ISO 13485 – Revision 2016

This year’s publication of the ISO 13485:2016 has once again brought movement into the topic of quality management for medical devices. Even though the changes are not as severe as some thought they would be the stagnation with regard to the choice of structure comes as a bit of a surprise.

Whereas the structure of the previous DIN EN ISO 13485:2012 corresponded to that of the ISO 9001:2008, the new High Level Structure of the ISO:9001:2015 was not implemented in the new ISO 13485:2016. The growing influence of the US-American FDA’s 21 CFR, however, is even more apparent than before.


The give and take between the ISO standards and the FDA is best explained by comparing the prerequisites and chapters of these two governing publications. The matching chapters, for example, include traceability (FDA: CFR 820.65 -> ISO: chapter 7.5), training management (FDA: CFR 820.25 -> ISO: chapter 6.2), and document management (FDA: CFR 820.40 -> ISO: chapter 4.2), as well as gauge management (FDA: CFR 820.72 -> ISO: chapter 7.6), and supplier management (FDA: CFR 820.50 -> ISO: chapter 7.4). The FDA’s influence on the ISO standard becomes clearest when one looks at the changes in chapter 7.5.8 of the ISO standard. This chapter explicitly refers to the Unique Device Identification System (UDI) which is described in detail in the FDA’s 21 CFR Part 830 and is already in use.

Industry 4.0 and Digitalised Production

This fact along with a greater focus on topics such as software validation in the ISO 13485:2016 appear to underline the need for more digitalisation and data transparency in the international medical device business. Apart from the requests by governing bodies and standards, it is also the desire for Industry 4.0, cyber physical systems, and the internet of things (IoT) that is increasingly driving the degree of digitalisation in the quality management sector. In order to be fit for the future, there is no way around the application of powerful and fully integratable software solutions.

CAQ-Solutions for Quality Management

Today’s highly complex quality management requirements can no longer be mastered with pen & paper or MS Excel alone – sophisticated software solutions are becoming a necessity. This is where CAQ-systems like CAQ.Net come into play. By fulfilling the requirements of areas such as document management, training management and gauge management as well as risk management, CAPA, and supplier management, CAQ.Net provides everything that is needed for quality management and quality assurance in the medical device sector.

Compliance Management with CAQ.Net

The individual management tools of CAQ.Net can moreover be used for compliance management purposes. Compliance management encompasses the adherence to applicable laws and guidelines as well as a company’s own Codes of Conduct. The main goals of compliance management include minimizing risks and increasing efficiency and effectivity. Being able to prove compliance with the requirements of e.g. FDA, GMP, GLP, GCP or ISO 13485:2016 is important for medical technology companies all around the globe.

Management Tools

The CAQ.Net management tools that are used in the initial phases of compliance management include risk and document management. These are used for evaluating the risks of potential violations of applicable rules and devising processes that are to prevent said violations. Adherence to the rules is monitored and documented via self-audits with the audit management tool. Changes to regulations or the applicability of new regulations is monitored via the change control tool. The action and escalation management tool is used for consistently monitoring the status of regulation-relevant tasks. This interplay of CAQ.Net modules shows, that those tools that are used for systematically monitoring and documenting the requirements of ISO 13485:2016 can also assist companies to uphold and document their adherence to their very own compliance culture.

Additional Links
This website uses cookies for an improved user experience. For more information regarding cookies, please consult our data privacy policy.