qms-audit-expert
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseQMS Audit Expert
QMS审核专家
ISO 13485 internal audit methodology for medical device quality management systems.
针对医疗器械质量管理体系的ISO 13485内部审核方法。
Table of Contents
目录
Audit Planning Workflow
审核规划流程
Plan risk-based internal audit program:
- List all QMS processes requiring audit
- Assign risk level to each process (High/Medium/Low)
- Review previous audit findings and trends
- Determine audit frequency by risk level
- Assign qualified auditors (verify independence)
- Create annual audit schedule
- Communicate schedule to process owners
- Validation: All ISO 13485 clauses covered within cycle
规划基于风险的内部审核项目:
- 列出所有需要审核的QMS流程
- 为每个流程分配风险等级(高/中/低)
- 回顾过往审核发现及趋势
- 根据风险等级确定审核频率
- 指派具备资质的审核员(验证独立性)
- 制定年度审核计划
- 向流程负责人传达审核计划
- 验证: 一个周期内覆盖ISO 13485所有条款
Risk-Based Audit Frequency
基于风险的审核频率
| Risk Level | Frequency | Criteria |
|---|---|---|
| High | Quarterly | Design control, CAPA, production validation |
| Medium | Semi-annual | Purchasing, training, document control |
| Low | Annual | Infrastructure, management review (if stable) |
| 风险等级 | 频率 | 判定标准 |
|---|---|---|
| 高 | 每季度 | 设计控制、CAPA、生产验证 |
| 中 | 每半年 | 采购、培训、文档控制 |
| 低 | 每年 | 基础设施、管理评审(若运行稳定) |
Audit Scope by Clause
按条款划分的审核范围
| Clause | Process | Focus Areas |
|---|---|---|
| 4.2 | Document Control | Document approval, distribution, obsolete control |
| 5.6 | Management Review | Inputs complete, decisions documented, actions tracked |
| 6.2 | Training | Competency defined, records complete, effectiveness verified |
| 7.3 | Design Control | Inputs, reviews, V&V, transfer, changes |
| 7.4 | Purchasing | Supplier evaluation, incoming inspection |
| 7.5 | Production | Work instructions, process validation, DHR |
| 7.6 | Calibration | Equipment list, calibration status, out-of-tolerance |
| 8.2.2 | Internal Audit | Schedule compliance, auditor independence |
| 8.3 | NC Product | Identification, segregation, disposition |
| 8.5 | CAPA | Root cause, implementation, effectiveness |
| 条款 | 流程 | 重点领域 |
|---|---|---|
| 4.2 | 文档控制 | 文档批准、分发、失效文档管控 |
| 5.6 | 管理评审 | 输入完整、决策文档化、行动可追踪 |
| 6.2 | 培训 | 能力定义、记录完整、有效性验证 |
| 7.3 | 设计控制 | 输入、评审、V&V、转移、变更 |
| 7.4 | 采购 | 供应商评估、来料检验 |
| 7.5 | 生产 | 作业指导书、流程验证、DHR |
| 7.6 | 校准 | 设备清单、校准状态、超差处理 |
| 8.2.2 | 内部审核 | 计划合规性、审核员独立性 |
| 8.3 | 不合格产品 | 标识、隔离、处置 |
| 8.5 | CAPA | 根本原因、实施、有效性 |
Auditor Independence
审核员独立性
Verify auditor independence before assignment:
- Auditor not responsible for area being audited
- No direct reporting relationship to auditee
- Not involved in recent activities under audit
- Documented qualification for audit scope
指派前验证审核员独立性:
- 审核员不负责被审核领域
- 与被审核方无直接汇报关系
- 未参与被审核领域近期活动
- 具备审核范围所需的资质证明
Audit Execution
审核执行
Conduct systematic internal audit:
- Prepare audit plan (scope, criteria, schedule)
- Review relevant documentation before audit
- Conduct opening meeting with auditee
- Collect evidence (records, interviews, observation)
- Classify findings (Major/Minor/Observation)
- Conduct closing meeting with preliminary findings
- Prepare audit report within 5 business days
- Validation: All scope items covered, findings supported by evidence
开展系统化内部审核:
- 准备审核计划(范围、标准、日程)
