Compliance Briefing — August 30, 2025

Executive briefing: On February 2, 2024 the U.S. Food and Drug Administration finalised the Quality Management System Regulation (QMSR), amending 21 CFR Part 820 to incorporate ISO 13485:2016 by reference. The rule takes effect February 2, 2026. By late August 2025, device manufacturers should have updated quality manuals, risk management files, and supplier controls so FDA inspections can verify alignment with ISO’s design, production, and post-market surveillance clauses.

Key compliance checkpoints

Quality manual harmonisation. Map existing Quality System Regulation procedures to ISO 13485 requirements, identifying gaps in management review, design transfer, and complaint handling.
Risk management integration. Ensure ISO 14971 risk management files feed into design controls and production processes as referenced by QMSR.
Supplier oversight. Update purchasing controls to require documented evaluation, selection, and monitoring of suppliers in line with ISO 13485 Sections 7.4 and 7.5.

Operational priorities

Audit programme. Schedule internal audits against ISO 13485 and FDA’s new inspection approach, remediating findings before 2026 inspections.
Training cadence. Retrain quality, regulatory, and manufacturing staff on revised SOPs and document control expectations.
Change control. Use change control boards to approve procedural updates, ensuring Device Master Records and technical documentation reflect new requirements.

Enablement moves

Engage notified bodies already auditing to ISO 13485 to provide readiness assessments and share best practices for harmonised audits.
Communicate progress to executive leadership with metrics on gap closure, training completion, and supplier requalification.

Sources

Zeph Tech guides medical device manufacturers through QMSR transitions, coordinating ISO 13485 harmonisation, audit rehearsal, and supplier risk oversight.