In February 2022, FDA proposed a new Quality Management System Regulation (QMSR) to better harmonize with ISO 13485.
However, the draft guidance left a lot to be desired, and there were just too many known unknowns for it to be an appropriately written final ruling.
FDA opened the proposed QMSR to public comment in March 2022, and has had little to say since.
Supposedly, the FDA is on track to release the final guidance before the end of this year, but we’ve seen what happens when the FDA runs smack into their own good intentions.
Case in point – QMSR was not on the FDA-issued list of final guidances slated for release in 2023.
So is it going to be released in 2023 or not? Not.
The ongoing delay may be due to pushback from FDA staffers who have been extensively trained in the old quality system inspection technique (QSIT).
Regulations are regulations, and inspections ar3e inspections, you may be thinking, so why is QMSR causing so much agita?
Well, for one thing, a QSIT inspection is very different from an ISO inspection, and inspectors are proving resistant to the idea of change, requiring FDA to launch a boatload of new training programs to being their inspectors up to speed.
Secondly, the preamble – which is generally intended to help industry interpret the regulatory statue that follows – has generated a lot of conversation and confusion because it’s really more like a regulation in and of itself.
For example, the preamble speaks a lot more to risk and understanding of how to apply risk not only in design controls, but in your quality management system, far in excess of what they imply in the single reference in the QMSR itself.
The preamble to the QMSR focuses heavily on risk, mentioning it a total of 36 times. The regulation itself only mentions risk once.
The preamble also replaces the term hazard analysis with risk analysis, even though the two terms are not interchangeable.
Related and heavily entwined, yes. But not the same.
The QMSR does close a lot of the gaps between the two, particularly relating to design controls. What had previously been covered in a few paragraphs in ISO 13485 now covered several pages.
However, there are still major differences between the two on the post-market side – surprise, surprise – but companies compliant with ISO 13485:2016 requirements for quality management and design control and risk management will be in a good place when it comes time to submit to the FDA.
Regardless, QMSR is coming, and it’s always a good idea to start preparing for regulatory changes sooner rather than later.
Our team is fluent in QSIT, QSR and QMSR, so if all this makes your head spin, give us a call: https://leanraqa.com/time
But wait – there’s more! Did you know that QMSR, ISO 13485 and MDSAP audits are all slightly different, despite attempts to harmonize them? It’s true, and I did a video about it: https://youtu.be/TvuCMvo42nQ