As noted previously, ISO defines separate processes for CA and PA.

ISO 13485 CA Processes

ISO 13485 defines the requirements for CA as:

• Review – basically the same as the analysis action described in the FDA requirements. Understand the issue.
• Identification of causes – basically the same as the identification of root causes in the Investigation action described in the FDA requirements.
• Identify need for actions – basically the same as the actions to correct activity described in the FDA requirements with the focus here on making sure the problems don’t recur
• Determine actions – also basically the same as the actions to correct activity described in the FDA requirements with the focus here on ensuring ALL appropriate actions are taken.
• Record results – essentially the same as the ‘document everything’ point described in the FDA requirements
• Determine effectiveness – basically the same as the ‘verification of effectiveness’ point described in the FDA requirements

See, we said there was overlap!

ISO 13485 PA Processes

Let’s continue on with a review of the PA part of the process.  Remember, with PA, no nonconformity has been realized – so you can’t take any actions to correct nonconformities.

• Identify causes – same as identification of causes – find those root causes!
• Identify need for actions – same as identify need for actions in CA except that there won’t be any corrections to existing nonconformities
• Determine actions – same as CA
• Record results – same as CA
• Determine effectiveness – same as CA but you won’t have any nonconformities to compare results against; however, you will have to ensure that you didn’t introduce any regressions.

So you can see that the processes are very similar both between CA and PA and between ISO and FDA.