Julie Omohundro Are you looking for guidance on how to set up a QMS that is certifiable? Or are you looking for information on the actual certification process?

Michael Dickens II Hi Julie. Thank you for your reply and your request for more information. I am actually looking for both of the items you have noted, guidance with setting up a certifiable QMS as well as information on the actual certification process.

contact bsigroup.com who will discuss the process with you.

Julie Omohundro Have you purchased the standard yet?

Michael Dickens II Thank you Aaron Leighton Mckechnie!

http://www.bsigroup.com/en-GB/medical-devices/our-services/iso-13485

Edward Perry Michael, I have implemented ISO13485 QM systems in a few businesses so far and it is truly not that painful but a very solid plan up front is very important. Depending on the "scope" of what your organization is, I have a few recommendations. Pick a Registrar (and Auditor if possible) up front and set a date (reasonable but not too far out) for the audit. This way the plan has an end date and management own the progress instead of the date slipping over and over. If you choose a consultant to help with the process (write documents etc), I would select someone that is NOT associated with your chosen Registrar. Again, consider the organization what FITS for it. The QMS is to support the Business, profitability, etc. Not the other way around. (Some may argue that point...). But implement what is REQUIRED but tailor it to what the business NEEDS. Hopefully this is a start and feel free to yell to me if you need anything. Good luck!

Marcelo Antunes The certification process depends on the certification scheme. Usually, CBs follow IAF rules. You can find the documents that the CBs follow which details requirements here: http://www.iaf.nu/articles/Mandatory_Documents_/38 (they are the MD 8 and 9 docs). The process in itself is a little more complicated. IAF does have general requirements for the certification process but it's detailed in several different documents. You can also view and overviews of ISO 13485 certification activities and requirements here: http://www.iaf.nu/articles/Br_ISO_13485_Product_certification/324

Dan Brown Sorry, hit the wrong key. As Marcelo pointed out, you want to use an Acceedited registrar. BSI is merely one example. Unaccredited companies will take your money and issue you a cert but it will not be accepted by your customers.

Dan Brown 13485 certification is easier now that the standard has been revised to more closely match the GMP regulations - if you are an OEM or critical supplier you will already be doing these activities. As Marce

Christopher Paris You only have two options: use an accredited certification body, or "buy" your certificate from an unaccredited "certificate mill" over the internet. If you do the latter, you will eventually face problems with FDA as well as your customers.

So I am not sure what choice you think you have?

There's no bias here -- it's the equivalent of getting a university degree, or buying one off the internet.

Michael Dickens II Christopher Paris, To clarify my original post - I already determined that an accredited 3rd party will need to be used: "From the research I have, it seems like accredited 3rd parties are the best way to go."
What I have asked for, specifically, is information about the certification process when using an accredited organization. To further clarify, at no point did I ever mention (nor would I ever desire) information about the less than ethical, blatantly immoral alternative "option". The "choice [I] think [I] have" is selecting the company that best fits our needs. The unbiased information I wanted, and have received, is information that does not come directly from a company that specializes in certifications (since that information is available in abundance, per my research). Rather, I wanted the objective opinions of those who may have gone through a certification process already and could provide additional insight or confirm the information I have already found.

Michael Dickens II Edward, Marcelo, and Dan - Thank you all for the clarifying information. The guidance is certainly appreciated!

ISO 13485 Requirements and E-books: https://www.compliance4all.com/control/category/~category_id=P_MEDICAL?p_category=Y

Christopher Paris I was just referring to the wording you used "best way to go." There is no other way, so there's no best or worst. That was my point. Nothing else.

Yes, you have to tread with caution. The representatives of the registrars (including some posting here) will insist that it's "easy" and cheap, and then surprise you later. ISO 13485 is a complicated endeavor, and with simultaneous changes to FDA happening right now, is more complicated than ever. The new labeling requirements alone are causing havoc in the industry.

I don't say this as someone selling consulting, since I have to now hand off most 13485 clients to others, because it's gotten that complicated. I prefer to stick to aerospace. Rocket science is easier than 13485.

Marcus Gould To ensure the Notified Body is accredited only use notified bodies on the NANDO website that offer ISO 13485 certification: http://ec.europa.eu/growth/tools-databases/nando/index.cfm?fuseaction=directive.notifiedbody&dir_id=13

Michael Dickens II Also, Christopher Paris, shooting me this link: https://www.oxebridge.com/emma/iso-13485/ would have been very beneficial. You seem to have a healthy process and quality information on this page. I'm getting much more from this page on your site than the "I'm not sure what choice you think you have" comment. There is really good information all over the oxebridge site; I'm glad my post garnered your attention.

Michael Dickens II Good to know Christopher. From the research I've been gathering, it seems quite complex. I am glad to learn that a professional with specific experience around the standard agrees. It makes me feel a little less intimidated by the process...but not that much less. Haha.

