MDSAP Approach - Navigating the Medical Device Single Audit Program

April 13, 2022

254 GMDP-header

Navigating the Medical Device Single Audit Program (MDSAP) may cover most of your regulatory requirements; however, it does not mean that your product will automatically be cleared or approved by FDA. Any medical device company considering the MDSAP audit approach should be familiar with what the program is and is not.

In this episode of the Global Medical Device Podcast Jon Speer and Etienne Nichols talk to Danny Kroo, a medical device consultant and sub-contract lead auditor for several registrars that provides quality management system (QMS) and regulatory affairs services.

Listen to Jon, Etienne, and Danny as they help to align expectations about the MDSAP journey so manufacturers can understand both how program works and how it should be leveraged from a regulatory strategy standpoint.



Like this episode? Subscribe today on iTunes or Spotify.


Some highlights of this episode include:

  • The reaction to requiring MDSAP certification to access and sell medical devices in Canada created price increases and smaller companies were unable to justify changing the notified body or auditing organization.

  • MDSAP provided opportunities and benefitted some distributors by getting and using technical files and documents provided by the original manufacturers.

  • MDSAP satisfies the need for some countries, including the United States and Canada, but some companies in other countries think the approach takes too much time, money, and resources for a single audit.

  • MDSAP involves assigned tasks, questions, and interpretations for seven processes during the single audit. For ISO 13485 certification, there is variability and jurisdictions are not always asked the same questions by all auditors.

  • There should not be any surprises during an audit if companies conform to requirements outlined in regulatory resources, such as guidance documents, FAQs, procedures and forms.

  • The FDA’s MDSAP model and approach should be an easy process, but it depends on your company and the level of maturity of your quality system.

  • Easily find and retrieve tribal knowledge by capturing and organizing it in your company’s quality system in the event of an audit.


FDA - Medical Device Single Audit Program (MDSAP)

FDA - MDSAP Audit Approach

FDA - MDSAP Audit Procedures and Forms

ISO 9001

ISO 13485:2016

European Union Medical Device Regulation (EU MDR)

Health Canada


Danny Kroo on LinkedIn

Danny Kroo’s Email

True Quality 2022

Greenlight Guru YouTube Channel

MedTech True Quality Stories Podcast

Greenlight Guru


Memorable quotes from danny kroo:

“If you do want to sell into a country, especially Canada, you need to have an MDSAP certificate.” 

“It made things more expensive and it made the barriers for entry much higher.”

“What is the purpose of an audit? It’s to see if you conform to the requirements.” 

“It should be an easy process. It isn’t so easy because some companies’ systems are mature and they go through it quite easily and others are not. It depends on your company, it depends on the level of maturity of your quality system.” 

“A certain level of tribal knowledge is still there because you have the system.”



Announcer: Welcome to the Global Medical Device podcast, where today's brightest minds in the medical device industry go to get their most useful and actionable insider knowledge direct from some of the world's leading medical device experts and companies.

Jon Speer: Hey, guys. Today, we're going to be talking about navigating the MDSAP and today the person talking to us about that, and who's going to be teaching this is Danny Kroo. He's been a consultant since 1994 in ISO 9001, medical devices, as well as aerospace quality management system. He's a subcontract lead auditor for several of the largest registrars in north America for ISO 1345 CE marking and CMDR, and he provides quality management system and regulatory affairs services to medical devices. He specializes in ISO 9001, quality management systems, as well as ISO 1345, 2016, and MDSAP, medical devices quality management systems. So he has a lot of experience in this field and gives a lot of interesting tidbits and knowledge, so I think you're going to enjoy this episode, so keep listening to hear the rest.

Etienne Nichols: Hey everyone. Welcome back to the Global Medical Device podcast. This is Etienne Nichols, your cohost. With me today is Jon Speer, founder of Greenlight Guru and host of today's podcast. Today, we also have with us Danny Kroo from Docusys. He has a lot of background. We've already talked a little bit about that at the intro, but today we want to focus and extract from his knowledge a little bit more about MDSAP audit. So maybe before we just jump in, maybe Danny, I can give you the mic, and you want to talk to us about what an MDSAP audit even is, or what MDSAP is?

