Login
Join Us
Home > Other Safety Products > Managing Relationships with Suppliers and Vendors You Use

Managing Relationships with Suppliers and Vendors You Use

Author: Doreen Gao

Jun. 23, 2025

75

0

Managing Relationships with Suppliers and Vendors You Use

By T. Leigh Buehler  |  12/22/

Read more

In today’s world, vendor and supplier relationships are critical to ensure a sense of harmony for all. Trust, good communication, and a commitment to mutual understanding and growth are necessary to build relationships with suppliers and vendors and provide good service to customers.

The Importance of Managing Supplier Relationships and Vendors

Before discussing how to build reliable relationships with vendors and suppliers, it’s necessary to understand the importance of these relationships. There are strategic partners within your business strategy who influence product quality, pricing, and customer satisfaction.

Strong vendor and supplier relationships are important because they can influence the longevity of your agreements. In addition, good relationships make it easier to increase successful collaborations and accomplish your organization's goals.

Companies in today’s business economy buy more components and services from their suppliers than ever before. Also, businesses rely heavily on their suppliers to reduce costs and increase their products’ quality, so good supplier relationship management is a necessity.

When you take the time to develop a great supplier relationship, you will help to develop cost savings and reduce availability problems, quality issues, and product delays. Ultimately, that leads to better service and customer satisfaction.

A reliable partnership is not one-sided; however. It has advantages for all parties involved.

For instance, the CEO of an auto parts supplier for Chrysler®, Ford®, General Motors®, and Honda® stated: “Honda is a demanding customer, but it is loyal to us. [American] automakers have us work on drawings, ask other suppliers to bid on them, and give the job to the lowest bidder. Honda never does that.”

But supplier and vendor relationships are not limited to large organizations like Honda. Even small businesses must practice good supplier relationship management to retain good relationships with their vendors and suppliers and provide great customer service.

For example, a small bridal store must retain consistent communication channels with its vendors out of Asia to ensure proper delivery time of wedding gowns to brides. Missing delivery due dates can cause a great deal of frustration and anger for brides, leading to possible refunds, lost profits, and potentially negative customer testimonials and online reviews.

The Value of Building a Solid Supplier Relationship Agreement

Supplier relationship management grows even more important as the complexities of global markets increase. Supplier relationship agreements are more than contractual obligations. They are strategic tools that impact the success, resilience, and efficiency of your business.

When I ran inventory and supply chain logistics for a locally owned bridal store, I was always amazed at the wonderful vendor and supplier relationships the owner maintained. She developed these relationships when she first opened her store.

Her great supplier relationships and continued loyalty to the brands she sold always paid off in times of a “bridal crisis.” It was rare that a supplier would not bend over backward to ensure the shipment of dresses or accessories so that her brides would be happy.

She was always happy to continue a contractual agreement with vendors and suppliers who enabled her to deliver excellent customer service. In turn, they were happy to continue their exclusive contracts because of her ability to sell their items.

But how do you go about building a robust supplier agreement? Every organization’s supplier agreement will be different, and some businesses may need more terms than others.

Expectations

A supplier agreement is a blueprint for two or more partners to craft a healthy relationship. It should outline the expectations, responsibilities, and deliverables in detail to minimize the risk of misunderstandings. Clarity ensures that both the buyer and the supplier have a shared understanding from the beginning, which develops trust.

For a business like a bridal store, agreeing to purchase a minimum number of sample dresses for the showroom floor must be established in a supplier relationship agreement each year. Vendors want their dresses displayed for brides, but the stores must be careful not to purchase too many samples since dresses get ruined during fittings.

Also, the store runs the risk of carrying too much dead stock. Items that do not move from the backroom take up space and eat into budgets.

Risk Mitigation

Risks are inevitable in any business. By practicing good supplier relationship management and developing a strong supplier agreement, you can add risk management tools to address any potential challenges.

This effort may include supply chain disruptions, unforeseen circumstances, and market fluctuations. Clearly defined protocols for handling these risks contribute to a trustworthy supplier relationship and a positive contract relationship.

Cost Efficiency

All agreements should discuss pricing structures, discounts, and payment terms. By stipulating pricing mechanisms, penalties for delays, and other financial details, the agreement ensures fairness and transparency, which leads to more efficient allocation of resources for both parties.

Going back to the bridal store example, vendors typically create discounts around the amount of sample dresses they’ve purchased. The more the store buys, the bigger the discount.

In addition, there would be a year-end bonus if the store sold a certain number of custom dresses (not from the samples they purchased). This bonus would carry over to the next year, creating a larger discount on the number of new sample dresses purchased for the showroom, which would help the store save money on inventory purchases.

