Volume 43, Number 2

August 2015
Editor: Steven Walfish asq.org/biomed

Inside: Notes From the Chair

• Standards Identification
101:2015 . . . . . . . . . . . . 2
• ASQ Standards
Committee . . . . . . . . . . . 6
• Development of an
ISO Standard . . . . . . . . . 6
• Update on
ISO 13485:201X . . . . . . . 8
• Risky Business:
Demystifying
EN ISO 14971:2012 . . . . . 9
• Supplier Quality
Agreements:
Why and When
Are They Needed? . . . . . 13
• Medical Device Life Cycle
Risk Management . . . . . 15
• Identifying the Common
Ground Between Your
QMS and Integrated
Software Solutions . . . . 19
• Discussion Group
Spotlight . . . . . . . . . . . 21
• Biomedical
Division Officers . . . . . . 21
• Call for Articles . . . . . . .21
• LinkedIn . . . . . . . . . . . 21
Vision
To be the leading authority on
quality issues related to the
biomedical community.
Mission
To promote the awareness
and use of quality principles,
concepts, and technologies in
the biomedical community.
Hello summer! It’s amazing that the first half of 2015 is now behind us. The
ASQ Biomedical Division had a very busy first half of the year and lots more is
planned for the second half of the year. Each of our six discussion groups held
many events. Some of our events this year have included:
1. Kimberly Trautman, FDA, spoke on the single audit program (see page 21).
2. Ken Carrier spoke on April 28 on FDA inspections.
3. Barry Craner led a roundtable discussion on supplier agreements.
4. The Cleveland discussion group held its inaugural event on April 6, with
13 attendees, and discussed root cause analysis.
5. Quality professionals are networking with University of Texas biomedical
engineering students.
This is not a limited list, so please make sure you check out our asq.org/biomed
and see all the upcoming events for each of the discussion groups.
This year the World Conference on Quality and Improvement was held in
Nashville, TN. It was a great time to connect with members and old friends face to
face. Our annual social event co-sponsored by FD&C was held at The Aquarium.
Kind of weird eating seafood dinners and watching fish swim in the tanks, but we
definitely enjoyed each other’s company. Some members even had the opportunity
to visit The Grand Ole Opry and downtown Nashville! Next year WCQI will be
held in Milwaukee, WI, to celebrate the 70th anniversary of the conference.
During WCQI, some of our members were presenters, technical program
reviewers, and moderators. These are the people that ensure we have a great edu-
cational conference. I offer them a big thanks for their hard work and commitment.
Patrice Griffith presented with Kathy Price on “Lean Thinking: Airplane Factory
Simulation,” which included didactic and participative exercises with the topic of a
paper plane factory to demonstrate application of lean tools and concepts.
Julie Congress and Steven Walfish presented a “Root Cause Analysis: Train the
Trainer” session, which provides tools to the quality professional to define the con-
nection between problem solving and root cause analysis (RCA) and to teach others
within the organization the importance of RCA and its tools. Scenarios covered
included “The King is Dead” and “Fire in the Kitchen.”
Lance Coleman presented “Maybe a Risk, but Not in Peril: Lean Risk
Management,” where attendees learned that lean processes are transparent and
make it easier to spot risk.
Some of our members who participated as technical proposal reviewers and
session moderators include, but are not limited to: Scott Blood, Donna Campbell,
Teresa Cherry, Lance Coleman, Julie Congress, Mary Ellen Delaney, John Freije,
Lisa Grosskopf, Beth Kelly, Scott Laman, George Marcel, Isabel Strong, Arvita
Tripati, and Robert Turocy.
Mark Moyer was recognized at WCQI “for leadership in the implementation
of the Performance Award and Recognition (PAR) framework” to measure per-
cont. on p. 2
 formance and innovation of ASQ member units. In 2014, PAR became a new model for
member units to follow when planning, funding, and executing actions designed to drive
higher levels of member engagement. The Biomedical Division received the Bronze per-
formance PAR award for 2014. The Biomedical Division worked toward higher levels of
member engagement through events held by our six discussion groups.
Our next Biomedical Division conference, entitled “Design Dojo: Effective and
Compliant Controls,” will be held at the Boulder Marriott September 29 – 30, 2015. The
conference will include an FDA expert and an NIST tour. Please see the registration at
https://www.eventbrite.com/myevent?eid=17193045863.
Three attendees at WCQI received a free registration for the Biomedical Division con-
ference. The winners were: Beth Rice, Brian Stell, and Carl Vogel. Congratulations!
I hope everyone has a safe and happy summer and I look forward to seeing you at the
Biomedical Division conference in Boulder.
Mary Ellen Delaney
2015 Chair, Biomedical Division

Standards Identification 101:2015

by Sam Lazzara

“What standards apply to my device?”

This should be one of the first questions asked during the medical device development
process. Relevant standards are a key design input and they facilitate risk management, ver-
ification, and validation activities. Determining which standards apply can be a challenge
for industry and regulators alike.
In the context of this article, the term “standard” means a regulation published by a
government regulatory agency, or a consensus standard published by a standards devel-
oping organization (SDO). The SDOs mentioned in this article are as follows:
• ISO – International Organization for Standardization (163 member countries)
• IEC – International Electrotechnical Commission (83 member countries)
• CEN – European Committee for Standardization (33 member countries)
• CENELEC – European Committee for Electrotechnical Standardization
(33 member countries)
• AAMI – Association for the Advancement of Medical Instrumentation
• ASTM International – formerly American Society for Testing and Materials
Standards Hierarchy and Content
National regulations are compulsory (mandatory) if applicable medical devices are to
be clinically investigated or marketed in the country under jurisdiction. Consensus stan-
dards and guidance documents (not addressed in this article) are typically voluntary, but
meeting them can greatly facilitate regulatory compliance.
Consensus standards published by international SDOs such as ISO, IEC, CEN, and
CENELEC should take precedence over standards published solely by other SDOs.
However, if no standards for a particular topic are found at the international level, then
it can be useful to search standards developed by other SDOs. For example, AAMI and
ASTM publish many documents with subject matter not addressed in detail at the inter-
national level.
Consensus standards are sometimes referred to as being “general” or “particular.”
General standards apply to all devices or a broad range of devices. Particular standards
apply to more narrow ranges of devices than general standards. Even within particular stan-
dards, there are sometimes different levels.
cont. on p. 3

