Visure Solutions

Start Free Trial

ISO 13485: Definition, Compliance, Tools, and Certifications

Table of Contents


A Medical Device is any product or machine that is intended to be used in the diagnosis, prevention, and treatment of a disease or any other medical condition. 

“Safety and Quality”, are two things that can not be jeopardized in the medical device industry. So, for the organizations involved in this industry of designing, producing, installing, and maintaining medical devices, ISO 13485 was formed. ISO 13485 is an internationally agreed quality management system that sets out the requirements for quality management specifically in the medical device industry. 

ISO 13485: Newest Version

The recent updates to the ISO 13485 standard contain a few small changes, but the most prominent among them is the greater focus on risk and risk management. With these revised requirements now in place, manufacturers of medical devices are expected to take a risk-based approach when controlling their quality management processes. Additionally, top executives at these companies should also be taking risks into consideration when making decisions about both their organization’s quality objectives and overall business goals.

The newest version of ISO 13485 was published in March 2016. And, the most significant changes from the 2003 version are:

  • Annex SL – The High-Level Structure (HLS) and an identical core text for ISO 9001 and all other new and revised ISO standards.
  • Risk-based approach – Risk management activities throughout the product lifecycle.
  • Customer Satisfaction – Greater focus on measuring customer satisfaction and monitoring product safety after delivery.

What is a Quality Management System?

A quality management system (QMS) is “a formalized system that documents processes, procedures, and responsibilities for achieving quality policies and objectives.” A QMS helps coordinate and direct an organization’s activities to meet customer requirements. And, ISO 13485 is a quality management system standard specifically for the medical device industry.

Benefits of Implementing an ISO 13485 Quality Management System

  • Saves time and money by preventing mistakes and improving efficiency
  • Increases customer satisfaction by delivering products that meet their requirements
  • Improves communication between departments and personnel
  • Creates a culture of continuous improvement by encouraging employees to suggest ways to improve the QMS
  • Reduces liability risks by having a documented QMS that meets international standards
  • Demonstrates compliance with international regulations such as the FDA’s Quality System Regulation (QSR) for medical devices sold in the United States.

Why Adopt ISO 13485?

There are many benefits of adopting ISO 13485 for any organization. Some of them are listed below:

  • It helps to develop a quality management system for the manufacture of safe and effective medical devices. 
  • It improves organizational efficiency and effectiveness. 
  • It helps to establish a sound basis for continual improvement of processes. 
  • It facilitates mutual recognition of quality systems by regulatory authorities around the world. 
  • It enhances customer satisfaction by providing products that meet their requirements and expectations.

Adopting ISO 13485 is beneficial for any organization involved in the manufacture of medical devices or related services. It helps to develop a quality management system that is efficient and effective. It also facilitates mutual recognition of quality systems by regulatory authorities around the world.

Purpose of ISO 13485

ISO 13485 was developed by the International Organization of Standardization (ISO) in order to outline the standards for Quality Management Systems (QMS) that must be kept in mind while designing and developing medical products.

The standard ISO 13485 helps organizations define a framework for a quality management system for the development of medical equipment and devices and further encourages the development process to move in the right direction. It is not like another addition to complications. It is actually more of a helping hand for standardizing and systemizing the development of medical devices. The standard also helps in streamlining the processes and position of the organization for a better future with regulated outcomes. 

A survey conducted by the ISO 13485-certified organizations shows that the companies that have adopted the standard continue to show a positive trend in the market on a global level. 

Characteristics of ISO 13485

The latest ISO-13485 2016 version has some updates in comparison with the 2003 version. The major changes include a focus on risks, certification of management responsibilities, clarification on training responsibilities, improvement in facility requirements, better design alignment, more emphasis on supplier control, and more. 

There are overall 8 clauses in the new ISO-13485 with 77 mandatory documents and records. The newer version would bring

  • Alignment of the global regulatory requirements
  • Incorporation of risk management decisions throughout the quality management system
  • Additional clarity on design activities, verification, and validation
  • Enhanced focus on feedback mechanisms
  • Adding more explicit requirements for software validation for different applications.

