Introduction
Competence management represents a critical foundation of quality management systems in regulated industries, particularly in pharmaceutical and medical device manufacturing. Both the U.S. Food and Drug Administration (FDA) and international standards organizations emphasize that personnel competence directly impacts product quality, patient safety, and regulatory compliance. This comprehensive guide explores the regulatory requirements, practical implementation strategies, and best practices for establishing effective competence management systems.
Regulatory Framework
FDA Requirements
The FDA mandates competence management for personnel engaged in processes affecting product quality. Under 21 CFR Part 820.25(b) (Personnel), medical device manufacturers must:
“Establish and maintain procedures for identifying training needs and ensure that all personnel are trained to adequately perform their assigned responsibilities. As part of their training, personnel shall be made aware of device defects which may occur from the improper performance of their specific jobs.”
Specifically, 21 CFR 820.25(a) states:
“Each manufacturer shall have sufficient personnel with the necessary education, background, training, and experience to assure that all activities required by this part are correctly performed.”
Important Update: FDA QMSR (Quality Management System Regulation)
On February 2, 2024, the FDA issued a final rule amending 21 CFR Part 820, which will become effective on February 2, 2026. The new Quality Management System Regulation (QMSR) incorporates by reference ISO 13485:2016, harmonizing U.S. requirements with international standards. This represents a historic shift in FDA’s approach to quality management, aligning with global regulatory expectations while maintaining FDA-specific requirements in areas such as labeling and packaging controls.
Key implications of QMSR:
- ISO 13485:2016 becomes the foundation of U.S. device quality management requirements
- Manufacturers must comply with both ISO 13485:2016 and additional FDA-specific requirements outlined in the QMSR
- ISO 13485 certification alone will not exempt manufacturers from FDA inspections
- Management reviews, internal audits, and supplier audit records will no longer be exempt from FDA inspection
- The transition period extends until February 2, 2026, after which FDA will cease QSR inspections and transition to QMSR-based inspection methodology
ISO 13485:2016 Requirements
ISO 13485:2016, Clause 6.2 (Human Resources) establishes comprehensive requirements for competence management:
“Personnel performing work affecting product quality shall be competent on the basis of appropriate education, training, skills and experience.”
The standard requires organizations to:
a) Determine the necessary competence for personnel performing work affecting product quality b) Provide training or take other actions to achieve or maintain the necessary competence c) Evaluate the effectiveness of the actions taken d) Ensure that its personnel are aware of the relevance and importance of their activities and how they contribute to the achievement of the quality objectives e) Maintain appropriate records of education, training, skills and experience
Note: The methodology used to check effectiveness is proportionate to the risk associated with the work for which the training or other action is being provided.
ISO 9001:2015 and ISO 9000:2015 Definitions
ISO 9001:2015, Clause 7.2 (Competence) requires organizations to determine, provide, and maintain the necessary competence of persons doing work under its control.
ISO 9000:2015 provides the foundational definition:
3.10.4 Competence
“Ability to apply knowledge and skills to achieve intended results”
Note 1: Demonstrated competence is sometimes referred to as qualification.
This definition emphasizes that competence encompasses not merely theoretical knowledge, but the demonstrated ability to apply both knowledge and skills in practice to achieve the desired outcomes. This distinction is crucial: an individual may possess extensive knowledge without having developed the skills to apply it effectively, or conversely, may have developed procedural skills without fully understanding the underlying principles.
Understanding Competence vs. Training
The Knowledge-Skills-Competence Continuum
Many organizations mistakenly equate training completion with competence achievement. However, competence represents a higher level of capability:
Knowledge: Information, theories, and concepts understood by an individual
Skills: The ability to perform specific tasks or activities
Competence: The demonstrated ability to consistently apply knowledge and skills to achieve intended results in real-world situations
This progression means that while training can impart knowledge and begin skill development, true competence requires practical application, experience, and verification of performance.
Training Alone Is Insufficient
In many companies, group training sessions are well-regulated and documented. However, on-the-job training (OJT), mentoring, and work-shadowing activities are often inadequately documented or entirely unregulated. This creates significant compliance gaps, as these practical learning experiences are frequently the most critical for developing true competence.