Quality Assurance

Quality is non-negotiable for many businesses these days. A supplier agreement should establish strong quality guidelines with testing procedures and compliance requirements. Quality assurance can include any part of the supplier process from manufacturing to human error to security improvements.

If a shoe manufacturer discovers during a quality check that soles on shoes come loose, the manufacturer should start an investigation with internal and external teams. Is the problem on the supplier’s end, perhaps because a new type of material has been used? If it is not the supplier, then a quality team needs to continue testing the issue to solve the problem.

Clear guidelines for quality assurance help to maintain consistency for all parties and ensure that the buyer receives goods that meet their standards.

Legal Protection

To maintain good relationships, it is always prudent to have legal protections in place. While most companies hope there will not be any relationship disputes, you never know what may occur down the road.

A supplier agreement establishes the legal framework for the business partnership. It includes dispute resolution mechanisms and outlines consequences for breaches of contract. These legal protections are to cover both parties.

One legal clause that many supplier agreements should carry is intellectual property terms, which is usually done through an indemnification clause. This clause is a legally binding agreement specifying that one party will compensate the other party for any losses or damages that may arise from a particular circumstance.

The clause might read in this way: “The service provider shall indemnify the customer from any and all claims, causes of action, suits, damages, or demands, arising out of any infringement of intellectual property rights used by the service provider in the course of delivering the services.”

Continuous Improvement

Many businesses mistakenly create a static supplier agreement. The agreement needs to allow continuous improvement and innovation by incorporating tools to quickly communicate and collaborate.

Suppliers often have valuable insights into supply chain management. To help a business grow, a supplier agreement can provide a platform for both parties to contribute to each other’s success.

Identify and Monitor Any Risks in Your Supplier Relationship

While it is important to maintain solid supplier and vendor relationships, all businesses need to understand that these partnerships are not without risk.

You can experience supply chain disruptions, financial instability, and other issues that could affect your company’s internal operations. Being able to identify and monitor these potential risks in your vendor and supplier relationships will be advantageous.

You should not wait until an agreement is established to run a risk assessment. Before entering into an agreement, identify and evaluate any potential risks of existing suppliers or vendors.

Look for any conflict of interest or potential supply chain issues – even political risks are important today. That will help you decide whether the value of the partnership outweighs any risks.

Imagine that you have the opportunity to carry a high-end, well-known brand in your store, and you jump at the opportunity to help bolster your store’s image. But you failed to investigate whether the brand has any supplier issues or is produced in a politically volatile area of the world.

Is it worth the aches and pains of waiting for long periods for stock that you’ve paid for and now risk out-of-season or unwanted items just to say you carry that vendor? This type of consideration is very important when you're working to maintain a strong supplier relationship and please your customers.

Supply Chain Vulnerabilities

In today’s global world, supply chains are in constant battles with disruptions such as:

  • Natural disasters (hurricanes and wildfires)
  • Geopolitical tensions (terrorism, wars, or new leaders)
  • Unforeseen events like pandemics

These disruptions impact the timely delivery of your goods. When goods are not delivered on time, you risk financial loss and damage to business credibility and your company’s reputation.

For instance, the recent pandemic hit Nike’s distribution channel, third-party manufacturing, and logistics hard. Nike was forced to close stores in its China market and around the world. Their inventory levels grew, and Nike faced reduced shipments to wholesalers.

To combat these issues, Nike enhanced their direct online sales channels. Nike Brand Digital was its fastest-growing channel. The company were able to clear inventory by offering discounts, canceling factory orders, and shifting products away from storefronts to fulfill online orders.

Financial Stability

A supplier’s financial health directly affects your business. If you use a supplier that has frequent financial difficulties, you could face a disruption in your supply chain or experience quality issues. These issues can leave your enterprise in a vulnerable position, risking your financial stability.

Check to see if the vendors in your supplier network fulfill orders slowly. If a pattern of untimely deliveries emerges, your supplier or vendor could be having cash flow problems. They may be behind on timely payments to their suppliers, leading to issues with fulfilling orders.

Quality Assurance

Quality assurance is essential in securing a supplier agreement and conducting risk assessments of vendors and suppliers. Poor products can have severe consequences, such as regulatory fines and unhappy customers. If a product fails to meet industry compliance standards, your organization risks damage to the public perception of your brand and financial loss.

Any product that does not meet its intended specifications or fails to perform as it should is considered poor. Examples include cracks in the paint on a car or the coat zipper that continually breaks. Quality is the most important factor for any business.

Reputation Management

Your vendors’ and suppliers’ actions — or lack thereof — reflect directly back on your company. If you use a supplier that is involved in unethical practices, human rights violations, or environmental controversies, it can also tarnish your brand and lead to a loss of customer trust.

