewer nonconformities identified the better the perceived outcome. This perspective typically results in a single full quality system audit that is three days in duration or shorter if an auditor can manage to complete the audit in less time. Of course the shorter the audit is, the fewer records that an auditor has time to review. Therefore, shorter audits typically have fewer findings and management is pleased at the outcome because the audit required fewer resources and had little or no nonconformities.

The better approach is to look at auditing as a method for identifying areas that need improvement. Identifying areas where your quality system needs improvement is the intent of requiring internal audits. Therefore, the amount of time your company allocates to auditing should reflect the benefits for improvement that are identified. Top management of your company needs to identify which process areas they feel needs improvement. Only then can the audit program manager design an audit schedule that will focus on identifying opportunities for improvement and nonconformities in the process areas where management feels improvement is most needed. Ideally, this approach to auditing will focus on looking for inefficiency and metrics with negative trends. These findings result in preventive actions instead of corrective actions, because the process is not yet nonconforming. In general, the more opportunities for CAPAs that are identified the more valuable the audit was.

What advantages do one full quality system audit present?

Sometimes a single full quality system audit is easier to schedule, because it is only once per year. The rest of the year your company will not need to spend much time discussing audits or even thinking about them. If your company perceives audits as a necessary evil, then the less disruption caused by scheduling an audit the better.

Another advantage of conducting full quality system audits is that you can more easily afford to use external consultant auditors, because the travel costs for auditing are limited to one trip per year. If you had more than twenty individual process audits each year, and external consultant auditors conducted all of the audits, then you would have to pay for travel costs twenty times each year. Unless the consultant lives locally, these travel costs can be substantial.

What advantages exist for individual process audits?

Individual process audits are much easier for the auditor to complete within the time established in the audit agenda, because the auditor does not have another audit process immediately proceeding or immediately after the process they are auditing. There are also fewer people that need to attend an opening or closing meeting for an individual process audit, because only one process is being audited. Managers from other departments are seldom needed for participation in the opening or closing meeting.  The combined benefits result in the auditor being more likely to start the opening meeting on-time and to start the closing meeting on-time.

The shorter duration of individual process audits is also an advantage. There are very few times in a year when none of your department managers will be traveling, sick, or on vacation. These rare weeks only happen a few times each year, and sometimes auditors must proceed with an audit even if someone is absent because they have no alternative. If you are preparing for an audit remotely, you face-to-face audit time is only 90 minutes, and your report writing time is also conducted remotely, then finding 90-minutes of available time in an department manager’s schedule is usually quite easy.

Can both approaches to internal audit scheduling coexist?

You can combine both approaches to audit scheduling in several possible ways. First you can schedule one full quality system audit each year in order to make sure that the minimum audit requirements are met, and then top management can review the results of the full quality system audit to decide which processes would benefit from individual process audits.

A second strategy would include conducting individual process audits for each process that resulted in a nonconformity during 3rd party certification audits or during the one full quality system audit. In this scenario, you might have a 3rd party audit in November, a full quality system audit in May, and top management might select 10 other individual processes to audit during the other 10 months of the year.

A third strategy would be to alternate between individual process audits and single full quality system audits each year. During “odd” years the audit program manager would only schedule one full quality system audit, and during “even” years the audit program manager would schedule multiple individual process audits.

A fourth strategy would be for top management to select a few processes that they would like the audit program manager to focus on with individual process audits, and all of the remaining processes would be incorporated into a single audit that covers the remaining 70% of the quality system.

Each of these four strategies for combining the two approaches to audit scheduling is viable and may result in multiple opportunities for improvement being identified. There is no regulation that favors one approach over another, but all four strategies require more time an effort on the part of the audit program manager and top management to discuss and plan the annual audit schedule.

Next steps if you would like to try individual process audits

If your company has always scheduled a single full quality system audit each year, you can test the concept of conducting an individual process audit by selecting just one process to audit. The best choice for this approach is to pick a process that has one or more CAPAs that are in progress or to select a process that top management feels is performing efficiently. The more frustration that top management experiences with a process, the greater the need is to identify opportunities for improvement. If the company has not already identified CAPAs to initiate for that process, you might just need an outsider to state the obvious: “I think we need a CAPA in this department.” The outsider might be a consultant, but it could also be a person from another department. If you would like a quote for an individual process audit, please visit our audit quote webpage.

About the Author

Rob Packard is a regulatory consultant with 25+ years of experience in the medical device, pharmaceutical, and biotechnology industries. He is a graduate of UConn in Chemical Engineering. Robert was a senior manager at several medical device companies—including the President/CEO of a laparoscopic imaging company. His Quality Management System expertise covers all aspects of developing, training, implementing, and maintaining ISO 13485 and ISO 14971 certification. From 2009-2012, he was a lead auditor and instructor for one of the largest Notified Bodies. Robert’s specialty is regulatory submissions for high-risk medical devices, such as implants and drug/device combination products for CE marking applications, Canadian medical device applications, and 510(k) submissions. The most favorite part of his job is training others. He can be reached via phone 802.258.1881 or email. You can also follow him on Google+, LinkedIn or Twitter.

This article explains why remote audit duration should not exceed 90 minutes and the unique opportunities created by a series of short remote audits.

Parkinson’s Law and the subject of audit duration

On November 19, 1995, Cyril Northcote Parkinson published an essay in the Economist. The title of the article was “Parkinson’s Law.” In the first sentence of the essay, Parkinson says, “It is a commonplace observation that work expands to fill the time available for its completion.” This essay refers to the observation that work is elastic concerning the demands on time when completing paperwork. When I first trained as an auditor, trainers emphasized that the most significant challenge faced by auditors is to complete an audit within the time available. An auditor’s task is to achieve the audit objectives within the time specified by the audit program manager. Time is precious, and you cannot easily extend the audit duration after scheduling the audit.

How much time is needed for a full quality system audit?

This question is a silly question to ask a consultant that works on an hourly basis. A consultant working on an hourly basis will make more money if they work more hours. Therefore, there is little incentive to underestimate the time required to complete the objectives of an audit. However, after completing hundreds of audits, I can honestly state that eight hours is not enough time to perform a full quality system audit of a medical device company’s quality system. However, I completed a full quality system audit of a small company in less than two days. I also had difficulty completing an audit of a larger company in four days. An FDA inspector typically requires four days to complete a routine inspection, even at foreign manufacturers where English is a second language, and they only need to return on the fifth day to prepare their FDA 483 observations to give to the company. Therefore, three days is typically the absolute minimum time required to complete a full quality system audit.

