Regulatory Open Forum

 View Only

  • 1.  ISO 13485:2016 Risk Based approach

    This message was posted by a user wishing to remain anonymous
    Posted 25-Oct-2017 13:04
    This message was posted by a user wishing to remain anonymous


    Can anyone share how are you complying with ISO 13485:2016 section 4.1.2 b "apply a risk based appropriate
    processes needed for the quality management system?"

    Thank you!


  • 2.  RE: ISO 13485:2016 Risk Based approach

    Posted 25-Oct-2017 13:25
    ​This issue is already being discussed in an other recent thread "Tips for 13485:2016 transition".

    Link https://connect.raps.org/communities/community-home/digestviewer/viewthread?GroupId=97&MessageKey=f108248a-2b83-4d93-afe6-57950d1cb05c&CommunityKey=5af348a7-851e-4594-b467-d4d0983b6d89&tab=digestviewer

    Have a look overthere.
    It is important that as a regulatory/quality community we develop a common, practicable, and useful understanding and implementation of what the ISO Committee intended when they wrote this into the standard.
    This does not yet appear to be the case ... .

    With kindest regards,




    ------------------------------
    Ary Saaman
    Director, Regulatory Affairs
    Debiotech S.A.
    Lausanne
    Switzerland
    ------------------------------

    Original Message


  • 3.  RE: ISO 13485:2016 Risk Based approach

    Posted 26-Oct-2017 09:25
    For more on the risk-based approach and the Technical Committee's thoughts you might also look at the new ISO 13485 Handbook which is available in the US at AAMI or through ISO and other sources. 

    The risk-based approach originated with the FDA's Quality System Regulation 21 CFR 820. The Preamble to the regulation extensively discusses the use of a risk-based approach to implementing the QSR and may provide more information to help understand the intent in the standard. The new edition of 13485 has adopted more of the QSR.

    ------------------------------
    Edwin Bills RAC, MA
    Principal Consultant
    Edwin Bills Consultant
    Overland Park KS
    United States
    ------------------------------

    Original Message


  • 4.  RE: ISO 13485:2016 Risk Based approach

    Posted 27-Oct-2017 08:55
    Ed is right, and many companies are already doing this. For instance, in your supplier controls do you assign tiers or levels to suppliers based on risk/criticality to your product? Are there different requirements for each tier? That is s risk based approach. Does your CAPA System have a risk assessment in it that impacts the rest of the process (timing, containment etc) - that is a risk based approach. Does your design control procedure allow for an "accelerated" process for small projects? That too can be a risk based approach, if the definition of "smaller" includes a risk assessment.

    In my mind, formalization of this in the new edition of ISO 13485 is one of the (few) things I like about this new addition.

    g-

    ------------------------------
    Ginger Glaser RAC
    Vice-President, Engineering
    MN
    ------------------------------

    Original Message


  • 5.  RE: ISO 13485:2016 Risk Based approach

    Posted 26-Oct-2017 13:18
    Please also ensure you read the full text in order to discern the meaning correctly, "apply a risk based approach to the control of the appropriate processes needed...." (emphasis mine).

    It is about applying the correct controls NOT the full requirements of risk management.

    ------------------------------
    Regards,
    Mark Swanson, ASQ CBA, CMQ/OE, CQE MBA
    Becker MN
    United States
    ------------------------------

    Original Message


  • 6.  RE: ISO 13485:2016 Risk Based approach

    Posted 27-Oct-2017 09:19

    Thank you all for your contributions and clarifications. The consensus that seems to be building is that the "risk based approach" in ISO 13485:2016 is a slightly brushed-up version of what FDA wrote 20 years earlier in the preamble to the Quality System Regulation. It is not a requirement for a substantial form of risk management applied to the QMS processes. I may have been jumping the gun there … . Again, thank you all very much and have a scary Halloween weekend ! With kindest regards,



    ------------------------------
    Ary Saaman
    Director, Regulatory Affairs
    Debiotech S.A.
    Lausanne
    Switzerland
    ------------------------------

    Original Message


  • 7.  RE: ISO 13485:2016 Risk Based approach

    Posted 27-Oct-2017 10:09
    Personally, I am very pleased to see a formalized risk-based approach language included in the new standard. However, rather than thinking of this as a requirement, we should consider this as an opportunity to strengthen the overall quality system. Risk-basaed approach may mean different things to different people, but the main idea should be to (formally) give serious consideration to all risks associated with the process and product. Which should lead to designing and implementing appropriate controls. Additionally, we should look at it with a perspective of continuous improvement. 

    I realize this is more of a philosophical view, but I also think that if we take a step back and truly understand the intent behind this new approach, we can easily meet/exceed the expectations. To this end, I am going to check out the ISO handbook Ed Bills mentioned in his post. 


    ------------------------------
    Naveen Agarwal
    Creative Analytics Solutions, LLC
    Jacksonville FL
    United States
    ------------------------------

    Original Message


Related Content