skills/claude-scientific-skills
1
0
Fork 0
mirror of https://github.com/K-Dense-AI/claude-scientific-skills.git synced 2026-01-26 16:58:56 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
57bde764fe9e43ae92259cbb4faf7fe60f405460
claude-scientific-skills/scientific-skills/iso-13485-certification/references/mandatory-documents.md
Timothy Kassis 57bde764fe Added ISO 13485 certification prep skill
2025-12-29 11:12:50 -08:00

21 KiB
Raw Blame History

ISO 13485:2016 Mandatory Documents and Records

This document provides a complete list of all mandatory documents and records required by ISO 13485:2016 for medical device Quality Management Systems.

Overview

ISO 13485:2016 requires organizations to establish and maintain 31 documented procedures along with a Quality Manual and Medical Device Files. Additionally, numerous records must be maintained to provide evidence of conformity.

Important Notes:

  • The 31 documented procedures do not need to be 31 separate documents
  • Multiple procedures can be combined into one document
  • One procedure can be split across multiple documents
  • Not all procedures may be applicable to every organization (exclusions must be justified)
  • Additional documentation may be required by applicable regulatory requirements

1. Quality Manual (Required by 4.2.2)

Description: Foundational QMS document

Must Include:

  • Scope of QMS with justified exclusions
  • Documented procedures or references to them
  • Description of interaction between QMS processes
  • Structure of documentation used in QMS

Applicable To: All organizations

2. Medical Device File (Required by 4.2.3)

Description: File for each medical device type or family

Must Include:

  • General description and intended use
  • Label and instructions for use specifications
  • Product and/or manufacturing specifications
  • Procedures for purchasing, manufacturing, servicing
  • Measuring and monitoring procedures
  • Installation requirements (if applicable)
  • Risk management file(s)
  • Verification and validation information
  • Design and development file(s) when applicable

Applicable To: All organizations for each device type/family

3. The 31 Documented Procedures

Clause 4: Quality Management System

1. Risk Management Procedures (4.1.5)

Description: Requirements for risk management throughout product realization Must Address:

  • Risk management methodology
  • Risk analysis and evaluation
  • Risk control measures
  • Risk acceptability criteria
  • Risk management review Referenced Standard: ISO 14971

2. Software Validation Procedure (4.1.6)

Description: Validation of computer software applications used in QMS Must Address:

  • Risk assessment of software
  • Validation approach and activities
  • Acceptance criteria
  • User responsibilities
  • Validation before initial use and after changes
  • Revalidation criteria

3. Control of Documents Procedure (4.2.4)

Description: Control of all QMS documents Must Address:

  • Document approval before issue
  • Document review and update
  • Identification of changes and revision status
  • Availability of relevant document versions
  • Document legibility and identification
  • Control of external documents
  • Prevention of obsolete document use
  • Identification of retained obsolete documents

4. Control of Records Procedure (4.2.5)

Description: Control of all QMS records Must Address:

  • Record identification
  • Storage and security
  • Integrity protection
  • Retrieval procedures
  • Retention time determination
  • Record disposition
  • Legibility requirements
  • Change identification

Clause 5: Management Responsibility

5. Management Review Procedure (5.6.1)

Description: Systematic review of QMS by top management Must Address:

  • Review frequency (at least annually)
  • Review agenda and inputs
  • Review outputs and actions
  • Attendee requirements
  • Record-keeping requirements

6. Internal Communication Procedure (5.5.3)

Description: Communication regarding QMS effectiveness Must Address:

  • Communication channels
  • Communication frequency
  • Responsible parties
  • Topics to be communicated
  • Documentation of communications

Clause 6: Resource Management

7. Human Resources/Competence Procedure (6.2)

Description: Ensuring personnel competence Must Address:

  • Competence requirements determination
  • Training needs identification
  • Training provision and evaluation
  • Education, training, skills, and experience requirements
  • Competence records maintenance
  • Awareness of personnel contributions

