The roles and responsibilities of ISO 13485 according to Quality Management System (QMS)

When you are developing a Quality Management System (QMS) it is necessary to assign and document the roles and responsibilities of your management system.ISO 13485 features as shown primarily in the requirements of clause 5.5.1 and 5.5.2. So, what roles and responsibilities do you need to identify and how should you do this? Here are some ideas about what to do.

What does the ISO 13485 standard require?

The requirements of the standard regarding roles and responsibilities are very loose, so the association can define them in any way it finds the most reasonable. The top management must ensure the responsibilities and authorities are defined, documented and communicated within the organization. It must also define the interrelation of all staff who manage and perform work influencing the quality and guarantee the independence and authority necessary to perform those tasks.

Start from the top

The lack of prime management awareness And commitment to the implementation and maintenance of an ISO 13485-based QMS is commonly the reason for implementation failure. It can also mean that the standard is implemented only informally. The primary concern of the prime management is to confirm the long-term success of their company, increase gain, control of new initiatives, decreasing the risks, etc. An increase in their involvement can be achieved by explaining to them the benefits that ISO 13485 Certification implementation can have for a business and the potential negative consequences of a poorly established QMS.

Most of the requirements for engagement of the top management in the QMS are stated in clause 5. Meeting these requirements demonstrates the commitment of the management to the QMS.

Communicating the importance of meeting client and regulative necessities. Like in any other QMS, the focus is on the customer but, considering how highly regulated the medical device industry is, top management must ensure compliance with these requirements by communicating with the rest of the organization.

Establishing the Quality Policy. Top management needs to publish the Quality Policy, in which they will define the intention of the QMS.

Establish the objectives. Through the objectives, top management defines which direction the QMS will follow. The objectives also provide a clear measure of whether the system is effective. Find out additional here: Setting sensible quality objectives for ISO 13485 Certification.

Conduct management reviews. Management reviews are the final check to see whether the QMS is effective, and what actions need to be taken for its improvement. For more information, see: How to Perform Management Review According to ISO 13485 Certification .

Provide all the necessary resources. Without enough money or employee time, the ISO 13485 project will fail, and support from the management must become very real and tangible. From my experience, this is exactly the point where the management usually fails – they usually redirect the resources into other projects.

Management representative

As previously mentioned, there must be at least one MR (management representative) who will be in charge of the entire QMS. This person will be the backbone of the system and will have the ultimate responsibility for its effectiveness.

The main responsibilities of the management representative are:

Ensuring the documentation of the processes needed for the QMS – The MR is usually the person who has the most knowledge of the standard in the organization. It is his or her duty to ensure the documentation is compliant with the requirements of the standard. For more information, see List of mandatory documents required by ISO 13485:2018.

Reports on the performance of the QMS to top management – This includes conducting internal audits, auditing compliance with legal and other requirements, and monitoring the results of the process performance regularly.

Ensuring the promotion of awareness of applicable regulatory and QMS requirements throughout the organization – As mentioned before, compliance with applicable requirements is crucial for the organization and MR needs to ensure that the employees are aware of the requirements as well as the consequences of noncompliance.

All of this sounds like an incredible amount of work – and it is. The MR should delegate these responsibilities to middle management.

 Middle management and employees

Middle management has 2 important roles within the QMS. The first is to help with the assessment of the risks and determination of operational controls for activities and processes within their scope. The second role is, of course, to ensure that all rules are followed by the employees.

Since they are the ones enforcing and executing the QMS daily, their input on how the system works and what should be changed is of utmost value.

Employee engagement primarily depends on how the importance and the purpose of the system are explained to them. Nothing can make the system work (or fail) as the employees’ perception of its importance.

When each employee is clear on his roles and responsibilities, aware of how he contributes to the system, and why it is important for him personally, the organization has an effective QMS. With strong employee engagement, an organization will be able to have an effective QMS and achieve all the benefits that ISO 13485 Certification can bring to the organization.

For more information about ISO 13485 Certification Body and the role, we can play in your efforts to achieve certification to it, feel free to contact us. To get started with the certification process, you can also request a quote.

Comments

Post a Comment

Popular posts from this blog

What are the new requirements for risks and opportunities according to ISO 45001 Certifications?

With the release of ISO 45001, there are new requirements for assessing risks and opportunities in the ISO 45001 Occupational Health & Safety Management System (OH&SMS)So, how does this differ from the previous necessities for assessing hazards and risks in OHSAS 18001, and are these necessities still within the standard? In short, these necessities in ISO 45001 certifications cover 2 different types of risk for the individual processes and also the overall OH&SMS, and both assessments are required for a good OH&SMS. What is required for hazards and risks? The previously existing necessities within the OHSAS 18001:2007 standard were quite simply written, even if the task was rather massive. In brief, for all of your activities, processes and work areas, you must identify what hazards exist for the occupational health and safety of all involved (including contractors and visitors). Once these hazards were identified, you would then identify what risks exist f
Read more

ISO 17025 vs ISO 9001 – Main differences and Similarities

Image
If you noticed the release of the 2017 update of ISO 17025:2017 Certification , you might wonder what this standard is all about, and how it relates to ISO 9001:2015 Certification  and the Quality Management System ( QMS ) in your organization. You might well ask: What is ISO 17025:2017, and how is it similar and different from ISO 9001:2015? In this article, you will find out what the ISO 17025 standard is about, and how it relates to the ISO 9001 standard requirements. What is ISO 17025:2017 Certification about? ISO 17025:2017, “General requirements for the competence of testing and calibration laboratories,” is the third edition of this standard. This standard is intended to be used as requirements for the competence, impartiality, and consistent operation of testing and calibration laboratories of all sizes or numbers of employees, regardless of industry. The requirements of the standard include general requirements regarding impartiality and confidentiality (clause 4), s
Read more

Merits and Demerits of an AS 9100 Integrated Management System

When you are implementing an aerospace Quality Management System (QMS) using the requirements of AS9100, you may find that you are integrating a lot of support processes for your QMS that work alongside the main processes to supply merchandise and services. This may lead you to look at these support processes and notice that they're the same as those utilized in alternative management systems, such as an Environmental Management System (EMS) using  ISO 14001:2015  or an Occupational Health & Safety Management System (OH&SMS) using OHSAS 18001. Because these support processes are common to many ISO standards, you may consider integrating more than one management system for your company, but that can leave you unsure of the benefits and limitations that may result. So, is it a good idea to implement an Integrated Management System ( IMS ), with one master set of policies and procedures to address several aspects of your company at the same time, such as quality and en
Read more