DiscordSign up
SKILLS.SH

quality-manager-qms-iso13485

ISO 13485 Quality Management System implementation and maintenance for medical device organizations. Provides QMS design, documentation control, internal…

INSTALLATION
npx skills add https://github.com/alirezarezvani/claude-skills --skill quality-manager-qms-iso13485
Run in your project or agent environment. Adjust flags if your CLI version differs.

SKILL.md

$28

QMS Implementation Workflow

Implement ISO 13485:2016 compliant quality management system from gap analysis through certification.

Workflow: Initial QMS Implementation

  • Conduct gap analysis against ISO 13485:2016 requirements
  • Document current state vs. required state for each clause
  • Prioritize gaps by:
  • Regulatory criticality
  • Risk to product safety
  • Resource requirements
  • Develop implementation roadmap with milestones
  • Establish Quality Manual per Clause 4.2.2:
  • QMS scope with justified exclusions
  • Process interactions
  • Procedure references
  • Create required documented procedures — see [Mandatory Documented Procedures](#quick-reference-mandatory-documented-procedures) for the full list
  • Deploy processes with training
  • Validation: Gap analysis complete; Quality Manual approved; all required procedures documented and trained

Use the Gap Analysis Matrix template in qms-process-templates.md to document clause-by-clause current state, gaps, priority, and actions.

QMS Structure

Level

Document Type

Example

1

Quality Manual

QM-001

2

Procedures

SOP-02-001

3

Work Instructions

WI-06-012

4

Records

Training records

Document Control Workflow

Establish and maintain document control per ISO 13485 Clause 4.2.3.

Workflow: Document Creation and Approval

  • Identify need for new document or revision
  • Assign document number per numbering convention:
  • Format: [TYPE]-[AREA]-[SEQUENCE]-[REV]
  • Example: SOP-02-001-01
  • Draft document using approved template
  • Route for review to subject matter experts
  • Collect and address review comments
  • Obtain required approvals based on document type
  • Update Document Master List
  • Validation: Document numbered correctly; all reviewers signed; Master List updated

Document Numbering Convention

Prefix

Document Type

Approval Authority

QM

Quality Manual

Management Rep + CEO

POL

Policy

Department Head + QA

SOP

Procedure

Process Owner + QA

WI

Work Instruction

Supervisor + QA

TF

Template/Form

Process Owner

SPEC

Specification

Engineering + QA

Area Codes

Code

Area

Examples

01

Quality Management

Quality Manual, policy

02

Document Control

This procedure

03

Training

Competency procedures

04

Design

Design control

05

Purchasing

Supplier management

06

Production

Manufacturing

07

Quality Control

Inspection, testing

08

CAPA

Corrective actions

Document Change Control

Change Type

Approval Level

Examples

Administrative

Document Control

Typos, formatting

Minor

Process Owner + QA

Clarifications

Major

Full review cycle

Process changes

Emergency

Expedited + retrospective

Safety issues

Document Review Schedule

Document Type

Review Period

Trigger for Unscheduled Review

Quality Manual

Annual

Organizational change

Procedures

Annual

Audit finding, regulation change

Work Instructions

2 years

Process change

Forms

2 years

User feedback

Internal Audit Workflow

Plan and execute internal audits per ISO 13485 Clause 8.2.4.

Workflow: Annual Audit Program

  • Identify processes and areas requiring audit coverage
  • Assess risk factors for audit frequency:
  • Previous audit findings
  • Regulatory changes
  • Process changes
  • Complaint trends
  • Assign qualified auditors (independent of area audited)
  • Develop annual audit schedule
  • Obtain management approval
  • Communicate schedule to process owners
  • Track completion and reschedule as needed
  • Validation: All processes covered; auditors qualified and independent; schedule approved

Use the Audit Program Template in qms-process-templates.md to schedule audits by clause and quarter across processes such as Document Control (4.2.3/4.2.4), Management Review (5.6), Design Control (7.3), Production (7.5), and CAPA (8.5.2/8.5.3).

Workflow: Individual Audit Execution

  • Prepare audit plan with scope, criteria, and schedule
  • Notify auditee minimum 1 week prior
  • Review procedures and previous audit results
  • Prepare audit checklist
  • Conduct opening meeting
  • Collect evidence through:
  • Document review
  • Record sampling
  • Process observation
  • Personnel interviews
  • Classify findings:
  • Major NC: Absence or breakdown of system
  • Minor NC: Single lapse or deviation
  • Observation: Risk of future NC
  • Conduct closing meeting
  • Issue audit report within 5 business days
  • Validation: All checklist items addressed; findings supported by evidence; report distributed

Auditor Qualification Requirements

Criterion

Requirement

Training

ISO 13485 awareness + auditor training

Experience

Minimum 1 audit as observer

Independence

Not auditing own work area

Competence

Understanding of audited process

Finding Classification Guide

Classification

Criteria

Response Time

Major NC

System absence, total breakdown, regulatory violation

30 days for CAPA

Minor NC

Single instance, partial compliance

60 days for CAPA

Observation

Potential risk, improvement opportunity

Track in next audit

Process Validation Workflow

Validate special processes per ISO 13485 Clause 7.5.6.

