Medical Device Single Audit Program (MDSAP) – Importance, Objectives, and Processes

Medical Device Single Audit Program (MDSAP) – Importance, Objectives, and Processes. The Medical Device Single Audit Program (MDSAP) is a global auditing framework designed to streamline the inspection of medical device manufacturers. Initiated by the International Medical Device Regulators Forum (IMDRF), this program allows a single audit to meet the quality management system requirements of multiple regulatory jurisdictions. It was developed to ensure uniformity, efficiency, and sustainability in auditing processes and to enhance regulatory oversight across participating countries.
What is the Medical Device Single Audit Program (MDSAP)?
The Medical Device Single Audit Program (MDSAP) is a program designed to enable a single audit of a medical device manufacturer to satisfy the quality management system requirements of multiple regulatory authorities. This approach helps reduce duplication of audits and streamlines compliance processes. The primary aim of MDSAP is to create a harmonized system that enhances global oversight while minimizing the burden on manufacturers.
The program applies to both regulatory agencies and recognized auditing organizations. It focuses on auditing the manufacturer's Quality Management System (QMS) based on ISO 13485:2016 standards along with the specific regulatory requirements of participating countries. These include the United States, Canada, Brazil, Australia, and Japan.
Origins and Development of MDSAP
The concept of MDSAP was initiated by the IMDRF, which recognized the need for a unified approach to regulate the growing and complex medical device industry. During its first meeting held in Singapore in 2012, a working group was formed to develop specific standards and guidelines for the Medical Device Single Audit Program. This effort was intended to leverage regulatory resources more efficiently and to create a global model that could be adopted widely.
Since its inception, the MDSAP has evolved with regular updates to its audit model, documentation requirements, and regulatory guidance. The goal has been consistent: improve global public health and safety while ensuring that medical device manufacturers comply with international and regional standards.
Participating Regulatory Authorities
Several international regulatory agencies participate actively in the Medical Device Single Audit Program. These include:

United States Food and Drug Administration (FDA)

Health Canada (Canada)

Therapeutic Goods Administration (TGA) of Australia

Pharmaceuticals and Medical Devices Agency (PMDA) and Ministry of Health, Labour and Welfare (MHLW) of Japan

Brazilian Health Regulatory Agency (ANVISA)

Additionally, the European Union (EU) and the World Health Organization (WHO) are observers of the program, and may consider integrating its model in the future. These collaborations enhance international trust and facilitate the cross-border movement of medical devices.
Objectives of the MDSAP
The MDSAP has several core objectives:

Harmonize regulatory auditing processes for medical device manufacturers.

Ensure consistent and reliable audits through a unified audit model.

Enable mutual recognition of audit outcomes by multiple regulatory authorities.

Increase efficiency and reduce redundant audits.

Promote global public health by ensuring compliance with stringent quality standards.

These objectives make the MDSAP a valuable tool for both manufacturers and regulators, as it simplifies compliance while maintaining safety and efficacy.
Audit Model of the Medical Device Single Audit Program
The MDSAP uses a structured audit model that evaluates a manufacturer’s quality management system based on ISO 13485:2016, along with specific regulatory requirements from each participating authority. The audit model is designed to assess risk management, quality controls, compliance, and operational performance across various processes.
Auditors follow a process-based approach where they assess interconnected processes and their compliance with applicable regulations. The MDSAP Audit Model also incorporates the Global Harmonization Task Force's (GHTF) framework for identifying and categorizing nonconformities, ranging from minor to critical.
Key Processes Assessed During an MDSAP Audit
The audit is carried out by examining four primary processes and three supporting processes:

Management Process: This process evaluates the commitment of the organization's top leadership towards the implementation and maintenance of the quality management system. Auditors assess strategic planning, resource allocation, and the oversight mechanisms that ensure compliance.

Measurement, Analysis, and Improvement Process: This covers monitoring, measurement, analysis, and improvement activities. It includes corrective and preventive actions (CAPA), internal audits, and customer feedback. The aim is to ensure continuous improvement and effective handling of nonconformities.

Design and Development Process: This assesses how the organization designs and develops new products. The process includes reviewing risk management practices, design validation, and how changes are controlled. Products with a history of nonconformance are also closely examined.

