Strahinja Stojanovic Updated: September 19, 2023.
The new ISO 13485 is based on ISO 9001:2008, which means that the ISO 13485 2016 documentation requirements are based on the requirements of the previous version of ISO 9001, with the addition of documents specific to the medical device industry.
So, here is the list – below, you will see the mandatory ISO 13485 documents, but also keep in mind that the QMS (Quality Management System) documentation consists of not only the mandatory documents, but also other ISO 13485 documents specified by applicable regulatory requirements.
Some of the key ISO 13485 documentation requirements
- Quality Manual
- Responsibilities and authorities
- Medical device file
- Procedure for document control
- Procedure for design and development
- Procedure for validation
ISO 13485 documentation requirements
Here are the required ISO 13485 documents, categorized according to the clauses of the standard. (Please note that some of the documents will not be mandatory if the company does not perform relevant processes related to ISO 13485 documentation requirements):
Standard clause 4. Quality management system
- Roles undertaken by the organization under applicable regulatory requirements (clause 4.1.1)
- Procedure and records for the validation of the application of computer software (clause 4.1.6)
- Quality Manual (clause 4.2.2)
- Medical device file (clause 4.2.3)
- Procedure for document control (clause 4.2.4)
- Procedure for record control (clause 4.2.5)
Standard clause 5. Management responsibilities
- Quality policy (clause 5.3)
- Quality objectives (clause 5.4.1)
- Responsibilities and authorities (clause 5.5.1)
- Procedure and records for management review (clause 5.6.1)
Standard clause 6. Resource management
- Procedure for training (clause 6.2)
- Requirements for infrastructure and maintenance activities (clause 6.3)
- Requirements for work environment (clause 6.4.1)
- Arrangements for control of contaminated or potentially contaminated products (clause 6.4.2)
Standard clause 7. Product realization
- Process for risk management in product realization (clause 7.1)
- Outputs of product realization planning (clause 7.1)
- Records of the results of the customer requirements review and actions arising from it (clause 7.2.2)
- Arrangements for communication with customers (clause 7.2.3)
- Procedure for design and development (clause 7.3.1)
- Design and development planning (clause 7.3.2)
- Design and development outputs (clause 7.3.4)
- Records of design and development review (clause 7.3.5)
- Design verification plans, results and conclusions (clause 7.3.6)
- Design validation plans, results and conclusions (clause 7.3.6)
- Procedure for transfer of design and development outputs to manufacturing (clause 7.3.8)
- Procedure and records for control of design and development changes (clause 7.3.9)
- Design and development file (clause 7.3.10)
- Procedure for purchasing (clause 7.4.1)
- Criteria and records for evaluation and selection of suppliers (clause 7.4.1)
- Record of verification of purchased product (clause 7.4.3)
- Record for each medical device or batch that provides traceability (clause 7.5.1)
- Requirements for cleanliness of product (clause 7.5.2)
- Requirements for medical device installation and acceptance criteria for verification of installation (clause 7.5.3)
- Records for medical device installation and verification of installation (clause 7.5.3)
- Procedure and records for servicing of the medical device (clause 7.5.4)
- Records of sterilization process (clause 7.5.5)
- Procedure and records of production and service provision process validation (clause 7.5.6)
- Procedure and records for validation of process for sterilization and sterile barriers systems (clause 7.5.7)
- Procedure for product identification (clause 7.5.8)
- Procedure for traceability (clause 7.5.9.1)
- Records of traceability and name and address of the shipping package consignee (clause 7.5.9.2)
- Report on changes on customer property (clause 7.5.10)
- Procedure for preserving the conformity of the product (clause 7.5.11)
- Procedure for monitoring and measuring (clause 7.6)
- Record of calibration (clause 7.6)
- Procedure and records for validation of the application of computer software used for monitoring and measuring (clause 7.6)
Standard clause 8. Measurement, analysis and improvement
- Procedure for customer feedback (clause 8.2.1)
- Procedure and records for complaint handling (clause 8.2.2)
- Records of reporting to regulatory authorities (clause 8.2.3)
- Procedure for internal audit (clause 8.2.4)
- Records of audits and their results (clause 8.2.4)
- Identity of the person authorizing the release of the product (clause 8.2.6)
- Procedure and record of control of the nonconforming product (clause 8.3.1)
- Records of rework (clause 8.3.4)
- Procedure and records for data analysis (clause 8.4)
- Procedure and records for corrective action (clause 8.5.2)
- Procedure and records for preventive action (clause 8.5.3)
The importance of documentation
The purpose of the documentation in the QMS is to ensure that critical processes, where you need to make sure that all employees consistently do the same thing, are understood and repeatable. To make this work, it is wise to have these processes as uncomplicated as possible and presented in the simplest manner to make them easy to understand. Often, using a graphical flow chart can suffice to relay all the relevant information quickly and easily. The less complicated the process documentation, the easier it will be to ensure that all employees can deliver repeatable, quality outcomes for the processes. In the long run, the adage is often right: “The simpler, the better.” And this is what the importance of ISO 13485 good documentation practices is all about.
For more about the ISO 13485 documentation requirements, download this free white paper: Checklist of Mandatory Documentation Required by ISO 13485:2016 to see the structure of each mandatory document.
Waqas Imam