ISO 13485 is a quality management system, you could implement this system yourself and certified by a organization such as TUV. you could also get consultant to help you with it. But the key is your organization need to make the system into actions, means your company need to follow the system, you could start build the system for a Key area such as R&D if your company is a product company.

Anil Chaudhari Put me mail at anil@operonstrategist.com

Fred Pisacane Agree with Christopher Paris and maybe go a bit further; use a firm that has been through numerous customer and FDA audits. Use your ISO 13485 certification process as means to internalize the quality system so that your facility is audit ready every day.

Mark Proulx, CQA, cSSBB Michael Dickens II As was mentioned above, you really start by implementing a quality management system. No group will sign off on an organization that doesn't have the basics in place. I'm constantly asked to remediate systems after audits because mgt doesn't know what has to be in place first. No matter what organization you use, they will naturally write up deficiencies and have you put systems into place before they can sign off. You make the wantbto get a consultant to sit down first with your organization, perform a gap assessment, help you develop all quality systems you need to implement and THEN ask the ISO in.

Trust, confidence and rapport with the particular consultant matters as much as the firm's reputation. I would check out like 510Ks and see

Meena Chettiar You start with doing a gap assessment of your Quality System and having at least one internal auditor certified to and experienced in auditing for ISO 13485. You can also find contract internal auditors for your initial and annual assessments. When your Quality System is ready, you go through a certifying body such as BSI or TUV for the full 3 day assessment which will be followed by one day annual assessment. If you already have ISO 9001 type of certification it is easier as they are very similar in 90% of the audit elements.

Meena Chettiar I am assuming that you are you want to get ISO 13585 certification for your company. You need to 1st understand the ISO 13485 requirements which I presume you do or you can have an auditor certified to audit ISO 13485 do a gap assessment of your quality system.( Auditor certifications are acquired through classes such as Statamatrix 30 hour training which is followed by a short exam). My personal experience is after acquiring the certification, one still needs to do a few audits to translate the theoretical knowledge into practical knowledge. When you feel your Quality System is ready to be ISO 13485 certified, you approach a certifying body such as BSI, TUV etc and have the 3 day assessment done to become certified. This will be followed by annual one day assessment every year and the following 3rd year you are up for a full 3 day evaluation. You are required to do internal audits of all audit elements annually in addition to this. If you already have ISO 9001 certification, it would be easier to add ISO 13485 certification.
I hope this helps.

Hi Michael, Thanks for posting your inquiry. MSI has been implementing ISO Standards for over 18 years. Our approach is to first agree on a plan which we draft after getting to know what your company is about, in that plan is a determination of the appropriate procedures to be developed or modified from any existing procedures. Meanwhile some implementation effort is beginning. Then is the training phase an Overview, Internal Auditing and possible some specific implementation of the complex procedures that are new. MSI then coaches through the implementation tasks. Early on evaluate and select on the Registrar/auditor that will add value to your QMS. Complete implementation in order to accomplish a full system of internal audits to validate effectiveness of procedures. Then for the company's management to hold a management review to assess overall QMS status and effectiveness. Registrars require a stage 1 audit, (desk and that a system really exists to audit) then the Stage 2.

Hi Michael, we have just been through ISO 13485 cert. process (2016 version). Few months ago, we were only certified 9001, we decided to run this project in "DIY" mode, without consultant. Of course we took an accredited 3rd party for the certification.
It is not impossible to build your QMS alone (even if you don't know 13485 at the moment). But my opinion is that you need time and a "perfect" ISO 9001 (preferably 2008 version) system implemented before. From there, it will be much easier to build your organization to stick to ISO 1385 requirements.

Nicole Baldridge I see you've already had tons of feedback so I'll just say Good luck Michael. There is a lot of chatter out there from companies that will help you get certified, but could cause you issues in the long run because they approach with a cookie cutter method. Be careful and make sure you build a system that is right for your organization.

Michael, you will need to start with Good Manufacturing Practices (GMP) then develop a solid risk and qualitymanagement system for your product manufacturing. The FDA has good guidelines on their website to help get you started. Also a pilot program for auditing your QMS.

http://www.fda.gov/downloads/medicaldevices/internationalprograms/mdsappilot/ucm429958.pdf

If you are going to trade in Europe make sure you are familiar with the particular medical device directive (MDD) and CE marking. ISO13485 is currently under review at the moment and is not going to follow the SL structure that other Standards are adopting. Your starting off point is to have an accredited QMS and your device depending on the class will need to be approved

Dr. Ulrich Eggert In case you want to receive a certification, I recommend to
work together with a professional QM Manager and auditor building up a dedicated QM system first including a detailed documentation of all the processes. I do know such a professional having performed many certifications.

Michael. Give Underwriters Laboratories (UL) a call to give you a cost on a GAP analysis. The GAP analysis will reveal how much work needs to be done. They are accredited and inspectors, priced well I might add.

