ISO 13485 Audit Checklist Template | Editable & Free Download

ISO 13485 audit checklist template

About the ISO 13485 audit checklist template

An ISO 13485 audit checklist template streamlines your quality management system audits in the medical device industry. You begin with a compliance assessment section, where you evaluate processes against ISO 13485 standards, ensuring you meet all regulatory requirements. This structure helps you maintain high quality and safety standards.

The template also includes an improvement tracking section, where you document findings and corrective actions. This encourages continuous improvement, helping your organization remain agile and responsive to changes in regulations or industry practices.

Enhance your audit efficiency by using this template to ensure thorough evaluations and maintain compliance, ultimately boosting trust with stakeholders and customers.

Key elements of an ISO 13485 audit checklist template

An ISO 13485 audit checklist template help to ensure comprehensive evaluation of your quality management system. Here are the essential components:

Compliance assessment: This section focuses on evaluating your processes against ISO 13485 standards. It ensures that your organization meets all regulatory requirements, helping you maintain high standards of quality and safety. This assessment is crucial for identifying compliance gaps and implementing necessary improvements.
Risk management evaluation: In this part of the template, you identify potential risks within your processes and develop strategies to mitigate them. By proactively addressing risks, you can enhance product reliability and safety, ensuring proper issue management before they impact operations.
Documentation review: This component ensures that all necessary records are accurate, complete, and up-to-date. Proper documentation supports traceability and accountability, which are vital for demonstrating compliance and facilitating audits.
Continuous improvement tracking: This section provides a framework for documenting findings and corrective actions. It encourages ongoing enhancement of your processes, ensuring your organization remains agile and responsive to changes in regulations or industry practices.

How to use the ISO 13485 audit checklist template

To effectively utilize the ISO 13485 audit checklist template, start by accessing the editable version within the app. Customize it to align with your organization’s specific processes and regulatory requirements, ensuring it serves as a relevant and comprehensive framework for your audits.

Assign roles and responsibilities by clearly defining who will manage each section of the checklist. This step enhances accountability and ensures that all aspects of the audit are covered thoroughly by team members with the appropriate expertise.

During the audit, use the checklist to guide your evaluation of compliance and risk management practices. Encourage team members to document findings accurately and consistently, capturing all critical information. This documentation provides a reliable basis for analysis and decision-making, allowing you to implement corrective actions effectively.

After completing the audit, review the documented findings to develop action plans that address any identified gaps or risks. Use the checklist to track the implementation of these corrective actions, ensuring improvements are made efficiently. Regularly review and update the checklist to reflect changes in regulations or organizational processes.

Encourage feedback from team members to continuously refine the template, ensuring it remains a template that supports ongoing improvement in your quality management system. By integrating this checklist into your workflow, you can enhance compliance and operational excellence.

Download Lumiform’s ISO 13485 audit checklist template today

Conduct your next audits with a clear, organized template that keeps your team aligned and focused. Assign responsibilities, track findings in real time, and follow up on corrective actions without missing critical steps. It’s designed to fit your workflow, whether you’re working on-site or off. You’ll be able to cover what matters most while keeping your audit process actionable.

Related categories

Preview of the template

ISO 13485 Audit Checklist

Management Controls

The Quality Manual defines the scope of the QMS, the procedures (or reference to) within the QMS, and the description of the interaction of the processes within the QMS.

Are there criteria and methods to monitor and control processes for effectiveness?

Has the company implemented management reviews and conducts them at least annually?

Do management reviews examine the suitability and effectiveness of quality systems, improvements needed due to customer requirements, and resource needs?

Do management reviews address audit findings, customer feedback, process performance, corrective and preventive actions (CAPA), previous management reviews, QMS changes, improvement recommendations, and new or revised regulatory requirements?

Has the company implemented a quality manual and quality assurance procedures and instructions that are adequate?

Has the company established a quality plan?

Does quality planning address the needs and quality objectives of the QMS?

Has the company established a quality policy and quality objectives?

Has the company established a quality review process and conducts audits?

Do quality audits examine compliance and effectiveness?

Are the auditors properly trained?

Are audits conducted by objective companies or individuals?

Are the quality audits linked to CAPA?

Review the company's organizational structure:

Are resources available to support processes?

Has the company defined a management representative with responsibility for the implementation and reporting of the quality management system?

Are appropriate responsibilities, authorities and resources in place for quality system activities?

Has the company established procedures for identifying training needs?

Are personnel trained to perform assigned tasks?

Does management ensure that an adequate and effective quality system is implemented?

Does management ensure that management establishes and communicates the importance of meeting customer requirements, regulatory requirements, and the QMS?

Design and Development / Design Controls

Design controls and risk management methods are set and applied?

Design and improvement stages are identified?

Are the design and development stages identified?

Review, confirmation, validation, and design transfer activities at each stage are suitable?