Production and Process Controls: Auditors evaluate how production activities are controlled, monitored, and validated. This includes examining cleanliness, sterilization processes, equipment calibration, and workforce training.

Supporting processes include:

Device Marketing Authorization and Facility Registration: This includes verifying that the manufacturer has obtained all necessary regulatory approvals and has registered facilities appropriately.

Adverse Event Reporting and Advisory Notices: This involves checking systems for reporting incidents and issuing product recalls or safety alerts.

Purchasing Controls: This process ensures that suppliers are selected based on their ability to meet quality and regulatory requirements. It also includes monitoring supplier performance and contractual obligations.

Importance of MDSAP for Medical Device Manufacturers
The Medical Device Single Audit Program provides several significant benefits for manufacturers:
Global Market Access
The MDSAP audit report is recognized by multiple regulatory authorities including those in the US, Canada, Japan, Australia, and Brazil. This mutual acceptance allows medical device manufacturers to enter various international markets without undergoing separate audits for each region.
Reduced Audit Burden
Instead of preparing for and undergoing multiple audits by different regulators, companies can rely on a single MDSAP audit. This approach saves significant time, effort, and financial resources, making the compliance process more efficient.
Regulatory Confidence
Since the MDSAP follows harmonized, standardized auditing criteria, participating regulators have increased trust in the audit results. This reduces the chances of additional inspections and regulatory scrutiny, ensuring smoother market operations.
Improved Compliance
MDSAP audits promote robust internal quality management systems aligned with ISO 13485 and regional laws. This leads to enhanced organizational discipline, better regulatory understanding, and proactive identification of potential non-conformities.
Streamlined Processes
By consolidating various regulatory requirements into one audit framework, MDSAP minimizes duplicated efforts and excessive paperwork. This streamlining allows manufacturers to focus on product quality and innovation rather than administrative tasks.
MDSAP Audit Time Determination
The duration of an MDSAP audit is determined based on the size and complexity of the manufacturing operation. The MDSAP Consortium has developed specific equations and guidelines to calculate audit time. Smaller organizations may benefit from shorter audits, making the process more efficient and cost-effective.
Annexes and Companion Documents
The MDSAP includes several annexes and companion documents that provide detailed guidance to both auditors and manufacturers. These documents specify audit procedures, timelines for submissions, and contractual obligations.
Some of the key annexes include:

Audit of Product/Process Related Technology and Technical Documentation

Audit of Sterile Medical Device Requirements

Conditions for Writing Agreements

These documents reference important clauses from ISO 13485:2016 and provide practical instructions for ensuring conformity.
Process of Undergoing an MDSAP Audit
The MDSAP audit typically starts with a management review followed by audits of various processes. Organizations with multiple facilities must identify a primary site, where most of the audit activities will occur. Off-site processes and virtual manufacturers are also considered in the audit plan.
A detailed review is conducted covering the following aspects:

Quality Manual and Procedures

Risk Management Documentation

Design and Development Records

Production and Process Control Procedures

Internal Audit Reports and CAPA Records

Marketing Approvals and Product Registrations

Adverse Event Reporting Mechanism

Supplier Agreements and Performance Metrics

Auditors follow a risk-based approach and identify areas needing improvement. The outcomes are then classified using GHTF codes ranging from 1 (minor) to 5 (critical). Based on the severity and recurrence of findings, appropriate corrective actions must be implemented by the manufacturer.
How to Prepare for an MDSAP Audit?
Manufacturers should take the following steps to prepare effectively:

Review the MDSAP Audit Model and related documents.

Ensure all records are up to date and readily accessible.

Conduct internal audits that simulate MDSAP methodology.

Train staff on QMS and regulatory requirements.

Address past nonconformities with documented corrective actions.