Does Parkinson’s Law apply to audit duration?

Parkinson’s Law certainly applies to the audit duration. If the lead auditor assigns a team member to review the CAPA process, the task is unlikely to be completed in 30 minutes, and most auditors would struggle to appear busy for more than three hours. You need enough notes to provide objective evidence of conformity for your audit report, but if you finish too quickly, then others may perceive that you were not thorough. Therefore, most auditors will begin any process audit by asking for a copy of the procedure and a log of the records available. The auditor will quickly review the procedure’s revision history to determine when the last revision was made and if there have been any significant revisions since the last audit. Next, the auditor will review the log to estimate how many records should be sampled. The auditor will then estimate how much time is needed to review the sampled records. Finally, a quick mental calculation is made to determine how much time remains for procedure review before the auditor must move on to interview the next subject matter expert.

Why are auditors always behind schedule?

An auditor begins with small, close-ended questions that are designed to put the auditee at ease. The auditor may even comment on unrelated subjects to build rapport first. Records may not be readily available, but auditors almost always have to wait for record retrieval. The request is recorded, copies are made, and the subject matter expert may need a little time to review before handing the auditor the requested record. Auditors will ask clarifying questions, and auditees will need a few moments to check their facts. Any one of these delays is insignificant by itself, but collectively there may be two-and-half minutes of delay cumulatively for each record requested if you sample five records, which represents a combined delay 12.5 minutes. If you average only seven minutes to review each record, then a sampling of five records will require 47.5 minutes. This will leave you only 12.5 minutes for introductions, review of the procedure, and conclusions. If you want to interview any of the people that investigated root-cause, then you will need more than an hour to complete your audit, and you will not finish in the one hour scheduled.

Why is it so hard to complete a full quality system audit in three days?

Most of your process audits require a few more minutes than you expected, but you will also need time to walk to the next subject matter expert, or you will be waiting for the next subject matter expert to enter the conference room. If the quality system consists of only the minimum twenty-eight required procedures, your full quality system audit will require more than 28 hours to complete. If there are additional regulatory requirements for CE Marking or ISO 13485 certification, you will need even more time to audit every process. You should also expect certain processes to require more time to properly sample records, such as technical documentation and design controls. Even the most experienced auditors struggle to review a technical file and/or design history file in less than two hours.

What happens to an auditor after auditing all day?

As a Notified Body auditor, I used to leave my home in Vermont on Sunday afternoon and drive two hours to the nearest major airport. Then I would be gone all week conducting audits. On Friday, I would drive home and arrive in the middle of the night. Each day audits would begin early in the morning, and I would complete the day after 8.5 to 9 hours of work. Jet lag, sleep deprivation, too little exercise, and constantly eating at restaurants took its toll. I would consult my Google calendar to learn what city I was in each morning, and to remember what company I was on my schedule for the day. I would purposely try to do as much walking around during the day just to keep my blood flowing and to help stay awake. I would read documents while pacing back-and-forth in conference rooms, and I would always make sure that we had to audit the most remote area of a facility after lunch to make sure that I didn’t fall asleep. I will tell stories and jokes to entertain my hosts, but it was necessary to break up the monotony of auditing quality systems seven days a week. I would make sure I drank at least six liters of water each day for health, but this also gave me an excuse to go to take frequent bathroom breaks. Somehow I managed to survive that lifestyle for more than three years. Each day my feet, legs, back, and neck were in severe pain. I had constant headaches, and I know the quality of my work gradually declined throughout each day. The most valuable lesson I learned was, you need to move frequently, or you will die.

What happens when you sit in front of a computer for eight hours?

I can sit in front of a computer longer than almost anyone I know. When I focus on work, four hours can elapse without me getting up from a chair even once. I might pick up my empty coffee mug four or five times to take a sip before I am conscious of the need to get another cup. On days where my schedule consists primarily of Zoom meetings, I may sit through as many as six consecutive meetings before I take the time to get up and go to the bathroom and get a drink of water. Clients may perceive that I have tremendous endurance, but there are negative consequences to this work pattern. My wrist becomes sore, and I need to switch my mouse pad and the style of the mouse I am using every day. I change computers, switch microphones, and take a short walk. My neck, back, and legs will hurt worse than any of the audits during my years as a Notified Body auditor. Sitting at a computer all day has resulted in mild symptoms of restless legs syndrome. Sitting at a computer continuously for the audit duration is physically exhausting and tedious. If you must complete a remote audit on a continuous eight-hour day, you can, but it is not healthy or productive. The negative health consequences and negative impact on productivity are equally applicable to auditees.

What can you do to reduce audit fatigue during a remote audit?

The most straightforward strategy for reducing fatigue is to take breaks. Instead of auditing for eight hours continuously, try auditing in two or three 90-minutes segments each day. If you are auditing someone in a different time zone, you may only be able to accommodate an audit duration of one 90-minute session per day without working through the night. Taking breaks will allow you to leave your computer, eat food, and even go to the bathroom. You can recharge your headset during a break too. You should consider taking a walk outside. It is incredible how much better you feel when you get some exercise, stretch, and experience a little natural light instead of the unnatural glow of your computer’s monitor. The person you are auditing will appreciate the breaks, but they will also enjoy the improvement in your overall demeanor. A simple smile after a 30-minute break has a tremendous positive impact.

How can we utilize breaks more effectively during remote audits?

Auditors need documents and records to review as objective evidence. The most obvious way to make use of breaks is for the auditor to give the auditee a list of documents and records to gather during the break. This will give the auditee an excuse to go and get the documents and records if they are stored in another location. The auditee might also scan records during a break. A break also gives subject matter experts time to re-familiarize themselves with the documents and records before resuming the audit. Auditees and auditors will need to recharge batteries, but the auditor might take time to convert their notes into a summary for the final audit report. The auditor might also review the audit criteria one more time before writing a nonconformity. The auditee might take advantage of the break to initiate a new CAPA and write a draft of the corrective action plan. Then when the audit resumes, the auditee can review the draft plan with the auditor to ensure that the plan is appropriate and nothing was accidentally omitted from the CAPA plan.