Are the responsibilities for design and development defined?

Review the project design & development plan, responsibilities, and interfaces.

Has the design and development plan been updated, reviewed and approved?

Design & development products and services are suitable for purchasing, production, and servicing?

Are products subjected to design controls?

Design input demands were established, reviewed, and approved?

Are customer requirements captured?

Have incomplete, ambiguous, and/or conflicting requirements been addressed?

Are design and development deliverables defined, verifiable, reviewed, and approved?

Are design and development outcomes appropriate for purchasing, production, and service?

Are key design and development deliverables identified?

Are acceptance criteria referenced by design and development deliverables and were they defined prior to design verification and design validation?

Did design verification confirm that design outputs meet design input requirements?

Do the design validation results prove that the device meets the predefined needs and intended uses of the users?

Did the design validation leave no unresolved discrepancies?

If required by national or regional regulations, confirm that clinical assessments and/or device performance evaluation have been performed?

If the device contains software, confirm that the software has been validated.

Were initial production units (or equivalents) used for design validation?

Have risk management activities been performed?

Have design changes been controlled and validated (or verified, if appropriate)?

Were design changes reviewed for their impact on previously made components and products?

Were design reviews conducted at the appropriate stages of design and development?

Were the design review participants qualified to do so and were independent reviewers?

Was the design correctly transferred to production?

Does DHF include design review documentation?

Corrective and Preventive Actions (CAPA)

Do CAPA procedures comply with regulatory requirements?

Do non-compliant product and CAPA procedures determine the need for investigation and notification?

Do non-compliant product and CAPA procedures define responsibilities for review and disposition?

Are there procedures for rework, retesting, and reassessment of nonconforming products that are followed?

Have appropriate records of quality problems been established and used?

Data from trend analysis indicates quality problems. Is the data used for CAPA decisions?

Is CAPA data complete, accurate, and current? Compare results across multiple data sources to identify quality issues.

Are appropriate statistical techniques being used?

Are investigations of equipment failures used to determine root cause?

Are failure investigations commensurate with the risks?

Are controls in place to prevent nonconforming products from being released?

Were CAPA actions effective, verified, validated, documented, and implemented appropriately?

Were CAPAs and nonconformances communicated to personnel responsible for quality assurance and problem prevention?

Were quality issues and CAPAs disseminated for management review?

Does the company have procedures for handling complaints and investigating advisory notices/recalls?

Ensure that provisions are in place to feed into the CAPA system.

Medical Device Reporting (MDR)

Do procedures exist for reporting medical devices (MDR) comply with legal requirements?

Does the company maintain MDR event files that comply with legal requirements?

Is appropriate MDR information identified, reviewed, reported, documented and filed?

Is the company effective in identifying reportable MDR events?

Does the company have procedures in place to receive, review and evaluate complaints?

Does the company maintain complaint files and ensure that they are appropriately accessible?

Are complaints evaluated to determine if an event should be an MDR?

Does the complaint investigation include: the name of the device, the date of the complaint, the device identification number, the complainant's contact information, details of the complaint, the date and results of the investigation, any corrective actions, and responses to the complainant?

Production and Process Controls (P&PC)

Are product realization processes planned? Confirm that risk management takes place throughout product realization.

Is product realization planning consistent with the requirements of other processes in the QMS?

Have requirements for suppliers, contractors, and consultants been defined? Ensure that suppliers, contractors, and consultants are selected based on their ability to meet requirements.

Does the company maintain records of acceptable suppliers, contractors, and consultants?

Is data maintained to support supplier requirements? Verify that suppliers, contractors, and consultants agree to keep the company informed of changes in products and/or services.

Are procedures in place to identify products at all stages of receipt, production, distribution, and installation?

Does the company maintain procedures and records to trace each unit or batch of finished equipment and components? (need not be required for all equipment)

Is the process controlled and monitored?

Has the equipment used been adjusted, calibrated and maintained?

Have control and monitoring activities been identified? Ensure control of inspection, measurement and test equipment, and calibration.

Has the company established procedures for production and process changes? Ensure changes are verified or validated, as required.

Do device history records (DHR) exist to identify rejects and/or nonconformances?

Have defects, rejects, nonconformances, and removal of materials been properly addressed?

Are processes validated that cannot be fully verified?

Are automated or software-driven processes validated for their intended use?

Are personnel trained in each manufacturing process and aware of potential errors?

Are monitoring and control methods, dates, date performed, people performing the process, and key equipment used documented?

Have links to other processes been identified?

Are infrastructure and work environment adequate and controlled?

Are maintenance schedules, routine inspections, and equipment adjustments recorded?

Are procedures in place for contamination control and cleanliness?

Is verification of purchased products adequate?

Do thee procedures define receiving, in-process, and final acceptance activities?

Are there records of receiving, in-process, and final acceptance activities?

