Quality Manual, Policy and Objectives

ISO 13485:2016 Section Document Section

4.1.1 1.
4.1.2 4.
4.2.1 b) (All)
4.2.2 (All)
5.3 2.
5.4.1 2.

Summary
The Quality Manual describes the scope of the Quality Management System, its
documented procedures and a description of their interactions.

1. Scope
The QMS described in this Quality Manual applies to all products of <your
company name>.

Role of Company
Other roles besides manufacturer are: Authorized representative,
distributor.
<your company name> is a manufacturer of Medical Devices.

Applicable Standards
The following table only gives an overview of the most relevant regulation and
standards. For a comprehensive overview, see the list of applicable standards
(reference here).

Standard / Regulation /
Law Why Applicable?
MDR (2017/745/ Regulation for all Medical Device Manufacturers in
the EU
ISO 13485:2016 QMS required by essential requirements of
MDD/MDR
ISO 14971:2019 Risk management for medical devices
IEC 62304:2006 Software development for medical devices
IEC 62366-1:2015 Usability evaluation for medical devices

1
Exclusions
The following sections of ISO 13485:2016 will be excluded due to the product
being stand-alone software:
• 6.4.2 Contamination control
• 7.5.2 Cleanliness of product
• 7.5.5 Particular requirements for sterile medical devices
• 7.5.7 Particular requirements for validation of processes for sterilization
and sterile barrier systems
• 7.5.9.2 Particular requirements for implantable medical devices
• 7.5.11 Preservation of product

2. Quality Policy & Objectives

Quality Policy
Describe what your company is about, specifically, its mission and
things which are important for it. Maybe you’re developing software
for patients with a certain disease and your goal is to improve their
lives.
In addition, the policy should include a commitment to meet legal
requirements, keep the QMS up to date and define quality objectives
to work towards.

Quality Objectives
Whatever policy you outlined above, now you need to make it mea-
surable by defining objectives which can be tracked. Those objectives
should not (only) refer to the quality of your devices but the quality
of your QMS and the overall work of your organization. Typical
examples are: hiring excellence in staff, providing, best-of-class device
performance, high standards of customer satisfaction, etc.
Implementation Option 1: You define measurable, yet still abstract
quality objectives here. In a next step (see short-term goals below),
those are narrowed down to very concrete measures (for example:
monthly number of user complaints). The advantage of that: you
don’t need to update your quality manual and objectives a lot. And
you can re-use a system that you already have, combining QMS with
your regular business goals.
Implementation Option 2: As part of your management review, you
will have to review all QMS processes plus your quality policy and
objectives at least annually. You can use that opportunity to define
process-related KPIs which serve at the same time as your quality
objectives.

2
Short-Term Goals
How does your team track its goals? Your auditors want to see how
your quality objectives translate into your daily work. You should
formulate strategic goals for your company that are somewhat related
to your quality goals and which are tracked at least on an annual
basis. Do you already have a goal-oriented system in place to track
your team’s work? Even better: align business and quality goals and
describe your system here.

3. Roles
Describe the roles of the people in your company. Typically this is
done by drawing an organigram (you could use draw.io for that). Or,
you just use a table like below.
Minimum requirement information: required qualification and de-
scription of tasks related to QMS process involvement If applicable,
add: report / authority, access rights, etc.

Role People
CEO Steve Jobs
CTO Steve Wozniak
Product Manager Ada Lovelace
QMO Oliver Eidel

All C-level roles (CEO, CTO, CMO) are referred to as the Management. Man-
agement is generally responsible to define responsibilities and authorities, to
define and communicate Quality Policy and Goals and to ensure that the whole
organization is oriented towards them.
See ISO 13485, para. 5.1, para. 5.5.1
The Quality Management Officer (QMO) is responsible for:
• ensuring that processes needed for the company’s quality management
system are documented
• reporting to top management on the effectiveness of the quality management
system and any need for improvement
• ensuring the promotion of awareness of applicable regulatory requirements
and QMS requirements throughout the organization.
See ISO 13485, para. 5.1, para. 5.5.2
Person Responsible for Regulatory Compliance (PRRC) Responsibilities of the
PRRC are in accordance with Art. 15 MDR as follows:

3
 • Ensure (review / release) the conformity of the devices is appropriately
checked in accordance with the QMS before a device is released (also see
Art. 10 Para. 9 MDR)
• Ensure (review / release) that the technical documentation and the EU
declaration of conformity are drawn up and kept up-to-date for all medical
devices (also see Art. 10 Para. 4 and Art. 6 MDR)
• Ensure (review / release) that obligations for post-market surveillance are
complied with in accordance with Art. 10 Para. 10 MDR
• Ensure (review / release) that the reporting obligations of Articles 87 to
91 MDR are fulfilled (FSCA / incidents, also see Art. 10 Para. 13 MDR)
• Ensure that, in the case of investigational devices, the statement referred
to in Section 4.1 of Chapter II of Annex XV MDR is issued.
The PRRC shall not be subjected to Management instructions while carrying
out his/her responsibilities specified above. His/her tasks may be delegated to
other roles as long as it is ensured that final responsibility stays with the PRRC.
She or he has the power and authority to represent the company in the scope of
his/her responsibilities, e.g. in communicating with state authorities.
Required qualification for this role:
• Fluent in English language
• Knowledge of the role and responsibilities of a ‘Person Responsible for
Regulatory Compliance’ according to Art. 15 MDR
• Higher education degree in law, medicine, pharmacology or engineering
– OR: four years of professional experience in the fields of quality
management and regulatory affairs
• At minimum one year of professional experience in the fields of quality
management and regulatory affairs

4. Processes
List all your SOPs here. This list is currently incomplete as many
SOPs are company-specific. Important note: also mention if one
of these processes is outsourced to a third party (typical examples:
internal auditing or clinical evaluation done by a regulatory con-
sultant, software development done by an external agency; see ISO
13485:2016, para. 4.1.5). Perhaps add another column to point out
if an SOP is outsourced or not.

SOP Process Category

SOP Corrective and Preventive Action Core
SOP Document and Record Control Core
SOP Integrated Software Development Core
SOP Post-Market Surveillance Support
SOP Software Validation Support

4
 SOP Process Category
(. . . ) (. . . )

Template Copyright openregulatory.com. See template license.

Please don’t remove this notice even if you’ve modified contents of this template.