Members Log In to My ASQ Members Log In   View Shopping Cart Shopping Cart   Quality Progress Magazine Quality Progress Magazine Make Good Great
ASQ Store
Books &
Standards
Articles
Subscriptions		 Training &
Certification
Conferences
ASQ Gear
Certification
Printer Friendly
Biomedical Auditor

Return to Certification

Return to Training

Biomedical Auditor Certification

Body of Knowledge

Download the Certified Biomedical Auditor Body of Knowledge (PDF, 225 KB).

Included in the Body of Knowledge are subtext explanations and corresponding cognitive levels for each subtopic. These details will be used by the Examination Development Committee as guidelines for writing test questions and are designed to help candidates prepare for the exam by identifying specific content within each topic that may be tested. The subtext is not intended to limit the subject matter or be all-inclusive of what might be covered in an exam but is intended to clarify how topics are related to the role of the Certified Biomedical Auditor. The descriptor in parentheses at the end of each subtext entry refers to the highest cognitive level at which the topic will be tested. A more complete description of cognitive levels is provided at the end of this document.

In 2005, ASQ created the Certified Biomedical Auditor Body of Knowledge. See how the 2005 Body of Knowledge compares to the 2002 Certified Quality Auditor—Biomedical Body of Knowledge.

  1. Auditing Fundamentals [15 Questions]
    1. Purpose & types of audits
      Differentiate various audit types (such as product, process, system, management, compliance, first-party, second-party, third-party, internal, external, desk, department, and function) and examine how audits are used to assess organizational effectiveness, system efficiency, process effectiveness, business performance, risk management, and conformance to requirements. (Analyze)
    2. Roles and responsibilities during an audit
      1. Participants and their roles and responsibilities
        Explain the functions and responsibilities of various audit participants, including audit team members, lead auditor, client, auditee, etc. (Apply)
      2. Ethical, legal, and professional issues
        Identify and apply factors of ethical and professional conduct, concepts of due diligence/due care with respect to confidentiality, conflict of interest, credibility, independence, objectivity, and qualifications. Identify legal and financial ramifications of improper auditor actions, such as carelessness, negligence, and discovery of illegal activities or unsafe conditions. Anticipate the effect that certain audit results can have on an auditee's regulatory and civil liability. (Apply)
  2. Auditing & Inspection Processes [30 Questions]
    1. Audit preparation & planning
      1. Elements of the audit planning process
        Determine and implement steps in audit preparation and planning, such as verifying audit authority, establishing the purpose, scope, and type of audit, the requirements to audit against, and the resources necessary, including the size and number of audit teams. (Evaluate)
      2. Auditor selection
        Identify and examine various auditor selection criteria, such as education, experience, industry background, and subject-matter expertise, and the characteristics that make auditors effective, such as interpersonal skills, problem-solving skills, attention to detail, cultural sensitivity, ability to work independently and in a group or on a team. (Analyze)
      3. > Audit-related documentation
        Identify sources of pre-audit information and examine audit-related documentation, such as reference materials and prior audits. (Analyze)
      4. > Auditing tools
        Select, prepare, and use checklists, log sheets, sampling plans, and procedural guidelines in various audit situations. (Analyze)
      5. Auditing strategies
        Identify and use various tactical methods for conducting an audit, such as forward and backward tracing and discovery. (Apply)
      6. Logistics
        Identify and organize various audit-related logistics, such as travel, security considerations, and escorts. (Apply)
    2. Audit performance
      1. Opening meeting
        Describe the purpose and scope of an opening meeting, and the necessary elements for conducting such a meeting. (Apply)
      2. Data collection and analysis
        Select and apply various data collection methods, such as observing work activities, taking physical measurements, examining paper and electronic documents, etc., and analyze the results. (Evaluate)
      3. Communication techniques
        Define and apply appropriate interviewing techniques (e.g., when to use various question types, the significance of pauses and their length, when and how to prompt a response), in various situations, such as when supervisors are present, when conducting multiple interviews, and when using a translator. Identify typical conflict situations and appropriate techniques for resolving them. (Apply)
