A very common nonconformance I see is organisations that do not have completed iso 13485 training, or adequately competent auditors to conduct audits on their ISO 13485 Quality Management System. This can go further when auditors are auditing regulatory requirements globally.

Clause 6.2 b) of ISO 13485 specifies that the organisation shall:

Provide training or take other actions to achieve or maintain the necessary competence.

That’s pretty clear, right?

The usual audit scenario goes like this:

Auditor - Can you show me your internal audit schedule (please)?

Auditee - Sure thing, here you go.

Auditor - Which audits have been recently completed?

Auditee - We recently completed an audit on work environment and contamination control.

Auditor - Can I review that audit report please?

Auditee - sure thing, here you go.

Auditor - Who completed this audit?

Auditee - Our wonderful internal auditor, <insert typical auditor name> completed this audit.

Auditor - Great, can I see their competency profile, and auditor training records, please?

Auditee - Here you go *Presents training records*

Auditor - *notices that training has only been conducted to ISO 9001*

Now, there is a bit of a situation.

The wonderful <insert typical auditor name> has not had any specific ISO 13485 internal auditor training in ISO 13485 and they were auditing a very specific element of ISO 13485 that is not present in ISO 9001.

What can be done now?

The auditor can look for experience within an ISO 13485 environment to determine overall competency.

Remember, training does not equal competency.

Competency is a combination of training, education and experience.

So it depends what else the auditor can see, but these situations typically result in nonconformances.

Gallery Block

These are example images. Double-click here to replace these images with your own content. Learn more

A lot of what I see is that auditors expect internal auditors to have completed a certain type of lead auditor course or 13485 internal auditor training from a specific provider. This is not the case, and it isn’t right that this is perceived and enforced as an unwritten requirement.

If you want some ISO 13485 internal auditor training, feel free to reach out and we’ll be happy to put together an ISO 13485 auditor course tailored to your organisation.

ISO 13485 Internal Audit Training

Strategy for Regulatory Compliance MDR

Documents of External Origin: Do I have to revalidate?