Regulatory Open Forum

 View Only

  • 1.  Supplier Evaluation

    Posted 19-Apr-2023 13:25

    Hello everyone. I'm thrilled that I joined RAPS, I have a question about the supplier assessment. We are implementing a new SOP for the supplier evaluation, so I'm wondering how to categorize our suppliers from critical to non-critical. Please share your thoughts and feedback with me.



    ------------------------------
    Nawal Tiouri
    Ypsilanti MI
    United States
    ------------------------------


  • 2.  RE: Supplier Evaluation

    Posted 19-Apr-2023 13:48

    My recommendation is that you don't categorize your suppliers this way. There is no regulatory requirement that you do, so it becomes a non-value added to classify and maintain the classification. Having done a lot of supplier management consulting work, I've seen the classification system then result in activities with frequency depending on the classification.

    One of the worst cases is frequent audits of critical suppliers. Usually, the manufacturer doesn't have the resources to conduct the supplier audits, they are missed, and in the worst case results in a Warning Letter for failure to follow your own procedures. Instead of supplier audits, ask your suppliers for any third-party audit reports. You have probably made it part of the T&Cs, so should be willing to give you the reports. Explain that you are in a regulated industry and must evaluate and re-evaluate suppliers. Give the supplier two choices – provide the audit report under confidentiality or your company will have to duplicate the audit cost the supplier additional time, resources, etc. Usually, the supplier will take the first choice.

    As part of reevaluation collect metrics on on-time delivery and lot acceptance rate at incoming. Set standards for acceptable performance.

    There is one caveat to classification. If your device has the MDD or MDR CE Mark issued by an NB, then your suppliers may be subject to NB unannounced audits. Often the NB will ask for your critical suppliers. Check the definitions in your contract or other NB documentation. This is a classification for the NB's use, not yours.

    If you still feel compelled to classify suppliers this way, use the definitions from the GHTF series on supplier management.



    ------------------------------
    Dan O'Leary CQA, CQE
    Swanzey NH
    United States
    ------------------------------

    Original Message


  • 3.  RE: Supplier Evaluation

    Posted 19-Apr-2023 15:38

    Hi Dan ,

    The company where I work is still in the  development stage of  a medical device, so for now we are using a random of suppliers online. However, in the near future we must start selecting and evaluating our suppliers, so my question is: Is there a process to follow? Thank you so much for your response. 

    Best,
    Nawal



    ------------------------------
    Nawal Tiouri
    Ypsilanti MI
    United States
    ------------------------------

    Original Message


  • 4.  RE: Supplier Evaluation

    Posted 20-Apr-2023 10:59

    Hi Nawal,
    There is a process to follow, which I'll briefly outline. The process is in two regulatory requirements: FDA QSR and ISO 13485:2016. QSR is clearer, but in the next few years, FDA will adopt the 13485 version.

    The process steps to define the requirements for the supplier, evaluate potential suppliers, select the supplier that is best fit, periodically reevaluate all suppliers against a set of criteria.

    Define the requirements
    List all the things that are important for this supplier. Examples include capability, capacity, and landed cost. Look at regulatory issues such as FDA 483s, OSHA citations, EPA citations, etc. Consider whether the supplier needs a QMS such as ISO 9001, FDA QSR, or ISO 13485.

    Identify three (any number will work, but three is tradition) potential suppliers and ask each about the criteria defined. This could be a simple set of questions. If written in a form, it should be two pages or less.

    Score each supplier's response to each item on a scale of 1 to 5. 3 means the supplier meets the requirement; 4 or 5 exceeds the requirement. Plot the results on a radar chart using MS Excel. The higher scoring suppliers will be further out on the chart.

    Select the supplier that is the best fit for your company and document the reason. Add that supplier to the Approved Supplier List.

    Periodically re-evaluate each supplier. I recommend using four criteria: on time delivery, lot acceptance rate at incoming, adequate QMS, and ease of working with the supplier. Each supplier's evaluation should take no more than five minutes. If a supplier doesn't meet all the criteria, then do a separate analysis.

