Logo

Medical Device QMS Audit Services - EU MDR and MDSAP Compliance

We reveal not only what needs to be done, but also what you don't need to do.

The Partner for EU MDR Certification Audits and MDSAP Compliance

At QMLogic, we bring years of hands-on experience in designing and implementing QMS systems aligned with ISO 13485, IEC 62304, 21 CFR 820, ISO 14971, and ISO 27001.We have guided companies through EU MDR certifications, MDSAP audits, FDA establishment inspections, and notified body assessments. Having participated in numerous GMP/QSR inspections and regulatory audits, our experts know exactly where companies struggle, how to avoid costly nonconformities and we bring a unique perspective that combines regulatory knowledge with practical implementation experience.We don’t just identify compliance gaps; we provide practical, tailored solutions and help you implement them effectively.

Comprehensive QMS Audit Services Based on ISO 13485 and FDA 21 CFR 820

Understanding Your Business, Not Just Checking Boxes

When conducting internal audits, we don't merely focus on compliance with ISO 13485, FDA 21 CFR 820, and other standards. We strive to understand your company's internal structure, culture, and operational dynamics. Our goal is to demonstrate your compliance with external auditors without forcing unnecessary changes to your existing QMS.

Auditing goes beyond gap assessment, we propose optimal solutions tailored to your company.

We recognize that internal efficiency, speed, and process agility are just as important as regulatory compliance. We won't push solutions that don't fit your organization. Instead, we will explain how external auditors view specific requirements and help you communicate your unique approaches effectively during establishment inspections and certification audits.

Holistic Approach to Medical Device Software Audits

Integrating and Aligning ISO 13485, IEC 62304 and ISO 14971

At QMLogic, we don’t audit ISO standards in isolation. Having been present at numerous EU MDR and MDSAP audits we mirror the approach of notified bodies and regulators by combining requirements from multiple frameworks into one cohesive assessment:
  • ISO 13485 (Quality Management Systems)
  • FDA 21 CFR 820 (QSR)
  • IEC 62304 (Software Lifecycle)
  • ISO 14971 (Risk Management)
  • ISO 27001 (Information Security)
  • IEC 81001-5-1 (Cybersecurity)
These standards overlap significantly, and requirements are often repeated across regulations. By taking a holistic view, we help you avoid duplication, reduce complexity, and ensure consistent compliance, especially for SaMD/MDSW and software-based in-vitro diagnostics.Many companies struggle with integrating these standards, particularly with Design Controls, where requirements from ISO 13485, 21 CFR 820.30, and IEC 62304 cannot be separated. We ensure seamless alignment between:
  • Quality Management System processes (ISO 13485)
  • Software lifecycle activities (IEC 62304)
  • Risk management frameworks (ISO 14971)
  • Cybersecurity requirements (IEC 81001-5-1)
This integrated approach prevents the gaps that commonly arise when standards are applied in silos, ensuring your QMS is truly ready for EU MDR certification and MDSAP audits.

Specialized Audit Services for Every Need

ISO 13485 QMS Audits - Foundation for Compliance

Our ISO 13485 audits focus on the most critical areas where findings commonly occur (among other things such Design Controls):
  • Management Reviews - Ensuring effectiveness and proper documentation
  • Monitoring and Measurements of QMS Processes - Validating your QMS metrics
  • CAPA Systems - Verifying robust corrective and preventive action processes
  • Analysis of Data - Confirming data-driven QMS improvements
  • Control of Documents and Records - Assessing your eQMS implementation
These areas form the backbone of your quality system and are scrutinized heavily during establishment inspections and GMP/QSR inspections.ISO 13485 Consulting Services

IEC 62304 & IEC 82304 - Medical Device Software Audits

Auditing isn't about rigidly covering forms; it’s about understanding current systems to design better solutions.

Our medical device software audits address the unique requirements based on Software Safety Classification and software lifecycle standards.
  • Software verification and validation approaches tailored to each safety class
  • Design specification requirements specific to medical device software
  • SOUP/OTS component management and documentation
  • Cloud-based solution compliance
  • Post-market monitoring including vulnerability scanning
  • Integration with cybersecurity requirements
We ensure your software development processes meet both IEC 62304 for medical device software and IEC 82304 for health software products.ISO 62304 Consulting Services

ISO 14971 Risk Management Audits - Beyond Basic Compliance

Our ISO 14971 audits specifically focus on:
  • Integration with Design Controls - Ensuring alignment with IEC 62304 and 21 CFR 820.30
  • Post-Market Surveillance Connection - Linking risk management to real-world data
  • Software Safety Classification - Proper assessment and documentation
  • Problem Resolution Processes - As required by IEC 62304
These are common gap areas where companies struggle to demonstrate integrated compliance across standards.ISO 14971 Consulting Services

ISO 27001 & IEC 81001-5-1 Cybersecurity Audits

For medical device software, cybersecurity is paramount. Our audits evaluate:
  • Integration of cybersecurity requirements with your ISO 13485-based QMS
  • Clear connection between security risks and safety risks per ISO 14971
  • How security risk control measures flow into software requirements (IEC 62304)
  • Whether threat modeling properly reflects software architecture
  • Compliance with ISO 27001 information security management
ISO 27001 Consulting ServicesIEC 81001-5-1 Consulting Services

Internal Audits as Preparation for External MDSAP and EU MDR Audits

We create QMS and their processes; we know the pitfalls that we'll help you not only identify but also resolve.

