What is ISO 9001 and Should Your Medical Device Company Follow It (or ISO 13485 instead)

Quality management is an essential part of manufacturing any product, regardless of size, complexity, or intended use.
That’s why regulatory bodies and non-governmental organizations like the International Organization of Standardization (ISO) have for decades offered standards and guidance to help manufacturers create, implement, and maintain a proper quality management system (QMS).

The ISO quality management standard, ISO 9001, offers broadly applicable guidance for establishing a quality management system, and is used by product design and manufacturing companies worldwide.

This article will explain ISO 9001, considerations around certification to the standard, and how it stacks up against a similar sounding standard from the same ISO family, so you can determine which regulatory guidelines your company should adopt as its quality management standard.

FREE DOWNLOAD: Get your free FDA QSR & ISO 13485:2016 Internal QMS Audit Checklist. Click here to download.

 

What is ISO 9001?

ISO 9001 is part of the larger ISO 9000 family of standards, all of which are concerned with particular aspects of quality management. This family of standards is generic, which means they can be used by companies of any size, in any industry, to implement a QMS.

ISO 9001:2015 is the best-known standard in the ISO 9000 family because it lays out the basic requirements for implementing the processes, procedures, and documentation that makes up a QMS. In essence, it defines what your company should consistently do in order to provide confidence that a product is safe, effective, and meets the needs of end users.

It’s important to understand that ISO 9001 does not define product quality. It is a process-based standard, which means your company should use it to control the processes you use to design, develop, and manufacture your product. If this is done correctly, a high quality product should be the end result.

 

Who can benefit from ISO 9001 certification?

Companies can obtain ISO 9001 certification by undergoing an audit conducted by a registrar or notified body (NB) to ensure their QMS conforms to the requirements of the standard. Although certification is not a legal requirement, it is often extremely beneficial for companies to obtain it. 

From an organizational standpoint, certification is an acknowledgement that your QMS is functioning as it ought to. Not only will you have the processes, procedures, and documentation practices in place to consistently deliver high quality products to end users, you’ll also be able to quickly identify nonconforming products, trace them, and take corrective and preventive actions

That’s why many organizations prefer their suppliers or contract manufacturers to be ISO 9001 certified—it gives them peace of mind. In order to ensure its products are safe and reliable, a company has to know that the parts and materials they outsource are subject to the same quality standards and rigorous quality management processes.

The bottom line: ISO 9001 certification provides regulators, clients, and end users with added assurance that quality is of the utmost importance to your organization.

 

What’s the difference between ISO 9001 and ISO 13485?

While it’s true that any company can use ISO 9001 as their standard for implementing a QMS, there are other industry-specific ISO quality management standards. 

ISO 13485:2016 is the standard for quality management systems for medical devices. ISO 13485 was originally an industry-specific interpretation of ISO 9001 for medical device companies. However, over the years, it’s evolved to become its own standard. The latest update to ISO 13485 came in 2016, and it has substantial differences from ISO 9001. 

ISO 13485:2016 includes requirements and guidance that do not appear in ISO 9001, such as:

  • Explanation of medical device terminology

  • Clinical or performance evaluations of medical devices

  • Purchasing procedure documentation

  • Inclusion of CAPA investigations in the QMS

  • The requirement for organizations to identify the individual in management responsible for each aspect of the QMS.

Many of these differences are due to the regulatory environment for medical devices. Because ISO 9001 is a generic standard that applies to any industry, it does not address any industry-specific requirements that an organization may need to comply with. 

ISO 13485:2016, however, addresses the fact that companies within the medical device industry will need to comply with local regulations in addition to the ISO standard. In fact, the standard states that companies must document conformance with ISO 13485:2016 and “compliance with applicable regulatory requirements.”

At this point, compliance with one of these standards does not necessarily mean you are in compliance with the other.

 

Should medical device companies disregard ISO 9001?

ISO 9001 is a good standard for implementing a QMS in a wide variety of industries. If you’re a medical device manufacturer, however, there’s really no reason to follow ISO 9001 instead of ISO 13485. Moreover, certain markets actually require ISO 13485 certification in order to sell medical devices, like Canada and the EU.

ISO 13485 has evolved away from its roots as an industry-specific interpretation of ISO 9001 and is now recognized by regulatory bodies around the world as the standard for medical device quality management systems. 

While compliance with ISO 13485:2016 does not ensure compliance with market-specific regulations, it is certainly the best place to start if you’re a medical device manufacturer.

FREE DOWNLOAD: Get your free FDA QSR & ISO 13485:2016 Internal QMS Audit Checklist. Click here to download.

Stay compliant with a QMS that has ISO best practices built into every feature

One of the difficulties with using a general-purpose, generic QMS that serves multiple industries is that the onus is entirely on your team to ensure all documentation and processes are compliant with the latest industry standards and regulations. With so much riding on your QMS, that’s a risky approach to take. 

Greenlight Guru’s Medical Device Success Platform (MDSP) changes that dynamic. Our software was built specifically for the medical device industry, and it has ISO best practices built into every feature, so you can spend less time worrying about compliance and more time focusing on True Quality for your medical device. 

Get a QMS that’s purpose-built for your medical device company. Get your free demo of Greenlight Guru today.


Looking for a design control solution to help you bring safer medical devices to market faster with less risk? Click here to take a quick tour of Greenlight Guru's Medical Device QMS software