Incoming Inspection from Suppliers

In the previous article, we examined nonconforming product control.

Not limited to medical devices, the three fundamental principles of manufacturing are: “Do not let defects in, do not let them flow through, and do not let them out.”

In this article, we will examine incoming inspection (receiving inspection) of components and materials from suppliers.

Inspection in medical device manufacturing is classified into three stages: incoming inspection (receiving inspection), in-process inspection (intermediate inspection), and final inspection.

Importance and Challenges of Incoming Inspection

In my experience, many companies omit receiving inspection (incoming inspection from suppliers) and instead remove defective components when defects are discovered during in-process operations.

However, this approach makes it impossible to determine whether the purchased component was originally defective or was damaged during the assembly process. It also results in additional time and effort for rework. Furthermore, appropriate feedback to suppliers cannot be provided, potentially hindering quality improvement across the entire supply chain.

While completely eliminating receiving inspection is problematic, incoming inspection itself consumes time and resources. Particularly for high-volume purchased components, inspecting every unit is economically and practically difficult.

Therefore, it is desirable to implement receiving inspection at an appropriate level based on a risk-based approach.

Incoming Inspection in Regulatory Requirements

ISO 13485:2016 Section 7.4.3 requires that verification of purchased products be implemented with inspection activities proportional to the results of supplier evaluation and the risks associated with the purchased products. Additionally, FDA 21 CFR 820.80(b) stipulates that incoming product shall be inspected, tested, or otherwise verified as conforming to specified requirements, and acceptance or rejection shall be documented.

These regulatory requirements demonstrate that incoming inspection should be strategically implemented as part of the risk management process, not merely as a formalistic activity.

When 100% Inspection is Required

First, 100% inspection must be performed for critical safety components (e.g., laser light sources, lenses, implantable device components) and labels/labeling.

Critical safety components are those whose quality abnormalities lead to overall product quality issues and directly affect the safety of patients and users. From the perspective of risk management according to ISO 14971, when failures or defects in these components could lead to serious harm, 100% inspection is justified.

Additionally, labels and labeling (instructions for use, package inserts, etc.) require 100% inspection, even if only visual inspection is performed. The FDA requires “label and labeling integrity.” If there are problems with label or labeling content, or if they are unreadable, this directly impacts safety as it can lead to misunderstanding of usage methods or contraindications. The accuracy of labeling is also positioned as an important requirement under EU MDR/IVDR.

Utilizing Statistical Sampling Inspection

On the other hand, there are items where 100% inspection is not necessarily required, but sampling inspection is preferable.

In the medical device industry, AQL (Acceptable Quality Limit) sampling inspection based on ISO 2859-1 (formerly MIL-STD-105E) is widely adopted. AQL is an index that defines the maximum defect rate that is statistically considered acceptable and is used to determine sample size and acceptance criteria in lot-by-lot inspection.

ISO 2859-1 specifies three types of inspection levels: normal inspection, tightened inspection, and reduced inspection, and recommends dynamic switching based on supplier quality performance and product risk.

Selecting AQL Inspection Levels

For medical devices, it is common to set different AQL values according to defect severity:

• Critical defects: Typically AQL 0-0.65% is applied. Defects that directly affect patient safety
• Major defects: Typically AQL 1.0-2.5% is applied. Defects that significantly affect device functionality
• Minor defects: Typically AQL 2.5-4.0% is applied. Cosmetic issues that do not affect functionality

Inspection levels are selected from general inspection levels (GI, GII, GIII) and special inspection levels (S1-S4) as defined in ISO 2859-1. General Inspection Level II is most widely used, but Level III is selected when more stringent inspection is required.

The 3H Approach

“3H” stands for the first letters of three Japanese words: “Hajimete” (First time), “Henkō” (Change), and “Hisashiburi” (After a long time). This is a practical framework for identifying situations where quality risk is elevated.

For new suppliers, it is recommended to use “Tightened Inspection” as the AQL inspection level, since the supplier’s quality control capability has not been proven. ISO 13485 Section 7.4.1 requires clear definition of evaluation criteria for new suppliers.

Similarly, for components immediately after changes (design changes, manufacturing process changes, raw material changes, etc.) or for suppliers with whom there has been a trading relationship but from whom nothing has been purchased for a long time, it is appropriate to use “Tightened Inspection” as the AQL inspection level. ISO 13485 requires change notification to the manufacturer and impact assessment of such changes when suppliers make changes to products (Section 7.4.3).

Tightened inspection requires either larger sample sizes or more stringent acceptance criteria compared to normal inspection. This increases the probability of early detection of quality problems.

Dynamic Change of Inspection Levels

It is also important to dynamically change the AQL inspection level to “Reduced Inspection” or “Tightened Inspection” based on historical yield data (defect rates, supplier performance indicators, etc.).

ISO 2859-1 establishes clear switching rules for changing inspection levels based on the inspection results of consecutive lots. For example, if five consecutive lots pass during normal inspection and the total number of defects is below a specified value, switching to reduced inspection can be considered. Conversely, if a rejected lot occurs during reduced inspection, one must immediately return to normal inspection.

If a supplier’s performance is consistently good, there is reduced need to conduct receiving inspection using your own time, effort, and cost. In such cases, consideration should be given to changing the AQL inspection level to “Reduced Inspection.” However, the transition to reduced inspection must be carefully judged based on sufficient historical data.

Additionally, for low-risk components (screws, standard fasteners, etc.) or when supplier performance is extremely high and the supplier holds ISO 13485 certification, “skip-lot inspection” or “verification of supplier Certificate of Conformance (CoC) only” may be considered, provided that appropriate supplier management processes (regular audits, quality agreements, Certificate of Conformance, etc.) are established.

However, even when skipping inspection, it is recommended to conduct periodic sampling verification to confirm that supplier quality is being maintained.

Records and Documentation in Incoming Inspection

ISO 13485 and FDA 21 CFR 820.80(b) require appropriate documentation of incoming inspection results. Records should include the following information:

• Date and time of receipt, lot number or batch number
• Supplier information and product identification information
• Applied inspection criteria and sampling plan
• Inspection results (acceptance/rejection decision)
• Identification of inspector and approver
• Disposition in case of rejection (return, quarantine, use restriction, etc.)

These records serve as an important data source for ensuring traceability and for continuous evaluation of supplier performance.

Conclusion

It is desirable to inspect received components and materials at an appropriate level according to risk and supplier capability.

By appropriately combining various verification methods such as 100% inspection, statistical sampling inspection, and receipt of supplier certificates of conformance based on product risk and supplier reliability, an efficient incoming inspection process can be established while ensuring quality.

An incoming inspection process compliant with ISO 13485 and FDA QSR is essential for realizing the manufacturing principle of “Do not let defects in,” and is an important quality control activity that ultimately contributes to ensuring patient safety.