Conclusion
The Medical Device Single Audit Program (MDSAP) represents a significant advancement in regulatory harmonization for the medical device industry. By allowing a single audit to satisfy the requirements of multiple regulatory bodies, it reduces the compliance burden on manufacturers and enhances global oversight. As the adoption of MDSAP continues to grow, it sets a strong precedent for future collaborative efforts in regulatory frameworks. Manufacturers who participate in this program can not only access global markets more easily but also demonstrate a strong commitment to quality and patient safety.
With its strong audit model and clear procedural guidelines, MDSAP is a valuable tool for regulatory agencies and manufacturers alike. Adhering to this program ensures that medical device companies operate with the highest standards of quality, safety, and regulatory compliance.
If you need any support, you can connect with Compliance Calendar LLP through email at info@ccoffice.in or Call/Whatsapp at +91 9988424211.
FAQs
Q1. What is the purpose of the Medical Device Single Audit Program (MDSAP)?
Ans. The main purpose of MDSAP is to allow a single regulatory audit of a medical device manufacturer to meet the requirements of multiple participating regulatory authorities. This helps reduce the number of audits for manufacturers and improves regulatory oversight through consistent audit practices.
Q2. Which regulatory bodies participate in the MDSAP?
Ans. The current participating regulatory authorities include:

United States FDA

Health Canada

Australia's TGA

Brazil’s ANVISA

Japan’s PMDA and MHLW Additionally, the European Union (EU) and World Health Organization (WHO) are official observers of the program.

Q3. What standards are MDSAP audits based on?
Ans. MDSAP audits are primarily based on the ISO 13485:2016 standard for medical device quality management systems. They also incorporate specific regulatory requirements from each participating country, such as FDA QSR for the USA and CMDR for Canada.
Q4. How is the audit conducted under MDSAP?
Ans. The audit follows a process-based approach, focusing on four core processes—management, measurement/analysis/improvement, design and development, and production/process controls—along with supporting processes such as purchasing, adverse event reporting, and product registration. Audits assess how these processes are managed, documented, and monitored.
Q5. Is MDSAP certification mandatory for all manufacturers?
Ans. No, MDSAP certification is not mandatory globally. However, Health Canada has made MDSAP certification mandatory for manufacturers selling Class II, III, and IV medical devices in Canada. Other countries accept MDSAP audits voluntarily, and it may be beneficial for companies seeking access to multiple markets.
Q6. What are the benefits of MDSAP for medical device companies?
Ans. MDSAP offers several benefits, including:

Fewer regulatory audits

Cost and time savings

Enhanced global market access

Improved quality systems through consistent evaluation

Higher credibility with regulators

Q7. How long does an MDSAP audit take?
Ans. The audit duration depends on several factors, including the number of employees, product types, and operational complexity. The MDSAP Consortium provides audit time calculation formulas. Smaller companies may have shorter audit durations under the updated guidelines.

The Medical Device Single Audit Program (MDSAP) is a global auditing framework designed to streamline the inspection of medical device manufacturers. Initiated by the International Medical Device Regulators Forum (IMDRF), this program allows a single audit to meet the quality management system requirements of multiple regulatory jurisdictions. It was developed to ensure uniformity, efficiency, and sustainability in auditing processes and to enhance regulatory oversight across participating countries.

What is the Medical Device Single Audit Program (MDSAP)?

The Medical Device Single Audit Program (MDSAP) is a program designed to enable a single audit of a medical device manufacturer to satisfy the quality management system requirements of multiple regulatory authorities. This approach helps reduce duplication of audits and streamlines compliance processes. The primary aim of MDSAP is to create a harmonized system that enhances global oversight while minimizing the burden on manufacturers.

The program applies to both regulatory agencies and recognized auditing organizations. It focuses on auditing the manufacturer's Quality Management System (QMS) based on ISO 13485:2016 standards along with the specific regulatory requirements of participating countries. These include the United States, Canada, Brazil, Australia, and Japan.

Origins and Development of MDSAP

The concept of MDSAP was initiated by the IMDRF, which recognized the need for a unified approach to regulate the growing and complex medical device industry. During its first meeting held in Singapore in 2012, a working group was formed to develop specific standards and guidelines for the Medical Device Single Audit Program. This effort was intended to leverage regulatory resources more efficiently and to create a global model that could be adopted widely.

Since its inception, the MDSAP has evolved with regular updates to its audit model, documentation requirements, and regulatory guidance. The goal has been consistent: improve global public health and safety while ensuring that medical device manufacturers comply with international and regional standards.

