Complete guide to the MDSAP's nonconformity grading system


    The Medical Device Single Audit Program (MDSAP) is a program that allows the completion of a single medical device QMS regulatory audit that satisfies the requirements of multiple countries simultaneously. 

    The program largely relies on adherence to ISO 13485:2016, as well as elements of the FDA’s QSR. 

    But a unique ingredient of the MDSAP is its nonconformity grading system: in an effort to make nonconformity grading more consistent, the MDSAP does away with traditional criteria such as 'significant findings', 'regular findings' and significant opportunities for improvement', and instead uses a tiered point system introduced by the GHTF.

    Preparing for an MDSAP audit? Or just want some inspiration for an internal nonconformity grading system of your own, that aligns with industry practice?

    Let's explore how it works.


    MDSAP countries


    The MDSAP is a way for medical device manufacturers to be audited once to unlock access to five different international markets:

    1) Australia

    2) Brazil

    3) Canada

    4) Japan

    5) The United States


    Passing through the MDSAP process and getting the simultaneous stamp of approval for these 5 major economies is, of course, not easy.

    The MDSAP is designed to be rigorous and leave very little room for error and quality weakness. After all, any defective device could wreak havoc in five large countries rather than one if it were to slip through the cracks.

    It's in this framework that the MDSAP's unique nonconformity grading system makes sense. Let's dive into how it works.


    The point-based nonconformity grading system

    The MDSAP's grading system works in two steps:

    1) By assigning points to nonconformities observed against ISO 13485 requirements using a 4-point grading matrix

    2) Feeding that initial point score into a pair of escalation rules that may lift the grade even higher

    Let’s explore how each step works.

    Step #1: the grading matrix


    MDSAP nonconformity grading matrix


    The matrix divides the clauses of ISO 13485:2016 into two distinct categories:

    1) Those that indirectly impact your QMS as 'administrative enablers'

    2) Those that directly impact it with a direct influence on your design and manufacturing controls which, in turn, directly impacts your product's safety and performance

    The matrix then adds an 'occurrence' factor designating if that nonconformity has been observed in either of your two previous QMS audits.

    The logic is clear: a recurring nonconformity directly impacting your QMS is a far more serious finding than a one-off indirect nonconformity, and so receives a higher grade.


    Step #2: escalation


    MDSAP nonconformity escalation


    Your initial matrix grade is then augmented as follows if additional risk factors are identified.

    +1: Absence of a documented process or procedure

    +1: Release of a nonconforming device

    The most serious type of nonconformity finding in an MDSAP audit would therefore be a recurring nonconformity (+2), directly impacting your QMS (+2), unsupported by any documented process or procedure (+1), and which has caused the release of a nonconforming device to market (+1).

    Although the maximum theoretical score is 6, scores of 5 and 6 are treated as equally serious and so the score is capped at 5.

    In this particular case, a high grade is not something to be proud of!


    More reading


    Do you feel prepared for your upcoming medical device audit?

    Download our audit readiness checklist for medical device companies to get shipshape and confident.