Top Questions Thursday 03Nov2016


Hello!  Welcome to our new weekly questions post.  We take all the questions asked from the week and choose the top ones to answer here as a summary for you.  This week we have 3.  Lets get started…

Q:  What are the differences between ISO13485:2003 and ISO13485:2016?

A:  For those new to ISO13485, the structure and organization is the same.  For those with a current ISO13485 certificate, there are quite a few changes.  Some are small and some are large.


  • New requirement for the company to document its role under the regulatory requirements that are applicable
  • Risk based approach is applied past the design process
  • Tighter control of external documents
  • Stronger emphasis on Management Repsonsibility
  • User training needs required to be documented


  • Many sections now have a requirement for a documented procedure
  • Training procedure must address how to achieve and maintain competence of personnel
  • Infrastructure and Work Environment needs are required to be documented
  • Tighter controls on suppliers and purchasing

Q: What are the regulatory requirements for a Class I device?

A: Each regulatory agency has their own requirements. Our answer here is focusing on the top regulatory areas, US, EU and Canada.

US – FDA classification is dependent upon the individual device.  Researching the device category in the Code of Federal Regulations will show the FDA’s current opinion.  That being said, many Class I devices are considered low risk and the only requirements are cGMP Quality Systems and annual establishment registration with device listing.

EU – Class I devices are usually self certification for CE Marking.  This means that a Technical File is required to be created, but it is not certified or reviewed by a notified body.

CANADA – Canadian classification is similar the US.  There are classifications for product categories, but many are noted as Class I.  Class I devices are not required to have a license, but their establishments are required to be registered.

Q:  What suppliers need to be on the approved suppliers list?  How would I do a supplier evaluation on FedEx?

A:  Only suppliers who have a direct impact on the product are required to be evaluated and listed.  If FedEx is just providing a standard delivery service, then they would not be considered as having an impact on the product.  If FedEx is shipping products guaranteed overnight (due to product expiration dating) or shipping in climate control (due to packaging requirements) then it would have a direct impact on the product and need to be evaluated.  When we are writing quality systems, we write in the procedure that all suppliers are assessed and a justification for non-inclusion is documented if they do not have a direct impact.  This shows traceability and at a minimum that consideration was made for inclusion on the approved suppliers list.

This week had some wonderful questions and we look forward to answering more of them next Thursday.  If you would like to submit a questions, you can reach us directly, or post it to social media.

See you next Thursday!