Why are 90 minutes a magical audit duration?

Auditing one process in a single 45-60 minute session is ok, but if you audit two processes in a single 90-minute session, you can reduce the time spend starting and stopping the audit session by half. Adding a third process to a single session will have a smaller impact, and the meeting will need to be so long that most participants will begin to lose concentration, and fatigue becomes a significant factor. Ninety minutes is not quite long enough to audit two processes effectively. Still, an auditor can request procedures in advance of the session or spend time after the session reviewing procedures. Therefore, by paying an additional 30 minutes reviewing two procedures “off-line,” the auditor can dedicate 100% of the “on-line” time to reviewing records and interviewing subject matter experts. The result is a fast-paced, 90-minute session where each subject matter expert typically is only needed for 45 minutes. Alternatively, if you are auditing more complex records like a design history file, you can spend all 90 minutes discussing that area.

If you are planning a remote audit, you will need more remote audit resources than a webcam and web conferencing software. Matthew Walker is a significant contributor as co-author of this article.

Clause 5 of ISO 19011:2018 is titled “Managing an audit program,” and subclause 5.4.4 is specific to determining audit program resources. For conducting audits remotely, you will need remote audit resources. Almost every laptop has a built-in webcam and microphone, and that is the minimum functionality you will need to conduct a remote audit. However, adding other software and hardware technology can improve the efficiency and effectiveness of your audit team.

What remote audit resources do you need?

Remote audits are not the same as a desktop audit, because a remote audit requires remote access to more than emails containing procedures and records. Auditors need access to people and access to physical areas of your facility. This creates one of the most significant challenges for this type of audit method. Call me a Negative Nancy, but I suspect that most audit plans do not specifically include logistical preparations to support this audit method. On the surface, it seems like a simple concept. Internet access and a scanner should cover most of the needs for the auditee to survive this digital encounter. In practice, conducting a remote audit that genuinely adds value and does more than checkboxes, requires serious planning.

Let’s start with the obvious; a remote audit needs a way for the auditor and the auditee to communicate with each other. Ideally, you need more than your phone. We recommend Zoom for video conferencing, but we list several other video conferencing software applications below. Here are the features of Zoom that we typically use during a remote audit:

• Video Chat – Using Zoom, two or more parties can communicate using video input from webcams. This is nice because it allows for a more visual conversation, and you can see more of the facial expressions and body language of the person you are speaking with than you can with a traditional phone call. It also allows for sign language to be used if necessary.
• Screen Sharing – Screen sharing is an essential tool you will use during a remote audit because it allows you to share documents and records on your screen even if you are not the host. The more records you have electronically, the more valuable screen sharing will be during the audit. An auditor can say, “Can you show me that quality system certificate again?” or “Can you show me where Isomedix is on your approved supplier’s list?” Being able to facilitate those verification activities saves the auditee the hassle of emailing documents or uploading content to a shared folder. This ability to share your screen is also essential for an auditee to demonstrate training effectiveness and competency.
• Recording – Meetings can be recorded in their entirety or sections. This allows the auditee to record the opening or closing meetings of the audit to share with others that were unable to attend. If there are questions regarding non-conformities or opportunities for improvement, a recording of the conversation ensures that the auditor has an accurate record of complex objective evidence that would slow down the audit and gives managers a perfect record to demonstrate the issue when corrective actions are initiated.
• Chat Record – Zoom, and most other video conferencing software, provides a chat box that can be used to take notes. If someone runs to the bathroom, and you don’t want to forget your question, you can enter it in the chatbox. Chat boxes are especially helpful when there is a language barrier, or someone’s accent is hard to understand. Text typed in the chatbox also serves as a place to record information that may be difficult to remember if you cannot access your audit report. If a production area has too much background noise, the chat feature might be the best way to communicate important details, such as: “That information is found in section 7.5.6 of the Quality Manual; POL-001 rev A.” The chatbox can also be used to communicate a list of documents, or records in a specific date range, that you want an auditee to make available for you to review off-line. Other participants observing the audit may also be responsible for collecting those documents in real-time to ensure the audit can continue without any delay. Finally, content in the chatbox can be recorded as a text file automatically.
• Tour Guide – Video chat allows auditees to bring auditors into physical places of their facility as if the auditor were there in person. Production employees can be interviewed, in person and in real-time, while the employee demonstrates processes. You can show how nonconforming materials are labeled and segregated to keep them from accidentally being used for production. When requesting this audit method in an audit agenda, the lead auditor should recommend a dedicated “camera person” with a mobile phone and selfie stick, because it is challenging to answer auditor questions and operate a video camera simultaneously. Remember, remote audit resources consist of hardware, software, and people. 

My favorite remote auditing tools (hardware)

My favorite hardware resource is the Pixelbook that I am using to write this article. We write audit reports with Google Docs instead of Microsoft Word because multiple team members can simultaneously edit the same document without creating conflicting versions. We operate Zoom video web conferencing software to speak with auditees and clients, but we use the Pixelbook to type our notes and audit reports. The Pixelbook is lightning fast, and it is a little smaller, so there is just enough room on your desk next to a laptop. The most significant advantage of using Google Docs is realized when you are the lead auditor of an audit team. As a lead auditor, you can type notes in the section of the audit report that other team members are working on, to make sure that they include audit trails from other members of the audit team. This is also an extremely useful technique when you are training a new auditor, and you want to guide them without disrupting the flow of an interview with a subject matter expert.

My second favorite hardware resource is an HD webcam mounted on a flexible arm with a clamp (see picture above). The video quality is 1080p instead of the 720p that is typical of a laptop camera. The flexible arm is equally essential because you can look directly at the camera while I’m simultaneously looking at the monitor. The only thing I dislike about the webcam I am using is the audio quality. Therefore, I use a gaming headset with a microphone to record the audio, so I can hear the people I am interviewing better. Another alternative is high-quality microphone and headphones, as typically seen in use by podcasters. Even though the sound quality is ideal with a separate microphone and headphones, the cost is higher than most gaming headsets, and you will be tethered to microphone–either physically or at least virtually by the need to maintain a consistent distance between your mouth and the microphone. The more hours you spend at the computer, the more you will appreciate the ability to stand up, adjust the camera, and move your legs a little.