Internal audits are more than just a compliance checkbox for requirements in ISO 13485 or FDA 21 CFR 820. When done properly, internal audits, followed by process optimization, become a strategic tool that will:
  • Increase your operational efficiency and process maturity
  • Prepare you for external EU MDR certification audits
  • Ensures readiness for MDSAP assessments
  • Help you avoid unnecessary findings during establishment inspections
  • Ensure smooth GMP/QSR inspections
Unlike traditional audits that only identify gaps, our approach mirrors the methodology of notified bodies and regulatory authorities. We simulate external audit conditions, so your team experiences a realistic review process before facing regulators and is truly prepared for external scrutiny.This proactive preparation means fewer surprises, faster corrective actions, and a QMS that is truly audit-ready and resilient.Book a ConsultationReady to strengthen your audit strategy? Schedule a call with our experts to discuss your audit readiness and how we can tailor an internal audit program that fits your organization’s needs.

Expert Representation During External Audits

We don't just conduct internal audits and prepare you for external assessments - we also represent our clients during external audits, MDSAP assessments, and establishment inspections.Key advantages:

Rapid Response to Auditor Requirements

We quickly address auditor questions using appropriate regulatory terminology and strategies. We understand their regulatory language and know exactly what they're asking for.

Effective Process Communication

We explain your internal processes in ways that demonstrate compliance, knowing precisely what auditors need to hear to understand your approach meets requirements.

Strategic Finding Management

When nonconformities arise, we immediately discuss aspects of the finding with auditors, enabling efficient and optimal corrective actions that satisfy regulatory expectations without disrupting your operations.

Why Choose QMLogic for Your Audit Needs

With years of hands-on experience in both implementing QMS systems and undergoing numerous external audits ourselves, we bring a unique perspective that combines:
  • Practical, results-oriented approach - We focus on what truly matters for compliance and efficiency
  • Deep regulatory knowledge - Extensive experience with EU MDR, MDSAP, FDA inspections, and ISO certifications. Explore our Regulatory Affairs Consulting Services
  • Integrated standard expertise - We understand how ISO 13485, IEC 62304, ISO 14971, and other standards work together
  • Real-world implementation experience - We've built these systems, we know what works
Whether you need comprehensive QMS audits based on ISO 13485, specific audits for medical device software per IEC 62304, preparation for MDSAP audits, or expert representation during establishment inspections, we provide the expertise and support you need to achieve and maintain compliance efficiently.Our commitment is simple: we help you build a compliant, efficient QMS that works for your organization - not against it. We identify not just gaps, but opportunities for improvement, ensuring your quality system supports both regulatory compliance and business success.

Testimonials | Our Expertise in MedTech

Temedica
Michael Maretzke
CTO
Vaclav did support our journey to become ISO 13485 certified with relentless work put into great processes, great communication and detailed and to the point conversations with the teams, individual members - but also our external auditors. He was of great support to move our QMS to the next level. He was the key person behind the move away from paper / scan based documents towards a digital setup.If you are in need for a structured person with great communication skills, a good understanding of the regulatory environment, I can only recommend to reach out to Vaclav. Lucky you if he's not booked ;-) Besides all the success he's an enjoyable and humble character. Great experience to having worked with him.
Börm Bruckmeier Verlag
Nathalie Blanck
Chief Content Officer
Vaclav was for our company an immense help in the process of getting ISO 13485 certified. He set up lots of QMS relevant documents, implemented a project management system in our company to support the sprints, the ticketing system and the overall documentation and gave always valuable input for all questions which arised in the long certification process. Vaclav is a very reliable, friendly person with excellent knowledge in medical, technical and regulatory fields.I liked his humour a lot, especially in tensed situations he was able to smooth out waves of stress.His structured way of working and his communications skills helped a lot to move ahead with all involved stakeholders - no matter if international programming team, auditors or clients.I would love to work with him again and envy anyone who will - lucky you!

Get consultancy for free

Ask anything you need to know about Medical Software, CE certification or MDR.

No obligations, newsletters or follow-up marketing, we promise :)
0/2000
    Logo

    © 2025 by QMLogic

    Pages

    HomeAbout usTestimonialsContact

    Services

    Medical Device RegulationQuality Management DigitalizationMedical Device Development

    Information

    ImprintPrivacy PolicyCookies

    Contact Details

    Address:
    QMLogic s.r.o.
    Nove sady 988/2, 602 00 Brno, Czech Republic
    hello@qmlogic.comLinkedin