Whitepapers
MIN READ
An audited and certified medical device quality management system issued by a third-party is often required, or strongly preferred, by regulatory authorities in most major markets such as EU, USA, Canada, Japan and Taiwan, for manufacturers that want to sell medical devices in these respective countries.
This International Standard is suitable for all sizes and types of organizations that are involved in the lifecycle of a medical device and are seeking for improvements on how they are operated and managed. It can be used by an organization for the design and development, production, installation and servicing of medical devices, and the design, development, and provision of related services.
Since the ISO 13485 International Standard is based on a process approach to quality management, apart from establishing a quality management system that complies with the standard, it is also essential to comply with product and service technical standards and regulations.
Despite the fact that ISO 13485:2003 is based on the ISO 9001:2000 quality management standard, it is still a stand-alone standard.
According to the latest ISO Survey of Management System Standard Certifications, up to the end of December 2013, at least 25, 666 ISO 13485:2003 certificates, a growth of 15 % (+3, 349), had been issued in 95 countries and economies, two less than in the previous year.
The table below summarizes the statistics of the ISO 13485 certifications around the world.
An overview of ISO 13485:2003
ISO 13485 specifies requirements where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer requirements and regulatory requirements applicable to medical devices and related services.
All requirements of ISO 13485 are specific to organizations providing medical devices, regardless of the type or size of the organization.
What is a Quality Management System?
Quality management system is defined as a set of interrelated or interacting elements to establish policy and objectives for an organization and to achieve those objectives with regard to quality.
An organization shall establish and document their quality management system for medical devices, based on the requirements of ISO 13485.
As mentioned above, ISO 13485 is based on the structure of ISO 9001, even though it is a stand-alone standard.
Despite that both standards are organized in the same way, ISO 13485 excludes ISO 9001 requirements related to continual improvement and customer satisfaction. The reasons for this exclusion are that most medical device regulations require organizations to maintain their quality management systems instead of improving them; and committee members thought that customer satisfaction was too subjective to indicate in ISO 13485.
As with all the major undertakings within an organization, it is essential to gain the backing and sponsorship of the executive management. By far, the best way to achieve this is to illustrate the positive gains of having an effective quality management process in place, rather than highlight the negative aspects of the contrary.
Today an effective quality management system is not about being forced into taking action to address external pressures, but its importance relies on recognizing the positive value of quality management when good practice is embedded throughout your organization.
Considering the well documented benefits of implementing a Quality Management System based on ISO 13485, makes the proposal easier to decide on.
Most companies now realize that it is not sufficient to implement a generic, “one size fits all” quality plan. For an effective response, with respect to maintaining the quality management system, such a plan must be customized to fit to a company. A more difficult task is the compilation of an implementation plan that balances the requirements of the standard, the business needs and the certification deadline.
There is no single blueprint for implementing ISO 13485 that will work for every company, but there are some common steps that will allow you to balance the frequent conflicting requirements and prepare you for a successful certification audit.
PECB has developed a methodology (please see example below) for implementing a management system; the “Integrated Implementation Methodology for Management Systems and Standards (IMS2)”, and it is based on applicable best practices. This methodology is based on the guidelines of ISO standards and also meets the requirements of ISO 13485.
IMS2 is based on the PDCA cycle divided into four phases: Plan, Do, Check and Act. Each phase has between 2 and 8 steps for a total of 18 steps. In turn, these steps are divided into 101 activities and tasks. This ‘Practical Guide’ considers the key phases in your implementation project from start to finish and suggests the appropriate ‘best practice’ for each one, while directing your to further helpful resources as you embark on your ISO 13485 journey.
By following a structured and effective methodology, an organization can be sure it covers all minimum requirements for the implementation of a management system. Whatever methodology used, the organization must adapt it to its particular context (requirements, size of the organization, scope, objectives, etc…) and not apply it like a cookbook.
Principal Authors:
Eric, LACHAPELLE, PECB
Besnik HUNDOZI, PECB
Share
Beyond Recognition
©2025 Professional Evaluation and Certification Board. All rights reserved.
