Follow Us:

ISO 13485

Home ISO 13485 Procedures
Quick Contact
ISO 13485 procedures

ISO 13485 Procedures

ISO 13485 is an international standard that specifies requirements for a quality management system (QMS) specifically tailored for the medical device industry. It outlines the criteria for organisations involved in the design, development, production, installation, and servicing of medical devices. ISO 13485 is intended to ensure that medical devices meet regulatory requirements and are consistently safe and effective for their intended use. The current standard is ISO 13485:2016.


ISO 13485 standard mentioning “must” “should” “shall” warning organization to maintain and document various procedures and records. Such ISO 13485 procedures are called mandatory procedures and mandatory records. Organisations establish, implement, and maintain these procedures cover key aspects of quality management system (QMS) implementation and operation. Here’s a list of some mandatory procedures required by ISO 13485 in the below table.

Do you need an email containing full details within 2 minutes?

ISO 13485 and non-applicability

In ISO 13485, “Non-Applicability” refers to situations where certain requirements of the standard do not apply to the organisation’s quality management system (QMS) due to the nature of its operations, products, or regulatory environment. ISO 13485 recognises that not all requirements may be relevant to every organization, and it provides flexibility for organisations to determine the applicability of specific clauses or requirements based on their circumstances.


It’s important for organizations to document their rationale for determining the non-applicability of specific requirements and ensure that any exclusions are justified, documented, and communicated within the organization

I3CGLOBAL provides complete support for ISO 13485 implementation and certification. We have the option of onsite and offsite service.

What is Scope Exclusions?

As per ISO 13485 standard, “Scope Exclusions” refer to specific aspects or processes within your organisations quality management system (QMS) that are deliberately excluded from the scope of certification or implementation with the standard. Scope exclusions are situations where certain requirements of ISO 13485 are determined not to be applicable or feasible for the organisations operations, products, or regulatory environment.

List of ISO 13485 Procedures (Mandatory)

Sl.No Clause No Mandatory Procedure(s) Applicability/Exclusions


4.1 Regulatory Compliance Strategy A Strategy for Regulatory Compliance with the Regulation (EU) 2017/745, including Compliance with the Conformity Assessment Procedures.


4.1.5 Outsourced Process Applicable if any Process that affects the Product conformity to requirements are outsourced


4.1.6 Validation of the Application of software used in QMS Applicable if any Software Applications are used within the Quality Management System.


4.2.4 Control of Documents To ensure all documents are properly created, reviewed, approved, issued, and controlled.


4.2.5 Control of Records To establish and maintain documented procedures for creating, collecting, storing, retrieving, retaining, and disposing of records.


5.6.1 Management Review Establish and maintain a documented procedure to define how top management will conduct periodic reviews of the organization’s QMS


6.2 Training and Awareness Ensure that all Personnel performing work affecting product quality possess the necessary competence, knowledge, and skills.


6.3 Infrastructure Ensure physical and operational environment enables the consistent production of safe and effective medical devices.


6.3 Maintenance Activities Ensure the infrastructure will be maintained in a suitable state to ensure its continued suitability and effectiveness.


6.4.1 Control of Work Environment To maintain a suitable work environment to control contamination and ensure product quality.
8 6.4.1 a Health, Cleanliness and Clothing To ensure Health and Hygienic controls are established. Crucial to Sterile Medical Devices
9 6.4.2 Control of Contamination To plan and document arrangements for the control of contaminated or potentially contaminated products. Crucial to Sterile Medical Devices
10 7.1 Risk Management To provide guidance on the development, implementation, and maintenance of a risk management system for all type of Medical Devices.
11 7.2 Customer Related Processes To establish a procedure for review of requirements related to product to be conducted prior to the commitment to supply product to the customer.
12 7.3 Design and Development To maintain a documented system for the design and development of medical devices.
13 7.3.7 Clinical Evaluation To Identify, collect, appraise, and analyze the clinical data obtained from the clinical investigation, literatures, post market surveillance.
14 7.4 Purchase Process To establish and maintain a documented procedure for purchasing products and services that affect the quality of your medical devices.
15 7.5.1 Control of Production To establish a documented procedure to define the methods to plan, carry out, monitor & control production & service provision activities
16 7.5.2 Cleanliness of the Product To define and document the requirements for the cleanliness of product. Crucial to Sterile Medical Devices
17 7.5.3 Installation Applicable if the installation process involves activities beyond simply placing the device, such as configuration, calibration, or adjustments
18 7.5.4 Servicing Activities To establish documented procedures for servicing activities to ensure they are performed correctly and do not compromise product safety or quality.
19 7.5.6 Validation of processes for production and service provision To validate any process for production and service provision where the results cannot be verified by subsequent monitoring or measurement, or where the monitoring and measurement is destructive to the product.
20 7.5.6 Validation of the software used in production. Applicable if any Software’s are used in the Product realization
21 7.5.7 Validation of processes for sterilization and sterile barrier systems To conduct Sterilization Validation and Validation of Sterile Barrier Systems.
22 7.5.8 Product Identification Identification of products and process results throughout the life cycle of your medical devices.
23 7.5.8 Medical Device Labeling To determine the symbols and information to be supplied to the customer through the labelling of the medical device for its normal use.
24 7.5.8 Identification of returned medical device To ensure that the product, which is returned from market is separated from the products of normal production.
25 7.5.9 Traceability To track and record the history, location, and application of your medical devices, parts, and materials throughout their lifecycle.
26 7.5.9 Verification of UDI To implement and maintain Unique Device Identification (UDI) system and Basic UDI-DI for medical devices placed in European union.
27 7.5.11 Product Preservation To ensure that medical devices maintain their intended quality and safety throughout storage, handling, distribution, installation, and service use.
28 7.6 Control of Monitoring and Measuring Devices Ensure the accuracy and reliability of the tools and instruments used throughout the medical device lifecycle.
29 7.6 Validation of software used for monitoring and measurement Applicable if any Software’s are used in the monitoring and measurement of Product
30 8.2.1 Feedback process To maintain procedures for the feedback process which include provisions to gather data from production as well as post-production activities.
31 8.2.1 Post Market Surveillance Conduct the PMS of the medical devices, post release into the market. Applicable to the devices placed in European Union.
32 8.2.1 Post Market Clinical Follow up Proactively collect and evaluate clinical data from the use in or on humans of a medical device. Applicable to the devices placed in European Union.
33 8.2.2 Handling of Customer Complaints A documented and systematic approach for receiving, evaluating, investigating, and responding to complaints related to devices.
34 8.2.3 Vigilance Control To establish and maintain procedures for reporting to regulatory authorities, as required by the regulations or other requirements,
35 8.2.3 Communication to Regulatory Authorities To handle communication with competent authorities, notified bodies, other economic operators, customers and/or other stakeholders.
36 8.2.4 Internal audit To establish and maintain a planned and documented arrangement for internal audits
37 8.3 Nonconforming product To ensure products that don’t meet specifications are handled effectively to prevent unintended use or distribution.
38 8.3.3 Advisory Notice To establish procedures for defining and taking appropriate actions to products that do not conform to the requirements after delivery.
39 8.3.4 Rework For controlling rework, including the definition of the types of reworks permitted and the conditions under which rework is permitted.
40 8.4 Analysis of Data Data analysis for continuous improvement
41 8.5.2 Corrective and Preventive Action For initiating & implementing effective corrective and preventive actions upon detection of non-conformities