    Keep records of everything you do because the regulators will want to see them.

    For more detail, find the GHTF guidance documents, because they are great. Because GHTF doesn't exist anymore, they moved to the IMDRF website.

    Regards,
    Dan



    ------------------------------
    Dan O'Leary CQA, CQE
    Swanzey NH
    United States
    ------------------------------

    Original Message


  • 5.  RE: Supplier Evaluation

    Posted 20-Apr-2023 07:55

    Good Morning.....

     

    We actually do categorize our suppliers and that has been at the suggestion of the FDA, our internal auditing consultant, and other 3rd party audits we have had.  Without a categorization, it is difficult to explain why you control each supplier as you do.   There is nothing in our QMS that states we have to physically audit any supplier.  We do not perform physical audits at supplier's facilities.  Our critical suppliers are categorized based on risk to supply a quality product or meet high-level regulations.  In addition, if we have a sole-supplier, they are critical.  They are required to provide a self-survey every year along with other documents that we require for regulatory purposes such as REACH, RoHS, Prop 65, Conflict Minerals, etc., and have an SQA.

     

    Our next group is raw materials that are critical to our production or meeting regulations, but not critical to a quality product, such as our IFU printer.  We also have other categories for supplies that have very little control and all of our service vendors such as UPS, HVAC, Fork Lift PM, etc.

     

    You should not forget that service providers can be critical such as translation services, IT support, pest control, contracted warehouses, etc.  We received an NC because we did not have an SQA with our IT company, our contracted warehouse in Canada and our translation service.  We had not considered them critical prior to our audit.

     

    Since we are a Class I manufacturer, our suppliers are not subject to unannounced audits by NBs. 

     

    I hope this alternative look at suppliers assist you in your work.  We are ISO 13485:2016 certified and have no FDA 483s.

     

    Regards,

     

    D. Michelle Williams, CESCO

    VP – Operations

     

    Action Products, Inc.

    www.actionproducts.com

    301.797.1414 X1022

     

    https://www.linkedin.com/in/dmwilliamsvpopapiwvu88

     

     

    Action-MMD-Ribbon_Logo_5in_cmyk

     




    Original Message


  • 6.  RE: Supplier Evaluation

    Posted 20-Apr-2023 09:01

    Good day Nawal,

    Whether you call it classification, categorisation, ranking, levels, A through D assignment, if you comply with ISO 13485 supplier evaluation and outsourced processed should be done using a risk-based approach.  If you look at Section 7.4.1 of the ISO 13485 it uses words like criteria and 'risk associated with the medical device' which precludes using a risk-based approach for the evaluation and monitoring of vendors, suppliers, or activities/processes done external to the organisation (whatever term comfortable using).  It is also common practice these days, supported by certification bodies and US FDA as Michelle indicates that organisations use a risk-based approach and criteria for evaluating and monitoring their suppliers.

    To answer your question, there are different ways this can be done based on the organisation, resources, quality system, and primarily the type of medical device which is being realised by the company.  I have put into different approaches and seen other approaches for how companies evaluate and monitor their suppliers.  It is good practice because today I see Notified Bodies "requiring" companies to obtain agreements with ALL of their suppliers.  This is not tenable or sustainable for most companies.  Thus, establishing a criteria such as a category or classification of suppliers is helpful, i.e. A, B, C, D.  The classification uses a risk-based approach such as sole-source, external contract manufacturer of finished device, Off the Shelf components, etc.  Then for each of these categories establish what activities need to be performed, i.e. questionnaire, interview, audit, certification, etc.  You could work with some external resources to help you develop a process, plus there are a couple resources (books) out there concerning supplier management.



    ------------------------------
    Richard Vincins ASQ-CQA, MTOPRA, RAC
    Vice President Global Regulatory Affairs
    ------------------------------

    Original Message


Related Content