      4. Working papers
        Identify types of working papers, such as completed checklists, auditor notes, and attendance rosters, and determine their importance in providing evidence for an audit trail. (Create)
      5. Objective evidence
        Identify and differentiate various characteristics of objective evidence, such as observed, measured, verified, and documented. (Evaluate)
      6. Observations
        Evaluate the significance of observations in terms of positive, negative, chronic, isolated, and systemic. (Evaluate) [NOTE: This topic area includes general audit observation classification only; FDA classification criteria are covered in Body of Knowledge area II.E.3.]
      7. Classifying nonconformances
        Classify nonconformances in terms of significance, severity, frequency, and level of risk. (Analyze)
      8. Audit process management
        Define and apply elements of managing an audit, including coordinating team activities, reallocating resources, adjusting the audit plan, and communicating with the auditee during the audit. (Apply)
      9. Exit meeting
        Describe the purpose and scope of an exit meeting and the necessary elements for conducting such a meeting, including determining post-audit activities and who is responsible for performing them. (Apply)
    3. Audit reporting
      1. Basic elements
        Define, plan, and apply the steps in generating an audit report, including reviewing and finalizing results, organizing details, obtaining necessary approvals, and distributing the report. (Create)
      2. Effective audit reports
        Report observations and nonconformances accurately, cite objective evidence, procedures, and requirements, and develop and evaluate various components, such as executive summaries, prioritized data, graphic presentation, and the impact of conclusions. (Create)
      3. Record retention
        Identify and apply record retention requirements, including the type of documents and storage considerations, for various audits. (Apply)
    4. Audit follow-up and closure
      1. Elements of corrective and preventive action
        Identify and apply the elements of these processes, including problem identification, assignment of responsibility, root cause analysis, and recurrence prevention. (Analyze)
      2. Review of corrective action plan
        Use various criteria to evaluate the acceptability of corrective action plans, and identify and apply strategies for negotiating changes to unacceptable plans. (Evaluate)
      3. Conducting audit follow-up
        Use various methods to verify and evaluate the adequacy of corrective actions taken, such as re-examining procedures, observing revised processes, and conducting follow-up audits or re-audits. Develop strategies when corrective actions are not implemented or are not effective, such as communicating to the next level of management, re-issuing the corrective action request, etc. (Evaluate)
      4. Audit closure
        Identify and apply various elements of, and criteria for, audit closure. (Evaluate)
    5. Audit procedural references
      1. Guidelines for auditing quality systems
        Describe general auditing principles and approaches as described in the ISO 19011 standard. (Understand)
      2. Quality System Inspection Technique (QSIT)
        Explain the purpose of QSIT and its related terms, and compare QSIT to other audit approaches. Differentiate the principal subsystems of QSIT, and use and interpret QSIT sampling tables. (Analyze)
      3. US compliance programs for medical devices (FDA CPG 7382.845)
        Explain the purpose and scope of various FDA inspections, including the criteria for the FDA taking action as a result of quality system audits, and categorize observations according to FDA classification criteria. (Apply)
        [NOTE: This topic area includes FDA classification criteria only; general audit observation classification is covered in Body of Knowledge area II.B.6.]
      4. International auditing guidelines for medical devices (GHTF SG4 (99)28, GHTF SG4 (99)14, GHTF SG4 (00)3)
        Apply general auditing principles for medical device audits. Assess the adequacy of auditors' training, their qualifications to conduct audits of a medical device manufacturer's quality system, and ongoing training to maintain their qualifications. Assess an audit team's ability to read, speak, write, and understand the native language used by auditee personnel and the auditee's quality system documentation; assess the team's ability to arrange for an interpreter in advance of the audit. (Apply)
  3. Biomedical Quality Management System Requirements [50 Questions]
    1. Regulatory requirements & guidance
      1. European directive: Medical Device Directive 93/42/EEC of 14 June 1993 (Article 1)
        Interpret the applications of the directive. (Understand)
      2. US requirements (FD&C Act, sections 301-304, 501-502, 704, 518, 513)
