MDSAP AS F0010 6 004AO Application Matrix.docx

1、MDSAP AS F0010 6 004 AO Application MatrixPlease complete and include with your application to be recognized as an MDSAP Auditing Organization. Auditing Organization Applicant: ISO/IEC 17021-1:2015IMDRF/MDSAP WG/N3 FINAL:2016 (Edition 2)DOCUMENTATIONAPPLICANTS REMARKSREGULATORY AUTHORITY REMARKSCrit

2、erionReq.Manual(document number)Procedure(document number)Other(document number)e.g. Are these activities performed by your organization? If not, by whom?RA use only17021-1:20151. Scope2. Normative references3. Terms and definitions4. Principles 5. General requirements5.1 Legal and contractual matte

3、rsLegal entity that can be held legally responsible for all its certification activities.5.1.1Legally enforceable arrangement with each client for the provision of certification activities for all sites with the scope of certification.5.1.2Responsibility and Authority for Certification Decisions5.1.

4、3IMDRF N35.1 Legal and contractual mattersLegal entity ineligible to be AO if found guilty of an offence against national laws or regulations related to medical devices, or relating to any fraudulent or dishonest practices.5.1 Organizational structure, ownership and the legal or natural persons exer

5、cising control over the Auditing Organization5.1.1If part of a larger organization, activities, structure, governance and relationship with AO5.1.2If AO owns (whole or part) other entities or has multiple offices; define and document activities, roles and responsibilities, and the legal and operatio

6、nal relationship with the AO5.1.3Legally enforceable arrangements with manufacturers to allow RAs to observe and assess AO audits and to access the manufacturers documents and records5.1.4Legally enforceable arrangements with manufacturers to allow RAs to share information5.1.517021-1:20155.2 Manage

7、ment of impartialityActivities shall be performed impartially. Commercial, financial or other pressures shall not compromise the impartiality of activities.5.2.1Top management commitment to, and a policy for; impartiality, the management of conflict of interest and the objectivity of certification a

8、ctivities. 5.2.2Process to identify, analyse, evaluate, treat, monitor, and document the risks related to conflict of interests. Risks shall be documented and eliminated, or minimised, to an acceptable level. The risk assessment process shall include consultation with a balanced representation from

9、identified parties on matters affecting impartiality, openness and public perception. Where there are unacceptable threats to impartiality, certification shall not be provided.5.2.3An AO shall not certify another AOs quality management system.5.2.4Not offer or provide management systems consultancy.

10、5.2.5Not offer or provide internal audits of certified clients.5.2.6Not certifying a client when the AO has a relationship with a body that provided management systems consultancy. (See N3(ed2): Cl 5.2.5 3 year period)5.2.7Not outsourcing audits to a management system consultancy organization.5.2.8A

11、Os activities not to be marketed or linked with the activities of an organization providing management systems consultancy. (See N3(ed2): Cl 5.2.6 financial or other inducements)5.2.9Not use personnel for a client who was provided management system consultancy by those personnel. (See N3(ed2): Cl 5.

12、2.5 3 year period)5.2.10Response to any threats to impartiality from other persons, bodies or organizations.5.2.11Personnel, internal and external, and committees, shall act impartially.5.2.12Requiring personnel, internal and external, to reveal any potential conflict of interest. Not use personnel

13、when there are known threats to impartiality 5.2.13IMDRF N35.2 Management of ImpartialityFinancial and organizational independence from manufacturers or any economic operator or competitor with an interest in the manufacturers products5.2.1Organization structured to promote and safeguard independenc

14、e, objectivity, and impartiality of its activities. Procedures and records for the investigation and resolution of any conflict of interest. (See N3(ed2): Cl 6.1.4, MDSAP AU P0028)5.2.2Top-level management and responsible personnel, including their spouses or children, responsible for carrying out t

15、he audits shall not:- be the designer, manufacturer, supplier, installer, distributor, importer, purchaser, owner, user, or maintainer/servicer of the medical devices which they assess, nor the authorized representative of any of those parties- be involved in the design, manufacture or construction,

16、 the marketing, installation, use or maintenance/servicing of those medical devices, or represent the parties engaged in those activities - offer or provide any service which may undermine the confidence in their independence, impartiality, or objectivity. In particular, they shall not offer or prov

17、ide consultancy services to the manufacturer, his authorized representative, a supplier, or a commercial competitor- use the services of any organization or individual that has provided consultancy services to the manufacturer, his authorized representative or a supplier being audited by the Auditin

18、g Organization, within a period of three years since the last consultancy services were rendered.5.2.3Documentation of personnel formerly involved in device consulting and monitor and resolve any potential conflicts of interest5.2.4Three years between consultancy services and assignment of tasks rel

19、ated to previously serviced manufacturers5.2.5Not advertise, commit to, guarantee or imply the outcome of audits on the basis of financial or other inducements.5.2.6Action of subsidiaries, subcontractors or any associated body does not affect independence, impartiality, objectivity.5.2.7Change of au

20、dit team assigned to audit a manufacturer over period of time. LA for 3 consecutive audits. 5.2.8Formal commitment of personnel to comply with the AOs confidentiality and independence rules5.2.9If AO is part of a larger organization, impartiality requirements also apply to the larger organization5.2

21、.10The individuals involved in the process for managing threats on impartiality shall have access to expert(s) to obtain independent opinions. (See 17021-1:2015 Cl 5.2.2)5.2.1117021-1:20155.3 Liability and financingRisk analysis and arrangements to cover liabilities arising from activities and geogr

22、aphical areas of operation.5.3.1Evaluation of finances and sources of income and demonstrate commercial, financial or other pressures do not compromise impartiality initially and on an on-going basis.5.3.2IMDRF N35.3 Liability and FinancingLiability Insurance Evidence of consideration of the level a

23、nd geographic scope of activities and the risk profile of devices being produced by the manufacturers being audited 5.3.1Financial resources5.3.217021-1:20156. Structural requirements6.1 Organizational structure and top managementDocument organizational structure, duties, responsibilities, authoriti

24、es and lines of authority.6.1.1Activities to be structured and managed to safeguard impartiality6.1.2Identify top management with overall authority and responsibility for following:6.1.3- Operating policy development, process and procedure establishment6.1.3a- Supervision of the implementation of po

25、licies, processes and procedures6.1.3b- Ensuring impartiality6.1.3c- Supervision of finances6.1.3d- Development of certification services and schemes6.1.3e- Performance of audits and certification and complaint response6.1.3f- Certification decisions6.1.3g- Delegation of authorities6.1.3h- Contractu

26、al arrangements6.1.3i- Provision of adequate resources6.1.3jRules for committees involved in certification activities6.1.4IMDRF N36.1 Organizational structure and top managementPersonnel current in practices and knowledge6.1.1Organizational capacity to include management, administrative support, and

27、 infrastructure to undertake all contracted activities6.1.2Participation in the MDSAP regulatory coordination group6.1.3Consideration and usage of relevant MDSAP guidance and best practice documents6.1.4Adopt and adhere to a code of conduct including a mechanism for monitoring and verification (See

28、also N3(ed2): Cl 7.1.6). Violations to be investigated and actions taken6.1.5Documented roles, responsibilities, and lines of reporting for all personnel, including subcontractors, involved in audits and decision making.6.1.6Documented processes and procedures for independent review of work6.1.717021-1:20156.2 Operational ControlProcess for effective control of activities by the AO and related entities taking into account risks these entities may pose to competence, consistency and impartiality.6.2.1Appropriate level and methods for control of activities un