Danny Kroo: Sure. So MDSAP stands for Medical Device Single Audit Program, and it was initiated several years ago. It started with Health Canada when they had this CMDCAS program, and basically, they included Canadian requirements within the ISO 1345 audit. And then other countries saw that this was a good approach, and they got together to start this MDSAP Program, and the countries involved are United States, Canada, Japan, Brazil, and Australia. So what happened was that they wanted to set up a framework so that you can have one audit performed and cover all the regulatory requirements. It doesn't mean that your product would be cleared or approved with that, but it's just an extra step. And it could, in some cases, lead to missing a chance that you wouldn't have to have an audit from the FDA. It would also help out in other aspects. So what happened with the MDSAP audit is that the selected auditing organizations, they're not called certified certification bodies because it's not a certificate. It's not a credited certificate. It's basically a certificate that's offered by auditing organizations, and they have to meet certain specific requirements. And there aren't so many auditing organizations. There are about 13 that exist right now. And what happens is that if you do want to sell into a country, especially Canada, you need to have an MDSAP certificate because it's replacing the old CMDCAS program.

Jon Speer: Danny, I just want to remind you that we are on video too. So I wanted you to be set. We're seeing about the bottom two third of your face or so, so just be cognizant of that. But there we go. I remember a few years ago when Canada came out with that requirement and the med- device world, it seemed very bold." How dare Canada make this a requirement for me to continue selling devices into the Canadian market?" You're on the other end of that. What were you feeling or what was your reaction when Canada threw down that gauntlet and said," Thou shalt do MDSAP if you want to keep selling into the Canadian market?"

Danny Kroo: Well, I was worried as a citizen of Canada, whether I'm going to have access to all the medical devices that I had before MDSAP program. And that is a big concern, and Health Canada, I think, realized that there was an issue with that. What happened also was that several of the auditing organizations jacked up their prices tremendously. And for small companies, it was very difficult for them to get MDSAP. They were looking at if a company had only$ 1 million in sales in the Canadian market, or a smaller amount, a very small percentage of sales. It was hard for them to justify either changing their notified body or auditing organization. And some said," No," because Canada's not a large part of the medical device market. It's about 3% altogether, and companies were trying to justify it. But it also offered an opportunity for some distributors, and some of those distributors were distributing those products and they went and they got licenses from Health Canada by having their own MDSAP and using the technical files and the documents that were provided by the original manufacturer. So this is one way that some companies have benefited, but it's hard to say that it benefits or not. I'm of the opinion that it made things more expensive and it made the barriers for entry much higher, and it may have helped larger companies as opposed to smaller companies.

Jon Speer: Yeah. And you're hitting on the other thing. At least on the surface, the idea or the concept of MDSAP is largely appealing to me, potentially as one within a medical device company, and the premise is I can have one audit that can satisfy the regulatory needs of multiple different geographic regions. Now, maybe not every geographic region, but there is some appeal to that, and to your point, when this first came out and and Health Canada said," Thou shalt do this to stay in the Canadian market," I talked to so many small companies. They were torn or they were faced with that exact decision. Yes, an MDSAP audit satisfies the needs of United States, and Australia, and Canada, and Brazil, Japan, and it means we have less audits in the calendar year, but it also means that one audit is much, much longer than having individual audit. So I could take this approach, but it's too expensive. I don't have the much of a market share. It takes too much of my internal resources. We're a small company. We can't have head of quality and a few other key resources be tied up for such a long period of time in one single audit. So is that still the case with MDSAP? Is it still onerous like that with respect to the time, effort, and energy that's required, and the cost? Have we seen something change since then?

Danny Kroo: Not really change, but some people are using that as an advantage. So, strategically, some companies are offering, because they have MDSAP already, and it's just a matter of adding a device to their scope which is similar to what they provide, so they could take on that additional scope, and instead of going through stage one, stage two audit, and through... Adding a product is not as costly. So there are some companies that are doing that. And also the time factor is another factor, because it could take six to 12 months before you can get an audit because these auditors are very busy, and the amount of days involved is quite a bit, and there's a demand all over the world. So if you're just adding to your scope, it's not a difficult thing, and there are some companies that are doing that. Not so many, but that's one of the things that's different now.

