Forced Into ISO 13485 Certification? – It Is Not Difficult And It Really Will Help Your Organization
Health Canada requires medical device manufacturers to use a quality system certificate as evidence of compliance to the appropriate regulatory quality system requirement. Health Canada will only accept quality system certificates that have been issued by special third-party auditing organizations called Canadian Medical Devices Conformity Assessment System (CMDCAS) recognized registrars.
But for those whose marketing plans do not take them into areas that require ISO 13485 certification, or customers who provide similar requirements, there are still many considerations for going ahead with the program.
Is ISO Certification Worth It? How Can You Achieve It?
As with any business decision, the return on investment must justify the expense. However, there is a growing body of solid business evidence that ISO certification does far exceed most investments. A recent Harvard Business School study which examined similar companies (market-industry, etc.) indicates that ISO certification appears to increase value after certification over those who had not been certified, specially citing:
- Higher sales and growth rates after certification
- Earnings outpaced non-certified comparison groups
- More benefits for smaller firms than larger
- Lower injury and death rates than their non-certified peers
How You Should Comply With An ISO Certification Request
While there are costs associated with ISO 13485 certification, many companies may not realize how much savings can occur by:
- Doing part or all of the work themselves, versus hiring outside consultants
- Seeking reimbursement from various government resources
- Shopping diligently and negotiating better pricing from those outsourced processes (training, auditing, registrars, etc.) functions that are required
There are typically three options for an organization seeking registration:
- Create everything (documentation, training materials, etc.) on your own by reading and interpreting the standard. (Of course you know your business better than anyone, and you are in the best position to document your processes. But do you have the time to create hundreds of pages of documentation plus training?)
- Use documentation templates and training programs (like ours) to train your organization. You still do it yourself, but you don’t do it alone. (For a very small investment, you can train your people and create a solid QMS very efficiently – saving you weeks and weeks of time and frustration.)
- Hire an ISO consultant to complete the entire process with you. If you are short on people and have the funds, this may be the most effective option. However, this is the most expensive option ($5,000-$50,000) as they would typically create (and charge you for) many of the documents included in a package. You will end up paying for the transfer of knowledge to the consultant so he/she may put together the Quality Management System (QMS).
Quick Lessons That Will Make Your Registration Process Easier
As that Harvard Business study documents, ISO certification usually pays off and is well worth your time. But don’t do it without sincere commitments from management to support it. It won’t work and you will be wasting everyone’s time. Here are some high priority actions to take when implementing ISO 13485:
- Get the right team together and motivate them. Making quality a priority and turning your quality team into heroes, not impediments, makes the process easier for you and everyone else.
- You do not own the quality process, it’s for everyone. In fact, there is no way any type of quality effort will succeed if anyone feels it is someone else’s job. Force doesn’t work that well either, but a thorough education and understanding does, and that is your job: To educate, inspire and aid others in producing quality products and services.
- Train, train, train. Letting people know what’s in it for them helps. If there are additional certifications that people can gain to help them be more valuable in their career, then promote that. Don’t be afraid to ask for specific skill improvements like SPC, FMEA, Root Cause Analysis. And don’t forget the standards themselves. Make sure you not only have one, but provide the text and explanations to everyone in language that can be understood and acted upon.
- Do not use the excuse that certification requires extra effort. Many times people may say that standards require specific extra effort that isn’t justified. Before you accept this, ask them where in the standard this requirement is. Often it is a matter of interpretation as to the level or type of action needed to comply. And there are always less expensive choices.
In the end, ISO 9000 should be a plus. Being truthful about the process and the attitudes taken along the way can keep it from becoming a burden and make it the asset that so many other companies have found it to be.
Bottom-Line Justification For Getting ISO Certified
Of course, putting other reasons to gain certification into the return on investment evaluation may make more sense, and provide a higher level of buy in and execution from the organization. (It will also prevent problems downstream when the inevitable customer quality audit comes around). In that case it may be possible to Here are just some of the reasons you may wish to gain certification – other than just to retain/acquire business:
- ISO 13485 certification is a risk management tool for the overall business. Those businesses that engage in a quality management system, particularly one that encompasses all operations as ISO does (particularly if you add in the ISO 9004 Series, which adds in all those who might affect the business including investors, customers, suppliers, etc.), tend to do better in responding to changing conditions. Also, they work within a more defined scope and tend to avoid situations that may degrade their overall profitability. ISO 13485 is one of the few standards that specify risk management procedures, making it a comprehensive risk management process that governs the entire business. (ISO 14971 is a specific standard that outlines the risk management process that is referred to by ISO 13485.)
- ISO 13485 certification is an engine of growth. Because if opens the doors to a wider spectrum of business relationships (up and down the production and distribution chain), it can open new opportunities in areas that may not be possible otherwise. In effect, this is the flip side of being forced, since knowledge of a company having an ISO certification can be a marketing aide, as customers search for ISO qualified firms with which to do business. (Yes, it happens, they call you!)
- ISO 13485 certification helps keep business longer. Companies that require ISO certification as a mandate for doing business, also are typically willing to invest more and do more to maintain the relationship. It is a cost of doing business for them as well since they must audit the process, so they do not want to have to change unless conditions require it. In the end, ISO certification increases customer loyalty and lowers production costs. Unplanned or unwanted product deviations cost everyone time and money.
The bottom line, from a customer’s standpoint, is that the higher the quality level that can be consistently produced, the more they repeat their purchases. People (or companies) don’t change purchasing habits without motivation. If pricing, availability, attributes (size, color, etc.) are still available, keeping consistent production means keeping a consistent purchasing base.