- Why Us
Your internal quality audits should be much more than a “checkbox” requirement on your compliance to-do list. Internal audits must be regularly scheduled according to a timetable that the manufacturer creates and adheres to.
Internal audits are required by FDA and ISO 13485, but the value of an internal audit exercise far exceeds the regulatory requirement.
Internal quality audits are an opportunity for your medical device company to find ways to constantly improve outcomes for your product, processes and business.
I hate to break this to you, but you can expect that at some point you will have an external audit. One of the key reasons why some companies do better than others during external audits has to do with the effectiveness of their internal quality audit program.
How you conduct yourself in your internal audits and what you learn from audit findings can and will pave the road to a successful future.
Here are five things you can do to leverage internal quality audits to improve the outcomes of your external audits:
Many medical device companies don’t take full advantage of internal quality audits. These may be an checklist item that is finally tackled at the end of the year, only to be hastily rushed through for a completion mark showing it took place.
This is really missing the entire point. An internal quality audit doesn’t have to be an onerous “waving the big stick” activity. It should be a true health check of your systems, processes, and operations. As with most issues, the earlier an issue is detected and corrected, the better the outcome tends to be long-term.
One of the first things to do is to plan ahead for your audits by establishing well-documented internal auditing procedures. Your procedures help to ensure consistency and attention to all key areas which need to be audited.
A robust internal audit procedure will help your team prepare for external audits which will follow a similar process. Following your internal audit process will allow your team become familiar with the requirements they need to follow and won’t be surprised by anything during a visit by a notified body or regulatory agency.
It’s important to note that FDA’s Quality System Regulation (QSR) requires you to have “documented” (written) procedures. Of course, auditors will ensure these documents exist, but more importantly, you need to follow the exact procedures that are documented.
That being said, if you find that, in an internal audit, a documented procedure is not robust enough or is maybe too robust, you can revise the procedure as part of the internal audit corrective action. (We call this right-sizing your QMS!)
The main goals are two-fold: to ensure that your quality system is in compliance with established procedures and to determine the effectiveness of your quality system.
Medical device companies often have a “fear” of the external audit. It’s not like a visit from “internal affairs” where people skulk and try to hide things. It genuinely should be about assuring safe and successful operations are taking place within your company.
Just like running a fire drill, mock audits help to take some of the “fear” out of the real thing. When you get in the habit of following a good structure for mock internal audits, everyone understands what is expected, what is needed, and how to deliver.
There’s no scrambling panic; it’s simply “yes, here are the records you requested.” Be sure to practice your internal audit etiquette during these sessions as well to ensure the techniques become second nature.
As long as you meet the internal quality audit requirements per your internal audit schedule (typically an annual requirement), you can schedule as many mock audits as you like. This can be especially helpful if you’ve found any areas where additional improvements are needed to meet a set standard or if you do not want to wait until the end of the year to audit everything.
TIP: You don’t have to conduct a full internal quality audit of every area of your business simultaneously. In fact, it’s often better not to. The internal quality audit task is much less daunting when broken up into scheduled parts which make sense for your business.
For example, you might break your SOPs into four separate groups, then audit one group per quarter. You’ll often find that you get much more value from the auditing process by not cramming everything into one session.
This is a simple point really - if you’re tough on yourselves during an internal quality audit, you will have less to worry about when an external audit rolls around.
An unannounced audit or inspection could happen at any time, so you need to maintain a constant state of readiness. Being more stringent (read: picky) with your internal quality audits than a third-party auditor would be is a great way to ensure that state of readiness.
You can find the right level of stringency for your internal quality audits by creating a checklist of audit requirements which list out and define the applied regulations and standards you need to follow, whether those are from FDA, ISO, EU MDR, or others. You would then verify adherence to each requirement during your internal audit.
Don’t forget, your internal auditors need to be independent of the area being audited. Use this to your advantage by having the internal audits ask questions which may not have been previously raised.
I loved having auditors from sister sites or different departments audit my team because they were not afraid to ask why we made a process so complicated or why we documented the same information in three separate areas...
There are a few good reasons for involving multiple internal stakeholders during your internal quality audit:
If you decide to include internal team members, it’s important that they get appropriate audit training. You may also want to employ an external consultant with auditing expertise to help ensure your internal quality audit program is effective.
When things become just another procedural requirement or “checkbox” item, let’s face it, we tend to put them off. Suddenly, you have a few weeks left in the year and you realize you haven’t conducted any internal audits. You scramble to get it done before time runs out, just so you can check off the activity, but what do you really learn?
And in the scramble, do you have time to actually fix the findings?Chances are, you gain very little value or meaningful learnings from the internal audit exercise scramble. Not to mention, in the haste of getting it done in an expedited time frame you likely missed important issues that will only worsen over the time leading up to your external audit.
Internal quality audits are only actually valuable when they’re used as an opportunity for learning and improving. A well-structured internal quality audit program will position you for success when you exceed all expectations of an external auditor and pass with flying colors.
Of course, there’s one last thing that plays a huge part in the success of your internal and external audits, and that’s your quality management system (QMS).
The best QMS solutions are purpose-built to meet the needs of the medical device industry and should provide easy access to updated documents and records at a moments request. Audits become a breeze because documentation is found with a click of the button - no more emptying out drawers or filing cabinets or scouring through thousands of cloud storage files.
Greenlight Guru’s QMS software automates all quality system processes, allowing users to achieve full traceability and streamline communications among all stakeholders.
Our QMS software comes out of the box with the latest auditing requirements built-in to provide guardrails for compliance. Get your free demo of our software to see how Greenlight Guru helps medical device companies improve internal and external audit outcomes.
Looking for an all-in-one QMS solution to advance the success of your in-market devices and integrates your post-market activities with product development efforts? Click here to take a quick tour of Greenlight Guru's Medical Device QMS software →
Taylor Brown is a Medical Device Guru, certified Lead Auditor for ISO 13485, and a card-carrying Quality Nerd. She got her start in the industry as a technical writer and quickly became an audit readiness and support specialist, traveling around the United States to establish ISO 13485 compliant quality systems. She...