Finally, the last piece of essential remote auditing hardware is your mobile phone. Even with a desktop running Zoom, and a Pixelbook running Google Docs, I still need to ask audit team members questions and conduct quick internet searches. Therefore, your mobile phone is essential to keep with you, in silent mode, during your audit. If you don’t have your phone, then you need to stop sharing your screen and send a message during your audit. Your phone is much less disruptive. I use the phone to keep track of time, to set reminder alarms, and to send Slack messages with other people. You can also join a separate Zoom session on your phone, where an audit team member may need you (the lead auditor) to provide input on objective evidence or evaluation of conformity regarding specific quality system requirements. You might also want to take a quick picture of something you observe on video during the audit. If you record the Zoom session, you can always extract a still image, but taking a picture with your mobile phone is more convenient and takes less time. You can then share the image with a Google Drive folder for your remote audit and copy the image into your audit report. As they say, a picture is worth 1,000 words.

One last note on hardware: a 48” flat screen is great for virtual bike rides on your trainer (as seen in the picture above), but it’s just a little too big for a desktop monitor. It’s excellent for side-by-side viewing, but dual monitors are a better approach.

Remote Auditing Resources for Web Conferencing

Currently, we are using Zoom as our video web conferencing software. Still, we used to use GoToMeeting, and there is very little difference in the functionality of the two software platforms. One of the consequences of the COVID19 pandemic is that everyone is more familiar with web conferencing software. Here are a few other options you could consider, including Slack, which we use as a messaging tool, and we have integrated with Zoom within our team’s channel.

1. Google Meeting
2. Skype
3. Microsoft Teams
4. Monday
5. Slack

Remote Audit Resources for Scheduling Your Audit

Currently, we are using Calendly as the automated appointment scheduling software application for our consulting business. However, the functionality of software applications has changed dramatically in the past few years with better integration tools, such as Zappier.  Therefore, don’t be surprised if we change to one of the applications listed below. These applications allow you to manage people, equipment, and conference rooms, but you can also integrate these applications with accounting business processes.

1. Simplybook.me 
2. Acuity Scheduling 
3. Jobber 
4. Gigabook
5. vcita

Remote Auditing Accessories

We hosted three international training workshops, and we record training videos for medical device companies every week. Therefore, we gradually accumulated all of the accessories listed below. Technology gadgets for recording videos are continually changing, and our best advice is to save your money. Instead, rely upon a mobile phone and an extra person with “the original selfie sticks” (i.e., arms). Once you complete your first remote audit, then you can think about which of the latest gadgets might make your life easier.

• Selfie Sticks
• Tripod
• External microphones
• Portable Batteries
• Additional lighting

If you have any suggestions for additional hardware and software for remote auditing, please add a comment to this article so we can keep this up to date with the latest technology. 

Future Articles & Webinars

Thank you for reading. This article is our third in a ten-part blog series specific to remote auditing techniques:

1. Remote audit opening meeting – 4 changes – May 12
2. Audit team communications – May 19
3. Remote audit resources – software and hardware tools – May 26
4. How to apply a risk-based auditing approach to audits and remote audits – June 2
5. How to make a supplier questionnaire for remote auditing – June 25
6. Remote audit duration less than 90 minutes – June 30
7. Remote auditing work instruction – July 14
8. Planning partial remote audits – July 21
9. Remote audit invitations – 4 things to remember – August 4
10. Training new audit team members and lead auditors – August 11

Five (5) new webinars planned on related topics:

1. Opening Meetings Webinar (free) – May 14, 2020
2. Audit team communication during a remote audit (free) – June 4, 2020
3. How to qualify your suppliers webinar (pre-order by June 1) – June 25, 2020
4. Remote auditing techniques webinar (pre-order by July 1) – July 16, 2020
5. MDSAP Certification Body Interviews (free) – August 6, 2020

The lack of visual cues may hinder communication between the auditor and the auditee, but software tools can enhance audit team communication.

Audit Team Communication Requirements

During the opening meeting, the lead auditor is responsible for confirming the “formal communication channels between the audit team and the auditee…[and] the auditee being kept informed of audit progress during the audit” (ISO 19011:2018, Clause 6.4.3). Typically, the audit program manager will follow the lead auditor during the audit. In that situation, audit team communication with the auditee is direct and verbal. However, if the audit team consists of multiple auditors, the lead auditor also needs to establish a method of communication between the team members and the lead auditor. Team members need to make the lead auditor aware of any potential nonconformities, but more critical information includes:

1. audit trails that require follow-up by auditors in other process areas
2. any delay experienced by team members
3. if an audit team member is ahead of schedule

Communication Limitations During On-Site Audits

During an on-site audit, it is not uncommon to have limited communication with the rest of the team, because the team is interviewing auditees and walking through the facility–not sitting at their computer. Sometimes your cellular signal is inadequate for texting or other messenger services such as Slack. It may also be more difficult to have private discussions between team members during an on-site audit. Usually, the audit schedule is very tight, and team discussions must wait until lunch breaks or scheduled team discussions. Unfortunately, these limitations frequently result in the follow-up of audit trails waiting until the very end of the audit, instead of addressing audit trails at more convenient times in the middle of the audit.

Communication Between Auditors During Remote Audits

During a remote audit, all of the audit team members will readily be able to exchange information by email, text, or Slack. Besides, applications like Google Docs allow multiple auditors to type in the same audit report simultaneously. Therefore, auditors can type a specific follow-up item in the section of the audit report, where another auditor will be typing their notes for the applicable audit area. For example, if one auditor is interviewing incoming inspection activities, they can type a note for the auditor that will be auditing calibration to review the calibration certificates for inspection devices used in the incoming inspection process. If an audit team leader needs more time, they can type a quick note for the lead auditor about the need for more time. The lead auditor can also quickly send a Slack message to the rest of the audit team, asking if anyone can aid the audit team member that is behind schedule. This communication is efficient, documented directly within the report, and occurs in real-time. The result is that communication between team members is more effective, and the audit is completed earlier.