- 审核前查阅相关文档
- 与被审核方召开首次会议
- 收集证据(记录、访谈、观察)
- 对发现项分类(重大/次要/观察项)
- 与被审核方召开末次会议并通报初步发现
- 5个工作日内出具审核报告
- 验证: 覆盖所有范围项,发现项均有证据支持
Evidence Collection
证据收集
| Method | Use For | Documentation |
|---|---|---|
| Document review | Procedures, records | Document number, version, date |
| Interview | Process understanding | Interviewee name, role, summary |
| Observation | Actual practice | What, where, when observed |
| Record trace | Process flow | Record IDs, dates, linkage |
| 方法 | 适用场景 | 文档记录要求 |
|---|---|---|
| 文档查阅 | 程序文件、记录 | 文档编号、版本、日期 |
| 访谈 | 流程理解 | 受访者姓名、职位、访谈摘要 |
| 现场观察 | 实际操作 | 观察内容、地点、时间 |
| 记录追溯 | 流程流转 | 记录ID、日期、关联关系 |
Audit Questions by Clause
按条款设计的审核问题
Document Control (4.2):
- Show me the document master list
- How do you control obsolete documents?
- Show me evidence of document change approval
Design Control (7.3):
- Show me the Design History File for [product]
- Who participates in design reviews?
- Show me design input to output traceability
CAPA (8.5):
- Show me the CAPA log with open items
- How do you determine root cause?
- Show me effectiveness verification records
See for complete question sets.
references/iso13485-audit-guide.md文档控制(4.2):
- 请出示文档总清单
- 你们如何管控失效文档?
- 请出示文档变更批准的证据
设计控制(7.3):
- 请出示[产品]的设计历史文件
- 哪些人员参与设计评审?
- 请出示设计输入到输出的可追溯性证据
CAPA(8.5):
- 请出示包含未结项的CAPA日志
- 你们如何确定根本原因?
- 请出示有效性验证记录
完整问题集请查阅 。
references/iso13485-audit-guide.mdFinding Documentation
发现项文档记录
Document each finding with:
Requirement: [Specific ISO 13485 clause or procedure]
Evidence: [What was observed, reviewed, or heard]
Gap: [How evidence fails to meet requirement]Example:
Requirement: ISO 13485:2016 Clause 7.6 requires calibration
at specified intervals.
Evidence: Calibration records for pH meter (EQ-042) show
last calibration 2024-01-15. Calibration interval is
12 months. Today is 2025-03-20.
Gap: Equipment is 2 months overdue for calibration,
representing a gap in calibration program execution.每个发现项需按以下格式记录:
要求:[具体ISO 13485条款或程序文件]
证据:[观察、查阅或访谈的内容]
差距:[证据不符合要求的具体表现]示例:
要求:ISO 13485:2016 条款7.6要求按规定间隔进行校准。
证据:pH计(EQ-042)的校准记录显示上次校准时间为2024-01-15,校准间隔为12个月。当前日期为2025-03-20。
差距:该设备逾期2个月未校准,说明校准程序执行存在差距。Nonconformity Management
不符合项管理
Classify and manage audit findings:
- Evaluate finding against classification criteria
- Assign severity (Major/Minor/Observation)
- Document finding with objective evidence
- Communicate to process owner
- Initiate CAPA for Major/Minor findings
- Track to closure
- Verify effectiveness at follow-up
- Validation: Finding closed only after effective CAPA
对审核发现项进行分类与管理:
- 根据分类标准评估发现项
- 划分严重程度(重大/次要/观察项)
- 记录发现项并附客观证据
- 向流程负责人传达发现项
- 针对重大/次要发现项启动CAPA
- 追踪至关闭
- 跟进时验证有效性
- 验证: 仅在CAPA有效后才关闭发现项
Classification Criteria
分类标准
| Category | Definition | CAPA Required | Timeline |
|---|---|---|---|
| Major | Systematic failure or absence of element | Yes | 30 days |
| Minor | Isolated lapse or partial implementation | Recommended | 60 days |
| Observation | Improvement opportunity | Optional | As appropriate |
| 类别 | 定义 | 是否需要CAPA | 时间要求 |
|---|---|---|---|
| 重大 | 系统性失效或要素缺失 | 是 | 30天 |
| 次要 | 孤立性失误或部分未执行 | 建议 | 60天 |
| 观察项 | 改进机会 | 可选 | 视情况而定 |
Classification Decision
分类决策树
Is required element absent or failed?
