What is MDSAP? How Did it Start?
The Medical Device Single Audit Program (MDSAP) is a harmonized approach to evaluating the quality management systems of medical device manufacturers in the USA, Canada, Australia, Brazil, and Japan. The program was developed by the IMDRF (International Medical Device Regulators Forum) in an effort to allow Auditing Organizations (AOs) to conduct a audit of a medical device manufacturer that will cover ISO 13485:2016 and their applicable regulatory requirements, such as:
A ‘pilot’ of the program was run from Jan 1, 2014 to Dec 31, 2016 by the in-scope countries. On Jun 29, 2017, a report was generated summarizing the outcomes of prospective “proof-of-concept” criteria established to confirm the viability of the Medical Device Single Audit Program. Canada was the first country to require MDSAP certification for any companies selling devices in their country.
What is the Output & Benefits?
The output of the MDSAP audits (audit reports) may be used by relevant regulatory authorities (US, Canada, Australia, Brazil, Japan) in lieu of their own inspection reports, though many of the countries retain the right to perform an inspection if warranted, notably in instances of new device applications, and for-cause audits.
Benefits from the program are apparent on both the regulator side, as well as the manufacturer side. Below are a few examples of each:
Regulators (FDA, Canada, etc):
How is MDSAP Structured vs. ISO 13485 and Country Regulations?
MDSAP isn’t a new ‘standard’ or ‘regulation’, rather its an approach/model built from the existing standards and regulations for the in-scope countries. The MDSAP model utilizes ‘Chapters’ rather than ‘Sections’ and they are as follows:
Chapters of the MDSAP Audit Model:
What are MDSAP’s Internal Auditing Requirements?
The MDSAP model covers Internal Auditing requirements in Chapter 3, Task #10, which states the following and references the revelant standards & country regulations (ISO 13485:2016: 6.2, 8.2.4; TG(MD)R Sch3 P1 1.4(5)(b)(iii); RDC ANVISA 16/2013: 7.3; MHLW MO169: 22, 23 56; 21 CFR 820.22, 820.100):
“Verify that internal audits of the quality management system are being conducted according to planned arrangements and documented procedures to ensure the quality management system is in compliance with the established quality management system requirements and applicable regulatory requirements, and to determine the effectiveness of the quality system. Confirm that the internal audits include provisions for auditor training and independence over the areas being audited, corrections, corrective actions, follow-up activities, and the verification of corrective actions.