For instance, a investigation found rampant human rights abuses in the supply chains of online fashion merchant ASOS, the British luxury retailer Marks & Spencer, and Japanese casual wear retailer Uniqlo. Each company faced customer protests and the loss of public trust.

Strategies for Identifying and Monitoring Risks

Risk is a multifaceted phenomenon that should be considered holistically. It involves assessment, profile development, and routine audits, coupled with a sourcing diversification strategy, all of which work together to help mitigate risk.

Comprehensive Supplier Assessment

You will want to conduct a thorough evaluation of potential suppliers before you sign agreements. Assess their financial stability, reputation in the industry, and operational capacity.

You may want to use a third-party assessment or evaluation to validate a supplier’s compliance with quality standards, environmental regulations, and ethical practices.

Risk Profiling

Create a risk profile for each potential supplier partner. A risk profile will describe any potential concerns. Consider factors such as:

  • The stock of an organization’s operations
  • Its capacity to deal with significant high-level risks
  • The geographic location of the supplier
  • The economic stability of the region
  • Procurement solutions
  • Cultural differences
  • Supplier data

When you identify suppliers whose potential failure could impact your business, prioritize monitoring those suppliers accordingly. The potential for natural disasters like earthquakes, floods, or droughts can affect many regions and lead to a delay in the delivery of goods. Political risks, like civil unrest or a new leader, can prompt new laws and regulations that require your company’s response.

Regular Audits and Inspections

When you implement regular inspections and audits of your suppliers and vendors, you ensure that the agreed-upon standards are in order within your supplier network. Establish open and collaborative relations and regular communication with your suppliers to encourage transparency and cooperation during inspections.

Diversification of Suppliers

Diversifying the suppliers within your supplier network is a great way to reduce your dependency on any single supplier. You may not be able to use this strategy with all of your vendors or suppliers, but more diversification creates a bigger safety net for your company.

Develop contingency plans and alternative sourcing strategies to help mitigate risks associated with a specific supplier. If you are a coffee company, source your beans from multiple farmers and countries to ensure a steady flow of beans. If you rely on only one farmer or area, you risk geopolitical or natural disaster issues.

Great supplier relationships do not happen overnight. It takes work and effort to create a good relationship. Developing reliable vendor and supplier relations is a business strategy, one that is a cornerstone for sustained growth and helping your fellow businesses succeed.

If your company is large enough, you may want to appoint a dedicated supplier relationship manager. Good supplier management leads to a resilient business. Effectively managing a working relationship with suppliers ensures a seamless supply chain and reduces the risk of disruptions to your company.

Using open, effective communication and building trust can cultivate a mutually beneficial business relationship with your vendors and suppliers that can bring long-term success. Regular inspections, continuous improvements, well-developed supplier management, and a willingness to adapt to changing circumstances are key to building reliable and trustworthy relationships.

Relevant Articles:

  • Digital Transformation in the Retail Industry is Necessary

Medical Device Supplier Management [Guide] - Greenlight Guru

A medical device is only as good as its parts.

Low-quality parts and components will result in a low-quality device. And a low-quality device puts patients at risk. That’s why supplier management is mandated by quality management system (QMS) regulations around the world. 

Good supplier management is one of the fundamental methods for preventing failure of your product. Its goal is to ensure the consistent supply of high-quality parts or components that conform to your specifications. 

It may sound simple when I put it like that, but supplier management is a highly involved process with a lot of nuance. So, with this guide, my goal is to help you understand what supplier management requires from your medical device company—and how you can use it to your advantage.

Table of Contents

Contract manufacturers and supplier management
Software as a medical device (SaMD) suppliers

Supplier management in the US
Supplier management in the EU
Supplier management according to MDSAP’s Audit Model

Final thoughts on supplier management for medical device companies


What is supplier management and why is it critical to medical device manufacturing?

Supplier management is the umbrella term we use to describe the processes and procedures medical device companies use to ensure that all the products and services they receive meet their specifications. 

It’s also one of the first lines of defense against product failure and an essential part of your QMS.

That’s because you probably won’t be making most—if any—of the parts in your medical device yourself. Practically everything you need to manufacture your device will be coming from another company. You may even use a contract manufacturer to build the final product for you. 

And that means your internal processes are really the only method you have for controlling the parts and components that will eventually make up your devices. Remember, your goal is to manufacture a perfect device every time. If you can’t control the quality of the materials that go into that device, you will eventually fail to make a perfect device. Probably quite quickly. 

But I don’t want you to think that supplier management is simply about preventing failure. It’s more than that. Good supplier management reduces costs and allows you to find creative solutions to logistics problems. 