The regulatory expectation is clear: organizations must document not only formal training activities but also the processes through which individuals develop and demonstrate competence through practical application. This includes:
- Structured on-the-job training programs with defined curricula
- Mentoring relationships with documented learning objectives
- Competence verification activities following training
- Regular competence reassessment to ensure continued capability
Identifying Training Needs: A Strategic Approach
The Foundation of Competence Management
The identification of training needs represents the cornerstone of effective competence management. Rather than implementing generic training programs for all personnel, organizations must adopt a strategic, role-based approach that considers:
- Regulatory Requirements: What competencies are mandated by applicable regulations for specific roles?
- Process Impact: Which positions directly affect product quality, safety, or regulatory compliance?
- Organizational Objectives: What competencies are needed to achieve quality objectives and strategic goals?
- Risk Considerations: What are the consequences of incompetence in each role?
- Current State Assessment: What is the existing competence level of each individual?
Department-Level vs. Individual-Level Requirements
A critical principle in competence management is that not all personnel within a department require identical competencies. Organizations must achieve a balanced distribution of competencies across the department to ensure:
- Operational Continuity: Sufficient depth of expertise to maintain operations during absences
- Knowledge Transfer: Multiple individuals capable of training and mentoring others
- Flexibility: Ability to reassign resources as needed
- Risk Mitigation: No single points of failure where only one person possesses critical competencies
This balanced approach requires creating both departmental competence tables and individual competence plans.
Creating Departmental Competence Tables
Purpose and Structure
A departmental competence table (also called a competency matrix or skills matrix) provides a comprehensive overview of the competencies present within a team or department. This tool enables managers to:
- Visualize the current state of departmental capabilities
- Identify weak points or competency gaps
- Plan training initiatives strategically
- Make informed decisions about resource allocation
- Assess departmental capacity for new projects or responsibilities
Essential Elements of a Competence Table
An effective departmental competence table should include:
Vertical Axis (Rows):
- Employee names
- Employee IDs
- Job titles/positions
- Department/function
Horizontal Axis (Columns):
- Required competencies (grouped by category)
- Competency levels (current state)
- Target competency levels
- Training status indicators
Competency Categories May Include:
- Quality Management System fundamentals (for all personnel)
- Regulatory requirements (FDA, ISO, regional regulations)
- Technical skills (process-specific, equipment operation)
- Documentation and record-keeping
- Problem-solving methodologies (CAPA, root cause analysis)
- Specialized certifications (as applicable)
Competency Level Scales
Organizations should establish clear, consistent scales for assessing competency levels. A common five-level scale:
Level 0 (No Experience): Individual has not performed the task or received any training
Level 1 (Awareness): Basic understanding; can describe the process but cannot perform independently
Level 2 (Developing): Can perform tasks with guidance and supervision; requires reference to procedures
Level 3 (Competent): Can perform tasks independently according to procedures; meets quality standards consistently
Level 4 (Proficient): Can perform tasks expertly; capable of training others; can identify and resolve common problems
Level 5 (Expert/Master): Deep expertise; can optimize processes; serves as subject matter expert; develops training materials
The scale should be adapted to the organization’s needs, with clear behavioral descriptors for each level to ensure consistent application across departments and evaluators.
Visual Management: Color-Coding for Impact
Color-coded competence tables provide immediate visual feedback about departmental strengths and weaknesses:
- Red: Critical gap – competency required but not present; immediate training needed
- Yellow: Developing – training in progress or planned; requires monitoring
- Green: Competent – meets requirements; maintains through periodic reassessment
- Blue: Expert – exceeds requirements; resource for training others
This visual approach enables management to quickly identify:
- Positions at risk due to insufficient competency depth
- Departments requiring immediate training intervention
- Succession planning opportunities
- Potential trainers and mentors within the organization
Individual Competence Tables and Development Plans
Purpose and Integration
While departmental tables provide the strategic overview, individual competence tables serve as personalized development roadmaps. These documents should:
- Define specific competency targets for the individual’s current role
- Identify career development pathways
- Track progress toward competency goals
- Document completed training and competency verification activities
- Establish timelines for achieving target competencies
Setting Realistic Target Values
For each required competency, organizations must establish:
Current State: The individual’s demonstrated competency level today
Target State: The required competency level for successful role performance
Timeline: Reasonable timeframe for achieving target (considering complexity and available resources)
Verification Method: How competence will be assessed and documented
Review Frequency: When competence will be reassessed (semi-annually, annually, or after significant process changes)
Periodic Competence Evaluation
Competence management is not a one-time activity but an ongoing process. Organizations should establish regular evaluation cycles:
Semi-Annual Reviews: Assess progress toward training goals, verify maintenance of critical competencies, adjust development plans as needed
Annual Reviews: Comprehensive competence assessment, update individual competence tables, align with performance management processes
Event-Triggered Reviews: Conduct when significant changes occur:
- Process modifications
- Equipment upgrades
- Regulatory requirement changes
- Role changes or promotions
- Extended absences requiring competency revalidation
- Non-conformances or quality events related to competency
Training Effectiveness Evaluation
Beyond Attendance Records
ISO 13485:2016 explicitly requires organizations to “evaluate the effectiveness of the actions taken” to achieve necessary competence. This requirement moves beyond simply documenting training attendance to verifying that training has produced the intended competency improvements.
