Confused by UDIs? Check out our step-by-step video course and watch us purchase real UDIs

Templates ISO 13485 Templates

May 11, 2021

Template: SOP Internal Audit

Sven Piechottka

Template Download

This is a free template, provided by OpenRegulatory.

You can download it as Word (.docx), PDF, Google Docs or Markdown file. Scroll down for a preview!

The template license applies (don't remove the copyright at the bottom).

Download as Word File


Download as PDF


Copy-paste to Google Docs


Download as Markdown


Tired of copy-pasting? If you want to save time and edit these templates directly, you can use Formwork, our eQMS software. And if you're looking for step-by-step instructions for filling them out, check out our Wizard :)

Don't Miss Updates to This Template

Subscribe to our newsletter and we'll keep you posted on which templates we've changed.

Questions? Still Lost in Regulation?

Good news! Our goal is to provide lots of stuff for free, but we also offer consulting if you need a more hands-on approach. We get stuff done really fast. Have a look!

Related Records

The following templates are records of this template. That means that this document mentions them somewhere and you need to fill them out to actually implement whatever this document proposes.

Template preview
Regulatory Requirement Document Section
ISO 13485:2016 Section 8.2.4 All


This SOP describes how internal auditing is performed for the purpose of reviewing compliance with regulatory requirements. It can be used for both internal and supplier audits.

Process Owner <enter role of process owner>
Key Performance Indicators <enter KPIs to be tracked for the Management Review>

1. General Considerations

1.1 Auditor Qualification

Auditors that conduct audits must be sufficiently qualified by having attended external auditor training and by having participated in audits before.

1.2 Audit Guidelines

Auditors must adhere to the following guiding principles:

1.3 Audit Findings

The following categories of audit findings are defined for the organization:

Major Nonconformities (MNC+):

Major nonconformities are systematic deviations from regulatory requirements that indicate disabilities of the organization’s QMS to deliver intended outputs. For instance, major nonconformities would entail the lack of a process, repeated minor nonconformity regarding the same process or QMS segment and failure to eliminate the cause of that nonconformity.

Minor Nonconformities (MNC-):

Minor nonconformities do not indicate systematic malfunctioning of an entire process or the entire QMS. The general ability to ensure controlled, conforming processes and products is upheld nevertheless. Examples are single, isolated events like a mislabeled document or a missing review documentation.

Recommendations (REC):

Recommendations entail auditor advice for improved QMS effectiveness or efficacy.

2. Process Steps

2.1 Compilation or Revision of Audit Program

Audits are based on the organization’s QMS processes. The QMO is responsible to maintain a perennial audit program that ensures:

  1. That core processes (as defined in the quality manual) are audited at least annually,
  2. That processes presenting higher compliance risks based on previous audit findings, CAPAs or changes to the QMS system are audited more frequently.
Participants QMO
Input Previous findings, CAPAs, QMS changes
Output (Updated) audit program

2.2 Conducting Audits

Audits are planned separately by respective auditors, coordination is supported by the QMO. Once a scheduled audit date approaches, the QMO informs relevant members of the organization to ensure their availability for potential auditor questions during the audit. QMO and auditor together compile an audit plan that specifies the audit scope, objectives and participants.

Audit objectives may entail: review of compliance of processes with regulatory requirements, review of compliance with processes, review of the effective implementation of corrective and preventive action (CAPA).

Audits are conducted by inspecting appropriate process records and by interviewing members of the organization. The auditor documents collected evidence, observations and findings as part of an audit report.

Participants Auditor, QMO
Input Audit program Quality Management System, incl. records
Output Audit plan (before the audit) Audit report (after the audit)

2.3 Audit Follow-Up

For all major nonconformities resulting from audit findings, a separate CAPA is initiated. The QMO reports audit findings to the Management as part of the next Management Review.

Participants QMO
Input Audit report
Output CAPA documentation

Template Copyright See template license.

Please don’t remove this notice even if you’ve modified contents of this template.

Digital Health Jobs No Cookie For You Privacy Policy Imprint
No QMS on this planet will save you from creating crappy software.