6 mins read

8 Factors To Prepare For Your MDSAP Audit

The Medical Device Single Audit Program, or MDSAP, is a program that allows medical device manufacturers to be audited once for compliance with the ISO 13485 standard and regulatory requirements of participating countries.

These countries include: Australia, Brazil, Canada, Japan and the United States.

Organized by the International Medical Device Regulators Forum (IMDRF) this initiative was implemented in January 2017. It was created to accelerate international medical device regulatory harmonization and convergence.

This harmonization aims to promote consistency, predictability and transparency by standardizing their oversight on auditing organizations, including their practices, as well as conformity assessments.

Due to time limitations and complexity of the audit, organizations must be prepared to supply evidence of conformity to the program.

1. The Management Process

The purpose of auditing the management process is to evaluate the overall suitability, effectiveness and alignment of your medical device quality management system. The MDSAP audit will examine and look for key pieces of objective evidence including but not limited to:

  • Identification of the interrelated processes needed for the QMS along with their management throughout the organization, their sequence and interactions.
  • Periodically reviewed quality objectives at relevant functions and levels within the organization consistent with the quality policy.
  • Proper implementation of all applicable requirements of Medical Device QMS i.e. Requirements for regulatory purposes (ISO 13485:2016) and the Quality Management System requirements of the Conformity Assessment Procedures of the 5 country regulators in using the MDSAP Program.

Effective QMS management processes create an opportunity for all members of an organization to gain an understanding of a quality culture that supports the overall improvement of the management system.

2. Management Review and Corrective and Preventive Actions

The purpose of a management review is to evaluate the overall suitability, effectiveness and alignment of your medical device quality management system. Management reviews create an opportunity for executive teams to understand how resources are being used, where issues occur and how it supports the overall improvement of the management system.

When audits detect problematic issues, it’s very important that management response include the effective;

  • Containment and Correction of the problem
  • Corrective Action
  • Mitigation of any emerging risks related to actions taken

However, businesses are often quick to react to the issue by treating the symptoms and are therefore likely to experience the issue again. MDSAP requires that you should take a step back and understand the broader issue, linkages to all processes and resolving the true root cause and eliminating the issue from reoccurring.

The management review also serves as a formal tool of communication. Being transparent with your employees is critical in achieving business objectives. It gives your employees an understanding of the context in which they work and demonstrates the commitment of top management to the organization.

If you’re experiencing meeting overload watch our webinar on tips and techniques for conducting effective management reviews.

3. Post-Market Surveillance – Adverse Events and Advisories

Auditors will now look to understand your post-market surveillance (PMS) process. This is systematic collection, analysis and interpretation of data and information related to your marketed medical device.

Organizing a team to manage product safety and quality is critical in building an effective internal PMS process. This team should be structured to continually evaluate the balance between risk and performance through a reactive (incident-driven) and proactive (review-driven) approach.

4. Design & Development Activity

Review of the Design and Development process will evaluate how the organization has utilized risk management activities to ensure design inputs are comprehensive and meet user needs. It confirms that risk control measures were planned and have been implemented in the design and verifies that risk control measures are effective in controlling or reducing risk.

The MDSAP audit will look to verify that design and development inputs were established, reviewed and approved. They must address: customer functional, performance and safety requirements; intended use; applicable regulatory requirements; and other requirements including those arising from human factor issues.

5. Product Realization Planning and Process Validations

The production process will be examined in the MDSAP audit, based on the information the audit team has learned about device and QMS nonconformities from the Measurement, Analysis and Improvement process. Auditors will also look at high risk elements and essential design outputs from the design projects reviewed from the design and development process.

The product verifications and process validations need to be aligned throughout these MDSAP processes.

Learn More about the MDSAP
Learn More

7. Supplier Control

The control of suppliers underlies several processes within the QMS. The regulatory bodies have put greater emphasis on the responsibility of every step of a medical device manufacturer’s supply chain. Manufactures are expected to have control of any outsourced processes throughout the product lifecycle, including design, manufacture and purchase of the medical device.

The program requires manufacturers to evaluate and select suppliers based on their ability to meet your requirements.

8. Risk-Based Approach

To comply with the MDSAP requirements, Medical Device manufactures must bring a risk-based approach to manage and control risk. Effective Risk management planning and ongoing review of the effectiveness of risk management activities to ensure that policies, procedures and practices are established for analyzing, evaluating and controlling risk.

As manufacturing and supply chains continue to become more and more complex, adopting a risk-based approach gives you the framework to understand your production and supply chain risk, understand how that risk affects your product, and how it impacts your customers.

Promote risk-based thinking throughout your organization.

Final Thoughts

Going through the steps of compliance and certification to the MDSAP requirements shouldn’t be seen as a “checkbox” activity. Instead, organizations should look at the certification process as a method of improving the performance and effectiveness of its processes.

By focusing on these eight key components, you’re not just meeting your compliance and regulatory requirements, but setting your business up for success.

Contact Us

Sales Enquiries, fill in the form to ensure we have the details we need to answer your query or send us an email

assurance@saiglobal.com

Not a sales enquiry or you are looking for SAI Global Standards? Click here to view contact details.
Chat with us