Workflow: Process Validation Protocol

  • Identify processes requiring validation:
  • Output cannot be verified by inspection
  • Deficiencies appear only in use
  • Sterilization, welding, sealing, software
  • Form validation team with subject matter experts
  • Write validation protocol including:
  • Process description and parameters
  • Equipment and materials
  • Acceptance criteria
  • Statistical approach
  • Execute IQ: verify equipment installed correctly and document specifications
  • Execute OQ: test parameter ranges and verify process control
  • Execute PQ: run production conditions and verify output meets requirements
  • Write validation report with conclusions
  • Validation: IQ/OQ/PQ complete; acceptance criteria met; validation report approved

Validation Documentation Requirements

Phase

Content

Evidence

Protocol

Objectives, methods, criteria

Approved protocol

IQ

Equipment verification

Installation records

OQ

Parameter verification

Test results

PQ

Performance verification

Production data

Report

Summary, conclusions

Approval signatures

Revalidation Triggers

Trigger

Action Required

Equipment change

Assess impact, revalidate affected phases

Parameter change

OQ and PQ minimum

Material change

Assess impact, PQ minimum

Process failure

Full revalidation

Periodic

Per validation schedule (typically 3 years)

Special Process Examples

Process

Validation Standard

Critical Parameters

EO Sterilization

ISO 11135

Temperature, humidity, EO concentration, time

Steam Sterilization

ISO 17665

Temperature, pressure, time

Radiation Sterilization

ISO 11137

Dose, dose uniformity

Sealing

Internal

Temperature, pressure, dwell time

Welding

ISO 11607

Heat, pressure, speed

Supplier Qualification Workflow

Evaluate and approve suppliers per ISO 13485 Clause 7.4.

Workflow: New Supplier Qualification

  • Identify supplier category:
  • Category A: Critical (affects safety/performance)
  • Category B: Major (affects quality)
  • Category C: Minor (indirect impact)
  • Request supplier information:
  • Quality certifications
  • Product specifications
  • Quality history
  • Evaluate supplier based on:
  • Quality system (ISO certification)
  • Technical capability
  • Quality history
  • Financial stability
  • For Category A suppliers:
  • Conduct on-site audit
  • Require quality agreement
  • Calculate qualification score
  • Make approval decision:

-

80: Approved

  • 60-80: Conditional approval
  • <60: Not approved
  • Add to Approved Supplier List
  • Validation: Evaluation criteria scored; qualification records complete; supplier categorized

Supplier Evaluation Criteria

Criterion

Weight

Scoring

Quality System

30%

ISO 13485=30, ISO 9001=20, Documented=10, None=0

Quality History

25%

Reject rate: <1%=25, 1-3%=15, >3%=0

Delivery

20%

On-time: >95%=20, 90-95%=10, <90%=0

Technical Capability

15%

Exceeds=15, Meets=10, Marginal=5

Financial Stability

10%

Strong=10, Adequate=5, Questionable=0

Supplier Category Requirements

Category

Qualification

Monitoring

Agreement

A - Critical

On-site audit

Annual review

Quality agreement

B - Major

Questionnaire

Semi-annual review

Quality requirements

C - Minor

Assessment

Issue-based

Standard terms

Supplier Performance Metrics

Metric

Target

Calculation

Accept Rate

>98%

(Accepted lots / Total lots) × 100

On-Time Delivery

>95%

(On-time / Total orders) × 100

Response Time

<5 days

Average days to resolve issues

Documentation

100%

(Complete CoCs / Required CoCs) × 100

QMS Process Reference

For detailed requirements and audit questions for each ISO 13485:2016 clause, see iso13485-clause-requirements.md.