I once worked for a company that made contact lens solution. The bottles for the solution were manufactured for our aseptic manufacturing plant, but they had to be sterilized by radiation at another plant owned by a different company. Could we have them ship the bottles to us, after which we would ship them to the radiation plant and then have them shipped back? Sure.

But because we had strict requirements in place for the transportation of those bottles, we could confidently have the aseptic manufacturing plant ship them directly to the radiation plant, and then back to us. That may not sound incredibly innovative, but it saved us a lot of money on shipping and it was only possible because of good supplier management.

And for smaller companies that are just starting out, without buckets of cash to pour down the drain, that type of maneuver can be the difference between success or failure.

Contract manufacturers and supplier management

Before we dive into the regulations surrounding supplier management, we need to get one thing clear: even if you are outsourcing manufacturing to a contract manufacturer, supplier management is still your responsibility. 

There was a time, decades ago, when medical device companies were usually vertically integrated and made many, if not all, of their parts in-house. 

Those days are over, and using a contract manufacturer is the new norm now. However, the contract manufacturer may be dealing with all the parts and components as they come in, but as the legal manufacturer of the medical device, you are responsible for managing those suppliers—including your contract manufacturers.

Remember, you can outsource the work; you can’t outsource the responsibility.

Software as a medical device (SaMD) suppliers

Finally, we need to clarify what constitutes a supplier for software as a medical device (SaMD). After all, making SaMD really just entails writing code, right? Do you even have suppliers if you don’t have hardware?

The answer, of course, is yes. The word “supplier” often leads people to think of someone providing physical supplies, but you can’t forget about service providers. If you outsource any work on your code to other companies or independent contractors, they are supplying you with a service and thus fall under the purview of the regulations regarding supplier management. 

What are the different regulations and standards surrounding supplier management?

Supplier management is an integral part of a medical device manufacturer’s quality management system (QMS), and its requirements are found in the regulations and standards governing quality management systems around the world. 

Before we get into these, it’s important to note that most of the regulations and standards you’ll find don’t talk about “supplier management.” They talk about “purchasing.” These terms are synonymous, but the industry tends to use supplier management (as I’m doing in this guide) while the regulations and standards refer to it as purchasing. 

Supplier management in the US

In the US, supplier management is part of the FDA’s Quality System Regulations (QSR), which govern what a medical device manufacturer must do to maintain a compliant QMS.

The requirements for supplier management can be found in CFR 21 Part 820.50, in Subpart E - Purchasing Controls:

Each manufacturer shall establish and maintain procedures to ensure that all purchased or otherwise received product and services conform to specified requirements.

(a) Evaluation of suppliers, contractors, and consultants. Each manufacturer shall establish and maintain the requirements, including quality requirements, that must be met by suppliers, contractors, and consultants. Each manufacturer shall:

(1) Evaluate and select potential suppliers, contractors, and consultants on the basis of their ability to meet specified requirements, including quality requirements. The evaluation shall be documented.

(2) Define the type and extent of control to be exercised over the product, services, suppliers, contractors, and consultants, based on the evaluation results.

(3) Establish and maintain records of acceptable suppliers, contractors, and consultants.

(b) Purchasing data. Each manufacturer shall establish and maintain data that clearly describe or reference the specified requirements, including quality requirements, for purchased or otherwise received product and services. Purchasing documents shall include, where possible, an agreement that the suppliers, contractors, and consultants agree to notify the manufacturer of changes in the product or service so that manufacturers may determine whether the changes may affect the quality of a finished device. Purchasing data shall be approved in accordance with  § 820.40.

Note that the first sentence calls out “received product and services.” As I mentioned when we talked about SaMD suppliers, service providers very much still count as suppliers. A company that performs radiation sterilization is a service supplier—but without that service you may not be able to sell your product. 

Supplier management in the EU

Quality management systems in the European Union, and thus supplier management, are expected to follow the requirements set out in ISO , the international standard for medical device quality management systems.

ISO is a standard, not a regulation, which means it does not hold the force of law. However, your notified body will expect your QMS to conform to ISO when they come to audit you. 

The requirements for supplier management can be found in Section 7.4 — Purchasing, and are made up of three subsections:

  • 7.4.1 Purchasing Process

  • 7.4.2 Purchasing Information

  • 7.4.3 Verification of purchased product

These requirements are lengthier than those from FDA, but cover much of the same ground. It’s worth noting that in the FDA’s proposed Quality Management System Regulations (QMSR) —which incorporate ISO by reference—FDA has stated that the Purchasing requirements for both the QSR and ISO are “substantively similar.” 