Kirkpatrick’s Four Levels of Training Evaluation
Organizations should implement multi-level evaluation approaches:
Level 1 – Reaction: Did participants find the training relevant and engaging? (assessed through training feedback forms)
Level 2 – Learning: Did participants acquire the intended knowledge? (assessed through knowledge tests, quizzes, or discussions)
Level 3 – Behavior: Do participants apply learned skills in their work? (assessed through observation, performance monitoring, or competency demonstrations)
Level 4 – Results: Has the training improved quality metrics, reduced errors, or enhanced process capability? (assessed through quality indicators, defect rates, or process performance data)
For compliance purposes, organizations must document at minimum Level 2 (knowledge verification) and Level 3 (performance verification) assessments.
Risk-Based Evaluation Methods
The ISO 13485:2016 note emphasizes proportionality: “The methodology used to check effectiveness is proportionate to the risk associated with the work for which the training or other action is being provided.”
This risk-based approach means:
Low-Risk Activities: Simple knowledge checks or read-and-understand acknowledgments may suffice
Medium-Risk Activities: Combination of knowledge assessment and supervised practice with documented observation
High-Risk Activities: Comprehensive evaluation including:
- Written or oral knowledge assessment
- Practical demonstration under supervision
- Independent performance with spot-checking
- Periodic requalification to ensure continued competence
Critical Activities: Most rigorous verification including:
- Formal qualification process
- Multiple independent verifications
- Regular requalification (e.g., annually)
- Performance monitoring with statistical process control
- Incident-free performance record over defined period
Common Compliance Pitfalls and How to Avoid Them
Pitfall 1: Training Records Without Competence Evidence
Problem: Organizations maintain detailed training attendance records but lack documentation of competence verification.
Solution: Implement competency checks following training, documented separately from training records. Evidence should demonstrate that the individual can perform the task independently and consistently.
Pitfall 2: Generic Training for All Employees
Problem: Providing identical training to all department members regardless of role-specific requirements.
Solution: Develop role-based training matrices that identify which competencies are required for which positions. Focus training resources on actual job requirements.
Pitfall 3: Undocumented On-the-Job Training
Problem: While formal classroom training is well-documented, practical OJT and mentoring activities lack formal documentation.
Solution: Create structured OJT programs with defined curricula, documented training sessions, and formal competency sign-offs by qualified trainers.
Pitfall 4: Neglecting Training on Process Changes
Problem: When procedures are revised, organizations update documentation but fail to retrain affected personnel.
Solution: Establish change control procedures that automatically trigger training needs assessment. Document training completion before implementing changes.
Pitfall 5: Single Trainer Per Competency
Problem: Departments develop single points of failure where only one person can train others on critical competencies.
Solution: Develop multiple trainers for each critical competency. Include “ability to train others” as a Level 4 or 5 competency requirement.
Pitfall 6: Static Competence Tables
Problem: Competence tables created during system implementation but never updated or utilized actively.
Solution: Integrate competence management into routine management processes:
- Review competence tables during management review meetings
- Update tables following all training activities
- Use tables for resource planning and project staffing decisions
- Reference tables during internal audits
Best Practices for Implementation
1. Link Competence Requirements to Job Descriptions
Ensure consistency between formal job descriptions and competence table requirements. Job descriptions should specify minimum education, experience, and competency requirements. This linkage supports both hiring decisions and training needs identification.
