1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.
Dismiss Notice
You must be a registered member in order to post messages and view/download attached files in this forum.
Click here to register.

Quality Agreement

Discussion in 'ISO 13485 and ISO 14969 – Medical Devices QMS' started by Steve Kent, Mar 2, 2016.

  1. Steve Kent

    Steve Kent Member

    Joined:
    Aug 3, 2015
    Messages:
    25
    Likes Received:
    25
    Trophy Points:
    12
    Location:
    UK
    I know there is a related thread on supplier agreements - with no response as yet. Just taking a step back before putting any type of document together, is my reading of ISO 13486:2016 (got my copy today from BSI, though already had the FDIS) correct in that a written Quality Agreement is now required - for us to produce and each supplier to sign off?

    Basically clause 4.1.5 says:

    “The controls shall include written quality agreements”.

    and clause 7.4.2:


    “Purchasing information shall include, as applicable, a written agreement that the supplier notify the organization of changes in the purchased product prior to implementation…………………….”
    In our case having over 200 active suppliers, so that is a lot of documentation to get hold of! It is hard enough to get our suppliers to return our Supplier Quality System Questionnaires.

    Thoughts?

    Steve
     
  2. Marcelo Antunes

    Marcelo Antunes Active Member

    Joined:
    Jul 31, 2015
    Messages:
    55
    Likes Received:
    65
    Trophy Points:
    17
    Written quality agreements are only required for outsourcing of any process that affects product conformity to requirements (the basic premise being that those process are "critical" and thus need specific controls as required by 4.1.5.

    On 7.4.2, the "as applicable" means that it would be applicable unless duly justified. You would in principle focus this requirement on critical suppliers, and could justify that the other ones are not critical and thus you would not need this agreement (and you would need to conclude this thru risk management, obviously)
     
    Steve Kent likes this.
  3. Steve Kent

    Steve Kent Member

    Joined:
    Aug 3, 2015
    Messages:
    25
    Likes Received:
    25
    Trophy Points:
    12
    Location:
    UK
    Hi Marcelo,

    For 4.1.5 what is a process in this context? Injection moulding component parts of a device, machining or stamping out a metal part, manufacturing a PCB etc? Are these not processes our suppliers have to conduct for us, for us to then assemble (and then test) a product in our case (other processes?)? The "critical" controls are that they must meet specifications/drawings, the compliance to (or not) will certainly affect product conformity to the requirements of a particular device standard. Or am I reading too much into this?

    As to 7.4.2, yes I agree the 'get out part' is "as applicable" and we could concentrate on critical suppliers and application of risk management in non- critical areas.

    Steve
     
  4. Marcelo Antunes

    Marcelo Antunes Active Member

    Joined:
    Jul 31, 2015
    Messages:
    55
    Likes Received:
    65
    Trophy Points:
    17
    Regarding 4.1.5, a process is what is defined in ISO 9000. What you mentioned does seems to be processes - although they not necessarily . The suppliers conduct must conduct the process as you defined and you have to have them put the controls you require to fulfill requirements and prevent problems.

    The easiest way to think is, imagine you manufacture a medical device and does everything. You would need to mold components, then assemble, then whatever. If you outsource the moulding, you need to verify how this process affects conformity of your device, including the related risk (in this case think about risk to the patient, user, or other people, for example). The easiest example would be s sterilization process which is outsourced.

    Regarding 7.4.2, I tried to say that you need to apply risk management to define which supplier is critical or not.
     
    Steve Kent likes this.