Improvement of Auditor Training with Remote Auditing

When audit team members are being trained, the lead auditor must observe their auditing and provide constructive feedback. Ideally, the lead auditor will wait for a “teachable moment.” This is the moment immediately after the lead auditor-in-training makes a mistake. Telling an auditor-in-training what to do during an audit teaches the auditor little. However, if the auditor is allowed to make a mistake, such as forgetting to ask for an audit record, then the lead auditor can point out the error immediately afterward. Correcting the auditor can be as simple as adding a note in red font within the audit report in the same section where the auditor is currently typing. The auditor will see the comment and make the correction, but the auditee will not be aware of the error. This approach avoids any embarrassment to the auditor, and the auditor is more likely to remember the instruction as constructive feedback that will make them better.

Remote Auditing Can Be Easily Recorded

Auditors can learn from the constructive feedback provided by a lead auditor, but they can also learn by watching and listening to themselves if the remote audit is recorded. This is especially easy to accomplish for internal audits, but suppliers may also allow recording of certain process audits. Opening meetings, closing meetings, and common procedures such as incoming inspection usually do not include confidential information. Therefore, you should be able to obtain permission to record these portions of the audit. These recordings can be reviewed by the auditor to identify when poorly worded questions were used. Auditors-in-training can identify when they miss an opportunity to follow an audit trail, or an auditor may realize that they ask auditees certain closed-ended (i.e., yes/no) questions instead of open-ended questions that will help them gather more information from the auditee.

Audit Team Communication with Guides

In addition to the communication between the lead auditor and the audit team members, audit team members also need to communicate with their audit guides. Guides should be used to communicate messages throughout the company. For example, if the audit is behind or ahead of schedule, the guide can communicate adjustments in the timing of the agenda. If an audit team member requests records to be provided, the guide can communicate this request and make sure the records are waiting for the auditor when they return to the audit conference room. Guides also are responsible for helping the audit team navigate from one process area to another during the audit, and to make sure that the audit team observes all safety and gowning requirements during the audit. Finally, guides may also be asked to act as an observer and verify objective evidence collected by the auditor.

Shifting Role of a Guide During Remote Audits

During a remote audit, requests for records to be provided and communication of deviations from the agenda can easily be communicated by the auditor chat features in the video conference, instant messengers, or email. Therefore, you might think that a guide is unneeded. However, when audit team members request viewing another area of a facility during a remote audit, it may be necessary to provide live video images of the process areas. It isn’t easy to speak with the auditor and provide live video images. It may be dangerous to walk backward through your facility, carrying a selfie stick, and concentrating on your discussion with the auditor instead of where you are walking. Instead, the guide should focus on providing live video, and the process owner should be concentrating on providing a guided tour and answering the auditor’s questions. The guide may also be asked to record certain information in video or picture format as objective evidence.

Conclusion

Audit teams should practice using shared documents in Google Docs and Slack during the audit to facilitate real-time audit team communication. Google Docs enables everyone to write their audit notes directly into an audit report template to eliminate delays in the completion of the audit report. Using Google Docs also makes it possible for the lead auditor to observe the progress of the audit in real-time. Audit team communications of audit trails for team members to follow-up can be accomplished in real-time by just adding a note about the trail in the applicable section of the audit report. Finally, remote auditing can facilitate better training of auditors.

This article describes five minor adjustments that lead auditors should make when they plan a remote audit opening meeting.

Regardless of whether you are conducting an on-site audit or a remote audit, the first activity conducted during the audit is an opening meeting. The process for conducting opening meetings is defined in ISO 19011:2018, Clause 6.4.3, and it is the responsibility of the lead auditor to lead this meeting. There are three purposes to the opening meeting:

1. confirm agreement to the audit plan,
2. introduce the roles of the audit team, and
3. ensure the audit can be conducted as planned.

Opening meeting checklists

There is a long list of items that are typically confirmed during the opening meeting. New auditors are trained to rely upon an opening meeting checklist to ensure that none of the things on the list are accidentally forgotten. Some auditors will depend on a formal presentation during an opening meeting, but usually, this requires more time to set-up. Therefore, most auditors work from a pre-written checklist on their computer or paper.

Change #1: Presentations replace checklists in a remote audit opening meeting

If you are conducting a remote opening meeting, most of the attendees will be looking at a computer screen. The lead auditor can share their screen as they go through a formal presentation, without wasting any set-up time during the opening meeting. Also, attendees can be emailed the presentation before the opening meeting, along with the audit plan. If you are the lead auditor planning a remote audit, you should use an opening meeting presentation template to make sure that none of the items in clause 6.4.3 are skipped. If your company is developing a work instruction for conducting audits remotely, you should create a controlled template to ensure consistency among auditors. This should also be done for closing meetings. You can learn more about conducting opening and closing meetings in our webinar on May 14, 2020.

Change #2: Every audit team member should create a personal slide

One of the challenges of being remote is that you have trouble establishing rapport with the auditees. To overcome this challenge, you should use live video to show your face, smile, and say hello to auditees. It would help if you also created a slide for the opening meeting presentation that includes a personal picture that conveys your congenial character and less formality. You should also include your preferred method(s) of contact during the audit, such as email address, mobile phone number, or Slack @username. If you are part of a team, you should also present the slide(s) that explain which process areas you will be responsible for auditing. If you have any special needs, such as vision or hearing impairment, you should also indicate how you prefer auditees to communicate with you.

Change #3: Edit the agenda during the remote audit opening meeting

Auditors confirm the planned agenda with the auditees during the opening meeting, but adjustments to the schedule are typical of remote and on-site audits. At most on-site opening meetings, everyone will have a hardcopy of the agenda and make notes on their agenda to reflect schedule changes. It is the responsibility of the lead auditor to distribute an updated version of the revised agenda and to include the updated agenda with the audit report. However, in a remote audit opening meeting, the lead auditor should share a copy of the agenda with everyone in a software tool like Google Docs(see below). When changes are made, switch screen sharing from your presentation to the agenda. You can make the changes in view of all attendees. Also, if you share the document with auditees, they can correct errors in the audit agenda for you (e.g., the spelling of names) and often with greater efficiency than giving you a verbal explanation of the changes.

Change #4: Verify meeting invitations are updated at the end of the opening meeting

When there is an audit team conducting a remote audit, each auditor should send out a separate meeting invitation and include the lead auditor. This is important because each of the auditors needs to be able to audit simultaneously, but they may need the lead auditor to join their segment of the audit briefly. When changes are made to the audit agenda, such as changing the sequence of process areas being sampled, the time of the invitations needs to be updated for everyone involved. The lead auditor should verify that all of the invitations on their calendar match the updated agenda.