2 B I O F E E D B A C K / Augus t 2015
 Normative content in standards includes prescriptive requirements and serves as the
basis for determining compliance with the standard. In contrast, informative content pro-
vides supplemental descriptive information to aid understanding (not requirements).
Internet Resources for Finding Standards
Internet search engines provided by regulatory agencies, SDOs, and third-party
distributors can be useful for finding standards. However, they can sometimes provide
conflicting or outdated information. Confusion can be resolved by comparing results from
different sources, and leaning toward SDOs as the most authoritative source.
Here are some SDO search engine links: ISO, IEC, CEN, CENELEC, BSI, AAMI, ASTM
For the U.S. FDA perspective, the FDA Recognized Consensus Standards search engine
is a good resource.
For Europe, the Harmonised Standards Reference Lists (MDD, AIMDD, IVDMDD) are
an important resource. Compliance with harmonized standards provides a “presumption of
conformity” with the applicable requirements of the associated European directive.
Standards Searching Tips
1. Compare results found on national SDO websites to results from international standards
body websites (ISO/IEC, CEN/CENELEC).
2. Review the cross-references in each standard to learn what other standards may
be applicable.
3. Maximize value by purchasing EN ISO (or EN) standards instead of the corresponding
ISO (or IEC) standards. The normative content is typically identical, and the harmo-
nized EN versions have additional informative annexes that can facilitate European
regulatory compliance.
4. ISO publishes and sells standards in English, French, and Russian. IEC publishes and
sells standards in English and French. Corrigenda documents (error or ambiguity correc-
tions) are free of charge from both organizations.
5. CEN and CENELEC publish European (EN) consensus standards in English, French,
and German but do not directly sell standards. The CEN/CENELEC National Standards
Bodies sell them. They add their national prefix, and in some cases the publication
date is delayed beyond the year of original publication by CEN/CENELEC.
6. When CEN adopts an ISO standard they add the “EN” prefix in front of the “ISO”
prefix. When CENELEC adopts an IEC standard they replace the “IEC” prefix with the
“EN” prefix.
Resources for Previewing Consensus Standards Information
Determining whether a standard applies to your device sometimes requires the
content of the standard to be reviewed. Since consensus standards are protected by
copyright law and must be purchased, this can be costly. However, there are ways to
determine the scope and applicability of consensus standards without purchasing them
(see examples below).
BSI provides overview and product details information for each standard. The over-
view typically describes the standards scope and section headings. The product details
section provides information such as cross references and equivalence relationships to
other international standards.
The Estonian Centre for Standardization provides free previews of standards. These
previews include the first few pages, typically including the scope, normative references,
and the beginning of the terms and definitions section. For a minimal charge, this site pro-
vides 24-hour previews of entire standards.

cont. on p. 4

3 B I O F E E D B A C K / Augus t 2015
 Strategies for Standards Determination
1. Determine in which countries the devices will be distributed.
Most companies develop their devices so they can be marketed throughout the world.
However, if there is a particular geographical focus, the relative importance of vari-
ous standards can be determined. For example, if the firm’s primary goal is to perform
a clinical investigation in Europe, then FDA Recognized Standards need not play a
pivotal role to prepare the standards list. The focus should be to identify the “EN” stan-
dards applicable to the device with particular focus on “harmonised” EN standards.
2. General Standards
The following standards apply to most medical devices.
• Quality Management System – ISO/EN ISO 13485, FDA 21 CFR 820
• Clinical Investigation – ISO/EN ISO 14155
• Risk Management – ISO/EN ISO 14971
• Usability Engineering – EC/EN 62366-1
• Labeling – EN 1041, European Directives, FDA 21 CFR 801
• Label Symbols – ISO/EN ISO 15223-1, EN 980
3. Screening Questions
The following screening questions can be helpful to narrow down the applicable standards.
• Is it a medical device? – General standards apply
• Does device contact patient? – ISO/EN ISO 10993-x series
• Is it an electromedical device?
Base standards – IEC/EN 60601-1
Collateral standards – IEC/EN 60601-1-x
Particular standards – IEC/EN 60601-2-x
Performance standards – IEC/EN 60601-3-x
• Is it associated with software? – IEC/EN 62304
• Is it provided sterile? How sterilized? How packaged?
Sterile packaging – ISO/EN ISO 11607-x
Sterile package testing – ASTM F88, F1140, F1980, F2096, etc.
Sterility assurance level – EN 556-1
Microbiology – ISO/EN ISO 11737-x
Ethylene oxide – ISO/EN ISO 11135, ISO/EN ISO 10993-7
Radiation – ISO/EN ISO 11137-x
Moist heat – ISO/EN ISO 17665-1
• Is it resterilized by the user? – ISO/EN ISO 17664
• Is it implantable?
General requirements – ISO/EN ISO 14630
Instrumentation – ISO/EN ISO 16061
See Consensus Standards Determination Example on next page.

What next?
Once the relevant standards are identified and obtained, the next challenge is inter-
preting and applying them to medical devices being developed. After that, continual
surveillance of changes to the standards is vital for maintaining state-of-the-art devices.

Sam Lazzara has a master’s degree in engineering and is an ASQ Certified Biomedical Auditor (CBA) with more
than 30 years of medical device industry QA/RA experience. Quality systems that he has developed or guided
have passed dozens of regulatory audits, enabling worldwide marketing for his many clients. Lazarra has engi-
neering degrees from Case Western Reserve University and Brown University. Visit his blog for more valuable tips:
http://medicaldevicequality.blogspot.com/.

cont. on p. 5

4 B I O F E E D B A C K / Augus t 2015
 Consensus Standards Determination Example
Subject Device: Orthopedic Hip Joint Replacement (radiation sterilized)
Applicable Regions: Europe, United States
What follows is a list of top-level consensus standards (as of June 2015) that apply to marketing the
subject device. These standards, together with the applicable regulations, and lower-level particular
standards and guidance documents, are the foundation for design input requirements from a regula-
tory compliance standpoint.

General Standards
Designation/Revision Title
EN 62366-1:2015 Medical devices – Part 1: Application of usability engineering to medical
devices (IEC 62366-1:2015)
EN ISO 13485:2012 Medical devices – Quality management systems – Requirements for regu-
latory purposes (ISO 13485:2003/TC1:2009)
EN ISO 14971:2012 Medical devices – Application of risk management to medical devices
(ISO 14971:2007, Corrected version 2007-10-01)

Primary Standards for Biocompatibility, Packaging, Labeling, and Sterilization

Designation/Revision Title
EN 1041:2008/A1:2013 Information supplied by the manufacturer with medical devices
EN 556-1:2001/AC:2006 Sterilization of medical devices – Requirements for medical devices to be
designated “Sterile”
EN ISO 10993-1:2009 Biological evaluation of medical devices – Part 1: Evaluation and testing
within a risk management process (ISO 10993-1:2009)
EN ISO 11137-1:2006/ Sterilization of health care products – Radiation – Part 1: Requirements
A1:2013 for development, validation and routine control of a sterilization process
for medical devices (ISO 11137-1:2006)
EN ISO 11137-2:2013 Sterilization of health care products – Radiation – Part 2: Establishing the
sterilization dose (ISO 11137-2:2013)
EN ISO 11607-1:2009 Packaging for terminally sterilized medical devices – Part 1:
Requirements for materials, sterile barrier systems and packaging systems
(ISO 11607-1:2006)
EN ISO 11607-2:2006 Packaging for terminally sterilized medical devices – Part 2: Validation
requirements for forming, sealing and assembly processes (ISO 11607-
2:2006)
EN ISO 11737-1:2006/ Sterilization of health care products – Microbiological methods – Part 1:
AC:2009 Determination of the population of microorganisms on product
(ISO 11737-1:2006/ TC1:2007)
EN ISO 11737-2:2009 Sterilization of health care products – Microbiological methods – Part 2:
Tests of sterility performed in the definition, validation and maintenance
of a sterilization process (ISO 11737-2:2009)
EN ISO 15223-1:2012 Medical devices – Symbols to be used with medical device labels, label-
ing, and information to be supplied – Part 1: General requirements
(ISO 15223-1:2012)
EN ISO 15223-1:2012 Medical devices – Symbols to be used with medical device labels, label-
ing, and information to be supplied – Part 1: General requirements
(ISO 15223-1:2012)

