Search for:

What is ISO 13485?

ISO 13485 is the world’s most recognised quality management standard used by millions of organizations all over the world to continuously improves performance. By becoming certified your organization by ACM under NABCB Accreditation is making a statement about your commitment to continually and consistently meet the expectations of your customers through the improved efficiency and effectiveness of your business processes

ISO 13485:2016

focuses on risk management, performance and safety of devices

ISO 13485:2016 specifies requirements for a quality management system where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements. Such organizations can be involved in one or more stages of the life-cycle, including design and development, production, storage and distribution, installation, or servicing of a medical device and design and development or provision of associated activities (e.g. technical support). ISO 13485:2016 can also be used by suppliers or external parties that provide product, including quality management system-related services to such organizations.

ISO 13485 is a stand-alone QMS standard, derived from the internationally recognized and accepted ISO 9000 quality management standard series. ISO 13485 adapts the previous version of ISO 9001, ISO 9000:2008 process-based model for a regulated medical device manufacturing environment. While ISO 13485 is based on the ISO 9001 process model concepts of Plan, Do, Check, Act, it is designed for regulatory compliance; therefore it is more prescriptive in nature and requires a more thoroughly documented QMS.

Importance of ISO 13485:2016 in your business?

ISO 13485 is important to designers, manufacturers, and distributors of medical devices. In addition, suppliers and service providers can enhance an organization’s marketability as more and more manufacturers require certification in order to do business with a vendor.

Reason for use

While it remains a stand-alone document, ISO 13485 is generally harmonized with ISO 9001. A principal difference, however, is that ISO 9001 requires the organization to demonstrate continual improvement, whereas ISO 13485 requires only that the certified organization demonstrate the quality system is effectively implemented and maintained. Additionally, the ISO 9001 requirements regarding customer satisfaction are absent from the medical device standard.

Other specific differences include:

  • the promotion and awareness of regulatory requirements as a management responsibility.
  • controls in the work environment to ensure product safety.
  • focus on risk management activities and design control activities during product development.
  • specific requirements for inspection and traceability for implantable devices.
  • specific requirements for documentation and validation of processes for sterile medical devices.
  • specific requirements for verification of the effectiveness of corrective and preventive actions.
  • specific requirements for cleanliness of products

How to get your ISO certificate ?

  1. Application to ACM- Application for registration is made by completely updating ACM Application Form & submitting to ACM office. This provides information about your organization to ACM & so ACM can accurately define the scope of assessment.
  2. Get a Quote – We’ll give you a clear indication of the costs of gaining and maintaining certification.
  3. Assessment to ISO 13485 is undertaken by ACM – this consists of two mandatory visits that form the Initial Certification Audit (Stage 1 Audit + Stage 2 Audit). Please note that you must be able to demonstrate that your management system has been fully operational for a minimum of three months and has been subject to a management review and full cycle of internal audits.
  4. Certification to ISO 13485 is issued by ACM and maintained through a program of annual surveillance audits and a three yearly recertification audit.

Benefits of implementing ISO 13485:2016 in your business?

Expanded market access – National regulatory authorities require or strongly prefer that manufacturers marketing medical products in their countries have a third-party audited and certified management system in place. Investing in such a system speeds access into those countries that require it, and expedites market entry into the others.

Reduced cost of sales – Your certification establishes your company’s credibility and commitment to quality. Because the task of explaining the specifics and demonstrating the effectiveness of your quality system is more straightforward, it takes less time to earn your prospective customers’ trust and confidence.

Improved performance – Based on a uniform and widely-accepted system of process control, your company’s certified management system helps you improve your products and processes. This can foster improved relationships with your suppliers, business partners, and customers, and give you a real advantage in the marketplace.

ISO 13485 Certification Principles:

  1. Customer focus – aiming to improve for the betterment of the interested parties and customer, this will help one sustain customer, increase customer base, makes sure to communicate their needs and expectation by monitoring throughout the organization
  2. Leadership – to achieve quality objectives leaders need to establish unity of purpose which is by aligning its strategy, policies, procedure and resource this will lead to better coordination of the organization’s processes one needs to establish a culture of trust and integrity, provide people with the required resource, training, authority to act with accountability
  3. Engagement of people – for efficiency involve people of all levels, this can be done by communicating with the employees their needs in the organization, sharing knowledge, and experience, recognizing people’s contribution, learning, and improvement.
  4. Process approach – when activities are understood and then executed then the efficiency of the delivered output will increase, by understanding organizations’ capabilities and determining resource constraints prior to action.
  5. Improvement- improvement is important for an organization to maintain the current level of performance and to even keep on developing, this can be done by giving proper training and letting them understand that how does a work happens with that track, review and audit planning, implementation, recognize and acknowledgment, which will result into anticipation of internal and external risks and opportunity, improved process performance.
  6. Evidence-based decision making – learn from mistakes, it is simply that decisions should be driven from evaluation of data, this will help one take better efficient solutions adding more, intuitions should never be neglected.
  7. Relationship management – manage relations with relevant interested parties such as providers, one can achieve by keeping a well-managed supply chain that provides a stable flow of products and services, determining interested party’s relationship that needs to be managed,

PDCA Cycle

  • Plan – to think that what do we need to achieve in our organization
  • Do – to execute a planned action which will help us achieve the required objective
  • Check – monitor against the standards) (policies, objectives, requirements)
  • Action – finally implementing what has been rechecked.


ISO 13485 FAQ

What is the aim of ISO 13485 Certification?

ISO 13485 certification is globally recognized for the efficiency and effectiveness of the quality management system for medical devices on the basis of ISO 13485 standard. It aims to provide superior medical devices that meet and fulfill the customer’s requirements establishing a better relationship with them.

How is the external audit of ISO 13485 done?

Generally the following key steps/process are followed in external certification body audit:

Selection: Choose a reputable certification body accredited for ISO 13485 audits.
Planning: Certification body Schedule the audit and communicate their expectations and requirements.
Documentation review: Certification body auditors examine your quality management system documentation to ensure compliance with ISO 13485 standards.
On-site audit: Certified auditors visit your facility to assess processes, procedures, and implementation of the quality management system.
Interviews: Auditors conduct interviews with personnel to verify understanding and implementation of quality processes.
Observations: They observe processes and activities to confirm adherence to ISO 13485 requirements.
Non-conformity identification: Any discrepancies found are documented as non-conformities.
Reporting: Auditors provide a report detailing findings, including any non-conformities and areas for improvement.
Corrective action: If non-conformities are identified, you must take corrective action and provide evidence of resolution.
Certification: Upon successful compliance, the certification body issues an ISO 13485 certificate, demonstrating your organization’s commitment to quality management in medical devices.

What is the latest version of ISO 13485 Certification?

ISO 13485:2016 is the latest version of ISO 13485 Certification which was published in March of 2016. It focuses on providing superior medical devices and other related devices that consistently fulfills customers expectations.

How can I get an ISO 13485 certificate?

Generally the following processes must be adopted by you for the planning, preparation & Auditing process to attain an ISO 13485 certificate:

1. Understand the requirements: Familiarize yourself with ISO 13485 standards and compliance criteria.
2. Gap analysis: Evaluate your current quality management system against ISO 13485 requirements to identify areas needing improvement.
3. Implement changes: Update your quality management system to meet ISO 13485 standards, including documentation and processes.
4. Training: Provide training to employees on ISO 13485 requirements and their roles in maintaining compliance.
5. Internal audits: Conduct regular internal audits to assess adherence to ISO 13485 standards and identify areas for improvement.
6. Corrective actions: Address non-conformities found during internal audits and implement corrective actions to prevent recurrence.
7. Management review: Hold regular management reviews to evaluate the effectiveness of your quality management system and make necessary adjustments.
8. Certification audit: Select a reputable certification body to conduct an independent audit of your quality management system for ISO 13485 compliance.

How much does it cost for ISO 13485 certification?

The cost of ISO 13485 certification varies from one organization to another. Basically, when you approach an internationally accredited certifying body for ISO Certification and they approve your management systems and all your processes, they will then quote an amount for the certificate. Moreover, the cost for achieving ISO certification depends mostly on your organization, such as the no. of employees in your organization, No. of branches your organization has, and many more.

How long is an ISO 13485 certificate valid for?

Basically, an ISO Certificate is valid for three years. And during this time period of three years, a surveillance audit is conducted on an annual basis to ensure that ISO quality standards are being maintained by the organization.

How do I maintain ISO 13485 certification?

Just because you received an ISO 13485 certification, your task is not complete. For proper functioning of the management system, you need to maintain the ISO 13485 certification. For that, your company has to continually undergo an annual surveillance audit for the period of three years. After completion of the validity period, you need to get recertified.

Follow by Email