Requirements for adherence to ISO 13485

Adoption of ISO 13485 may look complex and daunting but is quite easy. All you have to do is stick to the necessary documents and requirements. The mandatory documents include:

  • Control of documents
  • Control of records
  • Internal audit
  • Control of non-conforming products
  • Corrective and preventive actions
  • Validation of computer software
  • Customer specifications (for manufacturing, inspection, packaging, and delivery)
  • Monitoring and measurement
  • Servicing and installation (if applicable)
  • Management review
  • Work environment and contamination control
  • Design and development
  • Validation of sterilization and sterile barrier systems (if applicable)
  • Identification and traceability
  • Preservation of product
  • Calibration or verification for measuring equipment
  • Feedback and complaint handling
  • Reporting to regulatory authorities
  • Advisory notices rework data analysis.

Steps to Adopt ISO 13485

There are 4 simple steps to adopting ISO 13485 standard.

  • Learn about what ISO 13485 actually is. If you know what exactly are you working on, it will be easier to manage the team properly. 
  • Perform Gap Analysis. This is for organizations that have already been working according to ISO 13485. Now, they must align their developing developed systems to the requirements of ISO 13485 and identify the gaps between them. 
  • Now, develop all the processes to meet the requirements of the standard. Once the development is done, the team needs to document the progress and changes in proper form for QMS. 
  • Now, work on QMS. once all the changes and documentations are in place, the team can actively use QMS for some time before applying for audits or certifications. This will help identify additional gaps in QMS. 

ISO 13485 Vs ISO 9001

While both standards focus on the quality management system, there are some key differences between them.

  • ISO 9001 is more general and can be adopted by any organization while ISO 13485 is specific to medical devices and related services. 
  • The new version of 9001 is now more risk-based while the old versions were process-based. On the other hand, 13485 has always been risk-based. 
  • There are some additional clauses in 13485 that are not present in 9001 such as design and development, sterilization, validation of software for medical devices, etc. 
  • Certification for ISO 9001 is not mandatory in most countries but certification for ISO 13483 is a must in European countries for selling medical devices.

ISO 13485 Certification

In order to be able to achieve the ISO 13485 certification, the QMS of an organization must satisfactorily pass the Medical Device Single Audit Program (MDSAP) which is performed by a third party. For an organization to be able to meet the certification of standard, it must already be certified to ISO 9001:2008 and should also be able to meet the additional medical device requirements. The organizations that complete the certification will be able to demonstrate to the regulator’s full comprehension of the standard. 

In order to pursue the ISO 13485 certification, an organization must follow the steps to successfully implement the quality management system. After that, the organization can contact the certification body and request an audit for analyzing the company’s performance in accordance with the standard. We suggest you recertify every three-year gap to maintain the current status of your organization. 

Visure Requirements ALM Platform

Visure Solutions is currently working hard toward providing industry-specific solutions in the field of Requirements Engineering that allows us to identify, propose and support the new trends of increasingly competitive markets. We intend to reach a compromise between our client’s current needs and the technology required to meet these. Visure guarantees medical device development standards and regulation compliance with ISO 13485. Visure also provides solid integration with MS Office and other legacy tools like Jira and IBM DOORS. This allows our customers to easily export and import data from other platforms and implement the FMEA process effectively. Our customers trust us to Save their time and guarantee consistency by performing complete change impact analysis through end-to-end traceability and suspect links and also deal with the complexity of product lines and variants through component reuse. 


ISO 13485 is a quality management system that helps medical device manufacturers create products that are safe and effective. It is based on the characteristics of excellence, risk prevention, and continuous improvement. To adhere to the standard, manufacturers must meet rigorous requirements for documentation, design controls, process validation, and more. The Visure Requirements ALM Platform can help you meet these requirements and adopt ISO 13485 in your organization. Request a free 30-day trial today to see how our platform can help you improve product quality and compliance.

Don’t forget to share this post!

IBM Rational Doors Software

The High Cost of Poor Requirements Management

June 06th, 2024

11 am EST | 5 pm CET | 8 am PST

Louis Arduin

Louis Arduin

Main Speaker

Impact & Solutions for Inefficient Requirements Management

Explore the significant impact that inefficient requirements management practices can have on project costs and timelines.