ISO 13485:2016

Medical devices — Quality management systems

ISO 13485:2016

Medical devices — Quality management systems — Requirements for regulatory purposes

What is ISO 13485?
Simply put, ISO 13485 is a set of requirements defined by The International Organization for Standardization, designed to be used by medical device manufacturers as a form of quality management system.

Perhaps the medical device industry’s most popular international standard for quality management, ISO 13485 provides a framework for manufacturers to implement the Medical Device Directives while simultaneously demonstrating a commitment to the quality and safety guidelines of medical devices.

ISO 13485:2016 specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements. Such organizations can be involved in one or more stages of the life-cycle, including design and development, production, storage and distribution, installation, or servicing of a medical device and design and development or provision of associated activities (e.g. technical support). ISO 13485:2016 can also be used by suppliers or external parties that provide product, including quality management system-related services to such organizations.

Why is ISO 13485 important?

In the medical devices industry, quality management goes hand-in-hand with safety, and both are non-negotiables.

Requirements like those set out by ISO 13485 are strictly enforced throughout every stage of a medical device’s life-cycle, including stages after manufacturing like delivery, service, and maintenance.

Organizations using ISO 13485 can be involved in any stage of the medical devices life-cycle. Design, development, production, distribution, servicing; even supporting activities like maintenance and customer service.

Increasingly, ISO 13485 is becoming necessary for medical devices companies to compete for customer attention. This is because audits by customers (2nd party audits) are becoming less common due to the rise of 1st party (internal) and 3rd party (external, for certification) audits.

Why is ISO 13485 useful?

When implemented properly, ISO 13485 can be used to reap large cost and efficiency savings.
Here are some examples of how ISO 13485 can benefit your business or organization:

  • Customers will recognize ISO 13485 as a symbol of quality control and assurance.

  • Beyond public image, customers see direct benefits from the focus on customer satisfaction that ISO 13485 champions.

  • ISO 13485 is a BPM approach, which means you don’t just look at individual processes, but how they interact with one another.

  • Making “good decisions” isn’t straightforward; however, you can strive to make “better decisions” by using evidence to inform your decision-making process.

  • Continuous improvement is more than a framework; it’s a mentality that can be cultivated in a workplace environment towards common goals.

  • Adopting ISO 13485 means your workforce takes ownership for managing and innovating on the processes they’re using most often

Certification to the standard requires an organization’s quality management system to pass a third party Medical Device Single Audit Program, or “MDSAP” Audit.  For the most part:  ISO 13485 = ISO 9001 + Additional Medical Device Requirements.

While ISO 13485:2016 remains a stand-alone document, it aligns with ISO 9001:2008. (Yes, 2008, not 2015.)  This is because it does not follow the high-level structure (Annex L) of the latest version of ISO 9001 (which is 9001:2015). In addition, the documentation and safety requirements are much greater under ISO 13485:2016, whereas ISO 9001:2015 puts focus on customer satisfaction and continuous improvement.

Overview of the ISO 13485:2016 Requirements

Clause 1: Scope Talks about the standard and how it applies to organizations and: the importance of a process approach you need to include regulatory requirements of your products & services you need to have processes in place for continual improvement.
Clause 2: Normative Reference

References ISO 9000:2015 which should be used along with the standard. It outlines the Quality Management Systems-Fundamentals and Vocabulary
Clause 3: Terms and Definitions

Gives definitions used in the standard, many of which are IN ADDITION to ISO 9001:2008:

  • Active Implantable Medical Device

  • Active Medical Device

  • Advisory Notice

  • Customer Complaint

  • Implantable Medical Device

  • Labeling

  • Medical Device

  • Sterile Medical Device

Clause 4-8 are the ISO 13485:2016 requirements that need to be met within your organization to become certified to ISO 13485. 

Clause 4: General Requirements Gives requirements for the overall Quality Management System

Documentation Requirements, including:

  • Quality Manual with Scope of the QMS

  • Required Procedures

  • Required Forms & Records

  • Control of Documents

  • Control of Forms

Clause 5: Management Responsibility Gives requirements for Management’s role in the QMS

  • Management Responsibility

  • Quality Policy & Objectives

  • Customer Focus & Customer Satisfaction

  • Management Review

Clause 6: Resource Management Gives requirements for resources including:

  • Personnel & Training

  • Resource Management

Clause 7: Product Realization Gives requirements for:

  • The production of the product or service

  • Planning

  • Customer related processes and Customer Feedback

  • Design

  • Purchasing

  • Process control

  • Identification and Traceability

  • Customer Property

NOTE: Much of Section 7 is modified from ISO 9001:2008

Clause 8: Measurement, Analysis and Improvement

Gives requirements on monitoring processes and improving those processes

  • Customer Satisfaction

  • Internal Audits

  • Control of Non-Conforming Product

  • Corrective and Preventive Action

NOTE: Several items in section 8 are modified from ISO 9001:2008

Why choose ISB-K2A for ISO 13485 certification?
We provide a full range of services to support your path to certification. Our business development staff can help you and your organization understand each phase of the assessment and certification process to ensure you fully understand the ISO 13485 process and its available guidelines. Our training courses allow you to develop a thorough understanding of the complexities of complying with the standard, as well as the laws and regulations the standard helps to address.

The MDSAP is an international initiative led by Regulatory Authorities (RA) to implement a program where Auditing Organizations (AO) can conduct a single audit of a medical device manufacturer that would be accepted by multiple regulators to address QMS/GMP requirements. RAs include Australian TGA, Brazilian ANVISA, Health Canada, US FDA and Japanese MHLW

ISB-K2A works with Notified Body and Assist in achieving your MDSAP Certification. 

K2A Management-Org.png

ISO Certification Body ( ISB-K2A) is the certification division of K2A Management providing ISO certification Audits & ISO Training Service as an independent organization specializing in helping SMEs improve their businesses through providing auditing & Training services to improve their quality management systems against ISO Standards Like ISO 9001 QMS, ISO 14001 EMS, ISO 45001 OHSMS, ISO 22000 FSMS, ISO 27001 ISMS in Cambodia and other parts of the World.

United Kingdom

K2A Management Incorporated Limited

94 Spring Parklands Dudley, Birmingham 

DY1 2DL  Tel: +44 7510 018620


K2A Management Co., Ltd

#346 Street 21 BT, Sangkat Boeng Tumpun,       

Khan Mean Chey, Phnom Penh, Cambodia-12351     

Tel: +855 70460000 +855 61400700

  • K2A Management Co., Ltd
  • ISO Certification Body
  • K2A Management
  • ISO Certification Body
  • ISO Certification Body
  • ISO Certification

Copy Right© 2014 by K2A Management. 

  • Online Payment

  • ISO Certification Body
  • ISO Certifications
  • K2A Management