MDSAP Audit Process for Medical Device Manufacturers

The MDSAP program reduces regulatory burdens and saves significant time and money for Medical Device Manufactures. It increases patient safety by reducing risk. Understanding the Audit Process can bolster the confidence in applying MDSAP and help in preparing your organization for the valuable pursuit of certification.

Medical Device Single Audit Program

The Medical Device Regulatory Requirements:

Medical devices are regulated by governments to protect patient safety. To enter global markets, medical device companies are subject to multiple audits by many agencies that have their own processes, jurisdictional requirements, and scientific principles. However, Companies that are authorized by the MDSAP can enter participating countries with just a single audit.

Currently, MDSAP includes the regulatory jurisdictions and agencies of:

  1. United States: Food & Drug Administration or FDA (Quality System Regulation 21 CFR Part 820)
  2. Canada: Health Canada or HC
  3. Brazil: Agencia Nacional de Vigilancia Sanitaria or ANVISA (RDC ANVISA 16/2013)
  4. Australia: Therapeutic Goods Administration or TGA (TG(MD)R Sch3)
  5. Japan: Ministry of Health, Labour and Welfare, and the Japanese Pharmaceuticals and Medical Devices Agency or MHLW/PMDA (MHLW Ministerial Ordinance No. 169)

MDSAP Auditing:

  • Audits are conducted by Auditing Organizations authorized by the participating Regulatory Authorities to audit under MDSAP requirements. See the List of Auditing Organizations here>>>
  • In the MDSAP, Companies should comply with ISO 13485:2016 , and the additional requirements of each country. The applying company is graded for compliance with approximately 80 MDSAP tasks.
  • The MDSAP is based on a 3-year audit cycle:
    1. An initial audit of manufacturers QMS consisting of Stage 1 Audit and a Stage 2 Audit.
    2. Partial Surveillance Audit in each of the following two years
    3. A complete Re-audit, also referred to as a bRecertification Auditb in the third year
  • Special Audits: Audits Conducted by Regulatory Authorities, and Unannounced Audits are potential extraordinary audits that may occur at any time within the audit cycle.
  • MDSAP Audit Cycle

  • A point-based grading system is applied in place of the traditional grading criteria such as significant finding,"regular finding" and "significant opportunity for improvement"
    1. A 4-point grading matrix is used to assign points to non-conformities written against requirements in ISO 13485:2016. Grades in this step are determined by using the following matrix by dividing clauses of ISO 13485:2016 into 2 categories namely those that indirectly impact the QMS and those that directly impact QMS
    2. ISO 13485 grading matrix

  • An escalation score if applicable is applied.
    • +1 if a process isn't documented (vs. being inaccurate or incomplete)
    • +1 if the company shipped a non-conforming product
  • The final nonconformity is graded between 1 and 6, a grade of 5 or more is determined to carry a high enough risk that intervention is required.

Read the article Reducing Regulatory burdens with MDSAP to learn more.

MDSAP Guidance and Documents

Attend the Seminar Medical Device Single Audit Program [MDSAP] Implementation & Participating Country Regulatory Processes: U.S., Canada, Brazil, Australia and Japan to understand how MDSAP certification is a valuable pursuit to your organization and the steps involved.