Jon Speer: I think the other thing that soon happened after the MDSAP requirement for Canada, was EU changed their regulations almost at the same time or right on the tail end of some of this with now, an EU MDR, which at least from my perspective, seemed to create an even bigger demand on the services from auditing organizations because now Europe is one of these other markets that I'm probably interested in. They're not part of MDSAP, but I want to have one audit that can satisfy all these different needs. Are we still in a shortage of auditing organizations? Are we still feeling this supply and demand issue? You mentioned maybe six to 12 months to wait.

Danny Kroo: Well, right now I think it's a better situation than it was at the start, because when the expiry date, when Health Canada said, you need to be a MDSAP by a certain date, it didn't happen, and they allowed some companies who had already their ISO 1345 on CMDCAS just to continue on, and just to show them that they have a book date. What's happened now, and you're right, the EU MDR is pulling some of those auditing resources and there may be a bigger payday for the registrars or notified body in terms of that. There's also a lot more cost for them. But right now it's difficult. With some of the auditing organizations, you may have an audit that's scheduled next month and you didn't get notified. It may be a reflection of how organized they are, but sometimes they're just scrambling to find auditors, and these auditors have to go through extensive training. They have to go through standard training with several modules from FDA, and pass tests, and then be witness audit, and all these different things before they can go on their own. So it's a difficult situation, but it's gotten better. It's gotten better than it was before.

Etienne Nichols: Outside of the different things that are impacting how the MDSAP works or maybe the way it's changed or is influenced, if we go back to the definition, what are some of the difference between the MDSAP and maybe trying to get an ISO 1345 certification? Can you speak to that?

Danny Kroo: Right. So in the MDSAP audit, the audit is very prescriptive. You have seven processes that are listed and you have to follow those seven processes. And there is a document that is available on the internet called Audit Approach. It's a 231 page document that provides you with all the questions that you could be asked. All the seven processes, which are management, measurement, analysis, improvement, device, purchasing, production, all of them have assigned tasks and assigned questions, and interpretations related to that. And the auditors have to basically complete their task in a certain amount of time, or they're assigned a certain amount of time. Obviously, they may need a little bit more time or they could finish a little bit earlier, but the audits are basically almost scripted. If you read that 231 page document, you will know all the questions and all the interpretations of what people will be asking. So, that's different. With ISO 1345, if you were in a certain jurisdiction, some auditors could be a little bit more difficult or picky, and the other auditors may be not as much. They may not even ask some of the same questions, but with MDSAP, the way the process has been up, there isn't that variability. You have to ask all those questions, at least in the initial audit, and for all the tasks that are applicable to that company's organization.

Etienne Nichols: That makes sense. Is that a document that you would recommend a company having? I can see us... Maybe we should link that in the show notes. So my background's more product development and manufacturing, so I've not seen this. So this is pretty interesting.

Danny Kroo: Yeah. So it's one of the things that people who are in the business know about, but it's not well advertised. I don't think the auditing organizations are telling too many people about it. But it's there, and it's a tremendous resource. The FDA has done a tremendous job providing resources and FAQs, and explaining the process. And it shouldn't be a surprise. And what's the purpose of an audit? It's to see if you conform to the requirements, and if they outline all the requirements, and they outline all the things that are important to the FDA and also to the other regulatory bodies, then it should be an easy process. It isn't so easy because some companies systems are mature and they go through it quite easily, and others are not. So it depends on your company. It depends on the level of maturity of your quality system.

Etienne Nichols: Okay. That makes sense. So you worked with BSI in the past and now working as a consultant. I already mentioned my background a little bit. Sometimes the audit world feels very mysterious for the product development side. So I get pulled in every now and then you get asked a few questions, then you're like," Okay, other than that, I don't know what happens behind those closed doors." So one of the questions, I guess I'm curious about, as a consultant, how do you get your clients? How do people find out about you?

Danny Kroo: Well, it's mainly word of mouth. Besides doing consulting, I did a webinar maybe five or six years ago, and somebody saw it at McGill University, and they asked me to develop a course for the graduate department on medical device quality and regulatory affairs. So it's basically word of mouth. I'm not trying to be the biggest, but I'm just trying to do consulting in this area, and I haven't really had the need to cold call or to ask somebody to do marketing for me. People come through word of mouth and people recommend me, and it's interesting how many people... And also within the auditing organizations, the auditors like to do audits when I have some involvement in terms of the quality systems, because you see that the systems are good. They don't only recommend me, they have to recommend three people, but I'm usually one of the ones that they recommend, so that's the way I usually get business.