├── Yes → Systematic (multiple instances)? → MAJOR
│ └── No → Could affect product safety? → MAJOR
│ └── No → MINOR
└── No → Deviation from procedure?
├── Yes → Recurring? → MAJOR
│ └── No → MINOR
└── No → Improvement opportunity? → OBSERVATION所需要素是否缺失或失效?
├── 是 → 是否为系统性问题(多起实例)? → 重大
│ └── 否 → 是否可能影响产品安全? → 重大
│ └── 否 → 次要
└── 否 → 是否偏离程序要求?
├── 是 → 是否重复发生? → 重大
│ └── 否 → 次要
└── 否 → 是否为改进机会? → 观察项CAPA Integration
CAPA整合
| Finding Severity | CAPA Depth | Verification |
|---|---|---|
| Major | Full root cause analysis (5-Why, Fishbone) | Next audit or within 6 months |
| Minor | Immediate cause identification | Next scheduled audit |
| Observation | Not required | Noted at next audit |
See for detailed guidance.
references/nonconformity-classification.md| 发现项严重程度 | CAPA深度 | 验证要求 |
|---|---|---|
| 重大 | 完整根本原因分析(5Why、鱼骨图) | 下一次审核或6个月内 |
| 次要 | 识别直接原因 | 下一次计划内审核 |
| 观察项 | 无需 | 下一次审核时记录 |
详细指导请查阅 。
references/nonconformity-classification.mdExternal Audit Preparation
外部审核准备
Prepare for certification body or regulatory audit:
- Complete all scheduled internal audits
- Verify all findings closed with effective CAPA
- Review documentation for currency and accuracy
- Conduct management review with audit as input
- Prepare facility and personnel
- Conduct mock audit (full scope)
- Brief personnel on audit protocol
- Validation: Mock audit findings addressed before external audit
为认证机构或监管机构审核做准备:
- 完成所有计划内内部审核
- 验证所有发现项均已通过有效CAPA关闭
- 检查文档的时效性与准确性
- 以审核结果为输入开展管理评审
- 准备场地与人员
- 开展全范围模拟审核
- 向人员传达审核流程
- 验证: 外部审核前解决模拟审核发现的所有问题
Pre-Audit Readiness Checklist
审核前就绪检查表
Documentation:
- Quality Manual current
- Procedures reflect actual practice
- Records complete and retrievable
- Previous audit findings closed
Personnel:
- Key personnel available during audit
- Subject matter experts identified
- Personnel briefed on audit protocol
- Escorts assigned
Facility:
- Work areas organized
- Documents at point of use current
- Equipment calibration status visible
- Nonconforming product segregated
文档:
- 质量手册为最新版本
- 程序文件与实际操作一致
- 记录完整且可检索
- 过往审核发现项均已关闭
人员:
- 关键人员在审核期间可到场
- 已确定主题专家
- 已向人员传达审核流程
- 已指派陪同人员
场地:
- 工作区域整洁有序
- 作业现场使用的文档为最新版本
- 设备校准状态清晰可见
- 不合格产品已隔离
Mock Audit Protocol
模拟审核流程
- Use external auditor or qualified internal auditor
- Cover full scope of upcoming external audit
- Simulate actual audit conditions (timing, formality)
- Document findings as for real audit
- Address all Major and Minor findings before external audit
- Brief management on readiness status
- 聘请外部审核员或具备资质的内部审核员
- 覆盖即将到来的外部审核全范围
- 模拟真实审核条件(时间、正式程度)
- 按真实审核标准记录发现项
- 外部审核前解决所有重大与次要发现项
- 向管理层汇报就绪状态
Reference Documentation
参考文档
ISO 13485 Audit Guide
ISO 13485审核指南
references/iso13485-audit-guide.md- Clause-by-clause audit methodology
- Sample audit questions for each clause
- Evidence collection requirements