Management Review Required Inputs (Clause 5.6.2)

Input

Source

Prepared By

Audit results

Internal and external audits

QA Manager

Customer feedback

Complaints, surveys

Customer Quality

Process performance

Process metrics

Process Owners

Product conformity

Inspection data, NCs

QC Manager

CAPA status

CAPA system

CAPA Officer

Previous actions

Prior review records

QMR

Changes affecting QMS

Regulatory, organizational

RA Manager

Recommendations

All sources

All Managers

Record Retention Requirements

Record Type

Minimum Retention

Regulatory Basis

Device Master Record

Life of device + 2 years

21 CFR 820.181

Device History Record

Life of device + 2 years

21 CFR 820.184

Design History File

Life of device + 2 years

21 CFR 820.30

Complaint Records

Life of device + 2 years

21 CFR 820.198

Training Records

Employment + 3 years

Best practice

Audit Records

7 years

Best practice

CAPA Records

7 years

Best practice

Calibration Records

Equipment life + 2 years

Best practice

Decision Frameworks

Exclusion Justification (Clause 4.2.2)

Clause

Permissible Exclusion

Justification Required

6.4.2

Contamination control

Product not affected by contamination

7.3

Design and development

Organization does not design products

7.5.2

Product cleanliness

No cleanliness requirements

7.5.3

Installation

No installation activities

7.5.4

Servicing

No servicing activities

7.5.5

Sterile products

No sterile products

Nonconformity Disposition Decision Tree

Nonconforming Product Identified

            │

            ▼

    Can it be reworked?

            │

       Yes──┴──No

        │       │

        ▼       ▼

    Is rework     Can it be used

    procedure     as is?

    available?        │

        │        Yes──┴──No

    Yes─┴─No     │       │

     │    │     ▼       ▼

     ▼    ▼  Concession  Scrap or

  Rework  Create    approval    return to

  per SOP  rework    needed?    supplier

          procedure     │

                    Yes─┴─No

                     │    │

                     ▼    ▼

                 Customer  Use as is

                 approval  with MRB

                          approval

CAPA Initiation Criteria

Source

Automatic CAPA

Evaluate for CAPA

Customer complaint

Safety-related

All others

External audit

Major NC

Minor NC

Internal audit

Major NC

Repeat minor NC

Product NC

Field failure

Trend exceeds threshold

Process deviation

Safety impact

Repeated deviations

Tools and References

Scripts

Tool

Purpose

Usage

qms_audit_checklist.py

Generate audit checklists by clause or process

python qms_audit_checklist.py --help

Audit Checklist Generator Features:

  • Generate clause-specific checklists (e.g., --clause 7.3)
  • Generate process-based checklists (e.g., --process design-control)
  • Full system audit checklist (--audit-type system)
  • Text or JSON output formats
  • Interactive mode for guided selection

References

Document

Content

iso13485-clause-requirements.md

Detailed requirements for each ISO 13485:2016 clause with audit questions

qms-process-templates.md

Ready-to-use templates for gap analysis, audit program, document control, CAPA, supplier, training

Quick Reference: Mandatory Documented Procedures

Procedure

Clause

Key Elements

Document Control

4.2.3

Approval, distribution, obsolete control

Record Control

4.2.4

Identification, retention, disposal

Internal Audit

8.2.4

Program, auditor qualification, reporting

NC Product Control

8.3

Identification, segregation, disposition

Corrective Action

8.5.2

Root cause, implementation, verification

Preventive Action

8.5.3

Risk identification, implementation

Related Skills

Skill

Integration Point

quality-manager-qmr

Management review, quality policy

capa-officer

CAPA system management

qms-audit-expert

Advanced audit techniques

quality-documentation-manager

DHF, DMR, DHR management

risk-management-specialist

ISO 14971 integration

BrowserAct

Let your agent run on any real-world website

Bypass CAPTCHA & anti-bot for free. Start local, scale to cloud.

Explore BrowserAct Skills →

Related skills

azure-compliance
3/3

Azure compliance scanning, Key Vault expiration auditing, and resource configuration validation. Runs azqr (Azure Quick Review) for comprehensive compliance assessment against best practices across subscriptions and resource groups Monitors Key Vault keys, secrets, and certificates for expiration dates and identifies items without expiration policies Detects orphaned, misconfigured, and non-compliant resources using Resource Graph queries Classifies findings by priority (Critical, High, Medium, Low) with remediation guidance for each issue

Verified authormicrosoft
SKILLS.SH
293K1.1K
2026-05-22
openclaw-secure-linux-cloud
1/3

Use when self-hosting OpenClaw on a cloud server, hardening a remote OpenClaw gateway, choosing between SSH tunneling, Tailscale, or reverse-proxy exposure, or…

xixu-me
SKILLS.SH
150K53
2026-05-22
entra-agent-id
3/3

Provision Microsoft Entra Agent Identity Blueprints, BlueprintPrincipals, and per-instance Agent Identities via Microsoft Graph, and configure OAuth 2.0 token…

Verified authormicrosoft
SKILLS.SH
59.1K1.1K
2026-05-21
firebase-security-rules-auditor
3/3

A skill to evaluate how secure Firestore security rules are. Use this when Firestore security rules are updated to ensure that the generated rules are…

firebase
SKILLS.SH
23.5K292
2026-05-21

Stop writing automation&scrapers

Install the CLI. Run your first Skill in 30 seconds. Scale when you're ready.

Start free
free · no credit card