Primary Standards for Non-active Surgical Implants

Designation/Revision Title
EN ISO 14630:2012 Non-active surgical implants – General requirements (ISO 14630:2012)
EN ISO 21534:2009 Non-active surgical implants – Joint replacement implants – Particular
requirements (ISO 21534:2007)
EN ISO 21535:2009 Non-active surgical implants – Joint replacement implants – Specific
requirements for hip-joint replacement implants (ISO 21535:2007)

5 B I O F E E D B A C K / Augus t 2015
 ASQ Standards Committee
by Heather Crawford
ASQ is an American National Standards Institute (ANSI) Accredited Standards
Developer Organization (SDO); originally accredited as an SDO in March 1977. The ASQ
Standards Committee serves as ASQ’s consensus body, and is an official committee of the
Society reporting to the ASQ board of directors. As an accredited SDO, ASQ is audited by
ANSI every five years; the most recent reaccreditation audit occurred December 2014.
The ASQ Standards Committee is responsible for consensus development and approval
of generic standards and other documents that apply quality management principles, tools,
and technology. The committee develops American National Standards (ANS), techni-
cal reports (TR), and other documents reflecting the most current technology in quality.
Product-specific standards and documents as well as safety-related documents are not
included in the scope of this committee.
The ASQ Standards Committee is composed of ASQ division representatives, general
interest members, and observing members. Divisions have been actively involved with the
development of ASQ’s quality standards since the early years. Without input from the divi-
sions, neither ASQ nor the Standards Committee could develop standards that reflect the
most current technology in quality.
ASQ divisions are one major source of new ideas for quality standards. Their members
serve as the technical experts of ASQ and are aware of trends and practices that indicate
where and when a standard might be needed. Through their representatives, ASQ divisions
bring their ideas to the attention of ASQ’s Standards Committee. Ideas are formalized into
work proposals, and may be developed into an ANS. Once approved, an ANS is maintained
as current and relevant through timely revision and reaffirmation.
The ASQ Standards Committee discusses ideas and determines the need for future stan-
dards. It also works with divisions that develop new standards or reaffirm/revise existing
standards. The ASQ Standards Committee follows the consensus process established by
ANSI and its own ANSI-approved operating procedures.

Figure 1 – Development of an American National Standard (ANS)

New work ANSI project Approval by ASQ

Develop Public review Approval by Maintain
item proposal intitiation Standards
draft standard via ANSI ANSI standard
(NWIP) notification (PINS) Committee

Development of an ISO Standard

by Heather Crawford
ISO standards are developed by Technical Committees (TCs) composed of experts
representing industry, governments, nongovernmental organizations (NGOs), and other
stakeholders. ISO intends its published International Standards (ISs) to represent worldwide
consensus and address global market needs. ISO currently has over 250 TCs and makes
over 19,500 ISs available.
A TC consists of both P-members and O-members. National member bodies of ISO
determine if they would like to be a participating (P-member) or observing (O-member)
of a TC. P-members actively support the TC and are expected to vote on all of its ballots.
O-members follow the TCs work but have no voice or vote within the TC.
ISO standards development consists of six primary stages as identified in Figure 1.
Each primary stage is also composed of multiple interim harmonized stages; please see
http://www.iso.org/iso/stage_codes.pdf to view the international harmonized stages.
cont. on p. 7

6 B I O F E E D B A C K / Augus t 2015
 Development through publication
Of the six primary stages for ISO standards development, three are mandatory with the
remaining three being optional. Each stage is summarized below in sequence.
10: Proposal Stage
New Work Item Proposal
(NWIP) submitted to a TC Figure 1 – Stages to Publish an
for vote to confirm a new International Standard
International Standard (IS) is
warranted. Approval of a new
work item requires affirmative • Proposal
vote by a simple majority of 10
P-members and minimum num-
ber of P-members, i.e., four • Preparatory (optional)
in committees ≤16 and five in 20
committees with ≥17 members,
committing to actively partici- • Committee (optional)
pate in the project. 30
This stage is not required for
revision or amendment to a pub- • Enquiry
lished ISO standard. However, 40
an NWIP ballot is required if
the revision or amendment will • Approval (optional)
expand the scope of the pub- 50
lished standard.
20: Preparatory Stage • Publication
60
Parent TC establishes a
Working Group (WG) to prepare
a Working Draft (WD) of the new
item. P-members who agreed to
actively participate are expected to provide technical expert(s) to the WG. Successive WDs
may be prepared until the WG is satisfied. The WD is forwarded to the parent committee to
decide if the item will proceed to the Committee Stage (30) or Enquiry Stage (40).
30: Committee Stage
Draft standard prepared by the Working Group (WG) is shared as a Committee Draft
(CD) for a comment period ranging from two to four months. Comments from other national
bodies are considered with the goal to reach consensus on technical content of the doc-
ument. The parent committee comments and votes on the CD. Successive CDs may be
shared until consensus on technical content is obtained.
40: Enquiry Stage
Draft International Standard (DIS) is submitted to the ISO Central Secretariat, and
subsequently distributed to national bodies on the committee for a three-month period to
comment and vote. Each national body may submit one vote that shall be positive, nega-
tive, or abstention. If a two-thirds majority of P-members vote affirmative and no more than
one-fourth of total votes are negative, the DIS is approved.
An approved DIS may proceed to the Publication Stage (60). If comments indicate a
significant change to the document, the committee may choose to include a Final Draft
International Standard (FDIS), as described in the next stage.
50: Approval Stage
This stage is optional if the DIS was approved in the Enquiry Stage. The parent
committee may elect to circulate an FDIS based on DIS voting results and comments
cont. on p. 8

7 B I O F E E D B A C K / Augus t 2015
 received. An FDIS is not atypical if comments received on the DIS result in technical
changes to the document.
The FDIS is distributed to committee member countries for a two-month vote. FDIS
approval requirements are the same as DIS approval, i.e., affirmative vote by at least two-
thirds of P-members and negative votes constituting no more than one-fourth of total votes.
60: Publication Stage
Editorial corrections may be made to the document within a defined period. Publication
by the ISO Central Secretariat of the final document as an International Standard (IS) com-
pletes this stage.

Following publication
The Review and Withdrawal Stages complete the life cycle of an IS. These stages are
summarized below.
90: Review Stage
Each published IS is subject to systematic review to determine if the IS should be con-
firmed, revised, converted to another document type, or withdrawn. A maximum of five
years is to elapse between publication of an IS and its systematic review. Timing is based on
either initial publication year of the IS or the year of its most recent reaffirmation. There is
no maximum number of times an IS may be reaffirmed.
95: Withdrawal Stage
A standard should be withdrawn if it has not been adopted for use in a minimum of five
countries. Recommendation for withdrawal is communicated to national bodies with a two-
month period to object to the withdrawal.
A withdrawn standard may be reinstated if its necessity is determined at a later date.
The standard would be issued as either a DIS or FDIS for voting by member national bodies.
If approved, the standard is published as a new edition having a new publication date and
explanation of the standard results from reinstatement of the prior edition.
***
For greater detail on how an International Standard is developed, refer to the publi-
cation ISO/IEC Directives, Part 1: Procedures for the technical work, available online at
http://www.iec.ch/members_experts/refdocs/iec/isoiecdir-1%7Bed11.0%7Den.pdf.