8. Infrastructure Maintenance Procedure (6.3)

Description: Maintenance of facilities and equipment (when affecting quality) Must Address:

  • Maintenance activities definition
  • Maintenance scheduling
  • Maintenance records
  • Impact on product quality
  • Verification after maintenance

9. Contamination Control Procedure (6.4.2)

Description: Control of contaminated or potentially contaminated product (when applicable) Must Address:

  • Contamination identification
  • Contaminated product handling
  • Segregation requirements
  • Decontamination procedures
  • Special arrangements for control

Clause 7: Product Realization

10. Customer Communication Procedure (7.2.3)

Description: Communication with customers Must Address:

  • Product information provision
  • Inquiry, contract, order handling
  • Customer feedback including complaints
  • Advisory notices
  • Communication channels and responsibilities

11. Design and Development Procedures (7.3.1 - 7.3.10)

Description: Control of design and development process Must Address:

  • Design and development planning
  • Input determination and review
  • Output provision and approval
  • Design reviews at suitable stages
  • Verification against inputs
  • Validation for intended use
  • Transfer to manufacturing
  • Change control
  • Design file maintenance

12. Purchasing Procedures (7.4.1)

Description: Control of purchasing process Must Address:

  • Supplier evaluation and selection criteria
  • Supplier monitoring and re-evaluation
  • Supplier performance tracking
  • Purchasing controls
  • Supplier notification of changes
  • Communication to sub-tier suppliers

13. Verification of Purchased Product Procedure (7.4.3)

Description: Verification that purchased product meets requirements Must Address:

  • Verification activities
  • Extent of verification
  • Method of product release
  • Verification at supplier's premises (if applicable)
  • Customer verification arrangements (if applicable)

14. Production and Service Provision Control Procedures (7.5.1)

Description: Control of production and service activities Must Address:

  • Work instructions and documented procedures
  • Use of suitable equipment
  • Monitoring and measuring activities
  • Release, delivery, and post-delivery activities
  • Labelling and packaging operations
  • Servicing procedures (if applicable)

15. Product Cleanliness Procedures (7.5.2)

Description: Control of product cleanliness (when applicable) Must Address:

  • Cleaning requirements and specifications
  • Cleaning before sterilization
  • Uncleanable product handling
  • Hygiene requirements in manufacturing
  • Cleaning verification

16. Installation and Verification Procedures (7.5.3)

Description: Installation activities (when applicable) Must Address:

  • Installation requirements
  • Installation instructions
  • Verification of installation
  • Installation records
  • Responsible parties

17. Servicing Procedures (7.5.4)

Description: Servicing activities (when applicable) Must Address:

  • Servicing requirements
  • Reference materials and measurements
  • Feedback analysis from servicing
  • Servicing records
  • Servicing notification to regulatory authorities

18. Process Validation Procedure (7.5.6)

Description: Validation of processes where output cannot be verified Must Address:

  • Process validation for manufacturing
  • Computer software validation for production
  • Sterilization process validation
  • Aseptic processing validation
  • Clean room validation (if applicable)
  • Criteria for review and approval
  • Equipment approval and personnel qualification
  • Revalidation criteria and triggers

19. Sterilization and Sterile Barrier System Validation (7.5.7)

Description: Validation of sterilization processes (when applicable) Must Address:

  • Sterilization method validation
  • Sterile barrier system validation
  • Process parameters for each batch
  • Validation of changes to sterilization
  • Maintenance of validation records

20. Product Identification and Traceability Procedures (7.5.8, 7.5.9)

Description: Identification and traceability throughout realization Must Address:

  • Identification methods throughout realization
  • Traceability extent definition
  • Distribution and location tracking
  • Consignee identification
  • Quantity shipped identification
  • Retention period requirements
  • Applicable regulatory traceability requirements

21. Customer Property Procedure (7.5.10)

Description: Control of customer-provided property Must Address:

