Skip to main content

ISO 13485 Requirements and Audits: “What’s the Best Way of Doing This?”

Align with the Latest Version of ISO 13485

ISO 13485 is designed to help medical device manufacturers create and respond to the latest quality management system (QMS) practices.

When it comes to ISO 13485, a medical device organization must consider multiple stages of the medical device life cycle. This includes design and development, production, storage and distribution, installation, servicing and final decommissioning different provisions of development.

Key improvements to the latest version: ISO 13485:2016

  • Expansion of the standard to all organizations involved throughout the entire product lifecycle.
  • Focus on post-market surveillance and complaint handling.
  • Focus on alignment with regulatory requirements.
  • Focus on risk management.
  • Focus on infrastructure.

Assessing your compliance with the 2016 version is the first step to updating your QMS. Our ISO 13485 experts can help you navigate this information efficiently, identify areas of need, and implement the necessary changes.

Explore our Quality Systems Services

Get Familiar with ISO 13485 Audits

There are two types of ISO 13485 audits:

Internal Audits – conducted by internal or contracted personnel trained to the ISO 13485 standard and internal procedures/requirements.

External Audits – conducted by an external certification body, supplier or customer.

The role of ISO 13485 is to ensure compliance to standards that determine alignment with safety and quality. Through an audit, your organization will be provided an objective measure of the organization’s processes and regulatory compliance with the latest version of ISO 13485.

The goal is to determine whether the QMS conforms to the specified standards and requirements while enabling your organization to produce the best possible medical device.

The main sections of an ISO 13485 audit include:

  • Quality Management Systems
  • Management Responsibility
  • Resource Management
  • Product Realization
  • Measurement, Analysis and Improvement

Conducting your first internal audit? Remember the two main parts of the audit are the documentation audit and on-site audit. Making sure that both are conducted is essential for you to implement and maintain a QMS.

Answer the Key Questions: Do You Need It? Should You Attain It?

Does My Organization Need ISO 13485?

The short answer is no. Certification to ISO 13485 is not a requirement. However, organizations can benefit from implementing the standard without certification.

Third-party certification demonstrates to stakeholders and regulatory authorities that your organization meets the requirements, and provides immense global value. Your organization can show conformity of product and…

QMS excellence.

Also consider the benefits of third-party certification where an independent certification body audits the organization’s compliance—which gives an unbiased validation that your organization’s medical device processes are top-tier.

For those seeking CE mark, it’s a different story:

A medical device company is required to pass a notified body audit and obtain the CE mark in order to sell and market a product in the EU. Learn more about European Medical Device Regulation (MDR).

We can support internal and external audits and help identify your ISO 13485 needs. QA Consulting is ISO 13485-certified and continues to obtain additional credentials, so you can feel confident that we know the process, the value, and the nuances.

Let’s start the discussion

Why Should I Consider Undergoing an ISO 13485 Audit?

The simple answer is to achieve certification. Certification to ISO 13485 audit standards, along with FDA harmonization, will enable your organization to sell and market your medical device according to the highest globally-accepted standards.

By passing an ISO 13485 audit, your organization delivers confidence to stakeholders and regulatory agencies that you can:

  • Provide medical device and related services that meet technology requirements and regulatory expectations throughout every part of the medical device’s life cycle.
  • Improve policies, processes, and procedures.
  • Manage risk while providing a competitive edge in determining the best sequence and interaction of the processes.

Attaining  this status may appear daunting, but partnering with an expert can help expedite the transition. We are ready to help you achieve ISO 13485 requirements, pass audits, and secure certification.

Why outsource to QA Consulting? Explore the benefits

Use Expert Insights to Help You Prepare for an ISO 13485 Audit

Assess and Plan

Preparation for the audit should include a gap analysis. This establishes whether your organization’s QMS meets the required standards.

An ISO 13485 audit expert can help develop and implement a plan of action. This includes:

  • Performing and interpreting the gap analysis.
  • Establishing an overall audit schedule for achieving compliance.
  • Assembling a team within the organization for delegating tasks and implementation.
  • Conducting a mock internal audit or dry run.

An ISO 13485 audit expert provides both help in certification to high standards and a necessary means of checks and balances on quality systems. It confirms that suppliers meet expectations and enables manufacturers to attain certification and maintain it over the long haul.

Learn what you need to know about audits

Prep the Documentation

ISO 13485 documentation can be intensive. As per the standard, the process should include documented statements of a quality policy and quality objectives. The quality manual must incorporate the following:

  • The scope of the QMS, including details or justifications for any exclusion or non-application.
  • The documented procedures for the QMS, or reference to them.
  • A description of the interaction between the processes of the QMS.

An ISO 13485 audit expert can ensure that the documented procedures and records required by the international standard are present. Additionally, they guarantee the records and documents determined by the organization are effective in planning, operation, and control of processes. You can add other documentation specified by applicable regulatory requirements as needed.

Learn about document control: the good, the bad, the essential

Understand the ISO 13485 Audit and Certification Timelines

An ISO 13485 audit typically takes 4-6 months to complete for organizations with fewer than 50 employees. Larger firms, or those with multiple locations, can take longer — usually 6-12 months to complete.

Once the initial audit is complete, regular surveillance audits take place once a year. Recertification audits take place every three years.

By certifying to ISO 13485 audit standards with an audit expert, your organization can dedicate more of its valuable time and resources in developing innovative medical devices rather than wading through regulations and documentation.

Select the Ideal ISO 13485 Expert and Partner for Your Team

Organizations who consider engaging with an ISO 13845 expert often wonder: Can I get the same result alone?

The reality is that most organizations find it difficult to measure the impact of regulatory and quality requirements with regard to the safety of their products. Most don’t fully consider the risks associated with being fined or shut down by the FDA.

Here is where an audit expert steps in. However, not all experts add value to your team. Every medical device is different, and every organization is unique.

The ideal ISO 13485 audit expert:

  • Offers a wealth of experience in industries, applications, and geographies similar to yours.
  • Offers customized solutions to meet client goals.
  • Anticipates potential hurdles so that solutions are implemented seamlessly.
  • Generates buy-in and synchronization at every level from The C-Level executives to quality system managers to engineers.

We’ve found that organizations save time and money in the long run by having a competent partner who specializes in ISO 13485 audit requirements and works with them on challenging issues to ensure success.

Hear from our clients

Why QA Consulting?

We are certified to ISO 13485:2016 for the following scope:

–  Medical device consulting services for quality management system implementation and maintenance,
–  Regulatory affairs,
–  Microbiology.

Preparing for external and internal audits are only one piece of the equation that QA Consulting solves.

At QA Consulting, our goal is to help medical device manufacturers efficiently ensure, confirm, and maintain compliance. We see ourselves as a partner and extension of our clients’ teams. By offering customized solutions and a wealth of expertise, we convert your time-consuming regulatory and quality assurance tasks into streamlined, value-adding processes.

Our team of ISO 13485 audit experts can help you conduct supplier and internal audits as well as prepare your team for a notified body audit. QA Consulting is the practical resource for navigating the complex auditing landscape.

Explore our Quality Systems Consulting Services