Update on ISO 13485:201X

The revision to ISO 13485 Medical devices — Quality management systems —
Requirements for regulatory purposes continues to progress through the ISO standards
development process. Recent activities regarding the standard include:
• TC 210 submitted a Draft International Standard (ISO/DIS 13485.2) to the Central
Secretariat at the end of January 2015.
• Comment period is anticipated in early spring 2015 with a subsequent meeting in
June 2015 to resolve comments.
• The international voting period for ISO/DIS 13485.2 was February 5, 2015, to
April 5, 2015.
• The United States voted to approve ISO/DIS 13485.2, with 452 comments submit-
ted by the United States. Comments were categorized as 226 editorial comments,
27 general comments, and 199 technical comments.
• ISO/DIS 13485.2 was approved internationally.
International comments received on ISO/DIS2 13485:2016) are being addressed at a
meeting of ISO/TC 210 Working Group 1 scheduled June 8 – 11, 2015 in Denver, CO.
Publication of the updated standard is currently anticipated for 2016.

8 B I O F E E D B A C K / Augus t 2015
 Risky Business: Demystifying EN ISO 14971:2012
by Sam Lazzara

What is all this confusion caused by European

risk management standard EN ISO 14971:2012?
While it does not appear that FDA or the rest of the world shares European views on
medical device risk management, manufacturers seeking CE marking are having their hand
forced. In 2012, the European Commission formally objected to ISO 14971:2007. Their
controversial concerns surfaced in updated informative Z annexes in EN ISO 14971:2012.
The Z annexes make it clear that conformance with ISO 14971:2007 can lead to
nonconformance with the European Directives. These interpretations have caused most
manufacturers with CE-marked devices to revamp their risk management process. The
gaps between ISO 14971 and the Directive Essential Requirements—called “Content
Deviations”—are summarized in Table 1.

Table 1

Content Deviation per Questions to Determine Practices Not Compliant

EN ISO 14971:2012
1. Treatment of negligible risks:
ISO 14971 allows negligible risks to
be ignored. The Directives require
all risks to be reduced as far as pos-
sible and to be subject to risk-benefit
analysis.
2. Risk acceptability assessment:
ISO 14971 allows risks that meet the
manufacturer’s definition of “accept-
able” to be excluded from overall
risk-benefit analysis. The Directives
require all risks to be reduced as far
as possible and to be subject to
risk-benefit analysis.
3. Risk reduction economic
considerations: ISO 14971 allows
risks to be reduced “as low as
reasonably practicable” (ALARP).
The Directives require all risks to be
reduced as far as possible (AFAP)
without economic considerations.
4. Risk-benefit analysis not optional:
ISO 14971 only requires risk-benefit
analysis for risks that do not meet
the manufacturer’s definition of
“acceptable.” The Directives always
require risk-benefit analysis, regard-
less of risk levels. The analysis must
consider all individual risks and their
impact on overall residual risk
acceptability, weighing all risks
combined against patient benefit.
Impact on Risk Management
(RM) Process
Does RM process allow
some risks to be considered
negligible and therefore not
reduced by risk control
measures?
{EN compliant answer = NO}
Does RM process exclude
any “acceptable” individual
risks from the overall residual risk-benefit analysis.
risk evaluation or from
risk-benefit analysis?
{EN compliant answer = NO}
Does RM process allow risk
controls to be limited for
economic reasons?
(EN compliant answer = NO)
Does RM process require an
overall risk-benefit analysis
for the device?
{EN compliant answer = YES}
With European
Interpretations
Three risk zones: Broadly
Acceptable (BACC),
Tolerable and Intolerable.
No risk reduction required
for BACC risks.
Only “Intolerable” risks
must be justified by
The cost of implementing
risk control measures is a
factor in determining how
to reduce risks.
Only “Intolerable” risks
must be justified by
risk-benefit analysis.

cont. on p. 10

9 B I O F E E D B A C K / Augus t 2015
 Table 1 (continued)

Content Deviation per Questions to Determine Practices Not Compliant

EN ISO 14971:2012
5. Risk control options: ISO 14971
describes three risk control options
to be exercised at the manufacturer’s
discretion—(1) inherent safety by
design, (2) protective measures, and
(3) information for safety—and
implies that further controls are not
required if the risk is reduced to
acceptable levels. The Directives
require risks to be reduced until fur-
ther control measures do not result
in risk reduction.
6. First risk control option: ISO 14971
describes the first risk control measure
as “inherent safety by design” without
further detail. The Directives provide
additional detail by mentioning that
device design and construction must
conform to safety principles, taking
account of the generally acknowl-
edged state of the art, and that risks
must be eliminated or reduced as far
as possible through inherently safe
design and construction.
7. L abeling information cannot influ-
ence residual risk: ISO 14971
describes three risk control options:
(1) inherent safety by design,
(2) protective measures, and
(3) information for safety. The
Directives view the third option as
providing information on residual
risk rather than reducing risk.
Impact on Risk Management With European
(RM) Process Interpretations
Does RM process require Design measures and
consideration of all possible labeling warnings are
risk control options, without implemented without
stopping as soon as risks are considering protective
reduced to an acceptable measures in the device or
level? the manufacturing process.
{EN compliant answer = YES}
Does RM process require risk Designing device without
elimination or reduction as far awareness of all relevant
as possible through inherently standards.
safe design and construction,
and the application of safety
principles and state of the art?
{EN compliant answer = YES}
Does RM process allow risks Taking credit for warnings
to be reduced through the in the device instructions
provision of information for for use as risk reduction
safety? measures without verify-
ing their effectiveness.
{EN compliant answer = NO}

ISO 14971:2007 contains a risk management process flowchart that is not consistent
with the European Directives. Manufacturers with CE-marked devices should avoid ref-
erencing that flowchart in their quality system procedures. The process flow depicted in
Figure 1 is consistent with the European content deviations.
In summary, the European interpretation of risk management in the Essential
Requirements of the Directives has led them to the following conclusions that are in conflict
with ISO 14971:
• All identified risks, regardless of magnitude, must be reduced as far as possible,
­without economic considerations.
• Risk/Benefit analysis is always required.
• Labeling information may not reduce risk.

cont. on p. 11

10 B I O F E E D B A C K / Augus t 2015

 Figure 1 – Author Interpretation of Risk Management Process
Compliant With EN ISO 14971:2012 Content Deviations

Production and Post-production Information (9) Risk Management Report (8)

Assess impact of information on RM process and Publish RMR that reviews risk
amend risk management file as warranted management process
Start
NO
YES
Risk Analysis (4.2a) Is
Benefits overall
Document intended use and reasonably outweigh
Unacceptable NO YES residual risk
foreseeable misuse residual
Risk acceptable?
Risk Analysis (4.2b) risks? (7)
Identify safety-related characteristics and,
where appropriate, defined limits
Risk Analysis (4.3)
Identify known and foreseeable hazards Risk/Benefit Analysis (6.5/7 Deviated)
in normal and single fault conditions Review data/literature to determine if
Risk Analysis (4.4) medical benefits outweigh residual risks
Estimate consequences for each hazardous
situation and harm severity (S), considering
event sequences and combinations
Risk Evaluation (5 Deviated)
Risk Reduction (6.1 Deviated)
Decide that risk reduction is necessary
(no choice per MDD Essential Requirements)
Risk Control Option Analysis (6.2 Deviated)
Perform hazard cause analysis to identify risk
controls considering all options in priority order:
1. Inherent safety by design and construction
2. Protective measures or manufacturing process
3. Information for safety (does not reduce risk)
Risk Control Measure Implementation (6.3)
Verify implementation and effectiveness
of each risk control measure
Residual Risk Evaluation (6.4)
Estimate probability (P) of occurrence of harm.
Determine “residual risk” taking severity (S)
and probability (P) into account.
YES NO

