Logo

Medical Device QMS Audit Services - EU MDR and MDSAP Compliance

"We reveal not only what needs to be done, but also what you don't need to do."

The Partner for EU MDR Certification Audits and MDSAP Compliance

At QMLogic, we bring years of hands-on experience in designing and implementing QMS systems aligned with ISO 13485, IEC 62304, 21 CFR 820, ISO 14971, and ISO 27001.
We have guided companies through EU MDR certifications, MDSAP audits, FDA establishment inspections, and notified body assessments. Having participated in numerous GMP/QSR inspections and regulatory audits, our experts know exactly where companies struggle, how to avoid costly nonconformities and we bring a unique perspective that combines regulatory knowledge with practical implementation experience.
We don’t just identify compliance gaps; we provide practical, tailored solutions and help you implement them effectively.

Comprehensive QMS Audit Services Based on ISO 13485 and FDA 21 CFR 820

Understanding Your Business, Not Just Checking Boxes

When conducting internal audits, we don't merely focus on compliance with ISO 13485, FDA 21 CFR 820, and other standards. We strive to understand your company's internal structure, culture, and operational dynamics. Our goal is to demonstrate your compliance with external auditors without forcing unnecessary changes to your existing QMS.
"Auditing goes beyond gap assessment, we propose optimal solutions tailored to your company."
We recognize that internal efficiency, speed, and process agility are just as important as regulatory compliance. We won't push solutions that don't fit your organization. Instead, we will explain how external auditors view specific requirements and help you communicate your unique approaches effectively during establishment inspections and certification audits.

Holistic Approach to Medical Device Software Audits

Integrating and Aligning ISO 13485, IEC 62304 and ISO 14971

At QMLogic, we don’t audit ISO standards in isolation. Having been present at numerous EU MDR and MDSAP audits we mirror the approach of notified bodies and regulators by combining requirements from multiple frameworks into one cohesive assessment:
  • ISO 13485 (Quality Management Systems)
  • FDA 21 CFR 820 (QSR)
  • IEC 62304 (Software Lifecycle)
  • ISO 14971 (Risk Management)
  • ISO 27001 (Information Security)
  • IEC 81001-5-1 (Cybersecurity)
These standards overlap significantly, and requirements are often repeated across regulations. By taking a holistic view, we help you avoid duplication, reduce complexity, and ensure consistent compliance, especially for SaMD/MDSW and software-based in-vitro diagnostics.
Many companies struggle with integrating these standards, particularly with Design Controls, where requirements from ISO 13485, 21 CFR 820.30, and IEC 62304 cannot be separated. We ensure seamless alignment between:
  • Quality Management System processes (ISO 13485)
  • Software lifecycle activities (IEC 62304)
  • Risk management frameworks (ISO 14971)
  • Cybersecurity requirements (IEC 81001-5-1)
This integrated approach prevents the gaps that commonly arise when standards are applied in silos, ensuring your QMS is truly ready for EU MDR certification and MDSAP audits.

Specialized Audit Services for Every Need

ISO 13485 QMS Audits - Foundation for Compliance

Our ISO 13485 audits focus on the most critical areas where findings commonly occur (among other things such Design Controls):
  • Management Reviews - Ensuring effectiveness and proper documentation
  • Monitoring and Measurements of QMS Processes - Validating your QMS metrics
  • CAPA Systems - Verifying robust corrective and preventive action processes
  • Analysis of Data - Confirming data-driven QMS improvements
  • Control of Documents and Records - Assessing your eQMS implementation
These areas form the backbone of your quality system and are scrutinized heavily during establishment inspections and GMP/QSR inspections.

IEC 62304 & IEC 82304 - Medical Device Software Audits

"Auditing isn't about rigidly covering forms; it’s about understanding current systems to design better solutions."
Our medical device software audits address the unique requirements based on Software Safety Classification and software lifecycle standards.
  • Software verification and validation approaches tailored to each safety class
  • Design specification requirements specific to medical device software
  • SOUP/OTS component management and documentation
  • Cloud-based solution compliance
  • Post-market monitoring including vulnerability scanning
  • Integration with cybersecurity requirements
We ensure your software development processes meet both IEC 62304 for medical device software and IEC 82304 for health software products.

