Hi Sandra,
Our organization is a small medical device company and we have everything into 1 procedure. We base our structure on Level 1, Level 2, and Level 3. How we define levels are as follows:
Level: These suppliers are considered HIGH risk because they pose a significant/direct impact to product manufacturing, product conformity, safety, and effectiveness of the product(s). Supplier issues from these suppliers could result in but not limited to, recalls, FDA warning letters, and/or customer harm.
Level 2: These suppliers are considered MODERATE-LOW risk because they pose no significant/direct impact to product manufacturing, product conformity, safety, and effectiveness of the product(s), however could indirectly impact data and quality.
Level 3 these suppliers do not have any impact ton product quality, safety and effectiveness of product(s); nor any impact on data/quality
In addition, documentation requirements for these suppliers would be:
Level 1: Requires audit, quality agreement, annual evaluation, current certificates, audit, approval, and addition to approved suppliers list
Level 2: Requires quality agreement, the scope of work, annual evaluation, current certificates, approval, and addition to approved suppliers list
Level 3: Does not require documentation or addition to approved supplier list
Hope this helps
------------------------------
Vashone Thomas
Senior Director of QA/RA
South Orange NJ
United States
------------------------------
Original Message:
Sent: 07-Oct-2021 12:09
From: Sandra Veenstra
Subject: Purchasing controls for small ISO 13485 compliant companies
Wondering whether other small ISO 13485 compliant companies manage ALL purchasing processes (e.g. office supplies) through your QMS procedures or whether you have a separate process to meet business requirements for items/services that do not impact product quality?
------------------------------
Sandra Veenstra
Director - Quality Assurance and Regulatory Affair
Moncton NB
Canada
------------------------------