DEV Community

Priya Nair
Priya Nair

Posted on

Quality culture vs quality theatre — what inspectors actually see

#qms #medtech #compliance

I’ve been on both sides of audits and surveillance reviews long enough to tell you the same story: teams can make an audit look flawless for a day, and still be a few missed trends away from a regulatory redesign. To be fair, putting on a tidy front is human — we all close out the low-effort actions before an audit. Granted, that doesn't make it acceptable under MDR 2017/745 or ISO 13485:2016.

Here’s what separates quality theatre from genuine culture in the eyes of an inspector — and practical steps you can take tomorrow to tilt the balance.

Stage vs reality: quick examples from audits

Quality theatre (what inspectors see first)

  • A polished binder or PDF labelled “Technical File” with neat page numbers but weak traceability between risk controls and verification evidence.
  • Trained personnel who can recite procedure steps but cannot point to recent records showing those procedures were followed.
  • A dashboard of perfect KPIs that masks numerous open nonconformities with vague “in progress” updates.
  • Training completion check-boxes filled in en masse the week before the audit.

Quality culture (what inspectors want to see)

  • Findings converted immediately into quality events, with clear assignment, risk priority and a traceable link to the affected item in the Technical File (Annex II).
  • Evidence that nonconformities are analysed to the depth required by ISO 13485 — not just “retrain” — and that preventive actions are considered.
  • A PMCF/PSUR cycle showing trend analysis and corrective cycles, not just one-off reviews.
  • Cross-functional discussions documented: engineering, RA, QA, and clinical where appropriate.

In practice this means inspectors are not impressed by polished presentations; they are looking for continuity, traceability and evidence of learning.

What inspectors actually look for (and why it matters)

Inspectors focus on signals that indicate systemic problems, not isolated mistakes. Typical lines of enquiry include:

  • Traceability: Can you link a complaint or vigilance report back to the risk analysis and design change that addressed it? Per Annex II, the Technical Documentation must show these links.
  • Effectiveness of corrective action: Is there objective evidence the root cause was addressed, and is this evaluated over time?
  • Records over rhetoric: Are procedures living documents, reflected in records (batch records, device history, training), or are they aspirational?
  • Trending and use of data: Do you use complaint handling, production nonconformities and PMCF data proactively?
  • Supplier oversight: Are supplier audits and incoming inspection records current and tied into your risk register?

Why it matters: if these elements are weak, notified bodies escalate clinical and performance evidence requests, and competent authorities may see vigilance and CAPA failures as grounds for more restrictive actions.

Where teams commonly trip up

  • Cosmetic fixes to CAPA: marking actions “completed” without verifying effectiveness. This is the classic theatre move.
  • Siloed evidence: QA owns CAPA, engineering owns changes, RA owns the Technical File — with no connective tissue. Annex II requires that all relevant documentation for a device be coherent.
  • Overreliance on training: retraining is a control, not a root-cause solution. ISO 13485 expects a fuller problem-solving approach.
  • Poor change impact analysis: changes issued without clear downstream checks (manufacturing, labeling, IFU). In practice this means late surprises in the Technical File or during surveillance audits.
  • KPI window-dressing: dashboards that hide open backlogs or the nature of recurring issues.

Practical steps to move from theatre to culture

  1. Make findings instantly actionable

    • Convert every audit finding, complaint, and test failure into a quality event in your eQMS the same day. That single step improves traceability and prevents “we’ll do it later” drift.

  2. Demand root-cause quality

    • Require at least two root-cause hypotheses and evidence for elimination. If your CAPA closes on “training” three times in a year for the same symptom, escalate the investigation.

  3. Link risk, change and verification

    • Use change impact mapping so every engineering change shows the affected risk items, verification evidence and updated IFU or labeling. Connected workflow reduces the chance of missing a regulatory impact.

  4. Show trend-based verification

    • Don’t just tick “CAPA effective” — show trend data over time (complaints, test results, PMCF metrics) that confirm the issue is resolved.

  5. Make cross-functional reviews routine

    • Schedule periodic reviews with RA, QA, engineering and service. Document decisions in the Technical File (Annex II) or design history file.

  6. Be honest in training records

    • Keep practical evidence: competency assessments, observed demonstrations, and linked results, not just check-box completion.

When theatre can be useful (but limited)

To be clear, rehearsals before a big audit are valuable. Mock audits expose weak spots and prepare staff. The difference is intention: rehearsal for improvement vs rehearsal to deceive. The former is cultural; the latter is theatre.

Final thought

Inspectors can and do see beyond surface polish. They triangulate—documents, records, and interviews—and the gaps stand out. If your next surveillance leaves you aiming to replicate the same tidy day, you’re building theatre. If it leaves your team with new, documented improvements and updated risk controls, you’ve built culture.

How have you changed one recurring “theatre” behaviour in your organisation into something sustainable?

Top comments (0)