Skip to content
CROSSWALK

QMSR / ISO 13485 §820.198 / 820.100

Maps to

QMSR / ISO 13485: §820.198 / 820.100

ISO 13485: §7.2

Requirement text

Product-related requirements must be determined — including customer requirements, statutory and regulatory requirements, and any additional requirements. Requirements must be reviewed before committing to supply. Customer communication processes must be established, including procedures for advisory notices and field safety corrective actions.

What changed

Part 820 addressed customer-related requirements indirectly. Section 820.198 focused on complaint handling (a post-market activity) rather than proactive determination of customer requirements. Section 820.100 addressed corrective and preventive action, including servicing. There was no Part 820 equivalent to a pre-market, proactive process for determining and reviewing customer requirements before committing to supply. Customer communication requirements were limited to complaint handling and MDR reporting.

ISO 13485:2016 clause 7.2 establishes a comprehensive framework for customer-related processes. Clause 7.2.1 requires determination of requirements related to the product, including customer-specified requirements, requirements not stated by the customer but necessary for specified or intended use, applicable regulatory requirements, and any additional requirements. Clause 7.2.2 requires review of product-related requirements before committing to supply, ensuring the organization can meet defined requirements. Clause 7.2.3 requires planning and documenting arrangements for communication with customers, including product information, enquiries, contracts, order handling, customer feedback, and advisory notices.

The QMSR adopts ISO 13485 clause 7.2. This represents a significant structural change: where Part 820 was primarily focused on manufacturing and post-market controls, ISO 13485 clause 7.2 adds a pre-market, customer-facing dimension. Manufacturers must now have documented processes for determining customer requirements (including unspoken requirements), reviewing requirements before acceptance, and maintaining customer communication channels. The advisory notice and field safety corrective action (FSCA) communication requirements in clause 7.2.3 are particularly important, as they formalize the process for communicating recalls and safety notices to customers and regulatory authorities.

Atomic constraints

  • Customer and regulatory requirements for each product must be determined and documented.
  • Requirements must be reviewed before committing to supply and records maintained.
  • Customer communication processes must be established including for complaints and feedback.
  • Procedures for advisory notices and field safety corrective actions (FSCA/recalls) must be documented.
  • Records of contract or order review must be maintained.

Common gaps

Missing Advisory Notice / FSCA Communication Procedure

major

There is no documented procedure for communicating advisory notices, field safety corrective actions, or recalls to customers, distributors, and regulatory authorities. ISO 13485 clause 7.2.3 explicitly requires planning of communication arrangements including advisory notices.

No Formal Customer Requirements Determination Process

moderate

There is no documented process for proactively determining customer requirements, including requirements not explicitly stated by the customer but necessary for intended use. Companies respond to customer orders but do not systematically determine and document the full set of requirements before committing to supply.

No Contract or Order Review Procedure

moderate

Customer orders or contracts are accepted without a documented review process verifying the organization's ability to meet requirements. ISO 13485 clause 7.2.2 requires review of product-related requirements before commitment, with records maintained.

Customer Feedback Not Integrated into QMS

moderate

Customer feedback is handled informally through sales or customer service without systematic capture, evaluation, and integration into the QMS. ISO 13485 clause 7.2.3 requires documented customer communication arrangements including feedback, which must feed into corrective action and management review processes.

Missing communication for 'Advisory Notices'

minor

The communication procedure fails to define how 'Advisory Notices' (recalls) are communicated to customers. ISO 13485 §7.2.3 requires this.

Evidence signals

  • FILE_EXISTS

    (Advisory.*Notice|Field.*Safety|FSCA|Recall.*Procedure|Customer.*Requirement|Order.*Review)

  • CONTENT_MATCH

    Does this document describe customer requirements review, advisory notice procedures, recall procedures, or field safety corrective action communication?

Audit defense

Customer requirements and communication for [your product] are managed per [your document ID]. Product requirements are reviewed before commitment to supply, and procedures for advisory notices and field safety corrective actions define our communication process to customers and regulatory authorities per ISO 13485 7.2.

Related clauses

Supplier ManagementProduct Realization Planning and Quality Plan

Review your documents against this clause →

Further reading

Free compliance review. Pay only for the detailed report.

No credit card. No sales call. No consultants required.

Start My Free Review →

Read-only access. Your documents stay in your Drive.