Let's Talk Risk!
Let's Talk Risk! with Dr. Naveen Agarwal
LTR 48: Integrating purchasing controls across product lifecycle

LTR 48: Integrating purchasing controls across product lifecycle

Insights from a Let's Talk Risk! conversation with Kevin Posey

“Continuous lifecycle approach to risk management is still not broadly understood or applied in the industry”.

In this Let’s Talk Risk! conversation, Kevin Posey highlights a gap in the industry practice of risk management, especially in the context of purchasing controls.

Starting with the recent Boeing issue, where a cabin door in a 737 Max 9 blew open during flight, Kevin shares that there is often a disconnect between supplier risk management and product risk management in our own industry.

Many of the safety critical functionalities of a medical device rely on adequate control of purchased product through supplier controls. Yet, Supplier Quality and Product Development functions tend to operate in silos. A siloed operating model leads to device malfunctions with serious consequences in the post-market phase, that have their origin in the quality of purchased products. One area of significant vulnerability is the use of off-the-shelf products, including software, where it is sometimes not feasible to identify and implement appropriate purchasing controls.

There is a renewed focus on purchasing controls in the revised Quality Management System Regulation (QMSR), which is due to go into effect in early 2026. We have to start applying a risk-based approach to ensure compliance and manage risk to patients.

Listen to this Let’s Talk Risk! conversation with Kevin Posey, which also includes an open discussion with the audience. Jump to a section of interest using these timestamps.

00:02:05 Introduction

00:03:26 Challenges in supplier quality controls in light of recent Boeing issue

00:05:30 A renewed focus on supplier controls in QMSR

00:06:48 Disconnect between supplier risk management and product risks

00:09:50 An example highlighting challenges in supplier risk management

00:13:49 Audience Q&A

00:31:13 Closing comments and key takeaways

If you enjoyed this podcast, consider subscribing to the Let’s Talk Risk! newsletter.

About Kevin Posey

Kevin Posey is currently the Director of Regulatory Affairs and Quality Assurance at Genesys Spine. He began his career in the Aerospace and Defense industry as a systems engineer. Later he moved to the medical device industry, where he advanced his career over a span of 25+ years in leading roles at multiple organizations covering a broad range of medical specialties. He holds a BS degree in Aerospace Engineering and MBA in International Business with additional Masters level studies in Systems Engineering and Biomedical Engineering.

About Let’s Talk Risk! with Dr. Naveen Agarwal

Let’s Talk Risk! with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.


Information and insights presented in this podcast are for educational purposes only. Views expressed by all speakers are their own and do not reflect those of their respective organizations.

Let's Talk Risk!
Let's Talk Risk! with Dr. Naveen Agarwal
Every Friday, Dr. Naveen Agarwal leads a Let's Talk Risk! conversation with industry colleagues to discuss practical challenges and share best practices in risk management. In the highly regulated world of medical devices, most practitioners struggle with the "how" of risk management. Regulatory requirements are complex, confusing and ever changing. Establishing an effective risk management process that satisfies the scrutiny of regulators and auditors without creating barriers to innovation is a significant challenge in the industry. Dr. Agarwal believes that no single "expert" has all the answers, and it is only when we connect, share and learn from each other that we all become better. Let us keep learning together!