Here’s what section 7.4.1 has to say about the responsibilities of medical device manufacturers:

The organization shall document procedures (see 4.2.4) to ensure that purchased product conforms to specified purchasing information.

The organization shall establish criteria for the evaluation and selection of suppliers. The criteria shall be: 

a) based on the supplier’s ability to provide product that meets the organization’s requirements;

b) based on the performance of the supplier;

c) based on the effect of the purchased product on the quality of the medical device;

Tehu Product Page

The organization shall plan the monitoring and re-evaluation of suppliers. Supplier performance in meeting requirements for the purchased product shall be monitored. The results of the monitoring shall provide an input into the supplier re-evaluation process.

Non-fulfilment of purchasing requirements shall be addressed with the supplier proportionate to the risk associated with the purchased product and compliance with applicable regulatory requirements.

Records of the results of evaluation, selection, monitoring and re-evaluation of supplier capability or performance and any necessary actions arising from these activities shall be maintained (see 4.2.5).

While it is expected that you follow ISO in the EU, we can’t forget about the Medical Device Regulation (EU MDR) and the In Vitro Diagnostic Regulation (EU IVDR). There are provisions in both regulations for purchasing and supplier management that you should be aware of. 

Notably, MDR and IVDR both say that the competent authorities "shall carry out both announced and, if necessary, unannounced inspections of the premises of economic operators, as well as suppliers and/or subcontractors, and, where necessary, at the facilities of professional users." 

This means your notified body can and will audit your suppliers—potentially unannounced. I’ll get to the implications of that and some practical tips for handling it when we talk about your own supplier audits and agreements. 

Supplier management according to MDSAP’s Audit Model

The Medical Device Single Audit Program (MDSAP) was created to streamline the auditing process for companies that place medical devices on the market in multiple jurisdictions. The current members of MDSAP are the US, Canada, Australia, Brazil, and Japan. 

The program offers a single audit that’s recognized by all of these countries, and it has released a document called the MDSAP Audit Model that lays out what their auditors are looking for.

If you plan on taking advantage of MDSAP, you can find information on supplier management in Chapter 7 - Purchasing of the MDSAP Audit Model document, which lists five outcomes auditors want to see.

Outcomes: As a result of the audit of the Purchasing process, objective evidence will show whether the medical device organization has: 

A. Defined, documented and implemented procedures to ensure purchased or otherwise supplied products conform to specified purchase requirements 

B. Established criteria for the selection, evaluation and re-evaluation of suppliers based on the type and significance of the product purchased and the impact of the supplied product on subsequent product realization or the quality of the finished device

C. Performed the evaluation and selection of suppliers based on the capability of the supplier to meet specified requirements 

D. Ensured the continued capability of suppliers to provide quality products that meet specified purchase requirements through re-evaluation

E. Determined and implemented an appropriate combination of controls applied to suppliers in conjunction with acceptance verification activities to ensure conformity to product and quality management system requirements, based on the impact of the supplied product on the finished device.

The MDSAP Audit Model is an extremely useful document because it combines both ISO and FDA QSR requirements for supplier management. It also provides country-specific requirements, such as those for Brazil and Australia, and it’s a great baseline to follow for supplier management best practices.

How do you qualify suppliers?

Before you can purchase anything from a supplier, you must qualify them and place them on your Approved Suppliers List (ASL)

Your ASL is simply a list of all the suppliers you’ve qualified, as well as what items or services you’ve qualified them for. Just because a supplier is on your ASL for one specific part, that doesn’t mean you can order other items from them unless they’ve been qualified for the other items, as well. 

The process for getting a supplier onto that list will look a little different for every company, but generally you’ll follow these six steps:

1. Create your purchasing procedures

The first clause in both the QSR and ISO directs medical device companies to establish procedures for ensuring that purchased product meets your requirements. 

These procedures are a critical part of your greater QMS, and you should have your supplier management procedures in place before you begin qualifying suppliers. 

You don’t want to get to a point where you’re trying to retroactively apply those procedures to suppliers that you’ve already purchased product from. It’s very difficult to justify that choice to an auditor when it’s clear you didn’t follow any documented procedures for evaluating and choosing a supplier.

Click here to download your free copy of our checklist for selecting suppliers and contract manufacturers.

2. Establish the criteria you’ll use for your suppliers

Creating the criteria you’ll use to evaluate suppliers is a crucial first step, because without criteria in place, you may be tempted to use a supplier that doesn’t actually meet all your requirements. 

The criteria you use will be unique to your circumstances, but they’ll revolve around some key points, such as:

  • The product specifications that you need a supplier to meet

  • Whether they have a documented quality system in place

  • Whether they have supplier management procedures in place for their suppliers

  • The standards they’re certified to (like ISO or ISO )

  • The volume they can produce for your company

Once you have the criteria in place for a given part or component, you can begin your search for suppliers that meet those requirements.