Is each New Have

Residual Risk Disclosure (6.4) hazards risks from all
individual
Determine which residual risks to introduced or existing identified hazardous
NO residual risk YES NO
disclose in accompanying risks affected due to situations been
acceptable?
documents risk controls? considered?
(6.4)
(6.6) (6.7)

cont. on p. 12

11 B I O F E E D B A C K / Augus t 2015

 What should I do?
Do you distribute or want to distribute devices with CE marking? If so, in addition to
referencing EN ISO 14971:2012, manufacturers should ask themselves these questions:
• Do your procedures require revision to address the deviations? Consider making
these changes if needed:
Require that all risks be reduced, regardless of magnitude
Require all risks to be taken into account during risk-benefit analysis
If using ALARP terminology, change it to AFAP
Do not take risk reduction credit for safety information in labeling unless you can
validate effectiveness
• Do your procedures require revision to address the sometimes forgotten aspects of
ISO 14971:2007, like addressing risk arising from risk control measures or evaluating
overall residual risk from a broad perspective?
• Do your existing Risk Management (RM) Files and any subordinate documents
require updates to conform with your (updated) procedures?

What does this mean for European Notified Body audits?

If your RM Procedure(s), Essential Requirements Checklists, and RM Files have already
been found to be acceptable by a Notified Body, one would think there should be no
impact from the content deviations. However, armed with the updated annex informa-
tion, the Notified Bodies have new tools to assess the conformity of manufacturers’ risk
management process with the Directives. In October 2014, the European Notified Bodies
Recommendation Group published a consensus paper for the interpretation of EN ISO
14971:2012 that provides their perspective.

What does the rest of the world

Figure 2 – Divergent Perspectives on
Medical Device Risk Management
ISO 14971:2007
ISO/TR 24971:2013
NB Consensus Paper 2014
Lively discussion and debate will continue, and will be refueled by the recasting of the
European medical device regulatory system that will take place in the coming years.
think about this?
Figure 2 illustrates the divergent
global opinions surrounding medical
device risk management. The European
views differ from the FDA Recognized
ISO 14971:2007 standard, whereas ISO/
TR 24971:2013 (Guidance on the appli-
cation of ISO 14971) and the Notified
Body consensus paper provide a more
balanced perspective. ISO/TR 24971
attempts to clarify some of the confusing
European Directives
EN ISO 14971:2012
aspects of risk management. For exam-
ple, the guidance describes differences
between “information for safety” and
“disclosure of residual risk,” with the
former being considered a valid risk
control measure if appropriately verified
for effectiveness.

12 B I O F E E D B A C K / Augus t 2015

 Supplier Quality Agreements:
Why and When Are They Needed?
by Jim Shore and John Freije
Maintaining quality agreements with multiple suppliers can be challenging, to say
the least, since there will be inevitable inconsistencies from one document to the next. At
worst, a poorly understood and executed agreement can be a regulatory liability. Therefore,
the best approach is to determine when these agreements are really needed and focusing on
the vitally few.
The first thing to do is to make sure your Supplier Quality Agreement (SQA) meets the
basic requirements identified by the Quality System Regulations (21 CFR 820.50):
Each manufacturer shall establish and maintain procedures to ensure that all pur-
chased or otherwise received product and services conform to specified requirements.
Under 21 CFR 820.50(b) the FDA does not call it a “Quality Agreement,” the FDA
states “where possible …” an “agreement” that the suppliers, contractors, and consultants
agree to notify the manufacture of changes ... As with most things industry has coined it
“Quality Agreement,” thus, it’s an industry norm.
The regulation leaves it up to that manufacturer to determine the method to ensure
the requirements are met. When manufacturers get written up, it is for not being consistent
on the implementation and not following through on what is stated in those agreements.
Therefore it is best for manufacturers to:
• Decide on when these agreements are required.
• Make sure the agreements meet the specific relationship for the supplier.
• Have a frequency to review that agreements are kept current.

When are these agreements required?

Having an SQA required for all suppliers makes the management of them almost impos-
sible. Not every supplier should have an SQA, but we have found that companies using
categories of suppliers to be the most effective decision method. Using a risk assessment tool
can help identify the number of categories that are needed. The secret of making these cat-
egories easy to manage is to keep it simple. If you have more than five categories, it may be
difficult to distinguish between the types of suppliers. Here is an example that breaks up sup-
pliers based on the product commodities and risk associated with those categories:

Category Risk Level Commodities

Critical Critical
1 High
2 Medium to High
3 Low
4 Low
Critical suppliers, finished devices
Contract manufacturers
Outsourcing of software used in manufacturing
Precision components
Printed circuit board assemblies
Noncritical components, off-the-shelf items
Office supplies, janitorial office services

Within your own standard operating procedures (SOPs), you can determine which
categories require the SQA. Our recommendation would be to require an SQA for Critical,
Category 1, and Category 2. All your other suppliers, including contractors and consultants,
cont. on p. 14

13 B I O F E E D B A C K / Augus t 2015

 should at least sign a document stating they understand they need to notify you in the event
of changes in the manufacturing or services they provide in order for you to determine
whether the change affects the quality of the finished device. We actually recommend pro-
viding them with a change notification form as part of adding them to your supplier base.
The decision to determine which levels should include what other controls you have
in place and the risk associated with what could happen if something is missed. For
example, you may have a special test equipment that is used to inspect product at receiv-
ing inspection or the method of inspection has proven to be effective in detecting issues.
Again, the idea is to keep focused on the highest risk categories and not try to deploy the
SQA requirement to all suppliers.

Making sure the agreements meet the specific relationship of the supplier
The first thing to do is to perform a gap assessment against the basic requirements.
Also, look at the most recent FDA warning letters to see if there are any situations that
you need to add to your existing SQA. Being proactive will prevent having to deal with
major issues later.
The second part of this exercise is to construct the SQA to be flexible to allow the
different business relationships you might have with your suppliers. The decision of what
goes in the SQA should be based on the risk assessment and the business relationship. For
example, the same requirements for a contract manufacturer providing a finished device
for you would have fewer requirements for a component supplier.
An example that supports this approach is outlined in a 2012 warning letter, in which
the agency looked at five agreements that it found woefully inadequate. Here are examples
of what FDA cited in three of those agreements:
• The agreement … does not address complaint handling, medical device reporting,
labels/labeling content, product recall, or maintenance of device history records.
• The agreement … does not address complaint handling and maintenance of device
history records. Further, the term of the agreement expired on the third anniversary of
the effective date.
• The agreement … does not address product design changes, complaint handling,
medical device reporting, recalls, label/labeling content, or maintenance of device
history records. Additionally, the agreement is not signed and dated.
An agreement should outline the key roles and responsibilities of the parties. Metrics
and due dates should be clearly identified to avoid scope creep. Remember, the SQA is a
two-way document that should identify key suppliers and indicate whom to notify if FDA
shows up for an inspection. You don’t want to be in a situation where someone from your
company is unable to answer the agency’s questions or, worse, answers them incorrectly.

