ISO 13485:2016
Get Started
ISO 13485:2016: Quality Management Systems for the Design and Manufacture of Medical Devices
ISO 13485:2016 defines the quality management system requirements for organisations that must prove their capability to deliver medical devices and related services that consistently meet both customer expectations and regulatory standards.
To receive ISO 13485 approval, organisations must go through the Medical Device Single Audit Program (MDSAP). In many situations, ISO 13485 is viewed as an extension of ISO 9001, enriched with additional requirements specific to medical devices. The standard can also be used by suppliers or external partners who provide products or QMS-related services to such organisations. Unless specifically mentioned otherwise, the requirements of ISO 13485:2016 apply to organisations of every size and type. Whenever the standard refers to medical devices, those requirements also apply to the relevant services offered by the organisation.
Although ISO 13485:2016 remains a separate standard, it aligns more closely with ISO 9001:2008—not ISO 9001:2015. This is because it does not follow the updated High-Level Structure (Annex L) introduced in ISO 9001:2015. Additionally, ISO 13485:2016 has stricter documentation and safety expectations, whereas ISO 9001:2015 places greater emphasis on customer satisfaction and continuous improvement.
Core Subjects of Social Responsibility
Benefits of ISO 13485 Certification
ISO 13485 provides numerous advantages, offering measurable improvements across quality, efficiency, and compliance. Organisations of all sizes often achieve significant reductions in cost, time, and operational errors through a well-implemented QMS.
Below are some of the strongest reasons to adopt ISO 13485:
Key Advantages
Strengthens organisational credibility and brand reputation
Promotes decisions based on evidence and accurate data
Supports continual improvement across all processes
Encourages greater employee participation and accountability
Enhances overall customer satisfaction
Global Acceptance
ISO 13485 is recognised in major global markets such as the United States, Japan, Canada, Australia, and Europe. This recognition helps organisations work more closely with foreign regulatory bodies and supports a more unified global approach to medical device quality management systems.
Additional Benefits
Facilitates collaboration with international regulators
Provides a harmonised QMS framework for medical device manufacturers
Aligns closely with QMS regulations, with only minor variations
Strengthens key QMS principles across multiple areas
Offers clearer guidance throughout the implementation process
Enhances compliance with risk management guidelines, particularly ISO 14971
Similarities to ISO 9001
Just like ISO 9001, a strong QMS under ISO 13485 leads to:
Improved efficiency
Reduced operational costs
More effective risk management
Higher chances of meeting customer expectations consistently
ISO 9001:2015 versus ISO 13485:2016
ISO 9001 is a global standard created by the International Organization for Standardization (ISO) to guide the development, implementation, and maintenance of quality management systems (QMS). Its primary goal is to enhance customer satisfaction by ensuring consistent quality in products and services. ISO 9001 is applicable to organisations across all industries. Over the years, the standard has undergone several updates, with ISO 9001:2015 being the most recent edition.
ISO 13485, on the other hand, is the international standard specifically designed for quality management in the medical device sector. The latest update, ISO 13485:2016, was created to ensure the safety and reliability of medical devices throughout their entire life cycle—from design and production to usage and disposal.
Many organisations want to understand how ISO 9001 and ISO 13485 are alike and where they differ, as both standards play a crucial role in quality assurance. Since a large number of companies hold certifications for both, understanding the interaction between the two is essential. Unlike ISO 9001:2015, ISO 13485:2016 does not follow the updated high-level structure, leading the two standards to diverge in several areas. This divergence often raises concerns for organisations implementing both systems simultaneously. Knowing their key similarities and differences helps ensure smoother adoption and better alignment of the two quality management frameworks.
ISO Audit Checklist - Audit Preparation
To secure a successful outcome during an ISO inspection, an organisation must be fully prepared well before the audit takes place. Below is a refined and detailed ISO audit checklist that highlights all essential areas. Certification bodies typically rely on the EN ISO 13485 standard, “Medical Devices – Quality Management Systems: Requirements for Regulatory Purposes”, as the foundation for their auditing process.
This standard outlines the obligations that medical device manufacturers and suppliers must meet when creating, implementing, and maintaining their quality management systems. It incorporates both customer-focused requirements and regulatory expectations from major markets such as the European Union (EU), Canada, and others—alongside core QMS guidelines. Although ISO 13485 shares a conceptual framework with ISO 9001, it introduces additional medical device–specific requirements and modifies some ISO 9001 clauses for regulatory alignment.
External auditors utilise an ISO 13485 audit checklist to evaluate whether an organisation’s quality management system satisfies all required criteria and is eligible for certification. Meanwhile, internal quality teams can refer to this checklist to ensure they are thoroughly prepared for the official audit.
The auditors aim to achieve several key objectives:
- Check that your documentation satisfies all of the standard's requirements
- Ensure your employees know their role in the QMS and are familiar with the ISO 13485 requirements pertaining to their organization's role
- The procedures and processes are followed correctly.
ISO 13485 QMS - Quality Management System Documentation
When you picture Quality Management System (QMS) documentation, you might imagine piles of files, endless procedures, or unnecessary bureaucracy. Unfortunately, many organisations fall into the trap of thinking that creating more documents automatically makes them appear more compliant. This is a misconception you should avoid.
ISO 13485, the global standard for quality management systems in the medical device sector, certainly requires specific documentation. But these documents have a clear purpose—none of which involve creating paperwork just for the sake of compliance.
The core purpose of QMS documentation can be summarised in three main objectives:
1. To build a strong operational foundation for the organisation
2. To enhance consistency and improve understanding of the quality management system
3. To provide verifiable evidence that the organisation is meeting its defined goals and objectives
Hierarchy of QMS Documentation
A typical QMS will include several documents, some of which are as follows:
- Quality Policy: A company’s quality policy outlines its commitment to delivering excellence, driving continuous improvement, and adhering to all regulatory and legal obligations. It essentially defines the organisation’s measurable quality objectives. Many businesses also use this policy as a branding tool—so it is usually displayed within the workplace and published on the company website. For this reason, the policy should remain clear, concise and straightforward.
- Quality Manual: As stated in Clause 4.2.2 of ISO 13485:2016, the quality manual must include the clauses that apply to the organisation, along with a justification for any excluded clauses. The structure and content of the manual depend on several factors such as the company’s size, operational complexity and employee skill levels. A smaller business may be able to document its entire QMS within a single manual, whereas larger multinational organisations often require multiple manuals along with additional supporting documents.
- Procedures and Work Instructions: Work instructions may be included directly within procedures or referenced as separate documents. While they follow a similar structure to procedures, they provide more detailed guidance on how specific tasks should be performed—covering step-by-step actions, tools and techniques required, and accuracy standards. Work instructions may also address any associated risks, mitigation strategies and how improper execution might impact safety, performance or regulatory compliance.
- Quality Plans and Records: These operational-level documents provide evidence that processes are being followed in line with the relevant procedures or work instructions. For example, inspection records verify that an inspection occurred and outline the key observations made during the process.