3. Create a list of prospects and evaluate their capabilities

Most companies start by Googling for suppliers who can provide the product or service you need. There’s no harm in starting that way, but your initial Google search is not nearly enough. 

Once you find some prospective suppliers, you’ll need to send them a supplier questionnaire to gather more information about their ability to meet the criteria you laid out in the previous step. You’re trying to get to the bottom of questions like:

  • Can they meet your internal specifications for this item? For instance, if you need a plastic bottle, what characteristics must that bottle have? What materials must it be made from? What dimensions must it have? 

  • How many units can they make each year? Can they make enough product to meet your needs right now? Will they be able to grow with you or will you need to look for additional suppliers for this item as you produce more devices?

  • What regulations do they currently follow and what standards are they accredited to? If they’re ISO certified, you can be confident they already meet many of the requirements you’ll need them to. If they’re not ISO certified, that doesn’t mean you can’t use them, but you’ll need to include a lengthier set of questions regarding their QMS.

A detailed questionnaire helps both you and the prospective supplier. It will give them a better sense of whether or not they can do what you’re asking, and it will help you decide whether or not they meet your criteria.

4. Determine the risk involved for each supplier

For each supplier, you’ll need to determine the level of risk they represent to the product and thus the extent of your responsibilities when it comes to monitoring them. 

There are a number of ways to categorize your suppliers, but I’m partial to starting with a critical vs. non-critical framework. 

  • Non-critical suppliers have no direct or indirect relationship with the product or manufacturing processes, such as a business that supplies your stationary or caters meals for you. These are still suppliers, but they don’t have to go on your ASL.

  • Critical suppliers have a direct or indirect relationship with the product or process and they must be qualified and placed on your ASL if you want to order anything from them.  

Critical suppliers are generally broken down into three categories based on their potential impact on product safety. Although there are other ways to group them, personally, I would use a three tier approach. For example:

  • Tier 1 - Highest Risk: Includes any integral component of the device that impacts safety. Also includes contract manufacturers assembling the device. This would also include services like sterilization that impact the safety of the device.

  • Tier 2 - Medium Risk: Includes custom, device-specific components that don’t directly impact device safety. This tier also includes services like pest control and your logistics and shipping provider.

  • Tier 3 - Lowest Risk: Standard, “off-the-shelf” items. Any consultants you use that provide a service related to the product or processes would also fall under this tier.

Now, is it possible to lump all your critical suppliers into one group and still be compliant with the regulations? Sure. However, by using the tiered approach, you’re demonstrating to auditors that you understand risk and are actively using a risk-based approach to supplier management

5. Perform an onboarding audit

Your supplier questionnaire is a way for suppliers to tell you what they can do; an onboarding audit is a means of verifying the answers to that questionnaire. 

You can think of your onboarding audit like the first step of ISO certification. You’re there to ensure the supplier’s QMS meets your requirements and they can handle working with a company in a highly regulated space. 

  • Generally speaking, you’ll need to audit all of your Tier One suppliers before adding them to your ASL. After that, you would generally audit them every one to two years to ensure they are still able to supply products that meet your specifications—and do so in a manner that is compliant with regulations. 

  • Tier Two suppliers also likely need an upfront audit. However, you might audit them on a longer schedule, such as every three years. 

  • For Tier Three suppliers, you probably won’t need to audit them before onboarding them. You also won’t be expected to do ongoing audits with them unless there is cause, such as a high number of complaints or a poor supplier scorecard. 

PRO TIP: If you’re on the fence about doing an initial audit, you should probably take the leap and perform it. 

For one thing, you now have the option of doing virtual audits. And while it may not be exactly the same as being on site, you can still perform virtual audits successfully. 

But the other reason you may want to be proactive about auditing your suppliers has to do with EU MDR. I previously mentioned the provision in MDR which states that your notified body can audit your suppliers at any time. As you might imagine, that puts a lot of pressure on your suppliers.

However, if you can show your notified body that you’ve performed an initial audit of your supplier and that you’re regularly auditing them afterward, it gives the notified body less incentive to go see your supplier. That’s not to say they won’t, but it shows them you’re monitoring this supplier closely. 

6. Create formal agreements

The final thing that stands in the way of adding a supplier to your ASL is crafting a formal agreement for their services. 

Your supplier agreement is a legally binding document and it will govern your relationship for as long as you’re using that supplier. In my experience, no one thinks about the supplier agreement when everything is going well. It’s only when there’s a problem that both parties look back at the document they signed.

