Category: ISO

How Do You Prepare for an ISO 9001 Certification?

By The Pro QC Quality Assurance Team

What is ISO 9001:2015?
If you want to indicate that your organization has a functional quality management system, ISO 9001:2015 is the certification you need. The official website says the steps a company takes to demonstrate its ability to consistently provide quality products and services that meet customer and applicable regulatory requirements, combined with the company’s aim to enhance customer satisfaction through the effective application of the system, are the core tenets of the certification.

ISO 9001:2015 is applicable to any organization of any size – whether it offers manufactured goods of any kind, or services.

ISO 9001 - 2015

Why do we need an ISO 9001:2015 certification?

The certification tells customers that the goods manufactured, or the services offered by the company they are looking to potentially be a client of, adhere to the best practices laid out by the official ISO 9001 quality management system guidelines.

It is very much a global standard, so anyone will recognize it anywhere in the world.

So how do you prepare for ISO 9001:2015 certification?

Getting an ISO 9001 audit is imperative to working through the journey toward being certified.

There are six key steps to achieving the ISO 9001 certification:

  1. Understanding the ISO 9001 – classroom training on the standard and documentation review
  2. ISO 9001 audit – conducted by a third-party audit company to complete an on-site gap analysis and suggest an action plan
  3. Preparation of documentation – based on the results of the ISO 9001 external audit, the third-party audit company works with the team on necessary documentation and next steps
  4. ISO 9001 implementation – committing the entire organization to effective uptake of a quality management system that adheres to the certification standard
  5. ISO 9001 audit – as part of the requirements for the ISO 9001:2015, an internal audit review is required annually to demonstrate continued effectiveness of implementation of the quality management system at the company
  6. ISO registration – before an organization can apply for an ISO 9001:2015 standard, evidence of consistency within the quality management system is required for up to six months; this is verified through a third-party audit

The process to complete the necessary steps can take up to nine months if starting from scratch. Proving consistency and verifying this through a specific audit is imperative to the process.

What are the challenges to getting ISO 9001 certified?

Preparing for the ISO implementation is often the hardest part of the process – aligning the company and having everyone fully onboard, defining the technical requirements, collating relevant documentation, and communicating the procedures to the entire company are just some of the challenges. Many organizations assign an internal representative or champion and often outsource the audit and facilitation to a third-party auditor who is familiar with the certification process and can provide unbiased advice to drive changes more successfully.

The ISO 9001:2015 quality management system is a core building block of an organization’s foundation. This means that each and every member of the team needs to be on board throughout the process and ensure that nobody flips back into old or bad habits. To ensure quality management system consistency is maintained, a third-party auditor can ensure quality management system gaps and the associated corrective action plan are managed to completion. This approach can help to ensure that ISO 9001 certification is just around the corner for your organization.

If you are looking for help with a customized plan for reaching ISO 9001 certification, Pro QC can help.

Five Things You Should Know About ISO 13485

By The Pro QC Quality Assurance Team

1. Why ISO 13485?

ISO 13485 is the global international standard for establishment and maintenance of a documented quality management system in the medical device industry. If a manufacturer has implemented ISO 13485, it will have a foundation upon which to certify for regional medical device regulations such as the EU Medical Device Directive (MDD), the EY Medical Device Regulation (MDR), US FDA 21 CFR 820, as well as other regulations that demonstrate a commitment toward the quality and safety of medical devices.

ISO 13485

2. COVID-19 highlights sanitation requirements.

Manufacturers of medical devices and medical products should consider prevention of risk of contamination of the device during the production process. Sources of contamination come not only from incorrect handling of the devices by people, but also from a list that includes raw materials, airborne particles, and dirty machines, among other things.

On April 16th, the International Organization for Standardization (ISO) published an updated standards list for PPE and Medical Devices, as part of their COVID-19 response effort. These product standards define guidelines for the manufacturers to follow to ensure a proactive role in the fight against the spread of the virus.

3. What is required for ISO 13485 certification?

To ensure medical products will pass certification, here are the key objectives the project should follow:

  1. Define the scope– What is the medical device, and what is its purpose, intended market, classification? What is the collection related ISO product standard, and what are the regional regulations for this product?
  2. Conduct an ISO 13485 Audit & Gap Analysis– This is an audit that determines the level of compliance versus the standards that are being held.
  3. Develop a project plan– After the audit and gap analysis, define a corrective plan which lists all non-conformities, including how to fix problems to comply with ISO 13485 requirements and related regional standard implementation.
  4. Develop documentation– Put together the mandatory documentation that includes a Quality Manual, procedures, work instructions and documentation with evidence of proof of implementation.
  5. Develop & conduct training– This is one of the most important steps in this checklist. Provision of training to anyone who will be involved in any stage of the production of the medical device is mandatory. The first training educates the team on applicable requirements of the ISO 13485 standards, including those relevant to regional and product certifications. The next training is to set in place a Quality Management System that provides a standard for complying with work instructions and necessary sanitary procedures, as well as recording of proof of implementation on specific documentation.
  6. Implementation– A period of three to six months is given to implement the new Quality Management System and preparation of documentation to demonstrate compliance.
  7. Conduct an internal audit– The supplier should conduct an internal medical device audit to measure compliance and correct any noted deviations. This internal audit can also be conducted by a third-party auditor, such as Pro QC.
  8. Conduct a management review– If the Quality Management System is not implemented according to ISO 13485 procedure, and does not meet the defined policy and objectives, it must be adjusted to meet the necessary requirements.
  9. Apply for ISO certification– An external audit of ISO 13485 is the final step. This external audit is typically conducted by certification bodies. Based on the readiness of your organization, the certification body will issue the ISO 13485 certificate if you pass, or issue a non-conformance report that will require corrective actions. In the case of a non-compliance, Pro QC can advise and assist the applicant in implementing and validating those corrective actions. Once all non-conformance items are closed, the company can then re-apply for certification.

4. What goes into the external ISO 13485 audit?

When Pro QC goes into a factory to conduct an audit, we have a specific checklist to follow that helps us make sure the manufacturer is following correct procedure. Our technical supervisor comes in to train the on-site auditor (if there is one), to ensure that there is a complete understanding of the ISO 13485 compliance requirements.

5. What are the common pitfalls associated with ISO 13485 certification?

Being ISO 13485 compliant requires being detail oriented. Pro QC has seen a number of common pitfalls in the road toward compliance, including a lack of control for the medical device file (clause 4.2.3), an insufficient record for each medical device or batch that provides traceability (clause 7.5.1), and others. It’s important to follow the steps and ensure you conduct either an internal or external ISO 13485 audit in order to prevent any holdup in manufacturing and shipping your medical devices.

Pro QC is here to help. Please contact us at, or reach out to one of our offices directly by clicking here.

A free, read-only version of the ISO 13485:2016 standard can be accessed here.