Clinical Login Support Contact Sales
Products

More than a Quality Management System: Tools for the entire MedTech Lifecycle.

Learn More

Featured Capabilities:

Document Management Training Management CAPA Management Audit Management Product Development

Experience the #1 QMS software for medical device companies first-hand. Click through an interactive demo.

View Product Tour

Accelerate development with integrated design control and risk software.

Learn More

Featured Capabilities:

Design Controls Risk Management Risk Intelligence

Schedule a custom demo of Greenlight Guru Product now.

REQUEST A DEMO

Data collection and management designed for MedTech clinical trials.

Learn More

Featured Capabilities:

Electronic Data Capture (EDC) Electronic Case Report Forms (eCRF) Electronic Patient Reported Outcomes (ePRO) Ad-Hoc Data Collection (Cases) Post-Market Surveys Product Add-Ons

Get a personalized demo of Greenlight Guru Clinical today.

Request a Demo
Solutions
Why Us
Customers
Partners
Company
Resources
ROI Report Cover

Calculate Your ROI
Pricing
Request a Demo
Request a Demo

5 Tips for Running Effective Internal Quality Audits

Written by: Etienne Nichols
March 31, 2023

5 Tips for Running Effective Internal Quality Audits

How did your last internal quality audit go? Internal audits can be a bit of a scramble for some medical device companies. 

They’re often seen as inconvenient and can be kind of nerve-wracking, too. However, they’re also a good educational exercise and a great way to “take the temperature” of your quality management system at your company.

If you want to put your focus on quality rather than just ensuring that your company meets regulatory requirements, then putting the time into effective internal auditing is essential.

BONUS RESOURCE: Click here to download your free FDA QSR & ISO 13485:2016 Internal QMS Audit Checklist.

Before we dive into the top 5 tips, it's important to understand what quality audits are, and more specifically, what is an internal quality audit.

What is a Quality Audit?

A quality audit is a methodical, independent process, which is carefully documented to gather and objectively evaluate audit evidence. This is done to assess how well audit criteria are adhered to. Simply put, it's an examination of an organization's systems and procedures to gauge their compliance with defined quality standards.

Quality standards could be those mandated by regulatory bodies like the FDA QSR or ISO 13485:2016 for medical device industries, specific client requirements, or even the company's internal operational procedures. By identifying areas of non-adherence, quality audits support corrective measures, fostering continuous improvement of the systems in question.

What is an Internal Quality Audit?

In contrast, an internal quality audit is a form of self-examination conducted by the organization. It's akin to a "health assessment" for a company's quality management system (QMS). This process is carried out by internal personnel or hired third-party auditors. The goal is to review the organization's systems, processes, and practices to ensure they meet the set quality standards.

The key objective of internal quality audits extends beyond regulatory compliance. These audits are geared towards enhancing the continual improvement of a company's QMS. When done right, internal auditing helps a company shift focus from simply meeting regulatory standards to prioritizing overall quality.

Now that we understand the differences between a quality audit vs. an internal quality audit, here are the top 5 tips in running effective internal quality audits.

Tip #1: Document and define your internal quality audit process

One foundational step to managing successful internal audits is a well-defined and documented procedure. This should include a full description of any and all necessary processes performed before, during, or after a specific audit, especially in the event that a nonconformance is observed. 

Internal audit procedures are hugely beneficial for training your employees to be ready for an audit, whether that’s scheduled or unannounced. You want to be ready for the audit at any time.  Just like your FDA or ISO audit can show up unannounced, your internal procedures documentation is going to make sure that you have that same type of preparation built into your processes.

There are four crucial elements to an internal quality audit procedure:

  • Scope: The scope should outline the process for an internal audit, and provide guidelines for the various stages, like planning, execution, audit reporting, assessment, and follow-up. But within that, medical device manufacturers need to identify the scope of the relevant regulatory requirements in your market, whether that’s FDA, ISO 13485, or CE Marking.

  • Objectives: Here is where you’ll state the goals that drive your internal audits. Remember that these objectives will likely change depending on what quality process or system you’re auditing. Additionally, it may give you a chance to define what a pass or fail means during an audit.

  • Responsibilities: You should always include who is responsible for internal audits in your procedure, especially with regards to lead auditors. As companies grow, it may be easier to list those responsible by job title as opposed to an employee’s name. As part of the management flowchart, this section should list what steps each actor is responsible for while conducting an internal audit and what role each one plays before, during, and after an audit is conducted.

  • Planning: Every step that is relevant to the internal audit process leading up to one should be detailed in this section. This will usually include a specific way to plan each internal audit. Planning takes into consideration meetings, reviews of previous audits, drawing up plans, scheduling, and addressing corrective actions or any upcoming external audits.

Tip #2: Create an internal audit schedule

Having an audit schedule in place is an essential tip for ensuring that you don’t end up with the kind of “horror story” scenario like Kyle Rose, President of Rook Quality Systems, described on an episode of the Global Medical Device Podcast about internal auditing. 

At Rook, we have had companies call us in a bind—whether that’s near the end of the year or right before they’re scheduled for their yearly audit—and need to get everything done in a single weekend. So, we'll be involved in the same thing, reading documents, reading records hours-on-end to make sure this audit gets complete in time. But it is far from ideal.