That’s why your agreements need to spell out more than just the price you’ll pay and the number of units the supplier will deliver. There are a number of items that should end up in your agreements, but there are three in particular I want to call out here because of their importance:

  • The quality agreement. This is the high-level overview of both your responsibilities and those of the supplier. It ensures everyone knows what they need to do and how to do it. 

  • The no-change clause. This ensures your supplier can’t make a change to the product or service without informing you a certain amount of time in advance. This absolutely must be in your supplier agreement, as it protects you from unannounced changes in what you’re receiving.

  • The audit clause. In this clause, your supplier agrees to submit to an audit from your notified body. This is an important clause because, as we touched on earlier, it ensures your notified body has the access to suppliers required by MDR and IVDR.

These are not the only elements of a formal agreement that should be in place, but they are some of the most important. 

My advice is to use Appendix 2 of this NBOG document and Annex 4 of the MDSAP Audit Model to get a good understanding of what needs to be in your agreements. The NBOG guidance is particularly useful because it’s a document that notified bodies use and it shows you exactly what they want in a supplier agreement.

Once you have a formal agreement in place, your supplier can finally go on the ASL and you can begin ordering from them.

What are some tools you can use to manage and monitor suppliers?

So, you’ve got the suppliers you need on your ASL. The entire qualification process can take months, and it’s a major milestone in getting your device to market. 

But this is really only the beginning of what will hopefully be a long and mutually beneficial relationship. Just because you’ve approved a supplier, that doesn’t mean supplier management ends there. You’re required to monitor and periodically re-evaluate suppliers to ensure the product and/or service they supply still meets your specifications.

With that in mind, let’s walk through some of the methods you’ll use to manage your relationships with suppliers.

Supplier scorecards

You’ll use a supplier scorecard to keep track of how well your suppliers are doing in terms of meeting your agreement and sending you products that meet your specifications. Basically, you’ll track certain data, such as:

  • First time in full. This is a reference to how often they send you everything you’ve requested at once, and not in partial batches.
  • Undamaged material. This refers to the state of the product when it gets to you. Is anything coming in damaged? What is the pass/fail rate on their product?
  • SCARs raised. How many supplier corrective action requests (SCARs) have you had to raise with them? How quickly are they resolved?

Once you’ve decided the performance categories you’ll use, then you need to develop a weighted scoring approach. This will ensure that you’re prioritizing what’s most important to you as you score your suppliers. 

And at the end of every month (or at least every quarter) you’ll review the scorecards and see how each supplier is doing. 

Different companies will grade their suppliers in different ways, but I’ve seen a “traffic light” approach work well here.

  • Green - They have a clean scorecard and there are no problems with this supplier.

  • Yellow - The scorecard shows that there have been some issues. You’ll need to have a conversation with this supplier and you may even need to visit them in person to look at the specific problem that’s come up, outside of a scheduled reevaluation audit.

  • Red - There are serious issues with the supplier. They need to be addressed immediately or you will need to explore potential new suppliers. 

A scorecard is a great way to ensure that you’re tracking a variety of data about each supplier, and it creates a systematic process for the ongoing monitoring of your suppliers. 

Supplier corrective action requests (SCARs)

A supplier corrective action request (SCAR) is a formal request regarding a nonconformity issue with a supplier. SCARs are generally raised in response to receiving a batch of product from your supplier that doesn’t meet your specifications upon incoming inspection. (This isn’t the only reason you might raise a SCAR with your suppliers, but it is one of the most common.) 

Now, a SCAR sounds scary, but it’s really just a request for your supplier to open a CAPA. You’re asking them to investigate the problem, find the root cause, and then take corrective and/or preventive actions to ensure it doesn’t happen again. 

This is one of the reasons it’s nice to work with a supplier that has ISO certification. You know they already have a CAPA process in place and you can be fairly confident they know how to handle a SCAR if you need to raise one. 

So, if a supplier isn’t ISO certified, that means one of the questions on your supplier questionnaire should probably be whether or not they have a CAPA process in place. 

Scheduled supplier audits

When we talked about determining the risk for your suppliers, I mentioned that your Tier One and Tier Two suppliers would need to be audited on a regular schedule. 

That schedule will be determined by the supplier agreement, and it’s a good way to ensure that your suppliers are still adhering to the standards or regulations you expect them to. Your goal here is to determine whether your process and quality management requirements are being carried out. 

For example, that may mean an inspection of their facility to ensure their clean room areas are actually sterilized and not being contaminated in some way. But you may also want to see their process for handling nonconforming products or ensuring the traceability of their products from raw material to final product. 