2. Integrate with Performance Management
Connect competence development with performance evaluation processes. Include competency achievements in performance reviews and recognition programs. Establish clear expectations that competency development is part of job performance.
3. Leverage Technology Appropriately
While spreadsheet-based competence tables can work for small organizations, larger companies benefit from dedicated training management software that provides:
- Automated expiration notifications
- Integration with learning management systems
- Real-time visibility of departmental competence status
- Audit trail for all competency-related activities
- Reporting and analytics capabilities
4. Establish Clear Accountability
Define roles and responsibilities clearly:
- Top Management: Ensures adequate resources for competence development
- Department Managers: Responsible for identifying training needs and maintaining departmental competence
- HR/Training Function: Administers training programs and maintains corporate training records
- Quality Assurance: Audits competence management system effectiveness
- Individual Employees: Responsible for participating in assigned training and maintaining competency
5. Create a Culture of Continuous Learning
Transform competence management from a compliance burden into a valued organizational capability:
- Recognize and reward competency development achievements
- Provide clear career progression pathways tied to competency advancement
- Encourage cross-training to build organizational resilience
- Support professional development beyond minimum requirements
- Foster mentoring relationships between experts and developing employees
6. Plan for Succession
Use competence tables proactively to identify succession planning needs. For each critical competency, ensure:
- Multiple individuals at competent level or above
- At least one expert-level resource
- Pipeline of developing personnel for future needs
- Knowledge transfer programs before retirements or role changes
Regulatory Inspection Considerations
What Auditors and Inspectors Evaluate
During regulatory inspections, investigators will assess:
- Documented Process: Does the organization have procedures for identifying training needs, providing training, and verifying competence?
- Training Needs Analysis: Can the organization demonstrate how training requirements were identified and justified?
- Training Records: Are records complete, accurate, and include all required elements (who, what, when, trainer qualifications, effectiveness verification)?
- Competence Evidence: Beyond training records, can the organization demonstrate that personnel are competent through observation, performance data, or competence assessments?
- Effectiveness Evaluation: What mechanisms exist to verify that training achieves intended competency improvements?
- Qualification of Trainers: Are individuals conducting training themselves qualified and competent?
- Currency: Are competencies maintained and revalidated at appropriate intervals?
- Change Management: When processes change, how does the organization ensure personnel competence is updated?
Preparing for Inspection
Before the Inspection:
- Conduct mock audits of training and competence management system
- Review all competence tables for completeness and currency
- Verify that all required training has been completed
- Ensure effectiveness verification is documented
- Prepare examples demonstrating the link between training and improved performance
During the Inspection:
- Provide clear, organized documentation
- Demonstrate active use of competence tables in management decisions
- Show examples of how competency gaps were identified and addressed
- Explain risk-based rationale for training evaluation methods
- Be prepared to have personnel demonstrate competency if requested
Common Inspection Findings:
- Inadequate procedures for identifying training needs
- Training records without effectiveness verification
- Personnel performing critical activities without documented competence
- Outdated competence assessments
- No process for training on changes to procedures
- Unqualified trainers conducting training
Case Study: Implementing Competence Management in a Growing Medical Device Company
Background
MedTech Innovations, a medical device manufacturer with 150 employees, was preparing for ISO 13485 certification and FDA inspection. The company had basic training records but lacked a comprehensive competence management system.
