Regulatory Open Forum

 View Only

  • 1.  Purchasing controls for small ISO 13485 compliant companies

    Posted 07-Oct-2021 12:09
    Wondering whether other small ISO 13485 compliant companies manage ALL purchasing processes (e.g. office supplies) through your QMS procedures or whether you have a separate process to meet business requirements for items/services that do not impact product quality?

    ------------------------------
    Sandra Veenstra
    Director - Quality Assurance and Regulatory Affair
    Moncton NB
    Canada
    ------------------------------


  • 2.  RE: Purchasing controls for small ISO 13485 compliant companies

    Posted 08-Oct-2021 08:35
    Good day Sandra...

    We are a small company, and we do not manage office supplies through purchasing in our QMS. 

    However, when you mention services, most of those, if I am on the same page as you, have to be managed in your QMS.  When I think of services, I think of hiring agencies, shipping companies, HVAC contractors, IT support, etc.  Since you have to control your manufacturing environment under 6.3 all building maintenance services fall under purchasing if they are outsourced.  Since you have to control the product through delivery under 7.5.11 all shipping methods must be controlled through purchasing.  The same applies under 6.2 if you use employment agencies such as temp to hire.

    Because there is not a tangible deliverable for services, we have a different set of parameters/expectations than a raw material/packaging material supplier.  If a company is doing yearly PM, you certainly can't measure their on-time delivery or the quality of the product received on a monthly basis.  For this reason, we use a tier system for suppliers/vendors. One of the tiers is service providers.

    Also, do not forget that if you have to comply with MDR, your distributors have to be assessed just like your suppliers/vendors.

    I hope this helps you understand what is required under ISO as it actually ends up being more than "what affects product quality".

    Best regards,

    ------------------------------
    D Michelle Williams
    VP - Operations
    United States
    ------------------------------

    Original Message


  • 3.  RE: Purchasing controls for small ISO 13485 compliant companies

    Posted 08-Oct-2021 09:22
    Hi Sandra,

    Our organization is a small medical device company and we have everything into 1 procedure.  We base our structure on Level 1, Level 2, and Level 3.  How we define levels are as follows:

    Level:  These suppliers are considered HIGH risk because they pose a significant/direct impact to product manufacturing, product conformity, safety, and effectiveness of the product(s). Supplier issues from these suppliers could result in but not limited to, recalls, FDA warning letters, and/or customer harm.
    Level 2:  These suppliers are considered MODERATE-LOW risk because they pose no significant/direct impact to product manufacturing, product conformity, safety, and effectiveness of the product(s), however could indirectly impact data and quality.
    Level 3 these suppliers do not have any impact ton product quality, safety and effectiveness of product(s); nor any impact on data/quality

    In addition, documentation requirements for these suppliers would be:
    Level 1:  Requires audit, quality agreement, annual evaluation, current certificates, audit, approval, and addition to approved suppliers list
    Level 2:  Requires quality agreement, the scope of work, annual evaluation, current certificates, approval, and addition to approved suppliers list
    Level 3:  Does not require documentation or addition to approved supplier list 

    Hope this helps

    ------------------------------
    Vashone Thomas
    Senior Director of QA/RA
    South Orange NJ
    United States
    ------------------------------

    Original Message


Related Content