Having a frequency to review the agreements are kept current

Most SQAs are created and signed in the beginning of the business relationship but
then are not part of any standard frequency to make sure the agreement needs to be
updated. This applies to the requirements that might have changed after the production
started or there are changes in the management on both sides of the relationship.
The people signing off on the agreement should be those who are closest to the daily
responsibilities. Some agreements get overwhelmed with legalese, so those who have to
execute on the requirements should understand the terms. A review should
Your Feedback? be conducted with both parties every six to 12 months or coincide with the
supplier audit program or made part of the internal SOP activities. Even if the
We like to hear your review results in no changes, it at least makes sure everyone is current with the
thoughts and ideas on this SQA requirements.
topic, so please email us or
respond to the conversation In summary, SQAs are important controls to have with your suppliers but
on the ASQ Biomedical with only the highest-risk suppliers. The process should be effective but simple
Division LinkedIn site. enough that everyone involved understands the importance of this agreement
and it is reviewed on a frequency that keeps everyone knowledgeable.

14 B I O F E E D B A C K / Augus t 2015

 Medical Device Life Cycle Risk Management
by GM Samaras
Safety is the continual application of effective risk management activities, not the
momentary absence of known hazards. Avoiding unintended harms requires continuously
managing all the risks associated with your product. Ignoring product use errors overlooks
a large number of hazards. Acquisition of user complaints is the basis for use error identifi-
cation and postmarket product risk management. Actively harvesting user complaints is a
basic defense against unintended harms and product recalls.

Introduction
A product manufacturer’s obligation for product safety extends across the whole prod-
uct life cycle—from concept to salvage/disposal. In the United States, manufacturers and
retailers of consumer products are obligated to report certain product safety issues to the
Consumer Product Safety Commission; manufacturers and operators of aircraft are obligated
to report certain aviation safety issues to the Federal Aviation Administration; manufacturers
and user facilities of medical devices are obligated to report certain medical device safety
issues to the Food and Drug Administration.
Safety is the continual application of effective risk management activities, not the
momentary absence of known hazards. Risk management is applied across the complete
product life cycle. The principle is enshrined in many well-recognized industry standards
(e.g., for medical devices, ISO 9001, ISO 13485, and ISO 14971) and is a fundamental
engineering best practice. Correct application of life cycle risk management is your primary
tool for minimizing unintended harms to patients and providers, reducing product recalls,
limiting product liability, and protecting employees and shareholders.
Risk Management
Figure 1 shows the general approach to
risk management. Risk is future uncertainty Figure 1
of the deviation from an expected outcome.
In product risk management, complaints
of desirable deviations are rare and we are
typically only concerned with undesirable
(unsafe/ineffective) deviations. Risk is gen- As
se
erally quantified as some combination of

ss
the severity of harm of the identified hazard

me
tion

and the frequency of occurrence of that

nt
Mitiga

identified hazard.1
Risk
Nearly every senior executive under-
stands financial risk management: “The
management
identification, analysis, assessment, control,
and avoidance, minimization, or elimina-
tion of unacceptable risks. An organization
may use risk assumption, risk avoidance,
Id e n
risk retention, risk transfer, or any other tificatio n
strategy (or combination of strategies) in
proper management of future events.”2 But
the strategies for financial risk management
do not map well to product risk management; risk avoidance and risk transfer (from manu-
facturer to customer3) ultimately result in unintended risk assumption and risk retention by

1.  Samaras, GM. “Use, Misuse, and Abuse of the Device Failure Modes Effects Analysis.” MD+DI
Online (and later print Magazine August 2013).
2.  http://www.businessdictionary.com/definition/risk-management.html Accessed 6/11/15.
3.  Minimizing Type II errors (Producer Risk) at the expense of Type I errors (Consumer Risk).
cont. on p. 16

15 B I O F E E D B A C K / Augus t 2015

 the product manufacturer. Furthermore, from a sales and marketing perspective (the back-
ground of many senior corporate leaders), if there is no consumables “tail” once the product
is sold and delivered, there is strong motivation to shift focus to the sale of the next product,
rather than focusing on managing risk for product already sold. This makes eminently good
sense, but only from a myopic financial perspective.
Sales and marketing move product, but they are also the firm’s principle interface for
customer satisfaction and product safety information. They are essential for generating rev-
enue, but also foundational for protecting that same revenue by identifying complaints and
supporting timely product life cycle risk management. Motivate them to sell product and
to acquire satisfaction and safety data. This will reduce delays managing product risks; the
rapid response will reduce unintended harms, product recalls, and product liability actions.
Modern Western expectations and industry standards demand that manufacturers
eliminate essentially all product safety hazards. But eliminating all known and unknown
hazards is, by definition, an impossible task. What is possible is creating product safety by
continually implementing effective risk management practices. Eliminate risks from hazards
that can be identified during premarket development and manufacturing. Then, follow by
rigorously and systematically searching for and managing new or previously unrecognized
hazards in the postmarket phase, until the product is replaced or disposed. This is the
well-established “cradle-to-grave” risk management engineering best practice identified in
textbooks, in international consensus standards, and required by many federal agencies for
a variety of products.
Setting Boundaries
Identifying hazards requires an understanding of use context. Engineers set operational
boundaries (the design envelope) followed by conducting worst-case analyses to inform
their design validation testing. Well-known examples of boundaries include operating
voltages and currents for consumer electronic devices, operating ceiling and descent rate
for aircraft, and encapsulation for software components. Engineers typically try to steer
clear of unbounded problems because they are not generally amenable to closed solutions
and product realization. This is the reason that operationalization of product requirements
(design inputs) is crucial to efficient engineering design. By operationalization we mean
(a) defining what to measure, (b) defining how (and with what) to measure it, and (c) what
measurement results in a pass or fail. Carefully established boundaries reduce the complex-
ity of product design and risk management, thus decreasing time to market. Not establishing
clear boundaries frequently results is arbitrary, and potentially undesirable, assumptions
about the required boundaries … yielding unintended consequences.
For medical devices, one important set of boundaries is defined by the intended use,
the intended user(s), and the intended use environment(s). This constrains the context, but
does not fully eliminate risk complexity. There are two types of product use errors: system
use errors and individual user errors.4 A well-known example of an individual user error is
driving while intoxicated. A well-known example of a system use error is the set of mistakes
operators make as a result of a poorly designed interface. Hazards arise not only from how
the device is designed, manufactured, and deployed, but also from how the device is used
after it is sold. The manufacturer can reasonably expect (see Table 1) intended use, novel
use, misuse, and abuse of their device, as well as active, latent, and drift errors from product
development, manufacturing, and deployment processes.5 One cannot reasonably assume
their product will be used exactly as they envision it. Ignoring the full spectrum of potential
use errors in product risk management is not adequate, reasonable, or technically correct. It
only delays effective internal risk management and invites external risk management in the
form of product recalls and expensive lawsuits.