All regulation guidelines from FDA or ISO are just that; guidelines. You must be able to interpret and defend the rational of your practices and documentation. There is no perfect way- just what is acceptable to meet regulation. FDA or ISO will not tell you the perfect way to set up your QMS, but they will certainly tell you when you are doing it wrong.

Pick a certified 3rd party like UL that performs inspections to submit to ISO. They will know how to set up your system in a way that abides to the regulations for your operational needs.

Wendy Turner-Williams Hello Michael, you are receiving a lot of excellent information but before you get knee deep in 13485 you need to start with the basics. You need to look at your documentation which includes everything from training to auditing, to qualification of products, c of c, work instructions to traceability. The bottom line to any quality management program is: Do what you say, say what you do and show how you do it. With that in mind review your current program and look for gaps. I would be happy to share my program with you as we have been ISO 13485 & ISO 14971 for several years and prior to that ISO 9001.

Maurizio Colombo To Mike: Please do read the scope of ISO 13485:2016, you will find that it applies to all organizations involved in the lifecycle of a Medical Device, hence also to repair.
This was true also for the previous versions, although not explicitly mentioned in the scope: actually, my Company does repairs on medical devices (contrast medium injectors) and we were requested by the Manufacturer to comply to the 13485 since many years.

Beluh Mabasa Ginting The most import think all the activity related to medical devices such as “Refurbishing, Reconditioning, Rebuilding, Remarketing, Remanufacturing, and Servicing of Medical Devices Performed by Third-Party Entities and Original Equipment Manufacturers must comply to the ISO 13485 include the ISO 14971 (risk management ) which are started from the life cycle of medical device by taking into account or focus to the result of the post market surveillance control (sampling, monitoring, vigilance/adverse device event reporting and advertisement) for patient safety. One of the writer of Biomedical Engineering book said : All evaluation of health care technology system at medical devices/medical equipment must produced high quality health care at reasonable cost for patient safety (J.D. Bronzino)

Andréia Berssanetti Hello,
Regarding to in vitro diagnostic products, the mandatory ISO will be the 9001? Can you help me?

We're just completing an 13485 cert. We've had our final audit and need to write a few CAPAs to clear up the minors found. It's been a long process. You'll need a thorough Quality Management System and they will check the details. Plan on doing a lot of organizing and documenting, having a 1-day pre-audit, a 1-2 day second audit, and a 5-day final audit (depending on your product). Each 30-90 days apart. We used BSI as our 3rd-party auditor and I'd recommend them based on our experience.
PM me if you'd like to know more details.

Yi Grace Lin I am a QM and just successfully led my company for the full certification. We are in medical device so ISO13485 is the way to go. Before all the technical stuff, you must obtain top management's buy-in so they can stand with you and help to push thing through during the difficulties that you may encounter. A full round of internal audit is a prerequisite and all core QMS processes must be operational. Map out your key processes and document them then training. Keep the communications flowing as the people in the company must understand the rationale as why they are going on this journey with you. Good luck!

1st of all I suggest to read the standard it self, so that you could recognize what's going on and why (more or less), this will help you in more difficult technical discussions with people who have more experience. Than you will need to diagnose your organisation, divided it and define its structure, prepare procedures for each occasion and than convince people to work according to this procedures, simply you need to implement full quality assurance system, than you organize Notified Body for audit and you got yourself nice shiny certificate. Simple isn't it.

Hi Michael. My company just received ISO 13485 Certification. We Used Michelle Lott , RAC's services :-)

Thanks for the recommendation Maryline Boulay. Michael Dickens II, looking at the Erdos company profile, it looks like you guys are a contract manufacturer and service provider looking to make a transition to hold an ISO 13485 certification. I have walked many contract manufacturers through this transition. You will need to select a notified body who has passed a recent audit by the EU competent authorities and has experience in your products. Then you begin the gap analysis and internal preparation process. Heads up - the notified bodies are slammed with work right now due to recent legislative changes and disqualification of many notified bodies. This post should help inform you https://www.linkedin.com/groups/78665/78665-6211901939538624516?midToken=AQF4IZR_3fjwYw&trk=eml-group_announcement_message-null-4-null&trkEmail=eml-group_announcement_message-null-4-null-null-35xul4~iwdkslnn~m5
Let me know if Lean RAQA Systems, LLC can help Erdos with the transition.

Similar to Jesse above, we are in the certification process with BSI. We spent years building our quality management system to be appropriate for what we do as a business. We chose a QMS development path that has been a healthy process for all our business systems rather than buying a template. I'm happy to discuss our path with you if you like.

Marc Timothy Smith There are thousands of ISO 13485 and other medical device aspect discussions at Peachfarm's https://elsmar.com/Forums/forumdisplay.php?f=194 and more at Marcelo Antunes, RAC http://www.medicaldevices.expert

As Julie O. says is most important - Have a copy of the standard.

Hello everyone,
I finished my study in Clinical Research and I wanted to know what iso13485 certification is and if a company could need a student as me to help in Business development around Medical Devices.
Please, contact me using InMail.

Regards.