Etienne Nichols: That's cool. I know you can't speak maybe in specifics, but I'm curious if you have any interesting stories from the different audits you've been in.

Danny Kroo: Well, and this is not really an audit that I've been in, but this story will give you an idea of how I usually get business. So I get a call from a client and they say that," You were one of the people that this auditing organization recommended that we talked to."" So what happened?"" Well, we had an MDSAP audit and the consultant that we had left because the consultant was maybe a little bit frustrated because he wasn't aware of all the questions and he was there to help us out and help us answer questions and..."

Etienne Nichols: You mean left during the audit?

Danny Kroo: Yes, because he got frustrated because it was maybe a little bit foreign to him. He was maybe used to ISO 1345 audits and he was asked a lot of questions. So one of the questions that come up within all the different chapters or all the different processes is," Were there any changes? Show me how you dealt with changes?" And change control is really an important process, and it's not something that everybody is familiar with and practices on a regular basis. Maybe changes for design, they will do it, but not changes for procedures, and they wouldn't document and look at the impact. So getting back to the story, so this company said," Well, we got this amount of non- conformities and we need your help. We need you to help us fix them. And so that we can get our MDSAP certificate and deal with that." And now they've come back to me and they said," Well, we want you to redo the documentation and we want you to work with us." So that's happened a few times, where people have either tried on their own and they were having an issue, and they're really in it a little bit too deep for themselves, or they've had a consultant that really had difficulty or wasn't experienced in this area, and they come back to me.

Etienne Nichols: That makes a lot of sense. So you mentioned a few things that you can get into, but I'm curious, have you seen, or do you have common pitfalls people get into when they're going through these MDSAP audits?

Danny Kroo: Yeah. So the things that are important... Well, the first thing to do is obviously to read the Audit Approach, but one of the things that would help companies out is to do some type of a mock audit, a mock MDSAP audit, so that at least the people, the process owners, or the people that normally get asked questions are a little bit more familiar with the terminology, what type of questions, where the questions go. Sometimes people in audits, they just ramble on and they just explain whatever and that's it. But they don't get the specific questions that they may get during an MDSAP audit. And what happens also is the auditors challenge you a little bit more than maybe what you may be used to like 1345 audits, and they expect more evidence. So for example, for an internal auditor. So let's say if I'm auditing the internal audit process, the MDSAP auditor may ask," Okay, show me the auditor's qualifications," and then you can show that they know ISO 1345. The auditor may say," Well, that's great. But how about MDSAP qualifications? Show me that they're familiar with the regulations. Show me that they've been trained." And some auditors are little bit more keen than others, and they expect to see MDSAP training courses, and this has thrown off a few people and a few companies that I know have received non- conformities along that line, which maybe a more different interpretation than some other auditors have. So this is something that is important that companies train their internal auditors to the MDSAP requirements. It may not require a lot of training. It may just be a day training just so that they're familiar with the process, but it will be helpful, because if you simulate the process to the auditees or to the people that you're talking to, they'll be more at ease. There won't be any major surprises when they're going to be asked questions.

Jon Speer: And similar to Etienne's question, but with maybe a slight twist, every year FDA publishes their inspection observation data. So you can see how many 43s were issued for this issue, and that issue, and this issue, as well as warning letters. And routinely, things like CAPA and complaint handling, and design controls are usually definitely in the top five, usually, and the top three, as far as issues. I'm not aware of any similar data with respect to ISO audits. I guess the first question, are you aware of any sources of data where I can see how companies are performing with respect to ISO certification?

