Category / Standard

ISO 13485: complete guide, articles and resources

Medical Devices — expert articles, practical resources, and solutions to structure your certification project.

Version
ISO 13485:2016
Type
Certifiable standard
Articles
1 published
Definition

What is the ISO 13485 standard?

The ISO 13485 standard defines the requirements of a quality management system specific to the medical device industry. Published in 2016 (with Amendment 11:2021), it is the international benchmark used by manufacturers, distributors, and suppliers across the medical device supply chain.

Unlike ISO 9001, ISO 13485 emphasises medical device lifecycle control: design, manufacture, distribution, post-market surveillance, risk management (ISO 14971), and regulatory compliance (FDA 21 CFR Part 820 / QMSR, EU MDR 2017/745, MDSAP, Health Canada).

ISO 13485 certification is required by virtually every market: the FDA in the US (now formally aligned with ISO 13485 through QMSR), the EU through MDR/IVDR, Health Canada, Japan through PMDA, and Australia through TGA. It is the baseline quality framework for global medical device commercialisation.

Who is ISO 13485 for?

The standard applies to medical device manufacturers, contract manufacturers (CMOs), distributors, sterilisation services, and component or software suppliers in the medical device supply chain.

Why get certified?

ISO 13485 certification is required to commercialise medical devices internationally, is the baseline for FDA QMSR alignment, simplifies notified body audits under EU MDR/IVDR, and structures rigorous traceability and post-market surveillance.

Version
ISO 13485:2016
Certified
30,000+
Validity
3 years
Avg. timeline
9 to 18 months
Articles & guides

All our articles on ISO 13485

Frequently asked questions

Everything you need to know about ISO 13485

What's the difference between ISO 13485 and ISO 9001?
ISO 13485 is built on the structure of ISO 9001 but adds specific medical device requirements: design controls, risk management (ISO 14971), traceability, regulatory compliance, post-market surveillance, advisory notices, CAPA. ISO 9001 alone is not sufficient for medical device commercialisation.
How does ISO 13485 relate to FDA QMSR?
The FDA published the final QMSR rule in 2024 to harmonise 21 CFR Part 820 with ISO 13485:2016. The QMSR is enforceable from February 2026. Companies already certified ISO 13485 are well-positioned for QMSR compliance.
Is ISO 13485 mandatory for the EU MDR?
Not strictly mandatory, but it is the de facto baseline. Notified bodies expect ISO 13485 certification as evidence of a compliant QMS. Without it, MDR conformity is significantly harder to demonstrate.
How much does ISO 13485 certification cost?
For a small medical device manufacturer, expect $8,000 to $25,000 for the initial audit. Total implementation costs (consulting, technical files, validation) are typically much higher.
How long does it take to obtain ISO 13485 certification?
Expect 9 to 18 months, sometimes more for organisations without prior quality culture. Design controls, risk management, and process validation are the most demanding phases.

Ready to start your ISO 13485 project?

Download the documentation kit or speak with a consultant during a free 30-minute consultation.