        Identify how the FD&C Act defines and is applied to medical devices and differentiate between device classifications and pre-market requirements. Define misbranding and adulteration and the implications of each. Describe the FDA's authority to perform establishment inspections and mandate product recalls. (Apply)
      3. Labeling: 21 CFR 801, subpart A
        Apply general labeling provisions for medical devices. (Apply)
      4. Establishment registration and device listing: 21 CFR 807
        Define these requirements. (Understand)
      5. Electronic records and electronic signatures: 21 CFR 11
        Define these requirements. (Understand)
      6. FDA guideline for the manufacture of in vitro diagnostic (IVD) products (Jan 10, 1994)
        Define IVD devices and other terms related to the use of good manufacturing practices (GMPs) for IVDs. (Understand)
    2. Quality systems regulations & standards
      1. 21 CFR 820
        Identify FDA explanations and justifications for the content of the QSReg from the preamble; apply the scope and defined terms to medical devices. (Understand)
      2. ISO 9001, ISO 9002, ISO 13485, ISO 13488
        Evaluate the selection, interpretation, and implementation of these various quality system standards. (Evaluate)
      3. GHTF.SG3.N99-8
        Evaluate the selection and use of this guidance for an auditee's quality system. (Evaluate)
    3. Management controls
      Examine management responsibility for the quality system, including organization, resources, management review, quality audits, and personnel requirements. (Analyze)
    4. Design controls
      Evaluate the scope and purpose of design control elements and implementation of a design control system. Assess the design control system for compliance to the Medical Device Directive (MDD), including Essential Requirements, harmonized standards, risk analysis, and clinical investigation. (Evaluate)
    5. Corrective and preventive actions (CAPA)
      1. Existing and potential problem resolution
        Distinguish correction, corrective action, and preventive action, and explain their importance in terms of management responsibility, methods of implementing these tools, etc. Describe how trending is used as it relates to corrective and preventive action data. (Evaluate)
      2. Identification and control of nonconforming product (820.90)
        Define and apply various methods for detecting and controlling nonconforming product. (Analyze)
      3. Post-market surveillance
        Review and analyze complaint handling and servicing processes. Distinguish between vigilance and medical device reporting (MDR) requirements and processes. Evaluate the requirements and processes for product recall, corrections, removals, and medical device tracking. (Evaluate)
    6. Production and process controls (P&PC)
      1. Document and change control (820.40, 820.180-820.186)
        Identify and distinguish between device master records (DMRs), design history files (DHFs), device history records (DHRs), and quality system records. Explain document and change control. (Analyze)
      2. Purchasing controls and acceptance activities (820.50, 820.80, [including product identification & traceability] 820.60, 820.65)
        Explain the importance of having adequate controls in purchasing products, components, and services, and the use of appropriate identification and acceptance activities. (Understand)
      3. Handling, storage, distribution and installation (820.140-820.170)
        Identify the requirements for these processes. (Understand)
      4. Validation and process controls (820.70, 820.75, 820.72, GHTF.SG3.N99-10)
        Assess a validation process and production and process controls in relation to components, materials, technology, product use, industry standards, production standards, test methods, and calibration. (Evaluate)
      5. Packaging and labeling controls (820.120, 820.130)
        Identify these requirements. (Understand)
      6. Sampling techniques (820.250(b))
        Identify, interpret, and use various sampling methods, such as acceptance, random, and stratified, and define related concepts (e.g., consumer and producer risk, and confidence level), as used in the biomedical field. (Apply)
      7. Statistical techniques (820.250(a))
        Identify, interpret, and use various measures of central tendency (mean, median, and mode), and dispersion, such as standard deviation and frequency distribution. Identify appropriate rationales for statistical techniques used in the biomedical field. (Apply)
  4. Technical Biomedical Knowledge [25 Questions]
    1. Risk management
      Identify the steps necessary for risk analysis of medical devices. Identify known or foreseeable hazards for medical devices in both normal and fault conditions, and describe suitable methods for risk estimation. Evaluate risk analysis reports for completeness, and use FMEA, FTA, and other tools to assess risk in a variety of situations. (Evaluate)