Danny Kroo: That's a great question. I think some auditing organizations are doing the trending themselves and some of them are also checking their own auditors to see what non- conformities they're giving their... Because there could be one auditor that every time he does an audit, he gives this non- conformity on post market surveillance or another area, and it seems to be that person's favorite. So they do that trending as well. So what I think... Well, just from the companies that I know of, some of these companies are sometimes weak in terms of the regulatory requirements, so they're missing some of the regulatory requirements for the FDA. The FDA didn't inspect them up until now, and nobody has really gone in and checked what they're doing. And sometimes it's easy to find non- conformities related to the regulatory requirements. There're more documented regulatory requirements to talk about the EMDR and other areas. Validation process, it follows the same trend maybe as what you would find with the FDA results. A lot of people, in terms of process validation in terms of design controls, in terms of change controls, and in CAPAs and complaints, those are the areas where I see more of the issues arise.

Jon Speer: Yeah. So there's some similarities for sure. When MDSAP first rolled out, and even yet still, one thing that I've often scratched my head of about is why is the EU not one of the organizations that's part of that program?

Danny Kroo: Well, I think it has to do with everybody thinks that their scheme is better than the other's. The EU is an observer, and I'm sure that the group of countries would welcome the EUN, but the EU has their own setup in terms of how they want to manage the use of medical devices in their territory. And it's more of a legal arrangement because now the regulations are European law. It's a different approach. They're obviously involved, or as a witness, they're seeing what's happening but let's hope one day that we don't have to through all these different schemes, because it causes a lot of anxiety for everybody having to go through... Well, you could have your MDR audit, EU MDR at the same time as you have your MDSAP audit, but the auditor has to fill in different reports, and it's a long activity.

Jon Speer: Yeah. And I think it'd be interesting to see if UK and MHRA, they may be more inclined to jump on the bandwagon, so I don't know if there's any movement there. But the other thing that's curious to me is at least for probably two, maybe three years, we've been hearing a little bit of chatter from FDA saying that they will be moving towards ISO 1345. And I don't know if abandoning, but in lieu of 21 CFR, part 820, have you heard any updates or insider information on that? And if so, either way, what is your reaction to that?

Danny Kroo: Okay, well, I think the USA is unique because I think that unofficially, they embrace ISO 1345 and there are some differences between ISO 1345, 2016 and 21 CFR Part A 20. I think it's manageable. I think there is a group at the FDA that's working on this whole process. I think the COVID pandemic has caused them to delay a little bit because they've had other activities that were more important, more pressing at the time. I think I heard about a month ago or a couple weeks ago that something's going to happen very soon. I think what's going to happen is that the US medical device industry, globally, it's the largest in the world, and a lot of companies depend just on the domestic market. They don't have to sell all over. The huge companies that are selling all over, it's not a problem for them, but those smaller companies that may not have the resources that some of the larger ones would have, I'm sure there would be some protests or there would be some feed back to make it easier for them to transition or to allow them another way to conform. Because if they have to go through the MDSAP process, first of all, that's a huge market. There are a lot of companies that have MDSAP in the United States, but there's a much bigger market of companies, small businesses, that are involved with medical that are not certified. I'm sure there would be some type of transition process, but I'm interested to see what would happen. I don't think everyone will accept it, and I think that there will be some pushback.

Jon Speer: Yeah. For those listening, to unpack what Danny is sharing a little bit, it's not a requirement to sell devices in the United States to be ISO certified in any way, shape or form. Technically speaking, it's not a requirement in other parts of the world either, but we don't necessarily have to get into that at this moment in time. Although Canada, obviously we've already talked about, that it's made that a requirement for the Canadian market. But there's plenty of companies, medical device companies who are selling their products into the United States market that maybe they've been subjected to an FDA inspection every couple years or so, but they don't have any formal certification for their quality system. So what happens if, and when FDA says," Hey, you have to be ISO certified to sell your devices into the United States." That's going to be interesting. There probably is going to be some pushback. There's probably going to be some resistance. And I also wonder how we, the community and more specifically, auditing organizations are going to be able to keep up with that demand as well. So we've had the MDSAP and Health Canada create a bottleneck. We had EU MDR create a bottleneck. This might too also create some sort of bottleneck. So there's something that's going to happen. FDA is still talking about it. So we should anticipate that.

Danny Kroo: Yeah, but it could be also a political decision.

Jon Speer: Yeah.

Danny Kroo: Yeah. Because somebody may say FDA don't do it. That could happen. And maybe there's going to be a new type of tool that will be available that with artificial intelligence, you'll be able to audit and you won't need to send an auditor. There could be new technology that's going to be used so that we can become more efficient in terms of being able to verify if the requirements are being met.