Change #5: Record your remote audit opening meetings (and closing meetings)

Recordings document critical information that might not be captured in the notes of the lead auditor while they are presenting. Therefore, requesting permission to record an opening and closing meeting of an audit is recommended. More importantly, if anyone is absent, the recording can be shared with that person. Finally, recordings allow you to “replay” mistakes and successes. The ability to replay the meeting, and observe yourself, is an invaluable tool for lead auditors in training and anyone that wants to improve.  

How long should your opening meeting be?

Audits are challenging to complete on-time, and therefore shorter opening meetings are desirable. However, the opening meeting is also dependent upon the scope of activities being audited and the number of audit team members. A duration of 30 minutes is typical for an on-site audit, but the opening meetings are often preceded by casual discussion and informal greetings. Teleconference calls and video chat meetings are less conducive to informal greetings because it is difficult for two people to speak at the same time. The remote meetings also seem more likely to start on-time. Therefore, you should expect a remote audit opening meeting to be more efficient (i.e., shorter).

The 2020 global pandemic has changed life as we know it, but this article focuses on three crucial quality system changes triggered by COVID19.

Last night my daughter Gracie mentioned that her teacher assigned an essay to write about three changes triggered by COVID19 in her life. The three things that she felt had changed the most were: 1) she goes to bed much later, and sleeps in every day; 2) her school is closed, and she only talks to her teacher twice per week via Zoom, and 3) she misses her friends. I know that her story is similar to my son Bailey who is in his Freshman year of college, and I know that my personal story is quite similar. Coincidentally, I started writing this article earlier this week about three significant-quality system changes triggered by COVID19:

1. If you are going to conduct on-site audits, you need to ask about using personal protective equipment (PPE).
2. There needs to be a greater focus on business continuity plans and robust supply chain monitoring.
3. Remote audits are suddenly encouraged for 1st, 2nd, and 3rd-party audits.

Changes triggered by COVID19: #1 Use Face Masks

US FDA Issues EUAs

At the beginning of the COVID19 pandemic, the US FDA created several emergency use authorizations (EUA). The three EUA areas were IVD testing, ventilators, and face masks. The EUA for IVD testing is not surprising, because the FDA issues and EUA every time a new lethal and contagious virus emerges (e.g., Zika and Ebola). The EUA for ventilators was issued because the number of people with respiratory issues was expected to explode with the spread of the virus, and the supply chain for components of ventilators had already been disrupted by the initial spread of the virus in China. The EUA for face masks was issued because it is the second-best way to protect people from the virus, and existing infrastructure for face mask production could not possibly supply the entire world with face masks overnight.

Everyone in the World Gets a Face Mask

As soon as the EUA for face masks was issued, every regulatory consultant in the USA was inundated with urgent requests for help to complete EUA requests for masks. I also received similar requests for assistance with Canadian filings. The FDA did a great job of providing detailed information about the different types of face masks (i.e., face masks, surgical face masks, and N95 respirators). Testing companies created new website pages specifically for each of the different face mask tests, and every company with a sewing machine suddenly wanted to manufacture masks. I even read an article about an elderly woman making face masks for her entire family while she listened to The Beatles “HELP!” in the background.

Why aren’t you wearing your face mask?

Even after the world makes the first 7 billion face masks, not everyone will wear their face masks. Masks will protect us from touching our hands to our face–which spreads many germs in addition to the SARS-CoV-2 virus. Masks will also keep us from coughing on other objects and people if we have the virus. Finally, face masks protect us from the small droplets that carry the virus from one person to the next. Even though there are obvious safety reasons for everyone in the world to wear a face mask, most people don’t want to wear a face mask. This is no different from the argument to wear a seat belt, and unless our government creates a law or temporary order requiring us to wear face masks, most people won’t bother to wear one.

Changes triggered by COVID19: Auditors need to wear face masks 

As a medical device auditor, I feel I must always follow the safety rules in every facility I visit. Lead auditors are supposed to contact the company ahead of time and ask about the safety policies as part of audit preparation and initiating the audit. I’m 6’6” (2.00m) in height, and my shoe size is 14. There is seldom gowning for me to wear that fits appropriately–especially in Southeast Asia. I squeeze into the garments, and they are uncomfortable and hot, but I wear the garments anyway. My job includes auditing clean rooms, and I can’t do my job without gowning up. By following the rules, I also eliminate the excuses for anyone in the facility I visit. Now that we have a global pandemic, you should be wearing a face mask in every medical device facility to protect yourself, people you work with, and users of medical devices. You should also consider carrying spare face masks with you to protect yourself on airplanes, in hotels, etc.

Changes triggered by COVID19: #2 Business Continuity Plans

Will business continuity plans be required now?

In addition to the cultural shift to wearing face masks, we will also need to make significant changes in our overall preparations for natural disasters, fires, and biological threats. Although there is no specific requirement for a business continuity plan in ISO 13485:2016, there are many places where an auditor can identify a requirement to maintain the effectiveness of a quality system (no exceptions):

1. Clause 1, Scope
2. Clause 4.1.1 & 4.1.3, General Quality System Requirements
3. Clause 5.3, Quality Policy
4. Clause 5.4.2, Quality management system planning
5. Clause 5.6.3, Management Review Output
6. Clause 6.1, Provision of resources
7. Clause 8.1, General requirements for Measurement, analysis, and improvement
8. Clause 8.2.4, Internal audit
9. Clause 8.5.1, General Improvement

Although any of these clauses could potentially be referenced as a requirement for a business continuity plan, the last clause would generally be the most appropriate. This clause states, “The organization shall identify and implement any changes necessary to ensure and maintain the continued suitability, adequacy and effectiveness of the quality management system…”. In this time of radical change, adding provisions to your business continuity plan for coping with a global biological threat seems obvious and urgently needed.