Challenges Identified
- Training was documented, but competence was not verified
- No systematic method for identifying training needs
- On-the-job training was undocumented
- Department managers had no visibility into team competencies
- Several critical processes had only one trained individual
Implementation Approach
Phase 1: Foundation (Months 1-2)
- Developed competence management procedure
- Created competency level definitions
- Identified all positions affecting product quality
- Linked competence requirements to job descriptions
Phase 2: Current State Assessment (Months 2-3)
- Conducted departmental training needs analyses
- Created initial competence tables for all departments
- Color-coded tables to identify critical gaps
- Surveyed employees about existing competencies from prior employment
Phase 3: Gap Closure (Months 3-6)
- Developed prioritized training plans based on risk
- Implemented structured OJT programs with documentation
- Established competency verification methods for each role
- Trained additional personnel on critical competencies to eliminate single points of failure
Phase 4: Sustainability (Months 6-12)
- Integrated competence review into management review meetings
- Established quarterly competence table updates
- Implemented training management software
- Developed trainer qualification requirements
- Created competency-based career progression framework
Results
- Successfully achieved ISO 13485 certification with zero major findings in training/competence area
- Passed FDA pre-approval inspection with no training-related observations
- Reduced quality events attributed to competency gaps by 75% in first year
- Improved employee engagement scores related to professional development
- Reduced time to qualify new employees by 30% through structured approach
- Created clear career pathways that improved retention of high-performers
Key Success Factors
- Executive Commitment: Leadership allocated sufficient resources and set clear expectations
- Cross-Functional Collaboration: HR, QA, and Operations worked together rather than in silos
- Risk-Based Prioritization: Focused resources on highest-risk competencies first
- Technology Enablement: Software tools provided visibility and automated routine tasks
- Cultural Integration: Positioned competence development as career advancement rather than compliance burden
Future Trends in Competence Management
Digital Transformation
Organizations are increasingly adopting integrated quality management systems (QMS) that connect:
- Electronic training management
- Competence tracking
- Change control systems
- Document management
- Non-conformance and CAPA systems
This integration enables automated workflows where process changes automatically trigger training needs assessments and competency revalidation requirements.
Data Analytics and Predictive Approaches
Advanced organizations are using data analytics to:
- Predict training effectiveness based on historical data
- Identify correlations between competency levels and quality metrics
- Optimize training methods and schedules
- Forecast future competency needs based on business plans
Microlearning and Just-in-Time Training
Rather than lengthy classroom sessions, organizations are implementing:
- Short, focused training modules (5-15 minutes)
- Mobile-accessible training content
- Just-in-time refresher training at point of need
- Adaptive learning paths based on individual needs
Virtual and Augmented Reality
For high-risk or expensive-to-train activities, emerging technologies enable:
- Virtual reality simulations for procedure practice
- Augmented reality job aids for complex tasks
- Remote expert coaching through connected devices
- Safe practice of emergency procedures without actual risk
Conclusion
Effective competence management is far more than a regulatory checkbox—it represents a strategic organizational capability that directly impacts product quality, employee engagement, regulatory compliance, and business performance. The regulatory landscape is evolving, with FDA’s adoption of ISO 13485 through the QMSR signaling increased harmonization of global requirements. Organizations that view competence management strategically, rather than as a compliance burden, position themselves for sustainable success in an increasingly competitive and regulated environment.
By implementing comprehensive competence tables at both departmental and individual levels, organizations gain the visibility needed to make informed decisions about training investments, resource allocation, and succession planning. The identification of training needs becomes a proactive, strategic activity rather than a reactive response to deficiencies. Competence verification moves beyond attendance records to genuine assessment of demonstrated capability.
As the medical device and pharmaceutical industries continue to advance, with increasing technological complexity and evolving regulatory expectations, the importance of robust competence management systems will only grow. Organizations that establish strong foundations today—with clear processes, appropriate tools, risk-based approaches, and cultures that value continuous learning—will be well-positioned to adapt to future challenges and opportunities.
The journey to excellence in competence management is ongoing. It requires commitment from leadership, collaboration across functions, appropriate investment in tools and resources, and most importantly, a genuine belief that developing people’s capabilities is central to organizational success. When done well, competence management transforms from a regulatory requirement into a competitive advantage that enables organizations to consistently deliver safe, effective products to patients while building engaged, capable workforces prepared for the future.
References
ISO/TC 176 Quality management and quality assurance. (2022). Auditing Practices Group – Competence Guidance Document.
U.S. Food and Drug Administration. (1996). 21 CFR Part 820 – Quality System Regulation.
U.S. Food and Drug Administration. (2024). Medical Devices; Quality System Regulation Amendments (QMSR). Federal Register, 89 FR 7352.
International Organization for Standardization. (2016). ISO 13485:2016 – Medical devices — Quality management systems — Requirements for regulatory purposes.
International Organization for Standardization. (2015). ISO 9001:2015 – Quality management systems — Requirements.
International Organization for Standardization. (2015). ISO 9000:2015 – Quality management systems — Fundamentals and vocabulary.
FDA Quality Management System Regulation: Final Rule Amending the Quality System Regulation – Frequently Asked Questions. Retrieved from https://www.fda.gov/medical-devices/
Kirkpatrick, D. (1994). Evaluating Training Programs: The Four Levels. Berrett-Koehler Publishers.
Comment