Presentation on theme: "Medicare Certification Systems Thilak Wickremasinghe, Director/CEO Sri Lanka Accreditation Board."— Presentation transcript:
Medicare Certification Systems Thilak Wickremasinghe, Director/CEO Sri Lanka Accreditation Board
Common Certification Schemes ISO 9001 QMS Certification ISO 13485 QMS Certification for Medical Devices ISO/IEC 27001 ISMS Certification ISO 22000 FSMS Certification GMP Certification
ISO 13485-2003 Medical Devices - Quality Management Systems - Requirements for regulatory purposes Scope : specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.
ISO 13485-2003 Requirements 7.1 Planning of Product Rrealization 7.2 Customer – Related Pprocesses 7.2.1 Determination of requirements related to the product 7.2.2 Review of Requirements related to the product 7.2.3 Customer communication 7.3 Design and development 7.3.1 Design and development planning 7.3.2 Design and development inputs 7.3.3 Design and development outputs 7.3.4 Design and development review 7.3.5 Design and development verification 7.3.6 Design and development validation 7.3.7 Control of design and development changes 7.4 Purchasing 7.4.1 purchasing process 7.4.2 Purchasing Information 7.4.3 Verification of Purchased Product
ISO 13485-2003 Requirements Contd. 7.5 Production and service provision 7.5.1 Control of production and service provision 22.214.171.124 General requirements 126.96.36.199 Control of production and service provision – Specific requirements 188.8.131.52.1 Cleanliness of product and contamination control 184.108.40.206.2 Installation activities 220.127.116.11.3 Servicing activities 18.104.22.168 Particular requirements for sterile medical devices 7.5.2 Validation of processes for production and service provision 22.214.171.124 General requirements 126.96.36.199 Particular requirements for sterile medical devices 7.5.3 Identification and traceability 188.8.131.52 Identification 184.108.40.206 Traceability 220.127.116.11 Status identification
ISO 13485-2003 Requirements Contd. 7.5.4 Customer Property 7.5.5 Preservation of product 7.6 Control of Measuring and Monitoring Devices 8Measurement, Analysis and Improvement 8.1 General 8.2 Monitoring and measurement 8.2.1 Monitoring and measurement Feedback 8.2.2 Internal Audit 8.2.3 Monitoring and Measurement of Processes 8.2.4 Monitoring and Measurement of Product 8.3 Control of Nonconforming Product 8.4 Analysis of Data 8.5 Improvement 8.5.1 General 8.5.2 Corrective Action 8.5.3 Preventive Action
ISO/IEC 27001 : 2013 Information technology — Security techniques -Information security management systems – Requirements SCOPE : specifies the requirements for establishing, implementing, maintaining and continually improving an information security management system within the context of the organization. It also includes requirements for the assessment and treatment of information security risks tailored to the needs of the organization.
ISO/IEC 27001 : 2013 Requirements 4 Context of the organization 4.1 Understanding the organization and its context 4.2 Understanding the needs and expectations of interested parties 4.3 Determining the scope of information security management system 4.4 Information security management system 5 Leadership 5.1 Leadership and commitment 5.2 Policy 5.3 Organizational roles, responsibilities and authorities 6. Planning 6.1 Actions to address risks and opportunities 6.2 Information security objectives and planning to achieve them 7 Support 7.1 Resources 7.2 Competence 7.3 Awareness
ISO/IEC 27001 : 2013 Contd. 7.4 Communication 7.5 Documented information 8 Operation 8.1 Operational planning and control 8.2 Information security risk assessment 8.3 Information security risk treatment 9 Performance evaluation 9.1 Monitoring, measurement, analysis and evaluation 9.2 Internal audit 9.3 Management review 10 Improvement 10.1 Nonconformity and corrective action 10.2 Continual improvement Annex A (normative) Reference control objectives and controls