4.  Samaras, GM. “Medical Device Mechatronics Maturity.” Medical Electronics Design Online (and
later print Magazine, January 2013).
5.  Samaras, GM. “Reducing latent errors, drift errors, and stakeholder dissonance.” WORK: A Journal
of Assessment, Prevention, and Rehabilitation, 41(s1):1948-1955 (2012).
cont. on p. 17

16 B I O F E E D B A C K / Augus t 2015

 Table 1

Human error category

Error-producing behavior
Expected behavior
Unexpected behavior
Misguided behavior
Malicious behavior
Locus of control
System use error Individual user error
Active (known bugs) Routine use
Latent (unknown bugs) Novel use
Drift (beyond design envelope) Misuse
Sabotage Abuse
Development and deployment
Individual human(s)
organizations

Copyright ©2012, 2015 GM Samaras. All rights reserved.

Elements of Life Cycle Risk Management

Managing product risk involves both administrative and engineering activities. There
are administrative standard operating procedures that must be managed and reports
that must document the required activities. However, the documentation only serves
as evidence of the occurrence of engineering activities.6 You can envision five dis-
crete engineering activities for risk management: (1) identification of a potential hazard,
(2) recognition or acceptance of an identified hazard as relevant for the specific product,
(3) evaluation of the risk, (4) application of a proposed risk control measure, and (5) ver-
ification or validation of the risk control measure(s). Risk management is well described
in standard texts and various consensus standards; what is not well described is the corre-
spondence between premarket and postmarket risk management activities (see Table 2).
Understanding the correspondence and terminology differences are important elements in
promoting complete and correct product life cycle risk management. Product risk manage-
ment does not stop with the end of development and the beginning of sales; it stops when
the product is no longer sold and used.
Premarket (or design) risk management generally uses terminology familiar to engineers.
First, you have to identify a potential hazard. Then, you have to recognize it is a hazard
affecting your specific product (it is not outside your boundaries). Once you have accepted
that a hazard is relevant, you have to evaluate the risk by determining (or estimating) the
probability of the hazard occurring and the severity of the harm that can result. If you deem
that risk is acceptable, then you accept the risk (you cannot accept risk for someone else)

Table 2

Iteration steps Premarket development Postmarket vigilance

1 Hazard identification Complaint management
2 Hazard recognition Sentinel event recognition
3 Hazard risk evaluation Health hazard evaluation
4 Risk control application Corrective preventive action
5 Risk control verification/validation CAPA verification/validation

Copyright ©2015 GM Samaras. All rights reserved.

6.  Samaras, GM. “The Use, Misuse, and Abuse of Design Controls.” IEEE Engineering in Medicine and
Biology Magazine 29(3):12-18, 2010.
cont. on p. 18

17 B I O F E E D B A C K / Augus t 2015

 or you can attempt to transfer the risk to your customer; if you decide the risk is not accept-
able, then you are obligated to implement an effective risk control measure. There are four
types of premarket risk control measures: (a) redesign, (b) guarding, (c) transfer of control of
the risk to the end user through labeling or training, and (d) not selling the product. Once
a candidate risk control has been agreed and implemented, you are obligated to verify or
validate that the risk control (a) actually reduced the targeted risk and (b) did not create any
new hazards;7 risk control verification or validation is always required, even if you chose to
employ labeling or training.
An important consideration in evaluating and controlling design risk, especially if you
are relying on detectability for prioritizing resources for risk management, is that detect-
ability does not alter the actual design risk. Detectability is a risk control measure, not an
element of risk, and only available internally to the product manufacturer before the prod-
uct is shipped. Once in the hands of users, you have no knowledge or control over what a
user can or will detect. Even if they detect a design defect hazard, you have no knowledge
or control of whether they will remember how to properly respond to the hazard. And, even
if the user recalls the correct response, you have no knowledge or control over whether
they have adequate time or expertise to properly implement your recommended risk con-
trol. Detection is a design risk control measure for manufacturers, not users.
Postmarket risk management does not differ from premarket risk management, except
in the terms used. Complaint management (acquiring and analyzing complaints and other
postmarket information) is foundational; it is your primary mechanism for getting infor-
mation on potential, previously unidentified, hazards. A deficient complaint management
system negates your premarket risk management efforts and undermines all remaining
postmarket risk management activities. Sentinel events (sometimes called safety signals) are
the occurrence (or the possibility of occurrence, such as from a “near miss”) of unexpected
events involving death or serious injury not related to the natural course of an injury or
illness.8 Sentinel event recognition corresponds to premarket hazard recognition and is,
by definition, an accepted hazard. Postmarket evaluation of the risk associated with this
hazard is often called a “health hazard evaluation”9 and is used to determine whether risk
control (corrective and preventive action [CAPA]) is warranted. If you decide CAPA is not
warranted, you are deciding to accept the risk. But, if you decide that a CAPA risk control is
warranted, then the options include (a) redesign, (b) guarding, (c) transfer of risk control to
the end user using labeling or training, and (d) removal of the device from the market. As in
premarket risk management, you have to verify or validate that the risk control (a) actually
reduced the targeted risk and (b) did not create any new hazards.
The “PA” in CAPA includes public reporting, which is itself a validated risk control. It
is a regulatory obligation in the United States10 and it is the means of informing the public
of death or serious injury associated with the use of your product. It is a critical element
in postmarket risk management that expands the risk management process beyond the
manufacturer to external agencies. This crucial risk control is defeated by manufacturer
reporting noncompliance.

Conclusion
Product life cycle risk management is an engineering approach for increasing product
safety and reducing unintentional harms, product recalls, and product liability. Unlike
financial risk management, product risk avoidance and risk transfer ultimately result in
manufacturer risk assumption and risk retention. The terminology used for premarket
risk management and postmarket risk management differ, but the underlying engineering
activities are essentially the same. Not doing complete and correct premarket risk man-
agement undermines the viability of your product in the marketplace; not doing complete

7.  See, for example, ISO 14971:2003 §6.3.

8.  http://www.jointcommission.org/Sentinel_Event_Policy_and_Procedures/default.aspx Accessed 6/9/15.
9.  See, for example, 21 CFR 7.41.
10.  21 CFR 803.
cont. on p. 19

18 B I O F E E D B A C K / Augus t 2015

 and correct postmarket risk management negates your premarket efforts and increases
your firm’s financial risk. Fundamental to successful postmarket risk management is an
effective and efficient complaint management system that actively harvests customer satis-
faction and safety data. Motivate your primary connection to your customers—your sales
personnel—both to sell your product and to quickly feed back to you user complaints and
field observations. The commissions you pay will reduce unintended harms, reduce prod-
uct recalls, protect your shareholders, and allow you to innovate new, improved products
for everyone’s benefit.

