inventory_2

SOP Change Management

Use this SOP Change Management template to systematically document, evaluate, approve, and implement changes to released medical devices or quality management systems, ensuring ongoing regulatory compliance and product safety. Complete this template whenever you need to process product modifications, bug fixes, or organizational updates, especially when changes could impact risk management, technical documentation, or require notification to users and regulatory authorities. This process is essential for maintaining ISO 13485, EU MDR/IVDR, and FDA 21 CFR 820 compliance and should be initiated promptly upon identifying any necessary post-market changes.
Generate ->

SOP Change Management

ID: Lorem ipsum dolor sit amet

1. Purpose

This SOP describes the process of implementing changes to a released product.

2. Scope

The change management SOP covers changes to all products that have already been released.

3. Related Documents

  • SOP Design Control
  • SOP Software Development (if applicable)

4. General Information

Feedback is captured according to the SOP Feedback and Complaint Management and is classified according to the categories described in that SOP. Change evaluation and change management applies to already released products and not to those products still under development. An output from the change management process that results in implementation of a required change shall undergo the required quality management processes as outlined by SOP Design Control, SOP Software Development, or where relevant.

4.1 Notification of Users and Regulators

Approved change requests that affect released products shall inform users and regulators about the following, as required by local regulation:

  • Any problem in released products and the consequences of unchanged use; and
  • the nature of any available changes to released products and how to obtain and install the changes.

Changes to the approved device shall require approval from the notified body which issued the EU technical documentation assessment certificate where such changes could affect the safety and performance of the device or the conditions prescribed for use of the device, if applicable.

4.2 Effects on Risk Management

As part of the change management process, any changes should be evaluated for their impact on the risk management file. Changes that lead to new potential hazardous situations or additional product risk control measures should be accounted for in the risk management file. The potential for the changes in the product, including changes to any SOUP items, to interfere with existing risk control measures should be considered as well.

5. Classification of Changes

Changes initiated in the change request process outlined by this SOP can result in the two different types of changes and are defined as the following.

  • Change Requests: This represents a normalized process for requesting, evaluating, approving, and implementing modifications to an already released medical device or its associated quality management system (QMS). The nature of the change should introduce new functionality or change to the product as opposed to simply restoring the device back to its originally intended function. This does not include bug fixes.
  • Bug fixes: Bug fixes are a change management process only relevant for software products. Bug fixes do not introduce new features or removing existing features or constitute significant changes to the medical device. Instead, bug fixes restore the product to its original intended state.

6. Change Management

Change requests may arise from multiple sources, including feedback from post-market surveillance, customer complaints, design reviews, quality management updates, regulatory compliance adjustments, or other sources of feedback.

The Product, Quality, or Business team is responsible for initiating a formal Change Request. Each request must provide a description of the proposed change, list the affected products and versions, and indicate the anticipated impact on product, documentation, and regulatory compliance.

Once submitted, the change request undergoes evaluation to determine its significance and impact.

6.1 Evaluation of Change

A cross-functional review team, including representatives from Product, Quality, and Software teams (if applicable), assesses the submitted change request.

The first step in the evaluation process is to determine if the change qualifies as a bug fix or a modification requiring full change control:

Change Requests:

  • If the modification introduces new risks, impacts compliance, or alters product functionality, it is processed as a formal change request and undergoes a detailed assessment.

Bug Fixes:

  • These involve minor corrections that do not alter intended use, performance, or regulatory compliance.
  • If categorized as a bug fix, the request is logged in using the Bug Fix Report.

A decision is required as to on whether the change will be implemented and whether the Notified Body needs to be involved if the change is significant. These two decisions are documented in the change evaluation report.

6.2 Implementation of Product Changes

For approved product changes, implementation follows established development and quality control procedures as outlined in:

  • SOP Software Development (if applicable)
  • SOP Design Control
  • SOP Risk Management

Key implementation steps include but are not limited to:

  • Verification & Validation: Ensuring changes meet performance and safety requirements.
  • Technical Documentation Updates: Updating risk management files, product requirements, design files, and Lorem ipsum dolor sit amet if impacted.
  • Deployment Planning: Coordinating product releases and user notifications.

Once the change is fully implemented, a Change Evaluation Report is completed to confirm compliance.

6.3 Implementation of Organizational Changes

For organizational or quality management system (QMS) changes, updates are carried out in accordance with quality management procedures.

  • Documentation Updates: The relevant QMS procedures, records, and workflows are updated.
  • Approval & Training: The revised processes are reviewed, approved, and, if necessary, training is conducted for affected personnel.
  • Compliance Tracking: Any regulatory implications are assessed to ensure continued compliance with ISO 13485 and relevant standards.

Upon document approval and training, organizational changes are considered completed.

6.4 Reporting and Notification Requirements

Significant Changes:

  • Regulatory authorities (e.g., Notified Body) must be informed before implementation.
  • Users are notified of any modifications that may impact device use, performance or safety, as relevant.

Non-Significant Changes:
• No regulatory notification is required.
• Users can be informed of any changes affecting usability or workflow, if desired.

7. Regulatory References

  • ISO 13485:2016 Quality Management Systems for Medical Devices

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed non risus. Suspendisse lectus tortor, dignissim sit amet, adipiscing nec, ultricies sed, dolor.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Etiam sit amet convallis erat, a tincidunt dui. Integer non eros euismod, cursus nulla nec, facilisis velit.

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Pellentesque euismod, urna eu tincidunt consectetur, nisi nisl aliquam urna, eget sagittis urna velit nec urna.