Do the procedures define labeling activities, including integrity, inspection, storage, operation, and tracking numbers?

Do product packaging and shipping containers adequately protect the device during processing, storage, handling, shipping, and distribution?

Are procedures in place to prevent mix-ups, damage, deterioration, contamination, or other adverse effects to the product during handling?

Are there procedures in place for product distribution? Do distribution records include the recipient's name and address, identification and shipment quantity, shipment date, and identification numbers?

Are installation and inspection procedures in place? Verify that installation records are maintained.

Are maintenance procedures in place (if necessary)? Verify that service records are maintained.

Does the company identify, verify, protect, and safeguard customer property entrusted to its care?

Controls of the sterilization process

Checking the procedures of the sterilization process: Is the sterilization process validated?

Review of sterilization control and monitoring activities: Are processes, equipment and calibration up to date?

Purchasing Controls

Are suppliers evaluated for their ability to meet specific requirements?

Is the adequacy of the specifications of the materials and/or services provided by the supplier confirmed?

Does purchasing information identify requirements for approval of products, procedures, processes and equipment, personnel qualification requirements, and QMS requirements?

Suppliers are assessed for the ability to meet specified demands?

Supplier evaluation records are sustained?

Documentation and Records

Are documents and changes approved before use?

Are documents and records legible and identifiable?

Are documents of external origin identified with controlled distribution?

Does the company maintain a quality system record (QSR) that includes or refers to the location of procedures?

Are documents and records retained for the required period of time (this includes retention of obsolete controlled documents and records)?

Are change records reviewed and approved by the same functions that performed the original review and approval?

Do change records include a description of the change, identification of affected documents, approval signatures, approval date, and effective date?

Are documents available at the point of use and are outdated documents not used?

Does the company maintain DMRs for each type of device?

Do DMRs include or reference equipment specifications, production process specifications, quality assurance procedures and specifications (including acceptance criteria), packaging and labeling specifications (including acceptance criteria), and installation, maintenance, and repair procedures?

Are DHRs maintained and equipment manufactured to DMR?

Do implementation processes and product meet requirements?

Do DHRs include or reference date of manufacture, quantity manufactured, quantity released for distribution, acceptance records demonstrating that the device was manufactured per DMR, primary identification label and labeling used for each unit, and device identification and/or control numbers used?

Does the company maintain records of education, training, skills, and experience of/with resources?

Does the company maintain purchasing and vendor records?

Are sterilization process parameters and records maintained for each batch? Ensure sterilization validation records are kept.

Customer Requirements

Review product requirements: Are intended use, customer requirements, and regulatory requirements considered?

Are incoming contracts and purchase orders reviewed to clarify conflicting information and ensure customer requirements can be met?

Are procedures and systems in place for customer communication and feedback and ensuring integration with the CAPA system?

Technical Files

Have procedures for technical files been reviewed?

Do documents need to ensure planning, operation, and control of technical file processes?

Does the documentation address a general description of the product, intended use(s), and any variants, accessories, or other devices used in combination with the product?

Are design specifications, applied standards, and risk analysis results available?

Are the key requirements met?

Are techniques used to verify the design and validate the clinical data of the device(s)?

Does the documentation define the sterilization method and validation?

Does the documentation include the instruction manual(s) and labeling?

Have key subcontractors been documented?

Confirmation

Further comments/cecommendations:

Name of inspector:

Signature of the inspector:

This template was downloaded 2785 times

Frequently asked questions

How can an ISO 13485 audit checklist improve compliance?

An ISO 13485 audit checklist enhances compliance by providing a structured framework for evaluating your quality management system. It ensures all regulatory requirements are met, helps identify gaps, and facilitates the implementation of corrective actions, ultimately maintaining high standards of quality and safety.

What are common challenges in maintaining ISO 13485 standards?

Common challenges include keeping up with evolving regulations and ensuring consistent documentation. Overcome these by regularly updating your processes, training your team on new requirements, and using digital tools to streamline documentation and maintain accuracy across audits.

Why is team collaboration important in quality audits?

Team collaboration is crucial because it brings diverse insights and expertise to the audit process. Engaging your team fosters a culture of accountability and continuous improvement, ensuring that all aspects of the quality management system are thoroughly evaluated and enhanced.

How can you ensure continuous improvement in your quality management system?

Ensure continuous improvement by conducting regular audits, implementing feedback loops, and using data insights to refine processes. Encourage open communication to quickly address any identified issues and adapt to changes, fostering a proactive approach to quality management.

This template, developed by Lumiform employees, serves as a starting point for businesses using the Lumiform platform and is intended as a hypothetical example only. It does not replace professional advice. Companies should consult qualified professionals to assess the suitability and legality of using this template in their specific workplace or jurisdiction. Lumiform is not liable for any errors or omissions in this template or for any actions taken based on its content.