Participating Regulatory Authorities

Several international regulatory agencies participate actively in the Medical Device Single Audit Program. These include:

United States Food and Drug Administration (FDA)
Health Canada (Canada)
Therapeutic Goods Administration (TGA) of Australia
Pharmaceuticals and Medical Devices Agency (PMDA) and Ministry of Health, Labour and Welfare (MHLW) of Japan
Brazilian Health Regulatory Agency (ANVISA)

Objectives of the MDSAP

The MDSAP has several core objectives:

Harmonize regulatory auditing processes for medical device manufacturers.
Ensure consistent and reliable audits through a unified audit model.
Enable mutual recognition of audit outcomes by multiple regulatory authorities.
Increase efficiency and reduce redundant audits.
Promote global public health by ensuring compliance with stringent quality standards.

These objectives make the MDSAP a valuable tool for both manufacturers and regulators, as it simplifies compliance while maintaining safety and efficacy.

Audit Model of the Medical Device Single Audit Program

The MDSAP uses a structured audit model that evaluates a manufacturer’s quality management system based on ISO 13485:2016, along with specific regulatory requirements from each participating authority. The audit model is designed to assess risk management, quality controls, compliance, and operational performance across various processes.

Auditors follow a process-based approach where they assess interconnected processes and their compliance with applicable regulations. The MDSAP Audit Model also incorporates the Global Harmonization Task Force's (GHTF) framework for identifying and categorizing nonconformities, ranging from minor to critical.

Key Processes Assessed During an MDSAP Audit

The audit is carried out by examining four primary processes and three supporting processes:

Management Process: This process evaluates the commitment of the organization's top leadership towards the implementation and maintenance of the quality management system. Auditors assess strategic planning, resource allocation, and the oversight mechanisms that ensure compliance.
Measurement, Analysis, and Improvement Process: This covers monitoring, measurement, analysis, and improvement activities. It includes corrective and preventive actions (CAPA), internal audits, and customer feedback. The aim is to ensure continuous improvement and effective handling of nonconformities.
Design and Development Process: This assesses how the organization designs and develops new products. The process includes reviewing risk management practices, design validation, and how changes are controlled. Products with a history of nonconformance are also closely examined.
Production and Process Controls: Auditors evaluate how production activities are controlled, monitored, and validated. This includes examining cleanliness, sterilization processes, equipment calibration, and workforce training.

Supporting processes include:

Device Marketing Authorization and Facility Registration: This includes verifying that the manufacturer has obtained all necessary regulatory approvals and has registered facilities appropriately.
Adverse Event Reporting and Advisory Notices: This involves checking systems for reporting incidents and issuing product recalls or safety alerts.
Purchasing Controls: This process ensures that suppliers are selected based on their ability to meet quality and regulatory requirements. It also includes monitoring supplier performance and contractual obligations.

Importance of MDSAP for Medical Device Manufacturers

The Medical Device Single Audit Program provides several significant benefits for manufacturers:

Global Market Access

The MDSAP audit report is recognized by multiple regulatory authorities including those in the US, Canada, Japan, Australia, and Brazil. This mutual acceptance allows medical device manufacturers to enter various international markets without undergoing separate audits for each region.

Reduced Audit Burden

Instead of preparing for and undergoing multiple audits by different regulators, companies can rely on a single MDSAP audit. This approach saves significant time, effort, and financial resources, making the compliance process more efficient.

Regulatory Confidence

Since the MDSAP follows harmonized, standardized auditing criteria, participating regulators have increased trust in the audit results. This reduces the chances of additional inspections and regulatory scrutiny, ensuring smoother market operations.

Improved Compliance

MDSAP audits promote robust internal quality management systems aligned with ISO 13485 and regional laws. This leads to enhanced organizational discipline, better regulatory understanding, and proactive identification of potential non-conformities.

Streamlined Processes

By consolidating various regulatory requirements into one audit framework, MDSAP minimizes duplicated efforts and excessive paperwork. This streamlining allows manufacturers to focus on product quality and innovation rather than administrative tasks.

MDSAP Audit Time Determination

The duration of an MDSAP audit is determined based on the size and complexity of the manufacturing operation. The MDSAP Consortium has developed specific equations and guidelines to calculate audit time. Smaller organizations may benefit from shorter audits, making the process more efficient and cost-effective.

