Compare ISO 13485:2016 to ISO 13485:2003

ISO 13485 was finally revised after 13 years and has many significant changes. The three main reasons for the updates were:

  1. The medical device regulatory environment has evolved since 2003
  2. Risk management and risk-based decision-making processes have become the main focus of the entire medical device industry; and 
  3. ISO 13485:2016 no longer aligns with the current version of ISO 9001, but rather aligns with the previous revision, ISO 9001:2008.

The ISO 13485:2016 standard details the changes between ISO 13485:2003 and ISO 13485:2016 in Annex A titled “Comparison of content between ISO 13485:2003 and ISO 13485:2016”. Annex B of the standard is titled “Correspondence between ISO 13485:2016 and ISO 9001:2015” which details how those two standards relate to one another. These two Annex’s are important to organizations transitioning to the new version of ISO 13485, or that are interested in being certified to both ISO 9001 and ISO 13485.

There are several key changes between the 2016 requirements and the 2003 requirements.  We will discuss the 11 key changes here, which were changed to align with the FDA.

Clause 4.1 General Requirements

The first big change is the application of a risk-based approach in establishing and maintaining a QMS.

4.2 General Requirements

Within 4.2, there are two major changes. First, there is a change regarding confidential health information, and second, a large change is how to deal with deterioration and the loss of documents.

6.2 Human Resources

The newest version of the standard expands upon the 2003 version, requiring more processes to identify that individuals are competent, that they are provided with any necessary training, and make sure that personnel, and their roles are documented.

7.2 Customer-related processes

Several new terms in regard to communicating with regulatory authorities relating to product information, customer feedback, and advisory notes.

7.3 Design and Development

The 2016 version of 13485 has better aligned with the FDA.

7.3.8-Design and Development Transfer

Another big change is that this new revision has specific requirements for the transfer of products and design.

7.3.10 Design and Development Files

The old standard had no criteria regarding the requirements for maintaining documentation regarding design and development, in the new revision, these requirements are defined

7.4 Purchasing

There are several new requirements as it relates to purchasing. New requirements address the following:

  • Monitoring and re-evaluating suppliers
  • Actions to be taken when purchasing requirements are not met
  • Notifying of any change in regard to purchased products
  • Purchasing verification

7.4.8 Identification

The new standard now requires that procedures are documented as it relates to production, identification, and status.

8.2.2 Complaint handling

In the previous standard, there was no clause addressing complaints. This has changed with the new 2016 standard.

8.2.3 Reporting to regulatory authorities

There are now requirements for reporting to regulatory authorities, unlike the old version of the standard.


Our All-in-One Certification Package is a proven, efficient system. It gives you all you need to prepare for registration – in one simple to use package.

Customer Review:

"I have just passed my ISO Audit with zero non-conformances for the second year in a row using your ISO products to write my entire QMS. Thank you for producing documents of this quality"

Bettye Patrick

Buy the Standard

13485 Store Logo ISO 13485