Medical Device Single Audit Program (MDSAP)

What is MDSAP? How Did it Start?
The Medical Device Single Audit Program (MDSAP) is a harmonized approach to evaluating the quality management systems of medical device manufacturers in the USA, Canada, Australia, Brazil, and Japan. The program was developed by the IMDRF (International Medical Device Regulators Forum) in an effort to allow Auditing Organizations (AOs) to conduct a audit of a medical device manufacturer that will cover ISO 13485:2016 and their applicable regulatory requirements, such as:

FDA 21 CFR Parts 802, 803, 806, 807, 820 for the US
SOR/98-282 for Canada
TG(MD)R for Australia
RDC ANVISA 16/2013 for Brazil
MHLW MO169 for Japan

A ‘pilot’ of the program was run from Jan 1, 2014 to Dec 31, 2016 by the in-scope countries. On Jun 29, 2017, a report was generated summarizing the outcomes of prospective “proof-of-concept” criteria established to confirm the viability of the Medical Device Single Audit Program. Canada was the first country to require MDSAP certification for any companies selling devices in their country.

What is the Output & Benefits?
The output of the MDSAP audits (audit reports) may be used by relevant regulatory authorities (US, Canada, Australia, Brazil, Japan) in lieu of their own inspection reports, though many of the countries retain the right to perform an inspection if warranted, notably in instances of new device applications, and for-cause audits.

Benefits from the program are apparent on both the regulator side, as well as the manufacturer side. Below are a few examples of each:

Regulators (FDA, Canada, etc):

Cost savings due to reduction in audit workload.
Increased likelihood of adhering to congressional mandates regarding audit frequency.
Access to more market data / insight into aspects that other Regulators are auditing/covering.
Increased ability to focus on new device applications or product issues.

Manufacturers:

Reduction in the number of audits and inspections a manufacturer must undergo.
Minimization of business disruptions due to consolidation of audit days.
May expedite entrance into markets where traditional regulatory oversight can cause significant delays.
Reduction in uncertainty related to the audit approach/model.

How is MDSAP Structured vs. ISO 13485 and Country Regulations?
MDSAP isn’t a new ‘standard’ or ‘regulation’, rather its an approach/model built from the existing standards and regulations for the in-scope countries. The MDSAP model utilizes ‘Chapters’ rather than ‘Sections’ and they are as follows:

Chapters of the MDSAP Audit Model:

1 – Management
2 – Device Mkt. Authorization & Facility Reg.
3 – Measurement, Analysis & Improvement
4 – Adverse Events & Adv. Notices Reporting
5 – Design and Development

6 – Production and Service Controls
7 – Purchasing
Annex 1 – Technical Documentation
Annex 2 – Sterile Medical Devices

What are MDSAP’s Internal Auditing Requirements?
The MDSAP model covers Internal Auditing requirements in Chapter 3, Task #10, which states the following and references the revelant standards & country regulations (ISO 13485:2016: 6.2, 8.2.4; TG(MD)R Sch3 P1 1.4(5)(b)(iii); RDC ANVISA 16/2013: 7.3; MHLW MO169: 22, 23 56; 21 CFR 820.22, 820.100):

“Verify that internal audits of the quality management system are being conducted according to planned arrangements and documented procedures to ensure the quality management system is in compliance with the established quality management system requirements and applicable regulatory requirements, and to determine the effectiveness of the quality system. Confirm that the internal audits include provisions for auditor training and independence over the areas being audited, corrections, corrective actions, follow-up activities, and the verification of corrective actions.

We Work With Companies Like

Certified Local Quality Management System (QMS) Internal Auditing and Supplier Auditing Experts when and where you need them