February 11, 2026

The U.S. FDA has initiated one of the most significant updates to medical device quality system regulation in decades. Effective February 2, 2026, the Quality Management System Regulation (QMSR) replaces the legacy Quality System Regulation (QSR) under 21 CFR Part 820, formally incorporating ISO 13485:2016 by reference.

This modernization aligns FDA medical device GMP requirements with internationally recognized quality management system (QMS) standards, creating global harmonization across U.S., EU MDR, Health Canada, TGA Australia, and MDSAP participating markets.

For manufacturers, this change is not just terminology, it reshapes inspection methodology, risk management expectations, lifecycle controls, supplier oversight, and documentation practices.

What is FDA QMSR?

The Quality Management System Regulation (QMSR) is FDA’s updated framework governing:

  • Medical device manufacturing quality systems
  • Design and development controls
  • Corrective and preventive actions (CAPA)
  • Risk management and lifecycle oversight
  • Production and process validation
  • Supplier qualification and control

Unlike the former QSR, QMSR formally integrates ISO 13485:2016 clauses, making them central to FDA compliance.

Key Regulatory Change Overview

Area

Previous QSR (21 CFR 820)

New QMSR (2026)

Foundation

Standalone FDA GMP

Incorporates ISO 13485:2016

Risk Management

Implied in design controls

Explicit lifecycle risk management

Supplier Controls

Required

Stronger integration with ISO clauses

Documentation

Device Master Record focus

QMS documentation structure aligned with ISO

Global Alignment

Limited

Harmonized with international standards

Inspection Model Modernization

FDA will discontinue legacy inspection programs and move toward a risk-based QMS audit approach.

New Compliance Program: 7382.850
Discontinued: 7382.845, 7383.001, QSIT-based framework

This means:

  • Inspections will resemble ISO 13485 and MDSAP audit styles
  • Greater emphasis on risk files, management review, post-market surveillance

What Manufacturers Must Do Now

1. Conduct ISO 13485 Gap Assessment

Identify gaps between existing QSR-compliant QMS and ISO clause requirements.

2. Update Risk Management Framework

Ensure integration with ISO 14971 and lifecycle risk controls.

3. Revise QMS Documentation

  • Quality manual alignment
  • SOP restructuring
  • Process validation files

4. Supplier Quality System Reinforcement

Strengthen supplier audits and quality agreements.

5. Inspection Readiness Planning

Mock audits under ISO-based approach.

Areas of Increased FDA Focus Under QMSR

Focus Area

Regulatory Expectation

Risk Files

Continuous lifecycle risk documentation

CAPA Effectiveness

Data-driven effectiveness checks

Design Controls

Design history file integrity

Post-Market Surveillance

Trend analysis & vigilance

Data Integrity

Electronic records reliability

Impact on Device Manufacturers

  • Simplifies global compliance strategy
  • Reduces duplication between FDA and international audits
  • Encourages stronger risk-based quality culture
  • Enhances supplier and lifecycle accountability

2026 Medical Device Regulatory Trends

  • Digital QMS platforms adoption
  • AI-assisted complaint trending
  • Cybersecurity integration in QMS
  • MDSAP convergence
  • Enhanced supplier risk oversight

FAQs

Q1. Is ISO 13485 certification mandatory for FDA compliance?
Certification itself is not required, but the QMS must meet ISO 13485 provisions incorporated into QMSR.

Q2. Does QMSR apply to all device classes?
Yes, though exemptions still exist for certain device categories.

Q3. Will FDA inspections become longer?
They may become deeper and more system-based rather than checklist-driven.