  • Customer property identification
  • Verification of customer property
  • Protection and safeguarding
  • Loss, damage, or unsuitability reporting
  • Records of customer property

22. Preservation of Product Procedure (7.5.11)

Description: Product preservation during processing and delivery Must Address:

  • Identification requirements
  • Handling requirements
  • Packaging requirements
  • Storage requirements
  • Protection requirements
  • Special handling (if applicable)
  • Application to constituent parts

23. Control of Monitoring and Measuring Equipment Procedure (7.6)

Description: Calibration and control of measuring equipment Must Address:

  • Equipment identification
  • Calibration or verification intervals
  • Calibration methods and standards
  • Adjustment procedures
  • Identification of calibration status
  • Protection from invalid adjustments
  • Protection from damage
  • Assessment when found non-conforming
  • Computer software confirmation

Clause 8: Measurement, Analysis and Improvement

24. Feedback Procedure (8.2.1)

Description: Post-production information system Must Address:

  • Early warning system for quality issues
  • Post-production information collection
  • Complaint handling linkage
  • Reporting to regulatory authorities
  • Input to risk management
  • Input to corrective and preventive action
  • Feedback sources and channels

25. Complaint Handling Procedure (8.2.2)

Description: Timely handling of complaints Must Address:

  • Complaint receipt and recording
  • Complaint evaluation and investigation
  • Determination of need for reporting to authorities
  • Determination of need for advisory notices
  • Information to customer about actions taken
  • Transfer of complaint information not directly handled
  • Complaint trending and analysis

26. Reporting to Regulatory Authorities Procedure (8.2.3)

Description: Notification to regulatory authorities Must Address:

  • Determination of reportable events
  • Notification timeframes
  • Notification content requirements
  • Advisory notice requirements
  • Applicable regulatory requirements by region
  • Responsible parties for reporting

27. Internal Audit Procedure (8.2.4)

Description: Conduct of internal audits Must Address:

  • Audit program planning
  • Audit criteria, scope, frequency, methods
  • Auditor selection and impartiality
  • Audit responsibilities and requirements
  • Audit reporting
  • Records of audits
  • Follow-up activities

28. Process Monitoring and Measurement Procedures (8.2.5)

Description: Monitoring and measurement of QMS processes Must Address:

  • Process monitoring methods
  • Process measurement methods
  • Demonstration of achieving planned results
  • Implementation of corrections when needed
  • Corrective actions when processes fail

29. Product Monitoring and Measurement Procedures (8.2.6)

Description: Monitoring and measurement of product Must Address:

  • Product acceptance criteria
  • Measurement at appropriate stages
  • Release authority identification
  • Release procedures
  • Records of conformity to criteria
  • Traceability to measuring authority

30. Control of Nonconforming Product Procedure (8.3)

Description: Identification and control of nonconforming product Must Address:

  • Identification of nonconformity
  • Documentation requirements
  • Evaluation of nonconformity
  • Segregation of nonconforming product
  • Disposition of nonconforming product
  • Notification to external parties
  • Concession process (if applicable)
  • Rework procedures
  • Actions for nonconformity detected before delivery
  • Actions for nonconformity detected after delivery
  • Reporting requirements

31A. Corrective Action Procedure (8.5.2)

Description: Elimination of causes of nonconformities Must Address:

  • Review of nonconformities including complaints
  • Cause determination methodology
  • Evaluation of need for action
  • Planning and documentation of actions
  • Implementation of actions
  • Effectiveness review of actions
  • Records of investigation and follow-up

31B. Preventive Action Procedure (8.5.3)

Description: Elimination of causes of potential nonconformities Must Address:

  • Determination of potential nonconformities
  • Evaluation of need for action
  • Planning and documentation of actions
  • Implementation of actions
  • Effectiveness review of actions
  • Sources of information for preventive action
  • Records of investigation and follow-up

