talk to an expert

ISO 13485:2016


4.3 star
4.3 star
Trust Pilot Logo
4.5 star
Mouth Shut Logo

ISO 13485:2016: Quality Management Systems for the Design and Manufacture of Medical Devices

ISO 13485: 2016 specifies a quality management system requirement for an organisation that needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements.

Organisations must complete the MDSAP, or medical device single audit program, in order to obtain ISO 13485 authorisation. In many cases, however, ISO 13485 is regarded as equivalent to ISO 9001, with the addition of medical device requirements. Suppliers or external parties who provide products, including quality management system-related services to such organisations, can use ISO 13485:2016. Except where otherwise stated, the requirements of ISO 13485:2016 apply to all organisations, regardless of their size or type. Wherever requirements are stated to apply to medical devices, the requirements also apply to the organization's associated services.

While ISO 13485:2016 is still a separate document, it is compatible with ISO 9001:2008. Yes, it is 2008, not 2015. This is due to the fact that it does not adhere to the high-level structure (Annex L) of the most recent version of ISO 9001 which is 9001:2015. Furthermore, the documentation and safety requirements of ISO 13485:2016 are much higher, whereas ISO 9001:2015 focuses on customer satisfaction and continuous improvement.

Core Subjects of Social Responsibility

The ISO 26000 standard defines the fundamental topics of social responsibility. Core subjects include various issues, but each organisation's responsibility is to identify which relevant and significant issues to their stakeholders and/or need to be addressed.

Clause 6 of the ISO 26000 standard explains the seven core subjects. They are listed below and the subclause numbers that apply to them.

So, what does it mean when a company claims to be ISO 13485 certified? ISO 13485 certification denotes that a company or organization has completed the procedures and processes required to obtain an ISO 13485 quality management system and has effectively met all of the ISO 13485 requirements. ISO 13485 evaluates whether your quality management system is appropriate and powerful, while emphasizing the security and adequacy of medical devices.

The Benefits of ISO:13485 Certification

ISO 13485 has numerous advantages that cannot be overstated. Companies of all sizes have realized significant cost and time savings, as well as other benefits from an effective quality management system

The following are five of the most compelling reasons to implement ISO 13485 in your organization:

  • Improve your company’s credibility and identity
  • Evidence-based decision making
  • Continual improvement
  • Increased employee involvement
  • Enhanced customer satisfaction
  • Worldwide acceptance: The ISO 13485 standard is recognized in major markets worldwide, including the United States of America, Australia, Japan, Canada and Europe.

  • To collaborate more closely with foreign regulatory authorities and facilitate regulatory convergence on QMS
  • To provide medical device manufacturers with a more globally harmonized QMS.

Minor differences exist between the QMS regulation and ISO 13485:2016

  • Stronger QMS principles in many areas
  • Better direction
  • Improved adherence to risk management principles and ISO 14971

Very similar to ISO 9001, a strong QMS gives:

  • Expanded efficiency
  • Cost-cutting
  • Increasingly effective risk management
  • Improved probability of meeting customer requirements.

ISO 9001:2015 versus ISO 13485:2016

ISO 9001 is an international standard developed by the International Organization for Standardization (ISO) for the creation, implementation and maintenance of quality management systems (QMS). It aims to improve customer satisfaction with the quality of products or services. ISO 9001 can be followed by organizations in any industry. The standard has been revised several times, with the most recent version being ISO 9001:2015.

ISO 13485 is the international standard for medical device quality management. The most recent revision was in 2016. The ISO 13485:2016 requirements were developed with the goal of ensuring the safety of medical devices at all stages of their life cycle, including design, manufacturing, operation and disposal.

There are various similarities and differences between ISO 9001 and ISO 13485 and many businesses are interested in understanding them. We wanted to thoroughly address the differences and similarities because these are the two most important quality standards and many organizations are certified to both. Unlike ISO 13485:2016, ISO 9001:2015 adopts a new high-level structure, causing the two standards to diverge and go their separate ways. Because of this divergence, many organizations are concerned about how to implement these two standards concurrently. Acknowledging the differences and similarities facilitates the process.

