01
Update the quality-system gap analysis
Legacy Part 820 checklists are no longer enough. Organisations should assess the working QMS against ISO 13485-based QMSR requirements, FDA-specific provisions, device and establishment obligations, and the evidence inspectors will test.
- Confirm products, roles, facilities, outsourced processes, and regulatory scope
- Review risk management, design and development, production, validation, suppliers, complaints, and CAPA
- Address FDA record, labeling, packaging, and applicable reporting interfaces
- Test whether records demonstrate effective control rather than policy existence
02
Keep certification and inspection readiness separate
An independent certification body assesses ISO 13485 certification. FDA inspections and enforcement operate under US law and agency procedures. One robust QMS can support both, but the conclusions, authorities, and consequences differ.
03
Protect launches, transfers, and supplier continuity
The highest commercial risk often sits in design transfer, process validation, supplier changes, complaint escalation, nonconforming product, and ineffective CAPA. Fast-track readiness should prioritise these operating controls before polishing lower-risk documents.
Frequently asked questions
When did FDA QMSR become effective?
FDA states that QMSR became effective on 2 February 2026 and that the agency began using its updated medical-device manufacturer inspection process from that date.
Does ISO 13485 certification prove FDA compliance?
No. Certification can demonstrate an independently assessed medical-device QMS, but FDA requirements, inspections, registrations, submissions, reporting, and enforcement remain separate.
Does QMSR replace every FDA-specific quality requirement?
No. QMSR incorporates ISO 13485 by reference and includes additional provisions intended to align the standard with applicable FDA requirements.
Primary sources