Auditing Risk Management Files скачать в хорошем качестве

Auditing Risk Management Files

Auditing a risk management file requires more than just verification that you have a risk management file. Verifying that the file references ISO 14971:2019 is also not enough. Auditing risk management files requires four things: 1. the auditor needs to be qualified to audit risk management files, 2. the auditor needs to create an audit agenda and schedule the audit, 3. the auditor needs to identify what documents and records they looked at and what they looked for 4. the auditor needs to document the results of the audit and include objective evidence of both positive and negative findings When you are auditing a risk management file, you need to have training on ISO 14971:2019 and lead auditor training. However, you will also need training on applicable guidance documents (i.e., ISO/TR 24971:2020) and applicable regulations (i.e., Regulation 2017/745 and/or Regulation 2017/746). There may also be device-specific guidance documents that specify known risks and risk controls that are considered state-of-the-art. Next, you need to schedule the audit of the risk management file. This can be a desktop audit that is performed remotely, or it can be on-site. Regardless of the approach, the audit should include interviewing participants in the risk management process documented in the risk management file. As a rule of thumb, I expect a minimum of 30 minutes to be spent interviewing the process owner and one or more other participants. Then I spend an additional 60 minutes of auditing time reviewing documents and records. Your audit agenda should specify the method of auditing to be used, date(s) of the audit, the duration of the audit, the location of the audit, and the auditing criteria. The auditor(s) and the auditee participants should be identified in the audit agenda. Finally, you should specify what documents and records you require for audit preparation. These documents will be used to help identify audit checklist questions and to determine a sampling plan for the audit. At a minimum, you will need a copy of the risk management procedure and a list of the risk management files that are available to audit. You may also want to request the audit plan for each of those risk management files. When you audit the risk management process, you could take any of the following approaches or a combination of more than one. You could audit the process according to the risk management procedure. You could audit the process according to the risk management plan(s) for each risk management file. You could audit using the process approach to auditing. Finally, you could audit in accordance with specific requirements in the ISO 14971:2019 standard and applicable regulations (i.e., Regulation 2017/745). If you would like to learn more about auditing risk management files, please see our new blog posting on November 1, 2022: https://medicaldeviceacademy.com/audi...