Design outputs containing acceptance criteria and essential device characteristics — 820.30(d) output requirements persist.
Outputs must be in a form suitable for verification against inputs; 'safe and proper use' replaces 'proper functioning,' expanding safety scope.
Traceability from each output to its corresponding design input and risk control measure — bidirectional linkage is the new baseline expectation.
Maps to
QMSR / ISO 13485: §820.30(d) Design output.
ISO 13485: §7.3.4 Design and development outputs
ISO 14971: §7.1 Risk control option analysis
Requirement text
Design and development outputs shall be documented, verified against inputs, and include acceptance criteria and essential product characteristics.
Why this clause exists
Design outputs are the deliverables of the design process — drawings, specifications, software requirements, test protocols, and manufacturing instructions — and they bear two simultaneous burdens: they must faithfully translate design inputs into buildable, testable form, and they must carry forward the risk control measures identified through ISO 14971 analysis so those measures are not lost at the transition from design to production. The requirement to document outputs in a form suitable for verification is not bureaucratic — it is the mechanism that makes verification possible. An output that cannot be objectively evaluated against the input from which it derived cannot be verified, which means conformance is asserted rather than demonstrated. The identification of characteristics essential for safe and proper use creates the explicit linkage between design intent and acceptance criteria: inspectors and users need to know which dimensional, mechanical, or functional properties are safety-critical, both to apply appropriate sampling and inspection during production and to evaluate whether changes to those characteristics require design verification or validation activities. The crosswalk to ISO 14971 § 7.1 (risk control option analysis) formalizes the expectation that risk controls implemented as design features appear explicitly in design outputs, creating an auditable chain from hazard identification through output specification to production implementation that regulators can trace during inspections.
What changed
§820.30(d) — Part 820 (legacy)
"Each manufacturer shall establish and maintain procedures for defining and documenting design output in terms that allow an adequate evaluation of conformance to design input requirements. Design output procedures shall contain or make reference to acceptance criteria and shall ensure that those design outputs that are essential for the proper functioning of the device are identified. Design output shall be documented, reviewed, and approved before release. The approval, including the date and signature of the individual(s) approving the output, shall be documented."
§7.3.4 — ISO 13485:2016 (current)
"Design and development outputs shall: a) meet the input requirements for design and development; b) provide appropriate information for purchasing, production and service provision; c) contain or reference product acceptance criteria; d) specify the characteristics of the product that are essential for its safe and proper use. The outputs of design and development shall be in a form suitable for verification against the design and development inputs and shall be approved prior to release. Records of the design and development outputs shall be maintained (see 4.2.5)."
Δ Outputs must now explicitly provide information for purchasing and production; record-keeping is an explicit standalone requirement rather than implied by approval documentation.
Common gaps (what we see in audits)
- Design outputs not in a form suitable for verification — ISO 13485 7.3.4 requires outputs to be 'in a form suitable for verification against design and development input requirements.' Many Part 820-era design output documents are narrative specifications that cannot be directly verified against specific, numbered input requirements without a traceability matrix.
- Essential safety characteristics not explicitly identified — ISO 13485 7.3.4 requires identification of characteristics essential for safe and proper use. Many legacy design output packages identify key specifications but do not formally tag which characteristics are safety-critical versus performance-related, making it difficult for downstream processes to apply appropriate controls.
- Missing service specifications — Design outputs lack specific requirements for servicing, such as calibration intervals or tool requirements, as required by ISO 13485 §7.3.4.
- Undefined essential characteristics — Design outputs (drawings, specs) don't explicitly identify which characteristics are 'essential for safety' (e.g., critical dimensions).
- Missing downstream information for purchasing and production — ISO 13485 7.3.4 requires that design outputs provide appropriate information for purchasing, production, and servicing. Many Part 820-era design output packages focus on engineering specifications and do not include or reference purchasing specifications, manufacturing work instructions, or service documentation.