The International Standards Organization (ISO) was founded in 1947 by a group of delegates from 25 different countries with the shared goal of ensuring that products and services available in the global marketplace were safe, reliable and of good quality. ISO works towards this objective by writing documents, known as standards, which provide requirements, specifications, guidelines
Over time, the original series of ISO 9000 standards changed form. Here is a look at that timeline:
In the year 2000, ISO 9001, 9002 and 9003 were combined into a single standard known as ISO 9001:2000.
Additional updates to the ISO 9000 series were made in 2008 to increase their consistency with the ISO 14001 standard for environmental management and provide additional clarifications.
ISO 9001 was published in 2009.
Further revisions to ISO 9000 standards were made in 2015.
In 2016, the ISO released a new version of ISO 9002 that provides guidance on the intent of the quality system requirements in ISO 9001:2015.
The current list of ISO 9000 quality standards looks like this:
ISO 13485 is an industry-specific interpretation of ISO 9001 with a focus on the medical device industry. While the ISO 9001 quality regulations are meant to apply to organizations across industries, ISO 13485 provide specialized guidance in the form of quality system regulations that are specific to the medical device industry.
ISO 13485 was first published as an industry-specific interpretation of the quality requirements of ISO
The most important difference between ISO 13485 and ISO 9001 comes from the fact that the former was published for exclusive application to medical device products. Unlike many other industries, the medical device industry is under strict regulatory control in markets around the world. ISO 13485 includes many sections and guidelines that are unique to medical devices, including:
One of the most important trends in the world of medical device regulation is the regulatory shift towards risk management. Organizations across the world that provide guidelines for medical device quality, such as the European Commission, United States FDA, and ISO, are increasingly emphasizing risk management in standards publications for medical device QMS.
In ISO 13485:2016, the most current edition of ISO's medical device quality standard, the term "risk" appears more than 40 times - a substantial increase when compared to the 2003 version, where risk management processes were only specifically applied to product realization activities. ISO 13485:2016 requires
Organizations that wish to comply with ISO 13485:2016 must establish and maintain effective risk management processes throughout the product life cycle.
ISO 9001 can be applied broadly in companies and organizations across industries, some of which may be government regulated, but many of which are not. As a result, ISO 9001 does not address the need for its subscribers to comply with regulatory requirements that may not exist for their specific industries.
In contrast, the authors of ISO 13485 understand that while adherence with ISO 13485 represents conformity with the global medical device QMS standard, medical device companies are still required to comply with local regulations in the markets where they sell their products. ISO 13485:2016 specifically requires medical device companies to "establish and maintain records needed to demonstrate conformance to this International Standard and compliance with applicable regulatory requirements.''
Conformity with the ISO 13485 QMS requirements does not always mean that compliance with local regulations has been achieved, especially in the United States where compliance with the FDA QSR is required for medical device companies.
ISO 13485 certification is a requirement for medical device companies who wish to sell their products in Europe, and the upcoming Medical Device Single Audit Program (MDSAP) guidance will draw heavily from the contents of ISO 13485. Even the FDA is changing its regulations to further align with ISO 13485:2016. While the ISO 9001 quality management system requirements can be profitably applied in other industries, compliance with ISO 13485 and local regulations are priorities for medical device companies.
Greenlight Guru's eQMS software was purpose-built to facilitate ISO 13485 quality management system requirements for medical device companies, offering out-of-box compliance with minimal customization.