Jon Speer: I know of one company that might be on the edge of that. So there's this software provider called Greenlight Guru that helps all of our customers with their quality management system and their compliance initiative. And there are some things we're working on that just might get us a step or two closer to what you talked about so we'll see.

Danny Kroo: Well, I can tell you, I've involved in one company with Greenlight Guru, and it saved them during the audit because maybe the person who was the most familiar with the documents wasn't there, wasn't available all the time, but they were able to retrieve their records and be able to talk through the audit, and be able to show evidence because they were able to show the risk management records, they were able to show the design development records, and they didn't have to be the expert. Obviously, they were involved with it, but they weren't the expert, and it allowed them to make it through that audit because it wasn't in somebody's folder somewhere. It wasn't even on a shared drive. Nobody knows where it is. It was very easily retrievable and everything was there. So it saved them. So I've seen how it works, and I've seen that these type of tools are very valuable because if you lose somebody in your organization, when you see a lot of resignations now, and people moving, a certain level of the tribal knowledge is still there because you have the system. You're not going to lose the system.

Speaker 5: Right. That's a great story. I appreciate you sharing that, Danny.

Etienne Nichols: Yeah, it makes me think of my past. Tribal knowledge was like a curse word at one place I worked at. But it was a real thing. And you bring up a point about that tribal knowledge helping in the event of an audit and being able to overcome that, still being able to move forward with the audit one step further is the sign of development for process. The ability to search those things and actually working within the organization, it's more than just the audit. So I love that story as well.

Jon Speer: We're in the era where... And I think it's exacerbated now more than ever because the pandemic and so many folks are working remote, but actually stress is whatever system you have in place or lack thereof. So if you didn't have a good methodology, or good systems, or good solutions in place to help you manage documents and records before the pandemic, you're feeling that pain right now, because a lot of your people are working from home and how are they getting information checked in or checked out of your system of record and that sort of thing. So I can imagine there's all sorts of horror stories of companies that are feeling that right now.

Danny Kroo: Yeah. The area that I found that was useful was the change control process, because it always prompted you to look at whether training was required, where were the impacts of that change? And it made the process simple for the company, as opposed to trying to remember," Oh, we have to do training." And it basically automated that process. In small organizations, it may be easy to do, but in medium two larger organizations, if it's not automated, you can always make a mistake and it's easy to make a mistake. And the other thing that I found in terms of the audit was that when you have an auditor in front of you and they have a whole list of questions, and they're stressed out themselves, and they know that they have a certain amount of time to get the answer to the question, and if you have a system where it's easily retrievable, you're going to be less stressed out and it's going to be much easier for the auditor to show evidence that your system meets the requirements. It's a big difference because if you have your auditor and they're flicking their pen it's almost like torture to be in that type of situation. You're sweating. You're saying," Where is it? Where is it?" And shouting. And sometimes in small companies, they're faced with two auditors at once. So you have two auditors and you're answering the questions.

Jon Speer: And sometimes, sorry to interject it, but not only is there two auditors, but they're on one side of the table and they're doing this crosstalking, and they're having two different conversations, and you want to hear both the conversations, but you can't. So it's like this," This is bad."

Danny Kroo: So it's really a nerve wrecking situation. You have to be organized. Sometimes you have to print things out just to get things organized. Or if you have this system, it will help you. It makes things much easier for the company.

Jon Speer: So, Danny, as we work toward wrapping up this conversation, I'm curious, I obviously have a lot of expertise in MDSAP and maybe it is, or isn't for every company. I guess it depends on what their market opportunity is, and I would encourage folks to reach out to Danny if you're curious about whether or not MDSAP should be something you're considering. But I guess just quality systems aside. You've shared quite a bit of tips and knowledge from your experiences, but you mentioned the need to or the practice of doing a gap analysis and internal audit. Above and beyond that, what are some things that you want listeners to leave with on what they should or shouldn't be doing with respect to their quality system initiatives?