Your scheduled audits are also a good opportunity to follow up on any SCARs you’ve raised in the past, especially if you’ve raised the same one multiple times. It’s a chance for visual confirmation that they’ve taken action to fix the issue. 

Your formal supplier agreement

I can’t stress the importance of your supplier agreement enough. If you’ve created a thorough one that covers all your bases, it can be one of your most important tools for managing your relationship with your supplier. 

Take supplier concession requests, for instance. You may run into a situation where your supplier asks you to make a concession for a nonconforming product. This means they have a batch of your product that doesn’t quite meet your specifications, but the supplier says it will still function as necessary. The issue could be that the color is a little off or there’s a very small discrepancy in a measurement that won’t cause a problem. 

However, you, the customer, must accept or refuse to make the concession. And the whole situation will be a lot easier to resolve if you’ve stipulated how concessions should be handled in your supplier agreement. 

Should you have more than one supplier for the same part or service?

I’ll start with the short answer, which is yes. It’s not a good idea to have all your eggs in one basket. Maybe the supplier goes bankrupt. Maybe they raise their prices beyond what you can afford. Or maybe there are quality issues that become so severe you’re forced to stop doing business with them.

At that point, you may be facing months of work to qualify a new supplier and get them onto your ASL. So, unless stopping production for a few months doesn’t sound like a big deal to you, then you’ll want to have multiple sources for items or services that you need.

Working with multiple suppliers

For some parts and components, getting multiple suppliers onto your ASL shouldn’t be difficult.

“Off-the-shelf” items you can buy from dozens of suppliers will fall into your Tier Three group, and won’t require an intense supplier qualification process. But for important items with higher risk levels, it can be more difficult to navigate your supplier relationships.

However, establishing several suppliers for higher risk parts can be trickier. 

The first hurdle is figuring out how you’ll allocate your purchasing between multiple suppliers. Keep in mind that you probably won’t be able to qualify a supplier and then keep them on the ASL as backup. Few suppliers want to go through the evaluation process and an audit just to be your backup in case anything goes wrong. They want to do business with you for the hoops they’ve had to jump through. 

So, you have some options here. You could simply qualify multiple suppliers and split the supply of parts you get from them evenly. You could also use a primary supplier to cover your basic needs, and another supplier to cover your growth projections. Whatever you do, I promise you’ll be glad that you have another supplier on your ASL if things go south with one of them. 

Navigating niche suppliers and concentrated industries

It’s all well and good to say, “Get more than one qualified supplier for all your parts.” But sometimes, there’s only one supplier who can do what you need them to.

You’ll usually run into this for two reasons. First, you need a niche part or component that is difficult to source, especially at the volume you need. Second, the industry for the product you need may be heavily consolidated. It’s not uncommon to run into a company that holds a monopoly on a part or service, so they are de facto your only option.

There aren’t any easy solutions here, unfortunately, but there are a couple things you can do.

If you only have one option for a supplier, that’s a huge business risk, and you can take that into account as you consider which tier to place them in. So, regardless of the safety risk this part represents, you might place the supplier in Tier One, which requires the most careful management. By doing so, you’ll hopefully catch any issues early and use the tools from the previous section to fix them.

Your other option is to simply order more than you need, like saving for a rainy day. That way, you buy yourself some time (maybe six months to a year) to fix any issues or continue searching for another supplier before you have to stop production. 

These aren’t easy situations to navigate, but it pays to prepare for them ahead of time because it’s possible you’ll find yourself with limited options for a specific part or service at some point.

Final thoughts on supplier management for medical device companies

Supplier management requires an enormous amount of documentation. It also requires you to be able to find and access those documents quickly and easily. 

If you’re an early-stage medical device company that’s considering going with a paper-based QMS or a generic eQMS used by dozens of other industries, you should know there’s another, better option. 

Greenlight Guru’s MedTech Suite includes an eQMS built specifically for the medical device industry. With Greenlight Guru, you get a single source of truth for all your documentation, including supplier management, and you maintain closed-loop traceability throughout the entire product lifecycle. 

Greenlight Guru also helps you conduct better supplier audits, flagging certain suppliers for follow-up actions and linking to nonconformance issues to determine if you’ve had problems in the past. It all creates a highly visible system that’s easy to navigate and understand. 

Want more information on Protective Covers Supplier? Feel free to contact us.

Previous

Top Mildew-Resistant Outdoor Car Covers: Protect Your Ride!

Next

What Are The Different Types Of Motorcycle Chaps?

Comments

0

0/2000

Guest Posts

If you are interested in sending in a Guest Blogger Submission,welcome to write for us!

Your Name: (required)

Your Email: (required)

Subject:

Your Message: (required)

Join Us