Get 4 FREE months of Conformio to implement ISO 27001

Mandatory documents required by ISO 13485

Updated: September 19, 2023.

The new ISO 13485 is based on ISO 9001:2008, which means that the ISO 13485 2016 documentation requirements are based on the requirements of the previous version of ISO 9001, with the addition of documents specific to the medical device industry.

So, here is the list – below, you will see the mandatory ISO 13485 documents, but also keep in mind that the QMS (Quality Management System) documentation consists of not only the mandatory documents, but also other ISO 13485 documents specified by applicable regulatory requirements.

Some of the key ISO 13485 documentation requirements
  • Quality Manual
  • Responsibilities and authorities
  • Medical device file
  • Procedure for document control
  • Procedure for design and development
  • Procedure for validation


ISO 13485 documentation requirements

Here are the required ISO 13485 documents, categorized according to the clauses of the standard. (Please note that some of the documents will not be mandatory if the company does not perform relevant processes related to ISO 13485 documentation requirements):

Some of the key ISO 13485 documentation requirements:

 

Standard clause 4. Quality management system

  • Roles undertaken by the organization under applicable regulatory requirements (clause 4.1.1)
  • Procedure and records for the validation of the application of computer software (clause 4.1.6)
  • Quality Manual (clause 4.2.2)
  • Medical device file (clause 4.2.3)
  • Procedure for document control (clause 4.2.4)
  • Procedure for record control (clause 4.2.5)

Standard clause 5. Management responsibilities

Standard clause 6. Resource management

  • Procedure for training (clause 6.2)
  • Requirements for infrastructure and maintenance activities (clause 6.3)
  • Requirements for work environment (clause 6.4.1)
  • Arrangements for control of contaminated or potentially contaminated products (clause 6.4.2)

Standard clause 7. Product realization

  • Process for risk management in product realization (clause 7.1)
  • Outputs of product realization planning (clause 7.1)
  • Records of the results of the customer requirements review and actions arising from it (clause 7.2.2)
  • Arrangements for communication with customers (clause 7.2.3)
  • Procedure for design and development (clause 7.3.1)
  • Design and development planning (clause 7.3.2)
  • Design and development outputs (clause 7.3.4)
  • Records of design and development review (clause 7.3.5)
  • Design verification plans, results and conclusions (clause 7.3.6)
  • Design validation plans, results and conclusions (clause 7.3.6)
  • Procedure for transfer of design and development outputs to manufacturing (clause 7.3.8)
  • Procedure and records for control of design and development changes (clause 7.3.9)
  • Design and development file (clause 7.3.10)
  • Procedure for purchasing (clause 7.4.1)
  • Criteria and records for evaluation and selection of suppliers (clause 7.4.1)
  • Record of verification of purchased product (clause 7.4.3)
  • Record for each medical device or batch that provides traceability (clause 7.5.1)
  • Requirements for cleanliness of product (clause 7.5.2)
  • Requirements for medical device installation and acceptance criteria for verification of installation (clause 7.5.3)
  • Records for medical device installation and verification of installation (clause 7.5.3)
  • Procedure and records for servicing of the medical device (clause 7.5.4)
  • Records of sterilization process (clause 7.5.5)
  • Procedure and records of production and service provision process validation (clause 7.5.6)
  • Procedure and records for validation of process for sterilization and sterile barriers systems (clause 7.5.7)
  • Procedure for product identification (clause 7.5.8)
  • Procedure for traceability (clause 7.5.9.1)
  • Records of traceability and name and address of the shipping package consignee (clause 7.5.9.2)
  • Report on changes on customer property (clause 7.5.10)
  • Procedure for preserving the conformity of the product (clause 7.5.11)
  • Procedure for monitoring and measuring (clause 7.6)
  • Record of calibration (clause 7.6)
  • Procedure and records for validation of the application of computer software used for monitoring and measuring (clause 7.6)

Standard clause 8. Measurement, analysis and improvement

  • Procedure for customer feedback (clause 8.2.1)
  • Procedure and records for complaint handling (clause 8.2.2)
  • Records of reporting to regulatory authorities (clause 8.2.3)
  • Procedure for internal audit (clause 8.2.4)
  • Records of audits and their results (clause 8.2.4)
  • Identity of the person authorizing the release of the product (clause 8.2.6)
  • Procedure and record of control of the nonconforming product (clause 8.3.1)
  • Records of rework (clause 8.3.4)
  • Procedure and records for data analysis (clause 8.4)
  • Procedure and records for corrective action (clause 8.5.2)
  • Procedure and records for preventive action (clause 8.5.3)

The importance of documentation

The purpose of the documentation in the QMS is to ensure that critical processes, where you need to make sure that all employees consistently do the same thing, are understood and repeatable. To make this work, it is wise to have these processes as uncomplicated as possible and presented in the simplest manner to make them easy to understand. Often, using a graphical flow chart can suffice to relay all the relevant information quickly and easily. The less complicated the process documentation, the easier it will be to ensure that all employees can deliver repeatable, quality outcomes for the processes. In the long run, the adage is often right: “The simpler, the better.” And this is what the importance of ISO 13485 good documentation practices is all about.

For more about the ISO 13485 documentation requirements, download this free white paper: Checklist of Mandatory Documentation Required by ISO 13485:2016 to see the structure of each mandatory document.

Advisera Strahinja Stojanovic
Author
Strahinja Stojanovic

Strahinja Stojanovic is certified as a lead auditor for the ISO 13485, ISO 9001, ISO 14001, and OHSAS 18001 standards by RABQSA. He participated in the implementation of these standards in more than 100 SMEs, through the creation of documentation and performing in-house training for maintaining management systems, internal audits, and management reviews.


Advisera Kristina Zvonar Brkic
Contributor
Kristina Zvonar Brkic
Kristina Zvonar Brkic is an experienced consultant, auditor, assessor, and trainer for ISO 13485 and the EU MDR. She runs a thriving ISO 13485 consulting practice and helps companies and consultants to build their businesses. In her career, she also worked as an ISO 9001 and ISO 22716 consultant and lead auditor, and as an auditor and assessor for the MDD.


The portfolio of medical devices for which she has approval is plastic products with measuring function, various creams and gels, different systems for wound care, disinfectants, different catheters, panels for operating rooms and clean rooms, accessories and kits for performing surgical procedures of non-woven materials, medical gases, and various dental materials.