Additional Required Documentation

Analysis of Data Procedure (8.4)

While not explicitly called out as requiring a "documented procedure," organizations must establish processes for:

  • Data determination, collection, and analysis
  • Evaluation of continual improvement opportunities
  • Statistical techniques (if applicable)
  • Analysis of:
    • Customer satisfaction
    • Conformity to product requirements
    • Process and product characteristics and trends
    • Suppliers
    • Other relevant data including feedback and risk management outputs

Required Records by Clause

Clause 4 Records

  • Software validation records (4.1.6)
  • Risk management records (4.1.5)
  • All records specified in documented procedures and work instructions
  • All records required by applicable regulatory requirements

Clause 5 Records

  • Management review records (5.6.1)
  • Evidence of personnel competence (6.2)

Clause 6 Records

  • Infrastructure maintenance records (6.3)
  • Personnel training and competence records (6.2)

Clause 7 Records

  • Product requirements review and follow-up actions (7.2.2)
  • Design and development files (7.3.10) including:
    • Design and development plans
    • Design inputs
    • Design outputs
    • Design review records
    • Design verification records
    • Design validation records
    • Design change records
    • Risk management file
  • Design and development transfer records (7.3.8)
  • Supplier evaluation, selection, and monitoring (7.4.1)
  • Verification of purchased product (7.4.3)
  • Cleanliness of product records (7.5.2)
  • Installation and verification records (7.5.3)
  • Servicing activity records (7.5.4)
  • Sterilization process parameter records for each batch (7.5.5, 7.5.7)
  • Process validation records (7.5.6)
  • Product identification and traceability records (7.5.8, 7.5.9)
    • Including distribution records with consignee name/address and quantity (7.5.9.2)
  • Customer property records (7.5.10)
  • Calibration and verification records (7.6)

Clause 8 Records

  • Post-production feedback and complaints (8.2.1, 8.2.2)
  • Complaint investigations (8.2.2)
  • Regulatory authority reporting (8.2.3)
  • Internal audit records (8.2.4)
  • Process monitoring and measurement results (8.2.5)
  • Product monitoring and measurement records (8.2.6)
  • Product release authority (8.2.6)
  • Nonconforming product records (8.3.1)
  • Concession records and authority (8.3.2)
  • Nonconforming product actions after delivery (8.3.3)
  • Rework procedures and results (8.3.4)
  • Data analysis results (8.4)
  • Corrective action records including investigation and follow-up (8.5.2)
  • Preventive action records including investigation and follow-up (8.5.3)

Documentation Matrix

Clause Document Type Document Name Mandatory? Records Required?
4.2.2 Manual Quality Manual Yes No
4.2.3 File Medical Device File Yes (per device) Yes
4.1.5 Procedure Risk Management Yes Yes
4.1.6 Procedure Software Validation Yes Yes
4.2.4 Procedure Control of Documents Yes No
4.2.5 Procedure Control of Records Yes No
5.5.3 Procedure Internal Communication Yes No
5.6.1 Procedure Management Review Yes Yes
6.2 Procedure Competence/Training Yes Yes
6.3 Procedure Infrastructure Maintenance When applicable Yes
6.4.2 Procedure Contamination Control When applicable Yes
7.2.3 Procedure Customer Communication Yes Yes
7.3.1-10 Procedures Design and Development When applicable Yes
7.4.1 Procedure Purchasing Yes Yes
7.4.3 Procedure Verification of Purchased Product Yes Yes
7.5.1 Procedures Production Control Yes Yes
7.5.2 Procedure Product Cleanliness When applicable Yes
7.5.3 Procedure Installation When applicable Yes
7.5.4 Procedure Servicing When applicable Yes
7.5.6 Procedure Process Validation When applicable Yes
7.5.7 Procedure Sterilization Validation When applicable Yes
7.5.8 Procedure Product Identification Yes Yes
7.5.9 Procedure Traceability Yes Yes
7.5.10 Procedure Customer Property When applicable Yes
7.5.11 Procedure Preservation of Product Yes Yes
7.6 Procedure Control of M&M Equipment Yes Yes
8.2.1 Procedure Feedback Yes Yes
8.2.2 Procedure Complaint Handling Yes Yes
8.2.3 Procedure Regulatory Reporting Yes Yes
8.2.4 Procedure Internal Audit Yes Yes
8.2.5 Procedure Process Monitoring Yes Yes
8.2.6 Procedure Product Monitoring Yes Yes
8.3 Procedure Control of Nonconforming Product Yes Yes
8.4 Process Analysis of Data Yes Yes
8.5.2 Procedure Corrective Action Yes Yes
8.5.3 Procedure Preventive Action Yes Yes

