Menu Close

ISO 13485 Standard Audit Process

Product conformity is important for designing and manufacturing medical devices. Organizations find it difficult to harmonize quality standards since they vary from country to country. As a consequence, they began adhering to the Quality Management System (QMS) with ISO 13485 standard to assure the safety and quality of the medical equipment. The standard provides guidelines for manufacturers and distributors to produce high-quality medical products.

ISO 13485 Audit Process
ISO 13485 Standard Audit Process

ISO 13485 Standard

ISO 13485 is a quality management standard designed to manufacture medical devices. It is derived from the internationally recognized ISO 9001 standard but with additional features. The standard was created to assist medical device manufacturers in developing a quality management system (QMS) that creates and maintains the efficiency of their operations. It guarantees that medical devices are designed, developed, manufactured, installed, and delivered consistently and that they are safe for their intended purpose.

Benefits of ISO 13485 standard

The following are the benefits of implementing a Medical Device Quality Management System in accordance with ISO standard:

  • ISO 13485 Standard helps organizations meet all legal and regulatory requirements related to quality management.
  • Implementing ISO 13485 standard enables an organization to provide customers with quality products as per their demands.
  • It further assists in managing risks by increasing the traceability and consistency of products and services.
  • Improves the efficiency of the organization’s processes that helps in generating more revenue for the company
  • ISO 13485 is an internationally recognized standard for quality in the medical device industry. It acts as a symbol of a trustworthy company that offers high-quality products thereby improving a business’s reputation with customers, investors, suppliers, and other stakeholders.
  • Owning ISO 13485 Certification makes it easier to expand your business into new and untapped foreign markets.
  • Complying with ISO 9001 makes it easier for organizations already certified with ISO 13485.
  • The ISO 13485 standard process approach makes it simpler to find areas for improvement, such as identifying and eliminating waste, reducing mistakes, and avoiding rework, which results in increased efficiency and cost savings.

ISO 13485 auditing process

Organizations must undergo a third-party audit in order to fulfill the ISO 13485 Certification procedure. The goal of this audit is to make sure that the organization is ready for a full evaluation of its compliance which will take place at the system management center. It is done in two stages by sector/industry-specific employees and an ISO agent.

Stage 1

The Stage 1 audit is a one-day audit. During this stage, the auditor will double-check the correctness of the information provided during the application process and certify that the medical device quality management system meets the standards. Furthermore, the auditors check the progress of the MDQMS implementation while reviewing the legal compliance. The following are the documents required for stage 1 audit:

  • Quality manual
  • Company organization chart
  • Controlled list of procedures
  • Internal auditing procedure
  • CAPA procedure
  • Management review procedure
  • Internal audit schedule
  • CAPA log
  • Management review minutes

The company will receive a report identifying the area of concern at the conclusion of stage 1 audit. It also shows if the organization is ready for Stage 2. If corrective action plans are not submitted and accepted, the area of concern will be raised as non-conformances during the Stage 2 audit.

Stage 2

The purpose of the Stage 2 audit is to ensure that the medical device quality management system meets the requirements of the specified standard in practice. It might take several days and includes numerous auditors. During this stage, the auditor will document the process of the system conforming with the standard and conduct sample audits of the processes and activities defined in the certification scope. If a company does site work or has more than one location, the auditor will visit that location to assess the MDQMS efficacy. At the end of this stage, the auditor will provide a report indicating non-conformities or chances for improvement, as well as a surveillance plan and a date for the first annual surveillance visit. If there are any significant nonconformances, the ISO 13485 Certification will not be awarded until corrective action has been done and validated.

Only after completing stage 1 and stage 2 audits, the organization can obtain its ISO 13485 certificate and use it next to its registered name. The certification is valid for three years and is maintained through annual surveillance audits and recertification audits.


ISO standard is intended for organizations that designs, and manufactures medical devices and its related services. Since it is evaluated and proven as the international standard for Quality Management Systems in the medical device industry organizations are entitled to demonstrate that they comply with best practices and meet legal standards. It performs audits every year to ensure compliance with the standard and to enhance the Medical Device Quality Management System. 

Organizations looking for professionals who can demonstrate their abilities in conducting the audits, can hire ISO 13485 Lead Auditor Certification holders. Such professionals undergo intensive ISO 13485 Lead Auditor Training and receive practical insights on applying industry standard practices. Also, organizations can reap the benefits of employing certified ISO 13485 Lead Auditors as they possess the latest knowledge and skills for conducting MDQMS audits. 

Posted in ISMS

Related Articles