    2. Sterilization
      1. Definitions
        Distinguish between aseptically processed products and terminally sterilized products. (Understand)
      2. Standards
        Identify the standards applicable to each sterilization process, including ISO 11134, ISO 11135, ISO 11137, ISO 11737, ISO 11138, ISO/TIR 13409, EN 550/552/554, and EN 556. (Understand)
      3. Methods
        Identify elements of sterilization validation, including commissioning of equipment installation and process qualification (physical and microbiological) and determine appropriateness. Identify appropriate process controls and monitors for each sterilization process and determine whether they are incorporated and documented properly. (Understand)
      4. Packaging of sterile products
        Interpret the appropriate standard for sterile product packaging, including ISO 11607 and EN 868-1. (Understand)
    3. Biocompatibility
      Define various biocompatibility terms, associated tests, and test selection rationale in accordance with ISO 10993, FDA Blue Book #G95-1, and U.S. Pharmacopoeia (USP) Classes V & VI. (Understand)
    4. Controlled environments and utility systems
      1. Controlled environments
        Apply appropriate controlled environment classes for various medical devices. Identify and interpret controlled environment specifications as required by ISO 14644 and Federal Standard 209 E. Interpret qualifications, validation, and monitoring, including cleaning, disinfection, and sanitization in terms of controlled environment specifications, classifications, and standards. Verify that appropriate training and personnel practices are in use for controlled environments. (Evaluate)
      2. Utility systems
        Recognize water, compressed gas, and HVAC utilities used in medical device manufacturing and determine whether they require qualification, validation, or maintenance according to U.S. Pharmacopoeia (USP), ISO 14644, Federal Standard 209E, or ISO 11134 standards. (Understand)
    5. Software development for products, processes, and quality systems
      Define the major elements of software development, such as requirements specifications, unit testing, integration and systems testing, verification, validation, etc., in accordance with FDA software Guidance for FDA Reviewers and Industry, (May 29, 1998), General Principles of Software Validation, 21 CFR Part 11, and ISPE Good Automated Manufacturing Practice (GAMP4) requirements. (Understand)
    6. Laboratory testing
      Review validation procedures used for laboratory test methods and determine whether they are appropriate. (Evaluate)
  5. Quality Tools & Techniques [15 Questions]
    1. Fundamental quality control tools
      Interpret and apply Pareto charts, cause and effect diagrams, flowcharts, control charts, check sheets, scatter diagrams, and histograms. (Apply)
    2. Quality improvement tools
      Interpret and apply problem-solving tools, such as root cause analysis, the six sigma model (DMAIC), lean tools, Plan-Do-Check-Act (PDCA), and corrective and preventive action (CAPA) methods. (Apply)
    3. Process capability
      Identify and interpret various process capability indices, such as Cp and Cpk. (Understand)
    4. Qualitative and quantitative analysis
      Describe and distinguish between qualitative and quantitative analyses, and attributes and variables data. (Analyze)
    5. Cost of quality
      Identify the basic cost of quality (COQ) principles, and describe the four COQ categories. (Understand)

Levels of Cognition based on Bloom's Taxonomy - Revised (2001)

In addition to content specifics, the subtext for each topic in this Body of Knowledge also indicates the intended complexity level of the test questions for that topic. These levels are based on "Levels of Cognition" (from Bloom's Taxonomy - Revised, 2001) and are presented below in rank order, from least complex to most complex.

Remember (Knowledge Level)
Recall or recognize terms, definitions, facts, ideas, materials, patterns, sequences, methods, principles, etc.

Understand (Comprehension Level)
Read and understand descriptions, communications, reports, tables, diagrams, directions, regulations, etc.

Apply (Application Level)
Know when and how to use ideas, procedures, methods, formulas, principles, theories, etc.

Analyze (Analysis Level)
Break down information into its constituent parts and recognize their relationship to one another and how they are organized; identify sublevel factors or salient data from a complex scenario.

Evaluate (Evaluation Level)
Make judgments about the value of proposed ideas, solutions, etc., by comparing the proposal to specific criteria or standards.

Create (Synthesis Level)
Put parts or elements together in such a way as to reveal a pattern or structure not clearly there before; identify which data or information from a complex set is appropriate to examine further or from which supported conclusions can be drawn.

Return to "Prepare for the exam."