ISO Audit Checklist - Audit Preparation

To ace its review when the ISO body visits, an organization must prepare well in advance. Here is a comprehensive ISO audit checklist that covers everything that is required.The EN ISO 13485 standard 'Medical devices: Quality management systems - Requirements for regulatory purposes' is commonly used by certification bodies to base their audits.

This covers the requirements that medical device manufacturers and suppliers must follow when developing, implementing and maintaining quality management systems. The standard includes customer requirements as well as regulatory requirements from the European Union (EU), Canada and other major markets around the world, in addition to QMS requirements. ISO 13485 is conceptually similar to the ISO 9001 standard. It does, however, include additional requirements for medical devices and reformulates some of ISO 9001's requirements for its own purposes.

External auditors use an ISO 13485 checklist to determine whether a company's QM system meets the standard's requirements and is thus suitable for certification. On the other hand, internal quality management teams can use such a checklist to prepare for the external ISO 13485 audit

The auditors have several objectives:

  • Check that your documentation satisfies all of the standard's requirements
  • Ensure your employees know their role in the QMS and are familiar with the ISO 13485 requirements pertaining to their organization's role
  • The procedures and processes are followed correctly.
  • Give the organizations ample time to prepare
  • 2)
  • Prepare the employees
  • 3)
  • Documented information
  • 4)
  • Processes and procedures
  • 5)
  • Prepare the facility
  • 6)
  • Internal audit
  • 7)
  • Management review
  • 8)
  • Review past internal audit findings
  • 9)
  • Review corrective action process
  • 10)
  • Pre-assessment
  • 11)
  • 2-stage certification audit.

ISO 13485 QMS - Quality Management System Documentation

Do you envision stacks of documents when you think of quality management system (QMS) documentation? Perhaps it's red tape and unnecessary procedures? It is unfortunate for some businesses who mistakenly believe that the more documents they create, the more compliant they appear to be. Don't fall into this trap with your company.

ISO 13485, as the international standard for quality management systems in the medical device industry, does, of course, necessitate specific documentation. However, that documentation serves various purposes, none of which involve making your company appear to be compliant.

The primary goal of QMS documentation is threefold:

  • To establish a firm foundation for the company's operations
  • To improve process consistency and comprehension of the quality management system
  • To demonstrate proof of the company's achievement of its goals and objectives.

Hierarchy of QMS Documentation

A typical QMS will include several documents, some of which are as follows:

  • Quality Policy:The company's commitment to quality, continuous improvement and compliance with all legal and regulatory requirements is outlined in the quality policy. It essentially lays out your company's quality goals, which are quantified and defined. Some companies use their quality policy to market themselves; you'll want to post it on the company's premises and on the website, so keep it brief.
  • Quality Manual: Clause 4.2.2 of ISO 13485:2016 states that the quality manual should include clauses applicable to the organization, given a reason for any clauses omitted. The contents of the manual and the overall structure will depend on the organization's characteristics, such as size, operational complexity and staff competencies. While a small company can probably document their entire quality management system in a single manual, a large multi-national company may need several quality manuals, plus all the other required documents.
  • Procedures and Work Instructions:Work instructions can be included in a procedure or simply referred to in the procedure. Work instructions are typically structured and covered in the same way as procedures. Still, they provide more detail about the activities that must be completed, emphasizing the sequence of steps to be followed, the tools and methods to be used and the accuracy requirements. They can also include provisions for any risk associated with the activity, how to mitigate it and its impact on safety, performance and regulatory compliance if not adequately managed.
  • Quality Plans and Records:These are the low-level documents that show that a process is in place and being carried out according to the procedure or work instruction. Inspection records, for example, show that an inspection was conducted as well as some specific findings.