Suggested content for your business continuity plan

Sadly, the USA was probably better prepared for a disaster in the 1960s after the Cuban Missile Crisis than we are today. If you do not yet have a business continuity plan, or if you need suggestions for improving your plan, the following is a list of suggested items to include in your plan:

1. Develop a plan for power outages, fires, floods, earthquakes, severe wind/tornadoes, hurricanes, workplace violence, and biological threats 
2. Develop an emergency alert system to notify employees of any emergency
3. Build emergency kits and store the kits for when they are needed
4. Document your plan in multiple formats (virtual and physical) and distribute to all employees–including a social media plan
5. Translate your plan into multiple languages for non-English speaking employees
6. Develop a training program that addresses the various aspect of emergency preparation
7. Practice your plan just like fire drills, so everyone is prepared and nobody panics

The Ready.gov website has many resources for the above items, including a series of “Ready Business Videos” and “Ready Business Toolkits.”

How to practice your business continuity plans

My sister is a teacher, and she is in the process of opening a new charter school in Maine. We were discussing her planning for the school, and the disruption of schools by the COVID19 pandemic has challenged all teachers to learn to use distance learning. My sister’s school focuses on teaching children about the environment, and she doesn’t like to spend lots of time on the computer. I was sharing some of the environmental studies my daughters are receiving via Zoom from their teachers. I suggested that she might want to pick one topic each week to teach via distance learning. The purpose of this would be to give her, and her students practice using distance learning for a variety of subjects. Therefore, when we experience another biological disaster, her students will already know precisely how to use distance learning to continue their education. My argument was that this routine use of distance learning would be a more effective preparation for emergencies than a once-per-month “fire drill.” Companies should use the same approach. Your company should create a schedule for practicing remote management meetings and working from home. This will ensure that systems are in place to keep your business running smoothly when disaster strikes again.

Changes triggered by COVID19: Expect regulators to require business continuity plans

The widespread shortage of face masks, ventilators, and other critical supplies needed during the COVID19 pandemic is going to result in new regulations requiring business continuity plans. This is a certainty born from the observation that every single medical device regulation we have resulted from severe public health threats. The COVID19 pandemic is the biggest global health crisis the world has experienced in 100 years. Therefore, we can expect corrective actions in the form of new regulations requiring companies to have a business continuity plan. Some regulators will act independently, but I would expect this also to be an action taken by the International Medical Device Regulators Forum (IMDRF). We can also expect there to be new laws requiring amendments to business continuity plans for public companies. The Sarbanes-Oxley Act of 2002 requires public companies in the USA to have business continuity plans. Despite this requirement, many public companies have been ruined by the COVID19 pandemic. Therefore, we should expect amendments to these requirements and revisions to the international standard for business continuity planning (i.e., ISO 22301:2019). We should also expect to see new interest in becoming certified to this standard.

Changes triggered by COVID19: #3 Remote Auditing

What are certification bodies doing about surveillance audits and re-certification audits?

Most of the companies that had initial certification audits scheduled for the first quarter of 2020 were forced to reschedule their audits because the employees must work from home, and the certification bodies must conduct at least some of their audits on-site. The FDA was also forced to cancel all foreign inspections temporarily. However, companies that already have certification need surveillance audits and re-certification audits to maintain the validity of their quality system certificates. Therefore, certification bodies now have plans for conducting audits remotely. For companies that virtual medical device manufacturers, certification bodies can conduct full quality system audits remotely. However, manufacturers with production activities on-site are only able to conduct partial audits. The certification bodies must still conduct on-site audits, but they are being permitted six months to conduct an on-site audit to cover the gaps remaining from the partial remote audits. Prior to conducting the partial remote audits, certification bodies are sending out questionnaires to all of their clients to gather information about whether the manufacturers can support a remote audit and to what degree.

Second-party audits conducted remotely

Second-party audits, also known as supplier audits, have always been of interest for manufacturers to conduct remotely–mainly if the supplier is located overseas. The US FDA regulations do not require companies to conduct supplier audits. However, if there are quality problems with suppliers, you are expected to conduct a thorough investigation to identify the root cause of quality problems, in most cases, that require an on-site audit. However, if your suppliers are providing good quality and they are ISO 13485:2016 certified, then you probably are using this as a justification for not conducting on-site audits or at least reducing the frequency of those audits. Now that most people are not able to travel, or because the people you need to speak with are working from home, manufacturers are being forced to conduct remote audits. This has always been permitted, but the effectiveness of remote audits is often questioned. Supply chain disruptions are now a global issue that is impacting the safety and effectiveness of our hospitals, and regulators will expect you to improve the rigor of your supplier evaluations–including conducting more supplier audits. Therefore, establishing more effective procedures for remote supplier auditing is urgently needed.

Changes triggered by COVID19: We need to develop procedures for remote auditing

Although most first-party audits are conducted on-site, especially if conducted by employees of your company, we will still need to establish procedures for remote auditing for internal audits. Some of our client’s scheduled internal audits for April and May that they had to cancel because they were unable to access the records needed for the audit while they were working from home. In addition, most of the US States have implemented stay-at-home audits that prevent our team from traveling to our clients. This is forcing our team to develop more robust procedures for remote auditing. We needed to change our audit agendas to accommodate eight 90-minute audit sessions in four days, instead of conducting two full days of on-site auditing. We are also doing more preparation before the audit to allow the auditees time to scan paper records so that we can review those records remotely. Finally, we are experimenting with techniques for collaboration as an audit team so that multiple auditors can simultaneously audit a client and complete a full quality system audit more quickly without forcing any one person to work for longer than 90 minutes in front of a computer. We are still perfecting these new methods, but we are writing a series of articles on this topic. You can order the book from Amazon ($5 pre-order discount until August 28, 2020).

Thank you & Future Articles

Thank you for reading. This is the longest article we have published on our site since 2012. This article also kicks off a ten-part blog series specific to remote auditing techniques:

1. Remote audit opening meeting – 4 changes – May 12
2. Audit team communications – May 19
3. Remote audit resources – software and hardware tools – May 26
4. How to apply a risk-based auditing approach to audits and remote audits – June 2
5. How to make a supplier questionnaire for remote auditing – June 25
6. Remote audit duration less than 90 minutes – June 30
7. Remote auditing work instruction – July 14
8. Planning partial remote audits – July 21
9. Remote audit invitations – 4 things to remember – August 4
10. Training new audit team members and lead auditors – August 11

There are also five new live webinars planned on related topics:

1. Opening Meetings Webinar (free) – May 14, 2020
2. Audit team communication during a remote audit (free) – June 4, 2020
3. How to qualify your supplier’s Webinar (pre-order by June 1) – June 25, 2020
4. Remote auditing techniques webinar (pre-order by July 1) – July 16, 2020
5. MDSAP Certification Body Interviews (free) – August 6, 2020

This article explains what to look at and what to look for when you are auditing technical files to the new Regulation (EU) 2017/745 for medical devices.