Common Additional Documents (Not Required by ISO 13485 but Often Needed)

While not explicitly required by ISO 13485, the following documents are commonly needed for effective QMS operation and regulatory compliance:

Work Instructions

  • Manufacturing work instructions
  • Testing work instructions
  • Inspection work instructions
  • Cleaning instructions
  • Equipment operation instructions

Forms and Templates

  • Training records forms
  • Calibration forms
  • Audit checklists
  • Complaint forms
  • CAPA forms
  • Change request forms
  • Document review forms
  • Supplier evaluation forms

Additional Plans

  • Quality plan
  • Product realization plan
  • Validation plans
  • Clinical evaluation plans
  • Post-market surveillance plans

Technical Documentation

  • Product specifications
  • Material specifications
  • Test methods and protocols
  • Packaging specifications
  • Labeling artwork
  • Instructions for use

Regulatory Documentation

  • Technical files (EU MDR/IVDR)
  • 510(k) submissions (FDA)
  • Clinical evaluation reports
  • Post-market surveillance reports
  • Periodic safety update reports

Tips for Document Management

Combining Procedures

Multiple procedures can be combined into single documents, such as:

  • "Corrective and Preventive Action (CAPA) Procedure" (combines 8.5.2 and 8.5.3)
  • "Document and Record Control Procedure" (combines 4.2.4 and 4.2.5)
  • "Monitoring and Measurement Procedure" (combines 8.2.5 and 8.2.6)
  • "Product Identification and Traceability Procedure" (combines 7.5.8 and 7.5.9)

Determining Applicability

Not all procedures apply to all organizations. Common exclusions include:

  • Design and development (when only manufacturing per customer specifications)
  • Installation (when product doesn't require installation)
  • Servicing (when not offered)
  • Sterilization (when product is non-sterile)
  • Contamination control (when not applicable to product type)

All exclusions must be justified in the Quality Manual.

Regulatory Requirements

Remember that applicable regulatory requirements may mandate additional documentation beyond ISO 13485, including:

  • FDA regulations (21 CFR Part 820 / QMSR)
  • EU MDR/IVDR requirements
  • Health Canada requirements
  • Other regional regulatory requirements

Record Retention

Per ISO 13485:2016 (4.2.5), records must be retained for:

  • Minimum: The lifetime of the medical device as defined by the organization
  • Additional: Not less than the retention period of any resulting record
  • Regulatory: As specified by applicable regulatory requirements

Organizations must define the "lifetime" of their medical devices and establish retention times that meet or exceed:

  • ISO 13485 minimum requirements
  • Applicable regulatory requirements (often 5-10 years minimum)
  • Any customer contractual requirements

Transition to Medical Device File (MDF)

With FDA QMSR harmonization (effective February 2, 2026), organizations should prepare for transitioning from separate files to a unified Medical Device File (MDF) that replaces:

  • DHF (Design History File)
  • DMR (Device Master Record)
  • DHR (Device History Record)

The MDF approach aligns with ISO 13485:2016 requirements and provides a more unified documentation structure.

Reference in New Issue View Git Blame Copy Permalink