Medical Device Single Audit Program
The Medical Device Single Audit Program (MDSAP) allows a single regulatory audit of a medical device manufacturer’s quality management system to satisfy the requirements of multiple regulatory authorities.
MDSAP audits are conducted by Auditing Organizations (AOs) authorized by the participating regulators.
Participating Regulatory Authorities
Australia – Therapeutic Goods Administration (TGA)
Brazil – Agência Nacional de Vigilância Sanitária (ANVISA)
Canada – Health Canada (HC)
Japan – Ministry of Health, Labour and Welfare (MHLW) and Pharmaceuticals and Medical Devices Agency (PMDA)
United States – U.S. Food and Drug Administration (FDA)
Affiliate Members: Argentina (ANMAT), South Korea (MFDS), Singapore (HSA), and as of September 2025 Malaysia (MDA).
Australia
Therapeutic Goods Administration (TGA)
Use the MDSAP audit report as part of key evidence that is assessed for compliance with medical device market authorization requirements.
Brazil
Agência Nacional de Vigilância Sanitária (ANVISA)
MDSAP audits are accepted by ANVISA as part of the medical device registration process.
RDC 751/2022 (effective March 2023) replaced RDC 16/2013, updating classification rules and requirements for medical devices.
Canada
Health Canada (HC)
In Canada, manufacturers who wish to sell Class II, III, and IV medical devices are required to provide an ISO 13485 quality system certificate. Currently, this certificate can only be issued by a MDSAP Auditing Organization.
USA
Food and Drugs Administration (FDA)
FDA accepts MDSAP audit reports in lieu of routine FDA inspections (with certain exceptions, e.g., for-cause or pre-approval inspections).
In February 2026, the Quality System Regulation (QSR, 21 CFR Part 820) will be replaced by the Quality Management System Regulation (QMSR), which aligns more closely with ISO 13485:2016. MDSAP audits are designed to cover both FDA and ISO requirements.
Japan
Ministry of Health Labor and Welfare (MHLW) & Pharmaceutical and Medical Devices Agency
Japan recognizes MDSAP audit reports to support its quality management system requirements under the Pharmaceuticals and Medical Devices (PMD) Act.
Ordinance No. 169 has been replaced by Ordinance No. 111, harmonizing more closely with ISO 13485.
In addition to the participating member countries, the European Union (EU) and the World Health Organization (WHO) serve as Official Observers of the Medical Device Single Audit Program (MDSAP). Argentina’s National Administration of Drugs, Foods, and Medical Devices (ANMAT) and South Korea’s Ministry of Food and Drug Safety (MFDS) have joined as Affiliate Members, reflecting growing international engagement with the program.
The MDSAP audit cycle spans three years and includes an Initial Certification Audit, followed by two Annual Surveillance Audits, and concludes with a Recertification Audit.
Audit Model & Cycle
MDSAP audits follow the MDSAP Audit Model, structured around ISO 13485:2016 plus country-specific requirements.
The standard cycle is three years:
Initial certification audit (two-stage process)
Annual surveillance audits
Recertification audit in the third year
Audit Organizations may adjust timing in line with ISO 13485 certification cycles.
Benefits of MDSAP
The MDSAP streamlines regulatory compliance by allowing a single audit to satisfy multiple countries' requirements, reducing the need for duplicative inspections. It enhances global market access and predictability for manufacturers while promoting consistent quality system oversight. Additionally, MDSAP audits are conducted by authorized Auditing Organizations, ensuring a standardized and rigorous evaluation process across jurisdictions.
Key benefits include:
Promotes alignment with ISO 13485:2016 and national requirements
Reduction in time & resources normally dealing with individual audits from the five countries
Reduction in cost (compared to independent audits)
Transparency
Predictable audit schedules
Entry to multiple markets
MDSAP vs ISO13485 Checklist
Use our specifically designed checklist to ensure that requirements for both align for you to take your medical devices to market as quickly and safely as possible.
Grading of MDSAP Nonconformities
For manufacturers, probably the biggest concern during any audit is what nonconformities (NC) will be issued.
The MDSAP Grading System (based on GHTF/SG3/N19:202) was created to clarify this and address inconsistencies within tradition audit grading approaches that use “Major Findings” or “Opportunity for Improvement”. It establishes objective criteria which are used to characterize the significance of any potential finding that is more easily shared and understood by the participating Regulatory Authorities.
NCs are assigned a grade between 1 and 5, which is calculated using a two-step scoring system.
Step 1: Grading Matrix
First, a 4-point NC matrix is used to determine the initial score. This is divided based on clauses of ISO 13485:2016, into two categories:
Indirect – Clauses 4.1 through 6.3, which have an indirect impact on the device’s safety and performance. This includes general documentation, quality manual(s) and resources
Direct – Clauses 6.4 through 8.5.3, which have a direct impact on the device’s safety and performance. This includes design, work environment, production, purchasing, and CAPAs
However, the frequency of occurrence of a nonconformity adds to the grade that is given. This happens when, during a specific MDSAP audit, a NC is identified within the same subclause (i.e. 8.5.2) that had a NC in the last two audits. This is because a reoccurring NC indicates a corrective action has not adequately addressed the issue.
Step 2: Escalation Rules
After the matrix grade has been determined, the score may be further increased by +1 if there is an absence of a documented process and/or if a nonconforming medical device was released.
MDSAP Post-Audit Timeline
One of the benefits of a MDSAP audit is a clear timeline of events once the audit is complete. This is shown in the graph below.
