The definition of the Quality Policy of the organization is one of the essential tasks associated to the top management according to ISO 13485 and other quality management system standards associated to regulated business.
In this article we will go through the main requirements related to the policy according to ISO 13485 and other regulation linked to medical device sector.
We have been extensively discussed about ISO 13485 related issues, such as quality manual, management review, CAPA, quality policy.
General Characteristic of the Quality Policy
The Quality Policy can be basically considered as the mission statement for the quality management system of the organization. For this reason, it is strictly dependent from the organization and it is typically defined in the implementation phase of the quality system and documented or referenced in the quality manual.Â
The policy usually contains the vision and mission of the company.
When defining the policy of the organization it is important to define a quite concrete statement rather than having an abstract policy.
Requirements associated to the Policy according to ISO 13485
The requirements associated to the Quality Policy are defined in the section 5.3 of the ISO 13485 standard.
Specifically, this part of the standard defines what are the main characteristics of the quality policy. We will now go through all these requirements.Â
- Quality Policy shall be applicable to the purpose of the organization.
There must be an alignment between the general purpose and mission of the organization and the policy, that typically contains a sentence that summarizes the high level mission of the organization and how the quality management system can support that mission.
- The Quality Policy shall include a commitment to comply with requirements and to mantain the effectiveness of the quality management system.
Since the definition of the quality policy is one of the key task of the top management, it is very important that the policy includes a clear statement related to the commitment of the organization to comply with all the applicable regulatory requirements and the effectiveness of the quality management system.
In order to be very clear on this point, it is necessary that the quality manual includes a clear reference to the applicable regulatory requirements. Usually these requirements are highly dependent from the geographical regions where medical products of the organization are distributed. It is necessary to have a kind of matrix that correlates the geographies where the product is distributed to the applicable requirements to that specific geographical region. In this way, all the applicable regulatory requirements are clearly identified.
The commitment to maintain the effectiveness of the quality management system is also very important as, also in this case, it is part of the commitment of the top management specifically required by the standard.
- The Quality Policy shall provide a framework for the establishment of the quality objectives.
The requirements for the Quality objectives are defined in the point 5.4.1 of the standard. At the same time, the section 5.3 requires, as reports above, a clear link between the policy and quality objectives, where the former one provides a framework for the establishment of the objectives. From a practical standpoint, this means that the quality policy should highlight the overall scope of the quality system and this should then be reflected in the choice of the quality objectives used to measure the effectiveness of the quality system.
4. The Quality Policy shall be communicated and understood by the organization
This is an important point as it is obvioulsly necessary that the policy is communicated and understood to the whole organization. From a practical point of view, while the communication of the policy to all the personnel is rather simple and a lot of different methods can be implemented (for example the policy shall be included in the screensaver of the computers of all the personnel or attached to the walls of the offices), a little more complicated aspect is to demonstrate that the quality policy is understood by everybody.
One of the possibility is to specifically perform training on the policy and make sure that everybody signs a “Read and Understood” statement that can proof that all the personnel is knowledgeable of the policy and that the policy has been properly understood.
5. The quality policy shall be reviewed for continuing suitability.
The review of the quality policy is an essential moment for the quality management system of an organization. Typically, the review is performed during the management review, whose requirements we have already been discussing about. In fact, the management review is the right moment where top management can evaluate the suitability of the policy and, if needed, propose a new policy in case it is deemed necessary.
Subscribe to 4EasyReg Newsletter
4EasyReg is an online platform dedicated to Regulatory matters within the medical device, information security and AI-Based business.
We offer a wide range of documentation kits to support your compliance efforts towards a wide range of standards and regulations, such as ISO 13485, EU MDR, ISO 27001, ISO 42001 and much more. . Specifically, in our webshop you will find:
- ISO 13485 Documentation / Compliance Kit
- ISO 27001 Documentation / Compliance Kit
- ISO 42001 Documentation / Compliance Kit
- FDA Cybersecurity Documentation
Within our sister platform QualityMedDev Academy, a wide range of online & self-paced training courses is available, such as for example:
- Complaint Handling and Vigilance Reporting
- Artificial Intelligence in Medical Device. Regulatory Requirements
- Unique Device Identification (UDI) Requirements according to EU MDR
- Clinical Evaluation Process According to EU MDR
- Medical Device SW Verification & Validation
- Risk Management for Medical Devices
- Usability Evaluation for Medical Devices
As one of the leading online platforms in the medical device sector, 4EasyReg offers extensive support for regulatory compliance. Our services cover a wide range of topics, from EU MDR & IVDR to ISO 13485, encompassing risk management, biocompatibility, usability, software verification and validation, and assistance in preparing technical documentation for MDR compliance.
Do not hesitate to subscribe to our Newsletter!
