Higher Test Marks with Free Online ISO-QMS-13485 Exam Practice

A medical device company is undergoing an ISO 13485:2016 audit. The company uses a contract manufacturer to produce a critical component of their Class II medical device. The Lead Auditor reviews the medical device company's records pertaining to the oversight of the contract manufacturer. While the records show regular communication, agreed-upon specifications, and documented inspections of incoming components, the Lead Auditor discovers that the medical device company is performing no periodic on-site audits of the contract manufacturer's facility. The company claims that these audits are not required if the component meets all the specifications and regulatory requirements. What should be the Lead Auditor’s MOST appropriate next action?

During an ISO 13485:2016 audit, the Lead Auditor is reviewing the Supplier Quality Agreement between the medical device company and a contract manufacturer of a critical component. The Supplier Quality Agreement details the product specifications, quality requirements, and acceptance criteria. The Lead Auditor confirms there is evidence of recent performance data trending showing sustained compliance. However, the Lead Auditor discovers that the Supplier Quality Agreement does not define how the contract manufacturer must manage changes to its own suppliers, including sub-tier supplier changes. As a Lead Auditor, what is the MOST appropriate determination regarding the company's approach?

A medical device company is undergoing an ISO 13485:2016 audit. The company has a well-defined process for handling customer complaints, including documentation, investigation, and corrective actions. The Lead Auditor discovers that the company is using an older version of a Customer Relationship Management (CRM) software to manage customer complaint records, where the software vendor no longer provides any security patches or updates. The company has a documented procedure for backing up the data stored within the CRM. What is the MOST appropriate response for the Lead Auditor?

A medical device company is undergoing an ISO 13485:2016 audit. The company utilizes a software program to manage supplier qualifications and track supplier performance. The software is commercially available and is not specifically designed for medical device manufacturing. The company claims that the software is 'intuitive' and easy to use, and that all personnel received verbal instructions on its use. The Lead Auditor discovers that there are no documented training records or competency assessments for personnel using the software. What is the MOST appropriate action for the Lead Auditor?

During an ISO 13485:2016 surveillance audit, a Lead Auditor reviews the management review process of a medical device company. The company conducts management reviews quarterly, as required. However, the Lead Auditor notices that the documented outputs of these reviews consistently lack specific action items with assigned responsibilities and deadlines for addressing identified issues. Which of the following is the MOST significant concern regarding this situation?