After years of anticipation by the MedTech industry, the Food and Drug Administration’s (FDA) Quality Management System Regulation is now the law of the land. Manufacturers who want to sell medical devices in the US must comply with the agency’s new requirements as outlined in the QMSR, which harmonized the previous Quality System Regulation, or QSR, with international quality systems standard ISO 13485:2016.
So, what should MedTech companies do now? Below are seven pro tips from QualityHub Corporate VP Sean Boyd and QualityHub Principal Consultant Elisabeth George on ways manufacturers can make sure their transition from QSR to QMSR is as smooth as possible.
1️⃣ Review FDA’s recently published Compliance Program Manual for the inspection of medical device manufacturers.
QHub’s Sean Boyd says: The Compliance Program Manual is published and we can review what the new inspection approach looks like and how the FDA is going to handle compliance and enforcement strategy under the new requirements. A company should be digesting that document, evaluating internal audits and FDA readiness activities and adapting them to reflect a new approach in advance of your next inspection by the agency. (Related Story: “R.I.P. QSIT (1999-2026): A Requiem for FDA’s Inspection Technique,” QualityHub, Jan. 27, 2026.)
2️⃣ Make sure the C-suite is tuned in.
QHub’s Sean Boyd says: For a long time now I’ve advised top leaders to champion QMSR readiness throughout the organization and prioritize all the actions that will be needed to prepare their people for an FDA inspection under the new requirements, and that means ensuring all documentation has been updated, performing internal assessments to identify gaps, evaluating and prioritizing how to address those gaps based on risk, and then developing plans to allocate resources to remediate any issues. (Related Story: “Risk Management & QMSR: 7 Questions Answered By FDA,” QualityHub, Jan. 15, 2026.)
What will be unique to executive leadership, though, is that the FDA is going to have additional visibility to management reviews, internal audits, and supplier audits. Those are documents that the FDA didn’t have access to previously and now do under the QMSR. Those documents are subject to review during inspections; they will demonstrate to investigators how your leaders act on internal findings. It will also show how leadership is made aware of issues and makes decisions to ensure continued product quality and patient safety over the product lifecycle. So, that’s something that leaders will need to consider and embrace through the QMSR transition.
3️⃣ Review your SOPs for what to do when an FDA investigator shows up at the factory door.
QHub’s Elisabeth George says: Of course, for device companies, those procedures should’ve always been there, but it’s important to make sure those standard operating procedures, or SOPs, are updated. It’s important to have all the basic requirements in place as outlined in SOPs. It’s no good if, when the FDA investigator arrives at a company’s front desk, an employee doesn’t say, “I don’t know who to call.”
4️⃣ Remember it’s OK to say you don’t know something about the QMSR – but get expert help ASAP if you’re lost in the wilderness.
QHub’s Elisabeth George says: Quality leadership needs to be aware of what’s in the QMSR and that, as of now, it’s OK if they accidentally say, for example, “Design History Files.” We’re all human, and it can be difficult to change your vocabulary overnight to say DHF’s replacement, “Design and Development Files.” (Related Story: “QMSR’s Design & Development: 7 Questions Answered By FDA,” QualityHub, Jan. 21, 2026.)
However, if you talk to these quality leaders and they say, “QMSR – what’s that?” well, that’s not good, to put it mildly.
Further, if you haven’t conducted a gap analysis by now of the differences between the old QSR and the new QMSR and you haven’t taken the time to educate your leadership the basics of the QMSR, then you should quickly get some help. And if you’ve not trained staff to know what to do when the FDA shows up for a QMSR inspection or if you haven’t created a quality plan for QMSR or updated your quality processes, you better be calling for help.
5️⃣ Remember that being ISO 13485 certified isn’t sufficient for a company to prove to the FDA that it’s in compliance with the QMSR.
QHub’s Sean Boyd says: Being ISO 13485 certified simply means a company has passed an ISO 13485 audit conducted by a third party. A certificate supplied is evidence that the company has successfully implemented the standard and is in compliance with it. (Related Story: “QMSR: FDA Answers 21 Burning Questions From MedTechs,” QualityHub, Jan. 2, 2026.)
Importantly, FDA has said it won’t accept that certification as evidence of compliance with agency regulations, which is consistent with how the FDA implemented the Medical Device Single Audit Program. An ISO 13485 certificate is not accepted by the FDA as evidence of compliance; rather, an MDSAP audit report conducted by an auditing organization is relied on to determine compliance with FDA expectations. So, just like MDSAP certification doesn’t demonstrate compliance with FDA requirements, an ISO certification is not going to do that either.
6️⃣ Pay close attention to supplier oversight activities and practices.
QHub’s Sean Boyd says: Look at the relationships you have with suppliers you have in place today because the FDA is now able to review supplier audit reports. (Related Story: “A ‘Major Change’: Is Your MedTech Company Ready for FDA’s Review of Audit Reports?” QualityHub, Jan. 1, 2026.)
Also, from a risk management perspective, make sure you’re managing suppliers based on risk and that the practices you’re using in your company have the appropriate controls to ensure you’re getting the products and services you need from those suppliers. Your suppliers should have processes and controls in place internally to deliver those products and services that meet your expectations and requirements.
7️⃣ Engage with peers in industry to share personal experiences and conduct a mock FDA inspection.
QHub’s Elisabeth George says: Embracing and chatting with others is a great idea as companies transition to the QMSR, and hiring a consultant to come in and perform a mock audit is money well spent. A device company should discover their nonconformities and develop a well-defined strategy and quality plan before the FDA arrives for an inspection and blows them out of the water because their quality system is completely screwed up.