On August 8th, 2019, we recorded a live webinar teaching you what to look at and what to look for when you are auditing technical files (a link for purchasing the webinar is at the end of this article). Technical files are the technical documentation required for CE Marking of medical devices. Most quality system auditors are trained on how to audit to ISO 13485:2016 (or an earlier version of that standard), but very few quality system auditors have the training necessary to audit technical files.

Why you’re not qualified to auditing technical files

If you are a lead auditor, you are probably a quality manager or a quality engineer. You have experience performing verification testing and validation testing, but you have not prepared a complete technical file yourself. You certainly can’t describe yourself as a regulatory expert. You are a quality system expert. A couple of webinars on the new European regulations are not enough to feel confident about exactly what the content and format of a technical file for CE marking should be.

Creating an auditing checklist

Most auditors attempt to prepare for auditing the new EU medical device regulations by creating a checklist. The auditor copies each section of the regulation into the left column of a table. Then the auditor plans to fill in the right-hand columns of the table (i.e., the audit checklist), with the records they looked at and what they looked for in the records. Unfortunately, if you have never created an Essential Requirements Checklist (ERC) before, you can only write in your audit notes that the checklist was completed and what the revision date is. How would you know if the ERC was correctly completed?

In addition to the ERC, now called the Essential Performance and Safety Requirements (i.e., Annex I of new EU regulations), you also need to audit all the Technical Documentation requirements (i.e., Annex II), all the Technical Documentation on Post-Market Surveillance (i.e., Annex III), and the Declaration of Conformity (i.e., Annex IV). These four annexes are 19 pages long. If you try to copy and paste each section into an audit checklist, you will have a 25-page checklist with more than 400 things to check. The result will be a bunch of checkboxes marked “Yes,” and your audit will add no value.

Audits are just samples

Every auditor is trained that audits are just samples. You can’t review 100% of the records during an audit. You can only sample the records as a “spot check.” The average technical file is more than 1,000 pages long, and most medical device manufacturers have multiple technical files. A small company might have four technical files. A medium-sized company might have 20 technical files, and a large device company might have over 100 files. (…and you thought the 177-page regulation was long.)

Instead of checking many boxes, “Yes,” you should look for specific things in your audit records. You also need a plan for what records to audit. Your plan should focus on the essential records and any problem areas identified during previous audits. You should always start with a list of the previous problem areas because there should be corrective actions that were implemented, and the effectiveness of corrective actions needs to be verified.

Which records are most valuable when auditing technical files?

I recommend selecting 5-7 records to sample. My choices would be: 1) the ERC checklist, 2) the Declaration of Conformity, 3) labeling, 4) the risk management file, 5) the clinical evaluation report, and 6) post-market surveillance reports, and 7) design verification and validation testing for the most recent design changes. You could argue that my choices are arbitrary, but an auditor can always ask the person they are planning to audit if these records would be the records that the company is most concerned about. If the person has other suggestions, you can change which records your sample. However, you don’t want to sample the same records every year. Try mixing it up each year by dropping the records that looked great the previous year, and adding a few new records to your list this year.

What to look for when auditing technical files

The first thing to look for when you audit records: has the record been updated as required? Some records have a required frequency for updating, while other records only need to be updated when there is a change. If the record is more than three years old, it is probably outdated. For clinical evaluation reports and post-market surveillance reports, the new EU regulations require updating these reports annually for implantable devices. For lower-risk devices, these reports should be updated every other year or once every three years at a minimum.

Design verification and design validation report typically only require revisions when a design change is made, but a device seldom goes three years without a single change–especially devices containing software. However, any EO sterilized product requires re-validation of the EO sterilization process at least once every two years. You also need to consider any process changes, supplier changes, labeling changes, and changes to any applicable harmonized standards.

Finally, if there have been any complaints or adverse events, then the risk management file probably required updates to reflect new information related to the risk analysis.

Which record should you audit first?

The ERC, or Essential Performance and Safety Requirements checklist, is the record you should audit first. First, you should verify that the checklist is organized for the most current regulations. If the general requirements end with section 6a, then the checklist has not been updated from the MDD to the new regulations–which contains nine sections in the general requirements. Second, you should make sure that the harmonized standards listed are the most current versions of standards. Third, you should ensure that the most current verification and validation reports are listed–rather than an obsolete reports.

More auditor training on technical files…

We recorded a live webinar intended to teach internal auditors and consultants how to perform a thorough audit of CE Marking Technical Files against the requirements of the new European regulations–Regulation (EU) 2017/745.

With access to this training webinar, we are also providing a native presentation slide deck, and an audit report template, including checklist items for each of the requirements in Annex I, II, III, and IV of the MDR.

We also provide an exam (i.e., a 10-question quiz) to verify training effectiveness for internal auditors performing technical file auditing. If you submit the completed exam to us by email in the native MS Word format, we will correct the exam and email you a training certificate with your corrected exam. If you have more than one person that requires a training certificate, we charge $49/exam graded–invoiced upon completion of grading.

Technical File Auditing for Compliance with MDR

This webinar provides an audit report template and teaches auditors how to conduct technical file auditing for compliance with Regulation (EU) 2017/745.

Price: $129.00

In addition to this webinar on auditing technical files, other training webinars are available. For example, we have a webinar on risk management training. If your firm is preparing for compliance with the new MDR, you might also be interested in the following information provided on this website:

• A CE Marking procedure including templates for the Essential Requirements, a Declaration of Conformity, and a Technical File Index.
• A blog outlining how to create your Quality Plan for compliance with the MDR
• A blog explaining three significant differences between the requirements of a Technical File for CE Marking and a 510(k) submission
• An 8-part webinar-based course reviewing the requirements of Regulation (EU) 2017/745 and comparing the requirements with the MDD (93/42/EEC as modified by 2007/47/EC).

Please note: A link for logging into this Zoom webinar will be delivered to the email address provided in the shopping cart transaction. After verifying the transaction, please check your email for the login information. To view the available webinars, click here. If you cannot participate in the live Zoom webinar, a link for downloading the recording will be emailed to you.