Hello Matthew,
Manging documents of external origin can be a daunting task especially the more complex the device with more standards or guidance which apply to the quality system, product realisation, and product testing. Instead of having one big list, I like to create some categories of external documents to manage - some being active, some being aware, and some as "know about". As an example, the "main" list would be regulations, standards, and even some guidance which are directly related to the device life cycle, e.g. ISO 13485, ISO 14971, FDA QS Regulation 21 CFR 820, Canada SOR, EU MDR, etc. For guidance, typically would only include those guidance which are directly related to "day to day" operations or activities, such as Determining a Change to 510(k), which would generally be used often during say change control process. The external documents would be actively reviewed to ensure notification of new versions are known and assessment is done once released.
Another category that would be active, but a different list might be documents related to Contract Manufacturers, important suppliers, or important distributors. These can also be standards or guidance which are no used day to day, but used regularly. These type of external documents would be say Device Master Records (DMR)/Medical Device Files (MDL) a contract manufacturer would keep, distributor work instructions, or standards/guidance which are used in design and development such as ASTM standards or ISO 11135. Review of these external standards might be less "active" where maybe quarterly or even annually a review is performed to see if they are updated. Plus these documents would often be communicated when changed, i.e. an updated procedure or specification from a supplier.
Then another category might be "let's keep aware of these" which are generally horizontal guidance documents or standards which may not be used all the time. Examples of these would be say FDA guidance on use of ISO 10993-1 generally only used during development or maybe change control or even MEDDEV 2.7/1 which should not really be used anymore but is a good reference. These documents of awareness is exactly that, keeping track of them maybe annually to see if there is any change.
Tracking, evaluating, being aware, and notification of documents of external origin can be a complicated process. All too often when I am auditing this is an area of deficiency often found because regulatory intelligence can be massive depending on the organisation and their products. There is not one way to do this, though use a risk-based approach because there are regulations, standards, and guidance which are regularly used and those that are not. There are also regulations, standards, and guidance which can have a big impact on what a company does and others which are just helpful reference. Hopefully that helps generate some thoughts.
------------------------------
Richard Vincins ASQ-CQA, MTOPRA, RAC
Vice President Global Regulatory Affairs
------------------------------
Original Message:
Sent: 02-Nov-2023 02:16
From: Leonard Eisner
Subject: External Document List (EDL) content
To add to the list include directives and regulations, as well.
If you are able to follow the development of any of these external documents prior to the official release of the final documents I would also try to watch the development of especially regulations, direcitves, laws, guidances but also standards a acritical issue as well.------------------------------------------------------oj i
------------------------------
Leonard (Leo) Eisner, P.E.
The "IEC 60601 Guy"
Principal Consultant, Eisner Safety Consultants
Mobile: (503) 709-8328
Email: Leo@EisnerSafety.com
Website: www.EisnerSafety.com
Original Message:
Sent: 01-Nov-2023 16:50
From: Kevin Randall
Subject: External Document List (EDL) content
For ISO 13485's clause 4.2.4 second paragraph indent f) regarding identification of documents of external origin, I find that most companies typically include applicable guidance documents, standards, statutes, ordinances, regulations, and the like. This can vary from organization to organization because ultimately, the documents of external origin shall be those determined by the organization to be necessary for the planning and operation of the quality management system. I've also seen some state that copies of certificates granted to the organization should also be included (e.g., ISO 13485/MDSAP certificate; European Technical Documentation certificates, etc.), but I don't generally do that.
------------------------------
Kevin Randall, ASQ CQA, RAC (U.S., Canada, Europe)
Principal Consultant
Ridgway, CO
United States
© Copyright 2023 by ComplianceAcuity, Inc. All rights reserved.
Original Message:
Sent: 01-Nov-2023 16:22
From: Matthew Hildebrand
Subject: External Document List (EDL) content
Hello all,
We are an ISO 13485/MDSAP certified company with distribution in US, Canada, Australia, and the EU. For external document lists, do most companies list the guidance documents (e.g. FDA guidances and MDCG) in the EDL, or just the regulations? We currently list the guidances, but it can be quite burdensome, and most importantly, many of the guidances are not relevant to our devices.
Thanks in advance!
Matt
------------------------------
Matthew Hildebrand
Director, RA/QA
Checkpoint Surgical
Independence, OH
USA
------------------------------