We place cookies to ensure essential functionalities, measure audience, and offer you personalized content. Learn more

Solutions

Trainings
Regulatory consulting & audits
Digital solution

Company

Genesis
Team
Mission
Values
Join us
Investors
News

Other resources

Regulation (EU) 2017/745
Device classifier
Contact
Schedule appointment

Blog

Explore our articles

Find all the latest Certeafiles news and our regular watch on the medical device universe.

Retour
ISO 13485 VS MDR

ISO 13485 vs MDR: complementarity or complexity ?

RegulatoryQuality Management Systems
Understanding how ISO 13485 and MDR complement each other to better structure medical device compliance without getting lost in regulatory complexity

At Certeafiles, we support manufacturers on a daily basis as they navigate between ISO 13485 and the MDR regulation. Here's an overview of how these two pillars of compliance can be better articulated.

Two essential frameworks… and sometimes sources of confusion

In the world of medical devices, two references dominate compliance issues:

  • ISO 13485:2016: global reference for quality management systems (QMS).
  • Regulation (EU) 2017/745 (MDR): governing the market access of medical devices in Europe.

Both pursue a common goal: to ensure the safety and performance of medical devices. However, their articulation can seem redundant or complex for manufacturers.

Two different but interconnected logics

ISO 13485: a structuring standard that is eagerly awaited

Published by ISO (International Organization for Standardization), ISO 13485:2016 defines the requirements applicable to quality management systems for companies in the medical devices sector.

Although it is voluntary from a legal standpoint, it is widely recognized and expected by notified bodies as a basis for demonstrating compliance with the quality obligations of the MDR (notably Article 10).

MDR: a legally binding regulation

The MDR is mandatory for any actor wishing to market a medical device in the European Union. It covers the entire product lifecycle: design, manufacturing, post-marketing, technical documentation, surveillance, etc.

A strong complementarity… with key points of divergence

Commonly covered areas

The two texts address several common themes:

  • Quality management system
  • Risk management (ISO 14971)
  • Document control and records
  • Design and development control
  • Contrôle des fournisseurs
  • Production et traçabilité
  • Actions correctives et amélioration continue
  • Surveillance après commercialisation (PMS)

La norme ISO 13485 fournit un cadre opérationnel pour répondre à de nombreuses exigences du MDR. Toutefois, elle ne les couvre pas toutes.

Comparative Table of Scopes

Topic ISO 13485 MDR
Quality Management System ✅ Yes ✅ Yes
(Article 10)
Clinical Requirements ❌ No ✅ Yes
(Annex XIV)
Person Responsible for Regulatory Compliance (PRRC) ❌ No ✅ Yes
(Article 15)
Enhanced Vigilance and Post-Market Surveillance ✅ Yes
(partially)		 ✅ Yes
(Chapter VII)
Risk Management (ISO 14971) ✅ Yes
(referenced)		 ✅ Yes
(integrated)
General Safety and Performance Requirements (GSPR) ❌ No ✅ Yes
(Annex I)
UDI / Regulatory Traceability ❌ No ✅ Yes
Supplier Management ✅ Yes ✅ Yes
Registration in EUDAMED ❌ No ✅ Yes
Technical Documentation ❌ No ✅ Yes
(Annex II and III)

The standard stops at qualitative management. MDR introduces a more global, product-centric vision, with legal, clinical and post-marketing requirements.

Additional requirements of the MDR

Among the points exclusively addressed by the MDR:

  • In-depth clinical evaluation
  • Justification of clinical equivalences
  • Post-Market Surveillance (PMS) plan, PSUR or trend report
  • Appointment of a PRRC (with exceptions for micro-enterprises)
  • Registration in EUDAMED
  • Implementation of a Unique Device Identification (UDI)
  • Compliance with GSPR requirements (Annex I)
  • Implementation of vigilance and PMCF procedures

Roadmap to dual compliance

  1. Implement a QMS compliant with ISO 13485
  2. Conduct a gap analysis between ISO and MDR
  3. Integrate product requirements: clinical, PMS, vigilance, UDI…
  4. Develop technical documentation according to the Annex II & III of the MDR
  5. Appoint a PRRC and organize regulatory traceability
  6. Ensure regulatory monitoring and conduct targeted audits

Practical example: from ISO 13485 to CE marking

A SME designs a Class IIb device. It implements a QMS compliant with ISO 13485 to structure its processes and gain credibility. This approach allows it to:

  • Frame design, manufacturing and traceability
  • Initiate a relationship of trust with a notified body

But that's not enough. For CE marking, it must also ::

  • Conduct a comprehensive clinical evaluation
  • Implement a PMS plan
  • Appoint a PRRC
  • Draft technical documentation (Annex II & III)
  • Register in EUDAMED and manage UDIs

Synthesis: allies but not interchangeable

Characteristic ISO 13485 MDR
Nature Voluntary standard Mandatory regulation
Main objective SStructuring QMS Market access and compliance maintenance
Scope Organizational Complete product lifecycle
Clinical requirements Not directly covered Yes, numerous and precise
Certification Certifying body Notified body (if applicable)
CE marking Does not allow access Necessary and mandatory
Combined interest Strong for structuring MDR Indissociable for market access

The challenges and levers of dual compliance

Challenges

For manufacturers, ensuring compliance with both ISO 13485 and MDR represents a real challenge:

  • 📂 Documentary complexity: two intertwined frameworks complicate data management
  • 💰 High costs: implementation, audits, training, tools
  • 🧠 Internal organization: multidisciplinary skills required throughout the product lifecycle

Levers

  • Centralize documentation in an integrated QMS
  • Automate traceability (UDI, ERP, barcodes)
  • Establish active regulatory monitoring
  • Conduct targeted internal audits ISO/MDR
  • Audit critical suppliers to meet MDR requirements

Conclusion

ISO 13485 and MDR are two essential pillars, complementary but not interchangeable. One structures internal quality, the other frames market access and regulatory oversight. To ensure robust, sustainable and evolving compliance, it is crucial to articulate them intelligently, with an adapted organization and effective tools.

📧 Need support?

Contact us to discuss! Our team is at your disposal to answer your questions and assist you in the compliance of your medical devices.

💼 Discover our ISO 13485 Pack specially designed to facilitate the implementation of a compliant QMS, with templates, practical guides and personalized support: Pack ISO 13485. Certeafiles supports medical device manufacturers in the effective implementation of their dual compliance ISO 13485 / MDR. Our expertise crossing quality systems and European regulatory requirements helps you structure your processes, reduce your risks and accelerate your time to market.