Perdix Software’s Audit Survival Guide

Perdix Software’s Audit Survival Guide

September 17, 2021 | Catherine McConnell

Spoiler Alert:

Röchling Medical Rochester went digital with MOLI, the information processing machine built for manufacturers. This update eliminated compliance errors that arose with physical paperwork, saved time during audits (which makes auditors happier – and therefore nicer), and allowed for documents to be easily stored without filing cabinets taking up half of the quality department’s floor space!

 

Audits!

What do you think of then you hear the word audit? If you’re a big Wolf of Wallstreet fan you may be thinking “oh sh*t,” but they aren’t always that dramatic. Really, it depends on the type of audit – for this piece, we’re focusing on manufacturing audits through the lens of a medical device manufacturer, though many of the takeaways can be applied across multiple industries. An external audit, especially an unexpected one, might spike your heart rate (though they don’t have to) – but internal audits are usually just a necessary, if somewhat tedious, part of any company’s operations.

 

What are audits all about?

“Audits are not the most pleasant thing we have to go through or do. However, they are a necessity that helps all of us, and drives improvement.”

We sat down with quality engineer Peter Bierre from Röchling Medical Rochester, an international medical device manufacturer, who put it superbly when he said “the first thing that comes to mind when I think of the word audit is continuous improvement.” That is what audits are really about. Bierre continued, “Audits are not the most pleasant thing we have to go through or do. However, they are a necessity that help all of us, and drive improvement.” You get there with lots of time and paperwork but the point is to make sure that your company is doing the best job of doing… well, whatever it is you’re auditing.

 

 

How do you go about performing an audit?

That documentation will vary depending, again, on what it is that you’re auditing, because audits vary widely. A company can audit a process, a product, or even a whole department. Auditing a process might look something like checking that the entire assembly process is up to your company’s standards, whether those are set by the company itself or a regulation. Auditing a product consists of following the material trail from start to finish as a specific part or product is produced. Auditing a department, on the other hand, is more about checking that the employees of that department are following the procedures they are supposed to be following.

While talking to Steven Smith, co-founder of Perdix Software, Bierre describes auditing departmental procedures saying, “think about this, you have done auditing of us and not even known it. When you came to us and you asked us ‘how do you do this process?’ essentially, that is a question an auditor would ask. Except, the only difference would be [that] they would actually have the procedure in one hand and then ask you, ‘how do you do this process?’ and then see if your answers match the paper.”

If all these parts, procedures, and departments sounds like a lot to audit and a lot to keep up with it’s because they are. That is why today some companies are changing the way they audit by instead auditing to the standards with which they comply. To do this, companies may audit across “multiple areas or multiple processes simultaneously” according to Bierre. This ensures that when performing internal audits companies are covering the whole standard as if they were being audited by external auditors.

“we’ve taken it from 64 audits to seven”

Bierre shared with us how auditing to the standards has changed and simplified Röchling Medical Rochester’s auditing process: “originally, before we switched to this, our audit system was by department and we were doing 64 audits a year because each area was being audited twice. It was brutal. We have probably a pool of sixteen auditors…. trying to perform 64 audits in one year, how effective do you think those audits would be? So, we’ve taken it from 64 audits to seven.” 

Wow.

Clearly, auditing to the standards can simplify the audit process and ease the strain on limited resources such as internal auditors themselves.

 

Sidebar: what are these standards everyone is talking about?

Missing some background? Check out our Introduction to ISO standards and other national compliance standards.

 

 

So, what do you even look for when you do an audit?

"We audit to prove that you comply, not that you don’t comply.”

The reason audits have this reputation of being “oh [insert expletive]” moments is because everyone seems to think that auditing is about auditors going through everything they can get their hands on with a fine-tooth comb to look for infractions. That is actually not the case. Bierre described the process saying, “The most important thing to look for is – and this is a saying that auditors often say to us – we don’t audit to find things. We audit to prove that you comply, not that you don’t comply. So, technically, I’d say the most important thing we look for is compliance. During an audit you’re bound to find some level of non-compliance.” The severity of that non-compliance depends on what it is.

In the medical manufacturing industry, Bierre explained, the severity of non-compliance is based on risk to the end-user, the patient. It is about protecting someone on the operating table (or wherever they interact with the product) and making sure the devices are safe and deliver on their promises.

On a scale of 1-3 with one being a small issue and three being a major infraction, anything that might compromise a company’s data, failing to record data during a specific time frame for instance, would be a three. Something small like a mistake in how changes to documents are noted would be a one as the data is okay but you are still not following the established procedure correctly.

 

How can I prevent non-compliance?

“So that’s why we went digital, because if you’re digital you don’t have any of that documentation error”

Though low severity issues like those with documentation don’t seem like a huge deal, they start to add up fast and, because they seem minor, are often overlooked. Bierre highlighted this when explaining how Röchling Medical Rochester addressed this concern in their own facilities: “so that’s why we went digital, because if you’re digital you don’t have any of that documentation error. We don’t eliminate [all] error but we eliminate the errors that we were getting, like not initialing and dating when they make a correction, we completely eliminated that.”

The future is digitalization, honestly the present is digitalization, it’s already here. At least for companies with the resources to implement it. But as technology improves it becomes more accessible and an increasing number of companies are able to implement digitalization into their operations.

 

What are the other benefits of digitalization?

"an angry auditor is not a nice auditor.”

Using digitalization to make data driven decisions is the big draw for digitalization but even simple digitization (wondering what the difference is? Check out our blog on digitalization) can have huge benefits. When asked what the biggest hurdle in the audit process is, Bierre says “time… that is literally the biggest hurdle.” He discussed how internal auditors often are not strictly dedicated to auditing but do it in addition to their other responsibilities so finding time for both is a challenge. 

He also discussed the time constraints for external auditors and the importance of having everything ready and available when an auditor asks for it. Shuffling through papers in a filing cabinet is a hassle that is completely unnecessary, and it eats up that limited time for both internal and external auditors.

Bierre emphasized the importance of time to external auditors saying digitization “took away that whole shuffle. That was a very common problem and it would annoy the auditors because it’s just eating time. Audits usually operate under a predetermined amount of time and they hate when you waste time. There’s a saying,” he chuckled, “an angry auditor is not a nice auditor.”

While digitization of records allows for ease of access, it also allows for ease of storage, very important for ensuring compliance, especially in the medical device manufacturing industry. Product records often need to be stored for long periods of time so that, in the event of something going wrong, products can be traced back through the value chain to see where the problem arose. “We have some customers that require 20 years. We have some customers that, as long as we use this part in the field, you’re required to maintain your records.” That can be a very long time to keep track of physical paperwork, so I hope you have a good filing system. Bierre added, “[that] is another great thing that digitalization has helped us with, it helped us get better use of the space.”

Bierre described how document storage worked before digitalization talking about the quality office: “originally half the quality office was filled with nothing but filing cabinets…. filing cabinets back-to-back…. then, on top of the filing cabinets we had boxes.” Digitalizing with MOLI has freed up all that space to be used for employee desks.

 




Catherine McConnell
Catherine McConnell
Marketing Intern