- Common nonconformities by clause
- Finding severity classification
references/iso13485-audit-guide.md- 按条款划分的审核方法
- 各条款的示例审核问题
- 证据收集要求
- 各条款常见不符合项
- 发现项严重程度分类标准
Nonconformity Classification
不符合项分类
references/nonconformity-classification.md- Severity classification criteria and decision tree
- Impact vs. occurrence matrix
- CAPA integration requirements
- Finding documentation templates
- Closure requirements by severity
references/nonconformity-classification.md- 严重程度分类标准与决策树
- 影响与发生频率矩阵
- CAPA整合要求
- 发现项文档模板
- 按严重程度划分的关闭要求
Tools
工具
Audit Schedule Optimizer
审核计划优化器
bash
undefinedbash
undefinedGenerate optimized audit schedule
Generate optimized audit schedule
python scripts/audit_schedule_optimizer.py --processes processes.json
python scripts/audit_schedule_optimizer.py --processes processes.json
Interactive mode
Interactive mode
python scripts/audit_schedule_optimizer.py --interactive
python scripts/audit_schedule_optimizer.py --interactive
JSON output for integration
JSON output for integration
python scripts/audit_schedule_optimizer.py --processes processes.json --output json
Generates risk-based audit schedule considering:
- Process risk level
- Previous findings
- Days since last audit
- Criticality scores
**Output includes:**
- Prioritized audit schedule
- Quarterly distribution
- Overdue audit alerts
- Resource recommendationspython scripts/audit_schedule_optimizer.py --processes processes.json --output json
基于以下因素生成优化的审核计划:
- 流程风险等级
- 过往发现项
- 距上次审核的天数
- 关键程度评分
**输出内容包括:**
- 优先级排序的审核计划
- 季度分布
- 逾期审核提醒
- 资源建议Sample Process Input
流程输入示例
json
{
"processes": [
{
"name": "Design Control",
"iso_clause": "7.3",
"risk_level": "HIGH",
"last_audit_date": "2024-06-15",
"previous_findings": 2
},
{
"name": "Document Control",
"iso_clause": "4.2",
"risk_level": "MEDIUM",
"last_audit_date": "2024-09-01",
"previous_findings": 0
}
]
}json
{
"processes": [
{
"name": "Design Control",
"iso_clause": "7.3",
"risk_level": "HIGH",
"last_audit_date": "2024-06-15",
"previous_findings": 2
},
{
"name": "Document Control",
"iso_clause": "4.2",
"risk_level": "MEDIUM",
"last_audit_date": "2024-09-01",
"previous_findings": 0
}
]
}Audit Program Metrics
审核项目指标
Track audit program effectiveness:
| Metric | Target | Measurement |
|---|---|---|
| Schedule compliance | >90% | Audits completed on time |
| Finding closure rate | >95% | Findings closed by due date |
| Repeat findings | <10% | Same finding in consecutive audits |
| CAPA effectiveness | >90% | Verified effective at follow-up |
| Auditor utilization | 4 days/month | Audit days per qualified auditor |
追踪审核项目的有效性:
| 指标 | 目标值 | 测量方式 |
|---|---|---|
| 计划合规率 | >90% | 按时完成的审核占比 |
| 发现项关闭率 | >95% | 按时关闭的发现项占比 |
| 重复发现项占比 | <10% | 连续审核中出现的相同发现项占比 |
| CAPA有效率 | >90% | 跟进时验证有效的CAPA占比 |
| 审核员利用率 | 4天/月 | 每位具备资质的审核员每月审核天数 |