Danny Kroo: Well, the best quality systems are the most simple quality systems. Don't try to make your system more complicated than necessary. And if you have the ability to use automated tools, they'll make your life easier, take advantage of it because those type of tools will save you at the end, and it'll make your system much easier to navigate. The other thing is, specifically for MDSAP, there's a whole lot of resources available on the internet where you don't have to pay anybody to get those resources. So the FDA website, which provides the Audit Approach, they have some other documents, but the Audit Approach document, if you really study that, it'll be very worthwhile. It's a big document, but at least you'll have an idea what needs to be done. The other thing that could be helpful is if this is the first time you're going through this exercise, it's not a bad idea to reach out to somebody who has experience with the MDSAP audits and walk you through and mock audit, and just give you an idea of how it is, because it's a little bit different than what you may be used to if you've had ISO 1345 audits in the past.

Etienne Nichols: Great advice. I appreciate you taking the time to go through and discuss all that. Just wanted a quick question, so the Audit Approach, that's the 231 page document you were mentioning?

Danny Kroo: Right.

Etienne Nichols: We'll put a link to that in the show notes so that anybody who's interested is able to check that out.

Jon Speer: One more thing. To Danny's point, the FDA page on MDSAP it does have a ton of information, so Etienne we can provide a link to that whole page because there's all sorts of resources there, which the top one is that Audit Approach document. But anyway, go ahead.

Etienne Nichols: Cool. How can people get ahold of you, Danny?

Danny Kroo: Well, the easiest way is I'm on LinkedIn and you can find me on LinkedIn. I sometimes post some interesting information on LinkedIn. I try to help everyone. If you ask a question, I'm not going to be a lawyer. I'm not going to charge you for it. I'm happy to help everyone. And if there is something that requires more work, obviously I'm interested in helping your organization meet your require requirements, meet your regulatory requirements, and wherever you are, because now, a lot of the work is done remotely and I'm able to work with companies all over in Canada, United States, and also Europe. So it would be a pleasure to answer your questions, and if you do have any needs, I'll be glad to help you out with them.

Etienne Nichols: Awesome. Well, that's really exciting. I'm glad that there's resources like you, as well as all the others that we'll be providing as well out there for companies who are having to go through this maybe for the first time. So don't be afraid. There's a path forward.

Jon Speer: There's a path.

Danny Kroo: Right.

Jon Speer: Absolutely. Thank you so much, Danny. I appreciate your time and your insights today.

Danny Kroo: Well, I appreciate Greenlight Guru. I think you have tremendous training. I think you've addressed the need because there is a lack of information on a lot of topics and you've brought together conferences and provided a lot of information for free to the community. So I think you've done a great job. I have students that use the Greenlight Guru to research their projects and to help them advance in their careers, so I think we have to also thank Greenlight Guru for providing all those resources and making them available to everyone.

Jon Speer: Thank you for saying so. I always appreciate hearing stories like this. That never grows all for me. That's one of the things when we started this company was we wanted to have an impact and improve the quality of life. That is our mission at Greenlight. And there's a lot of ways that I believe we do that, and to hear you say so and a couple different facets, makes us all and our team excited and feel good about what we're doing. So Etienne, we'll have to remember to share some of these insights with the rest of the team at Greenlight as well. So thank you for sharing that, Danny. I greatly appreciate it.

Danny Kroo: You're welcome. Thank you for the opportunity.

Jon Speer: You got it. Etienne, take us home.

Etienne Nichols: All right. Well, those of you who've been listening, you've been listening to the Global Medical Device podcast. I hope you enjoyed this episode. It was eye opening for me. Very interesting, and great stuff. So definitely check out the resources that are provided. For those of you who are not familiar with Greenlight Guru, this is powered by Greenlight Guru. Go over to, and check it out., The only medical device success platform that is designed specifically for medical devices. Check it out, see how it can help you in your next audit. Thanks for listening. We'll see you next time.



The Global Medical Device Podcast powered by Greenlight Guru is where today's brightest minds in the medical device industry go to get their most useful and actionable insider knowledge, direct from some of the world's leading medical device experts and companies.

Like this episode? Subscribe today on iTunes or Spotify.

Etienne Nichols is a Medical Device Guru and Mechanical Engineer who loves learning and teaching how systems work together. He has both manufacturing and product development experience, even aiding in the development of combination drug-delivery devices, from startup to Fortune 500 companies and holds a Project...

Search Results for:
    Load More Results