Our customer, an IT Service provider delivering medical software to its clients, is facing some major findings from a supplier audit. Points of concern are basically the processes requested by the ISO/EN norms 13485, 14791 and 62304, namely IT-Security, document control, CAP/Complaint Handling, data protection, training and software security development. Goal of the project is the adaption and optimization of the relevant processes to ensure conformity with the existing certificate and to pass the surveillance audit without major findings. Main tasks of the PTA consultants is giving guidance to the customer to improve within its own quality management system and to create awareness of the impact for the identified weak points.
Supplement
Due to the different criticality of the reported findings, a varying number of stakeholders across all management levels of the customer have to be addressed per topic. While processes like IT security, data protection and training are clearly assigned in the organization, the assignments for document control or CAPA/Complaint handling are more fuzzy. During the projects execution the customer agrees with a better structuring of its own QMS and the creation of different standard operation procedures including the respective templates and work instructions. Additionally, several document management systems are evaluated and checked against the customers needs. Introducing the best value tool with support from PTA is the closing step of this project.