ISO 14971 Risk Management Audits - Beyond Basic Compliance

Our ISO 14971 audits specifically focus on:
  • Integration with Design Controls - Ensuring alignment with IEC 62304 and 21 CFR 820.30
  • Post-Market Surveillance Connection - Linking risk management to real-world data
  • Software Safety Classification - Proper assessment and documentation
  • Problem Resolution Processes - As required by IEC 62304
These are common gap areas where companies struggle to demonstrate integrated compliance across standards.

ISO 27001 & IEC 81001-5-1 Cybersecurity Audits

For medical device software, cybersecurity is paramount. Our audits evaluate:
  • Integration of cybersecurity requirements with your ISO 13485-based QMS
  • Clear connection between security risks and safety risks per ISO 14971
  • How security risk control measures flow into software requirements (IEC 62304)
  • Whether threat modeling properly reflects software architecture
  • Compliance with ISO 27001 information security management

Internal Audits as Preparation for External MDSAP and EU MDR Audits

"We create QMS and their processes; we know the pitfalls that we'll help you not only identify but also resolve."
Internal audits are more than just a compliance checkbox for requirements in ISO 13485 or FDA 21 CFR 820. When done properly, internal audits, followed by process optimization, become a strategic tool that will:
  • Increase your operational efficiency and process maturity
  • Prepare you for external EU MDR certification audits
  • Ensures readiness for MDSAP assessments
  • Help you avoid unnecessary findings during establishment inspections
  • Ensure smooth GMP/QSR inspections
Unlike traditional audits that only identify gaps, our approach mirrors the methodology of notified bodies and regulatory authorities. We simulate external audit conditions, so your team experiences a realistic review process before facing regulators and is truly prepared for external scrutiny.
This proactive preparation means fewer surprises, faster corrective actions, and a QMS that is truly audit-ready and resilient.
Book a Consultation
Ready to strengthen your audit strategy? Schedule a call with our experts to discuss your audit readiness and how we can tailor an internal audit program that fits your organization’s needs.

Expert Representation During External Audits

We don't just conduct internal audits and prepare you for external assessments - we also represent our clients during external audits, MDSAP assessments, and establishment inspections.
Key advantages:

Rapid Response to Auditor Requirements

We quickly address auditor questions using appropriate regulatory terminology and strategies. We understand their regulatory language and know exactly what they're asking for.

Effective Process Communication

We explain your internal processes in ways that demonstrate compliance, knowing precisely what auditors need to hear to understand your approach meets requirements.

Strategic Finding Management

When nonconformities arise, we immediately discuss aspects of the finding with auditors, enabling efficient and optimal corrective actions that satisfy regulatory expectations without disrupting your operations.

Why Choose QMLogic for Your Audit Needs

With years of hands-on experience in both implementing QMS systems and undergoing numerous external audits ourselves, we bring a unique perspective that combines:
  • Practical, results-oriented approach - We focus on what truly matters for compliance and efficiency
  • Deep regulatory knowledge - Extensive experience with EU MDR, MDSAP, FDA inspections, and ISO certifications. Explore our Regulatory Affairs Consulting Services
  • Integrated standard expertise - We understand how ISO 13485, IEC 62304, ISO 14971, and other standards work together
  • Real-world implementation experience - We've built these systems, we know what works
Whether you need comprehensive QMS audits based on ISO 13485, specific audits for medical device software per IEC 62304, preparation for MDSAP audits, or expert representation during establishment inspections, we provide the expertise and support you need to achieve and maintain compliance efficiently.
Our commitment is simple: we help you build a compliant, efficient QMS that works for your organization - not against it. We identify not just gaps, but opportunities for improvement, ensuring your quality system supports both regulatory compliance and business success.
Logo

© 2025 by QMLogic

Pages

HomeAbout usTestimonialsContact

Services

Medical Device RegulationQuality Management DigitalizationMedical Device Development

Information

ImprintPrivacy Policy

Contact Details

Address:
QMLogic s.r.o.
Nove sady 988/2, 602 00 Brno, Czech Republic
hello@qmlogic.comLinkedin