How to Ensure Your Quality Management System Processes and Procedures are Compliant in 2021?

In highly regulated industries like life sciences, you have to make sure every i is dotted, and every t is crossed. The US FDA and other regulatory agencies have strict requirements for document control, training, CAPA, and other aspects of operations. Your processes must support continuous compliance, and your organization needs to be ready to respond to requests for documentation, an audit, or regulatory changes.

Ensuring your processes and procedures are compliant can feel like an overwhelming task if you're just getting started. Life sciences startups and scale-ups in the research and development phase need to create a quality management system which can scale.

We'll guide you through the steps to ensure your organization can maintain compliance and deliver exceptional, industry-leading products.

How to Ensure Compliance for Your Quality Management System in 2021

A quality management system (QMS) is a comprehensive set of business processes and procedures designed to meet customer requirements and create quality products. The QMS should be aligned with regulatory requirements and the organization’s purpose.

Your organization is responsible for creating a QMS which helps you bring products to market that meet the requirements of regulatory agencies and your customers. Fast-tracking compliance requires you to understand all applicable regulations, existing QMS formats, and which electronic QMS software is the best fit you.

Understand the Regulations

Your organization needs to meet regulatory requirements to produce a high-quality product which also meets customer requirements. Depending on your industry or market, you may even hope to achieve certification or compliance with ISO 9001, ISO 13485, or another set of international quality standards.

There are a large number of acts, regulations, current good practices, and standards which impact organizations in the life sciences industry. The applicable Current Good Manufacturing Practice (cGMP) regulations that affect your organization could even vary within a single vertical depending on your company's product if you manufacture a medical device or combination product.

The first step toward creating compliant processes is to define all of the requirements which impact your organization clearly.

Requirement #1: Customer Requirements

Determining your organization’s target customer should be relatively straightforward, especially compared to gathering compliance requirements. Creating a clear vision of your ideal customer can support the future creation of product documentation, such as the QMS scope document required by both ISO 9001 and ISO 13485.

RELATED READING: What an ISO 13485 Quality Manual for Medical Devices Should Look Like

Requirement #2: Regulatory Requirements

Life sciences organizations are subject to regulatory requirements from federal, state, and local agencies which include product standards for health and safety, but also include requirements for insurance, facility fire code, waste management, and other components of compliant operations.

Requirement #3: Product and Industry Standards

Life sciences organizations are subject to mandatory standards for product safety and codes of practice for operations. For example, Class III medical devices manufactured on or after September 24th, 2016 are subject to strict requirements for the inclusion of a Unique Device Identifier and inclusion in the FDA GUDID tracking system. Understanding your specific product and industry standards may be relatively straightforward, or incredibly complex. Organizations in medical device or combination product verticals may require the assistance of an expert consultant to map all applicable product and industry standards.

Create a Regulatory Register

To make the process of understanding regulatory requirements easier at a glance, you may choose to create a quick register of legal and regulatory obligations and map these requirements to all impacted operational activities. This list can be extremely extensive if your organization has a large number of locations, is subject to multiple requirements, or manages an extensive supply chain. An example of one entry in a regulatory register is listed below.

Source Document

ISO 13485

Regulatory Requirement

Create and implement SOPs for labeling and packaging (7.5)

Impacted Operations

  • Quality Management
  • Quality Assurance
  • Labeling
  • Packaging

Evidence of Compliance

  • Create a unique, specific record for each batch of devices manufactured and approved (7.5)
  • Verify and accept each device batch record (7.5)

Adopt a QMS Format

It's not easy to create your own processes and procedures for quality management based on compliance requirements. In fact, it's nearly impossible. FDA cGMP clearly state they are not recommended to provide a comprehensive QMS, and that organizations can benefit from adopting a structured approach. Your path to compliance and total quality management will be much simpler if you use an existing QMS and adapt it when necessary to meet any additional regulatory needs.

ISO 13485 is a great place to start for a QMS format since major medical device markets require the international standards. The US FDA may soon replace existing FDA QSR with ISO 13485, but the current guidance for device manufacturers closely mirrors ISO.

For pharmaceutical industries, the format which provides the best groundwork for compliance may be ICH Q10. Neither ISO 13485 or ICH Q10 is 100% compliant with FDA requirements for device or pharma, but they're a strong starting point which require only minor modifications to minimize regulatory risk. That's certainly simpler than building a QMS from the ground up.

While it's essential to ensure your organization covers FDA requirements, the goal is both quality and compliance. FDA regulations are not as prescriptive in how to set up a QMS as ISO or ICH guidelines.

RELATED READING: What is cGMP in the Pharmaceutical Industry? An Expert Roundup

Implement the Best eQMS

The best eQMS for your life sciences company depends on your industry and the size of your organization. A quality management software can help your organization achieve dramatically better compliance with FDA and international regulations, as well as more quality-driven product, quality, and customer processes. Prioritize cloud QMS software which is specialized for organizations in the same vertical and growth stage as your own, and consider the following factors.

Comprehensive Solution

The best QMS software offers an all-in-one, cloud-based tool with fully integrated quality processes instead of standalone tools or separate modules. You should look for a single software which can handle all of your organizations quality processes, documents, and quality data.


Cloud software offers the advantage of ease-of-use, global access, and lower lifetime maintenance costs, especially when compared to premises-based solutions. Outdated technology can hinder compliance efforts by pulling resources towards updates and system maintenance.

RELATED READING: FDA Regulatory Compliance Software: Cloud vs. On-Premises

Create Collaboration

The QMS should facilitate practical cooperation between quality management and internal staff, as well as external partners like suppliers and auditors. The system should support global collaboration between users with automated notifications and in-line commenting on document control processes.


A confusing UX can frustrate staff. When it’s hard to complete workflows correctly, you can face compliance errors, data quality issues, and staff resistance. The QMS should be intuitive for users.

Control and Flexibility

The QMS should offer a right-sized balance between control and flexibility. It should provide built-in processes for compliant documentation and quality processes. It should be flexible enough to fit your business and facilitate continuous improvement without huge software updates.

Learn more in 6 Essential Qualities of the Best eQMS Systems.

Focus on Quality Over Compliance

Change is the only certainty in today's regulatory environment. Life sciences organizations can expect many changes to regulatory requirements in the months and years ahead from the FDA, EU, and other regulatory agencies.

Achieving immediate compliance is critical, and maintaining this compliance 24/7/365 is key to avoiding the costly fines and reputational damage of non-compliance. However, it may be essential to understand that compliance is a moving target, and a quality-driven culture of compliance is a better strategic goal.


In a recent interview with Larua Araujo, Vice President of Quality at 4G Clinical, Laura shares how quality impacts product and why it's important to 4G customers.

Taking a checklist approach to compliance can result in rigid organizational processes or an eQMS which can't quickly adapt to new regulatory changes. A better mindset is to exceed compliance requirements with an obsessive focus on quality throughout organizational processes. Your systems and processes should meet cGMP, but they should also facilitate continuous improvement and agility. 

Robert Fenton

Qualio Founder & CEO. Helping healthcare organizations launch life-saving products faster.