ISO 13485:2016
Medical devices — Quality management systems — Requirements for regulatory purposes
Standard Introduction
ISO 13485:2016 is an active standard published by International Organization for Standardization (ISO). It is commonly used across Medical Devices, Healthcare and applies in Global.
Use this page to review the official documentation, current status, and the certification or assessment bodies most commonly associated with ISO 13485:2016.
Medical Device Specific
Unlike general ISO 9001, this standard is tailored specifically for medical device organizations — addressing regulatory requirements, risk management, and product safety throughout the entire lifecycle.
Risk-Based Approach
Requires risk management to be applied throughout product realization, from design and development through production, storage, distribution, and post-market surveillance.
Global Regulatory Recognition
Recognized by regulatory authorities worldwide including the EU (MDR/IVDR), Canada (CMDCAS), Japan (JPAL), Australia (TGA), and Brazil (ANVISA) — with over 32,000 valid certificates globally.
list_alt Key QMS Requirements
- Quality management system documentation and control
- Management responsibility and commitment
- Resource management and competence
- Product realization planning and risk management
- Design and development controls with verification and validation
- Purchasing and supplier controls
- Production and service provision with process validation
- Monitoring, measurement, and corrective/preventive action
Who Needs to Comply?
Any organization involved in the design, development, production, storage, distribution, installation, servicing, or disposal of medical devices and related services — including component suppliers, contract manufacturers, and sterilization service providers.
Key Requirements
Design & Development Controls
Establish and maintain procedures for design planning, inputs, outputs, reviews, verification, validation, and transfer. Maintain a design history file documenting the entire development lifecycle.
Risk Management
Apply risk management throughout product realization per ISO 14971. Identify hazards, estimate and evaluate risks, implement controls, and verify their effectiveness. Maintain risk management files.
Process Validation
Validate production and service processes where resulting output cannot be fully verified by subsequent inspection or testing — including sterilization, software validation, and cleanroom processes.
Traceability & Post-Market Surveillance
Maintain traceability records for each medical device or batch. Establish procedures for complaint handling, adverse event reporting, and post-market surveillance to identify improvement opportunities.
Supplier Controls
Evaluate and select suppliers based on their ability to meet requirements. Establish purchasing specifications, verify purchased products, and maintain records of supplier performance and approved supplier lists.
Penalties & Enforcement
ISO 13485 is voluntary, but certification is effectively mandatory for market access in most jurisdictions. Loss of certification can prevent marketing medical devices in the EU (MDR), Canada, Japan, Australia, and other regulated markets. Regulatory authorities may halt production or issue recalls.
Official Documentation
Official PDF for ISO 13485:2016
Official publication or summary for ISO 13485:2016
Official online resource
International Organization for Standardization (ISO) guidance and reference material
Implementation toolkit
Templates, guidance, or companion resources for ISO 13485:2016