It is important to figure out how soon you need to start with internal auditing. This will vary depending on which market(s) you are entering and the regulations that apply. For example, with ISO audits, these usually happen prior to your device hitting the market, so it’s important to start that internal process early.

This becomes exponentially more important for scale-up companies. As your company grows, this task of internal auditing becomes bigger, and tends to involve more people and moving parts. For that reason, a good tip is to set your internal audit schedule to audit a couple processes every few months. This way you knock out what you need to during the year and avoid any panicked rush. 

Tip #3: Utilize an internal audit checklist

I tell companies I want to see them be more thorough than even an FDA inspector will be. This ensures that you are as ready as they can be for someone to come in and inspect.

One tip for being more thorough is to create an internal audit checklist. And within each checklist item, there are a number of tasks that must be checked off.

For example, within design controls, there is a list of relevant procedures, then the associated records for each of those procedures. This is one way of ensuring that nothing gets left out. 

And when it comes to a highly-regulated industry like medical device manufacturing, there’s a lot of areas to make sure aren’t omitted by your internal auditors. 

Here a sample of just the main subsystems you need to be checking off your internal quality audit checklist:

  • Management Controls

  • Design and Development

  • Design Controls

  • Corrective and Preventive Actions (CAPA)

  • Medical Device Reporting

  • Reports of Corrections and Removals

  • Medical Device Tracking

  • Production and Process Controls

  • Sterilization Process Controls

  • Purchasing Controls

  • Documentation and Records

  • Customer Requirements

  • Technical Files

Tip #4: Avoid relying on external auditors

Many companies hire a consultant to help with their internal audits… but be careful that you don't take the stance that, “We don’t have to do internal audits now!” You still need to keep your own finger on the pulse of the QMS. The regulatory risk falls on you, not an external consultant. 

So, while you might want to hire someone to make sure that you’re hitting all of the right points, you still need to be well within the loop. 

The same can be said if you’re relying on just one person within your company to perform an audit. Essential people might be out of the loop with what’s happening. Not only that, but that one person might not have all of the required knowledge and experience to understand whether you’re following your SOPs and ensure the effectiveness of the quality standards.

One of the big things that we see a lot is that the person conducting the audit is also the person that wrote most of the procedures. This is a big no-no. You need someone who is objective to conduct the audit according to regulations, which is another reason many use consultants. Auditors should never audit their own work, which can get tricky in smaller companies. 

A particular horror story of my own comes to mind—a company I know suddenly realized on November 15th that it hadn’t yet done an internal audit, which was required in the calendar year according to the company's SOPs. The company went into panic-mode and hired an external quality auditor consultant. 

Don’t get me wrong, there are great consultants out there and many valid reasons to use them, but in this case, the consultant didn’t even set foot on site. They looked at the procedures from afar and made judgments based on what they saw from those. Did the company learn anything? No, because the people that run the processes day to day weren't even involved in the internal audit. 

The moral of the story? Don’t take the attitude of satisfying a procedural requirement. Instead, look at the internal audit as an opportunity to improve your company and constantly get better.

BONUS RESOURCE: Click here to download your free FDA QSR & ISO 13485:2016 Internal QMS Audit Checklist.

Tip #5: Build the internal quality audit process into your QMS

If you are dealing with the FDA, typically you want to start internal audits when you’re getting ready to go through the submission process. This helps to ensure that you’re ready for that initial audit with a robust quality management system in place. This should all be spotless before approval and launch of the device. The day you go to market, theoretically, you’re now open for inspection. 

If the mere mention of audit findings gives you knots in your stomach, it may mean it’s time for a QMS that’s built to handle even the highest level of scrutiny. And that’s why we built our eQMS as an end-to-end solution that streamlines product development, quality management, and clinical data management by integrating cross-functional teams, processes, and data throughout the entire product lifecycle. 

Greenlight Guru’s QMS platform is used by organizations across the globe that are replacing their disjointed, legacy tools and solutions to bring life-changing products to people faster, and with less risk. 

Want to learn more? Contact us today for your personalized demo →

 

Etienne Nichols

Etienne Nichols is a Medical Device Guru and Mechanical Engineer who loves learning and teaching how systems work together. He has both manufacturing and product development experience, even aiding in the development of combination drug-delivery devices, from startup to Fortune 500 companies and holds a Project...

Related Posts

Product Development

5 Ways to Leverage Internal Quality Audits to Improve External Audit Outcomes

Taylor Brown
February 14, 2021
Your internal quality audits should be much more than a “checkbox” requirement on your compliance to-do list. Internal audits must be regularly scheduled according to a... Read More
Establishing a QMS

Unannounced Audits: A Survival Guide for Quality Managers

Jon Speer
August 16, 2020
We’re in an industry that requires preparation. Unlike less regulated industries, there’s an expectation in the medical device industry around the possibility that an... Read More
Establishing a QMS

Tips & Pointers for Effective Internal Quality Audits with Kyle Rose

Nick Tippmann
September 12, 2016
Internal audits might be inconvenient and a bit nerve-wracking, but they’re also educational. Read More
BONUS RESOURCE:
FDA QSR & ISO 13485:2016 Internal Audit Checklist
Download now
FDA QSR & ISO 134852016 QMS Internal Audit Checklist - Slide-in Cover
Subscribe Request a Demo
Search Results for:
    Load More Results