Skip to content

What is MDSAP? Everything you need to know about the MDSAP program

Published by Alec Denniff, Medical Device Paralegal on

The Medical Device Single Audit Program (MDSAP) was created in 2012 by the International Medical Device Regulators Forum (IMDRF), in response to a recognition that a global approach to auditing and monitoring the manufacturing of medical devices could improve their safety and oversight on an international scale.

MDSAP allows an MDSAP recognised auditing organisation to conduct a single regulatory audit. It is used as a substitute for several different regulatory authority audits to fulfil ISO 13485 Quality Management System (QMS) requirements and other regulatory requirements.

Manufacturers can be audited once for compliance with ISO 13485 and regulatory requirements of MDSAP members, which currently consists of five different medical device markets - Australia, Brazil, Canada, Japan and the US. These countries actively participate in the program and leverage regulatory resources to manage an efficient, effective and sustainable single audit program. The EU, UK MHRA, and WHO are all Official Observers to the program, whilst Singapore, Korea, and Argentina are Affiliate Members. 

The goal of MDSAP is to allow a single regulatory audit of a medical device manufacturer's quality management system to satisfy the needs of the participating regulatory jurisdictions. Audits are conducted by Auditing Organisations authorised by the participating regulatory authorities to audit under MDSAP requirements. At the conclusion of an MDSAP audit, a standardised MDSAP audit report is generated. Audit reports are mutually accepted and independently reviewed by each regulatory authority. The program should be considered by companies based globally, particularly if they are wishing to sell their products into the countries that are MDSAP members. 

Any manufacturer of medical devices is eligible to undergo an audit under the MDSAP program. However, each regulatory authority of the MDSAP members may establish exclusion criteria for manufacturers meeting certain conditions. Therefore, each MDSAP Member uses the program in different ways. For example, the Food and Drugs Administration (FDA) in the US has determined that they will accept MDSAP audit reports as a substitute for routine FDA inspections, but it does not cover ‘for cause’ and ‘compliance follow-up’ inspections. The other MDSAP Members have also made similar determinations as to their use of MDSAP:

  • Therapeutic Goods Administration (TGA) of Australia - Use of MDSAP 
  • Health Canada - Use of MDSAP
  • Japan’s Pharmaceutical and Medical Devices Agency (PMDA) - MDSAP 
  • Brazil’s National Health Surveillance Agency (ANVISA) - Use of MDSAP

Manufacturers that participate in the MDSAP program are responsible for securing and maintaining a contract with an MDSAP recognised auditing organisation. Auditing organisations operate as fee-for-service and medical device manufacturers are responsible for paying for MDSAP audits conducted by an auditing organisation. As with any third party auditing program, medical device manufacturers are free to choose among all authorised auditing organisations to perform the audits and routine audits are announced and planned with the manufacturer. 

Medical device manufacturers interested in participating in MDSAP can contact any of the auditing organisations authorised / recognised to perform MDSAP audits. Medical device manufacturers do not apply to the regulatory authorities of MDSAP members for an audit under MDSAP, and the regulatory authorities of MDSAP members are not involved in the contractual arrangements or negotiation process between manufacturers and auditing organisations.