Q: Why does Annex B of ISO 13485:2003: Medical devices — Quality management systems — Requirements for regulatory purposes address ISO 9001:2000?
Shouldn’t it be ISO 9001:2008 Quality management systems–Requirements?
A: ISO 9001 is “controlled” by Technical Committee (TC) 176 while ISO 13485 is “controlled” by TC 210. They are two separate, independent technical committees that write and revise standards.
ISO 13485:2003 is founded on ISO 9001:2000, with additional requirements added for the medical device industry. In other words, ISO 13485:2003 is ISO 9001:2000 (but with the requirement for “continual improvement” removed) and additional requirements for the medical device industry
When TC 176 revised ISO 9001 in 2008, TC 210 decided not to make a change to ISO 13485 because ISO 9001 requirements didn’t change substantially. It is important to note that many governments such as Health Canada have adopted ISO 13485:2003 as their law or have their medical device law based on 13485:2003. Many medical device companies today get ISO 13485:2003 registered and have dropped ISO 9001:2008 altogether as not being necessary.
By the way, TC 210 issued a technical corrigendum to ISO 13485:2003 in August of 2009 correcting its reference to “ISO 9001” to “ISO 9001:2000” to make this clear.
Voting member to the U.S. TAG to ISO TC 176
Medical Device Quality Compliance (MDQC), LLC.
ASQ Senior Member
ASQ CQE, CQA, RABQSA Lead QMS Assessor
For more on this topic, please visit ASQ’s website.
2 thoughts on “ISO 9001:2008 Impact on ISO 13485:2003”
I am responding on Jim’s behalf: The answer is “no” – both ISO9001 and ISO13485 cover validation at section 7.5.2 in both standards. But ISO13485 has additional requirements for validation. ISO13485, Appendix B explains the differences between ISO 13485 and 9001.
The major difference between the two would be the validation right? ISO 13485 covers this and ISO 9001 does not. Correct if I’m wrong