Identifying the Common Ground Between

Your QMS and Integrated Software Solutions
by Phillip Arisman
Regulations and standards such as ISO 13485 (International Standard for Quality
Management Systems in the Medical Device Industry) and 21CFR820 (Title 21 Code
of Federal Regulations for Medical Devices, Quality System Regulation) are primarily
written to allow an organization to manage their process with or without software. In
most cases using a software solution within a business process is an option, rather than
a requirement. In today’s world, however, it is almost impossible to find a business that
does not use some type of software application to support its process. As these appli-
cations account for a larger role in the organization they become more relevant in the
execution of the quality management system (QMS). To manage complex software appli-
cations that coincide with the QMS, common ground must be found. Requirements are
that common ground.
Standards and regulations are written with industry best practices in mind; how-
ever, transcribing these into requirements that can be verified, tested, or observed in a
business practice or software application is not always as simple as cutting and pasting
from the original document. A single statement within a standard or regulation can be
dissected into multiple requirements; likewise, several statements from multiple stan-
dards or regulations can be consolidated into one requirement. In cases where two or
more standards/­regulations cover the same requirement this is a matter of referencing
one section to another. To illustrate this we look at text from two sources utilized in the
same industry.
1. 21CFR820.60 – Each manufacturer shall establish and maintain procedures for
identifying product during all stages of receipt, production, distribution, and instal-
lation to prevent mix-ups.
2. ISO13485 Section 7.5.3 – The organization shall establish and maintain a record
(see 4.2.4) for each batch of medical devices that provides traceability to the extent
specified in 7.5.3 and identifies the amount manufactured and amount approved
for distribution. The batch record shall be verified and approved.
These statements are arguably different in scope. One references the procedure while
the other could be considered a subset by specifically referencing the record maintained
within the procedure. They do, however, exhibit a common element of control over the
product. That control can be represented by common business or functional requirements
or if performed by a software application, one or more testable system requirements.
Tracking the source of the requirements through a requirement traceability matrix (RTM)
can maintain the integrity of that source, and consolidating requirements can ultimately
reduce amount of testing and validation—therefore helping maintain them through the life
cycle of the software and the QMS.
When a common concept applies to multiple instances within one or more standard,
it is sometimes advantageous to extract that element into its own requirement, e.g., a
requirement that stems from a business best practice such as management of change. A
management of change process is used to reduce environmental, health, and safety risks
cont. on p. 20

19 B I O F E E D B A C K / Augus t 2015

 due to changes that occur within an organization, business process, or facility. Many stan-
dards embed the issue of change management across several specific requirements that
refer to changes in process, equipment, software, personnel, etc.; however, the overall man-
agement of change process is never specifically addressed. Having a business requirement
that addresses this as a whole can simplify the path between the standard and validation by
also reducing the number of test points.
To verify that a process, organization, and/or artifact conform to the standard and
regulation, the first task is to define each requirement of conformance/compliance (RoC).
These requirements can be identified directly or indirectly within the standard, regulation,
or within supporting documentation. Direct requirements are signified by an absolute
statement of the requirement by the standard such as “Each manufacturer shall establish
and maintain procedures to ensure that the device design is correctly translated into pro-
duction specifications.” from 21CFR820.30 h. In this example the word shall is used as the
active verb against the manufacturer or organization, denoting there is no question that
this requirement must be met. Indirect requirements are often harder to determine. Indirect
requirements are usually accompanied by detailed direct requirements; however, in some
cases they are independent statements that pertain to the overall process or philosophy. In
ISO 14224, which deals with the collection of reliability and maintenance data in the pet-
rochemical industry, this statement is pertains to the collection of equipment data (Section
9.4): “The classification of equipment into technical, operational and environmental param-
eters is the basis for collection of RM (Reliability Maintenance) data.” The standard further
expands on the definition of the data; however, this represents an indirect requirement that
the data must be grouped by these parameters.
Applicability is also important when determining a software application’s effect on the
implementation of the QMS. Because a standard such as ISO 13485 is written with multi-
ple business types within the medical device industry, a business within an industry, or an
individual function within that business, each RoC must be reviewed to determine its appli-
cability to the business or process that is being certified. This applies to the identification
of a requirement’s applicability to the software application. In some cases the RoC can be
used verbatim as the business process requirement (BPR); however, in others a separate BPR
must be written to show the applicability and derive the system requirement that can be
validated. The key is the bridge between the business process requirements defined by the
standard or regulation and the system requirements that are consistent and testable.
Ultimately, when identifying requirements in a standard or regulation that apply to a
software application, there are four things to look for: control (e.g., approval of design prior
to release to production), transaction (e.g., creation of purchase order from a requisition),
data storage (e.g., transaction history of a specific lot/batch), and communication (e.g.,
alarms, emails, reports). As the QMS requirements are identified, these four characteristics
serve as a guideline to identify the need for system requirements.
The key to managing both the QMS and an integrated software solution is to manage
the underlying requirements that both systems are based on. If these requirements coincide,
then changes in one system can be translated into the other and the risk associated with
those changes mitigated.

cont. on p. 21

20 B I O F E E D B A C K / Augus t 2015

 Discussion
Group Spotlight
Northern California Discussion Group
(NCDG) hosted Kimberly A. Trautman,
Associate Director, International Affairs
at CDRH
by Thi Nguyen, Chair NCDG, CQE, CSQE
In the March 2015 BioFeedback, Robert L.
Turocy reported on what is happening at IMDRF.
In May 2015, NCDG was privileged to have
Kimberly A. Trautman from FDA, who is actively
part of IMDRF, present on the Medical Device
Single Audit Program (MDSAP). She discussed
this program in Seattle, WA; Milpitas, CA; and San
Diego, CA. At the Milpitas location, the audience
consisted of 75 quality and regulatory professionals
around the Bay Area. Trautman provided the mis-
sion of the MDSAP, which is “to jointly leverage
regulatory resources to manage an efficient, effec-
tive, and sustainable single audit program focused
on the oversight of medical device manufacturers.”
She helped the audience better understand the
activities presently happening with the program.
The international consortium of countries
for the MSDAP pilot are the United States,
Australia, Brazil, and Canada, with Japan as
an observer. The idea is that during a five-day
audit under MDSAP, a medical device man-
ufacturer is audited to the regulations that are
established in those participating countries. One
audit report can be submitted and accepted in
those participating countries. The medical device
manufacturer saves time and money because
the company is only hosting one audit, and reg-
ulatory bodies are able to utilize this effort and
therefore can manage resources better.
From the feedback provided by the audience,
many people agree in principle that this is a great
program, but they fear that without the EU onboard
the program is still not as strong or convincing. Not
many companies go to Australia, Brazil, or Japan, so
those companies still need to continue to host ISO
auditors, which in turn is not saving time or money.
Trautman understands the concern, and she
ensured the group that discussion with EU is cur-
rently happening. She encourages medical device
manufacturers to volunteer to be part of the
program to help the consortium improve and/or
validate the program. Overall, attendees enjoyed
the event because the topic was relevant, current,
and presented by FDA. They would like addi-
tional similar events in the future.
21
Biomedical Division Officers
Chair
Mary Ellen Delaney
mary_delaney99@yahoo.com
Chair-Elect
John Freije
john@freijequalityengineering.com
Treasurers
Theresa Cherry
teresacherry@live.com
Kimberly McCoy
kimberly@emergogroup.com
Secretary
Arvita Tripati
arvita.tripati@gmail.com
Call for Articles
Share your experience and knowledge with your
peers in the Biomedical Division while obtaining
valuable publishing credits to add to your profes-
sional credentials. The ASQ Biomedical Division
newsletter is looking for authors. You can submit
your piece to be featured in Biofeedback. The
article should revolve around the themes of prac-
tical application of industry knowledge, tools, and
techniques and should range between 750 – 1,000
words in length. For more information or to submit
an article, contact slw@usp.
LinkedIn
Make the most of your ASQ Biomedical Division
membership by connecting with us and your peers
on LinkedIn! Participate in online discussions
focused on medical device quality and be invited
to events in your area. Link in with us to stay con-
nected with the latest news and information from
the ASQ Biomedical Division and the industry at
large. Find us on LinkedIn by searching for:
• ASQ Biomedical Division
• ASQ Northern California Biomedical
Discussion Group
• New England Biomedical Discussion Group
B I O F E E D B A C K / Augus t 2015