Annexes and Companion Documents

The MDSAP includes several annexes and companion documents that provide detailed guidance to both auditors and manufacturers. These documents specify audit procedures, timelines for submissions, and contractual obligations.

Some of the key annexes include:

Audit of Product/Process Related Technology and Technical Documentation
Audit of Sterile Medical Device Requirements
Conditions for Writing Agreements

These documents reference important clauses from ISO 13485:2016 and provide practical instructions for ensuring conformity.

Process of Undergoing an MDSAP Audit

The MDSAP audit typically starts with a management review followed by audits of various processes. Organizations with multiple facilities must identify a primary site, where most of the audit activities will occur. Off-site processes and virtual manufacturers are also considered in the audit plan.

A detailed review is conducted covering the following aspects:

Quality Manual and Procedures
Risk Management Documentation
Design and Development Records
Production and Process Control Procedures
Internal Audit Reports and CAPA Records
Marketing Approvals and Product Registrations
Adverse Event Reporting Mechanism
Supplier Agreements and Performance Metrics

How to Prepare for an MDSAP Audit?

Manufacturers should take the following steps to prepare effectively:

Review the MDSAP Audit Model and related documents.
Ensure all records are up to date and readily accessible.
Conduct internal audits that simulate MDSAP methodology.
Train staff on QMS and regulatory requirements.
Address past nonconformities with documented corrective actions.

Conclusion

The Medical Device Single Audit Program (MDSAP) represents a significant advancement in regulatory harmonization for the medical device industry. By allowing a single audit to satisfy the requirements of multiple regulatory bodies, it reduces the compliance burden on manufacturers and enhances global oversight. As the adoption of MDSAP continues to grow, it sets a strong precedent for future collaborative efforts in regulatory frameworks. Manufacturers who participate in this program can not only access global markets more easily but also demonstrate a strong commitment to quality and patient safety.

With its strong audit model and clear procedural guidelines, MDSAP is a valuable tool for regulatory agencies and manufacturers alike. Adhering to this program ensures that medical device companies operate with the highest standards of quality, safety, and regulatory compliance.

If you need any support, you can connect with Compliance Calendar LLP through email at info@ccoffice.in or Call/Whatsapp at +91 9988424211.

FAQs

Q1. What is the purpose of the Medical Device Single Audit Program (MDSAP)?

Ans. The main purpose of MDSAP is to allow a single regulatory audit of a medical device manufacturer to meet the requirements of multiple participating regulatory authorities. This helps reduce the number of audits for manufacturers and improves regulatory oversight through consistent audit practices.

Q2. Which regulatory bodies participate in the MDSAP?

Ans. The current participating regulatory authorities include:

United States FDA
Health Canada
Australia's TGA
Brazil’s ANVISA
Japan’s PMDA and MHLW Additionally, the European Union (EU) and World Health Organization (WHO) are official observers of the program.

Q3. What standards are MDSAP audits based on?

Ans. MDSAP audits are primarily based on the ISO 13485:2016 standard for medical device quality management systems. They also incorporate specific regulatory requirements from each participating country, such as FDA QSR for the USA and CMDR for Canada.

Q4. How is the audit conducted under MDSAP?

Ans. The audit follows a process-based approach, focusing on four core processes—management, measurement/analysis/improvement, design and development, and production/process controls—along with supporting processes such as purchasing, adverse event reporting, and product registration. Audits assess how these processes are managed, documented, and monitored.

Q5. Is MDSAP certification mandatory for all manufacturers?

Ans. No, MDSAP certification is not mandatory globally. However, Health Canada has made MDSAP certification mandatory for manufacturers selling Class II, III, and IV medical devices in Canada. Other countries accept MDSAP audits voluntarily, and it may be beneficial for companies seeking access to multiple markets.

Q6. What are the benefits of MDSAP for medical device companies?

Ans. MDSAP offers several benefits, including:

Fewer regulatory audits
Cost and time savings
Enhanced global market access
Improved quality systems through consistent evaluation
Higher credibility with regulators

Q7. How long does an MDSAP audit take?

Ans. The audit duration depends on several factors, including the number of employees, product types, and operational complexity. The MDSAP Consortium provides audit time calculation formulas. Smaller companies may have shorter audit durations under the updated guidelines.