QMSR Transition Complete in February 2026: Has Your Organization Made the Switch?

The FDA’s Quality Management System Regulation (QMSR) came into force on 2 February 2026, replacing the Quality System Regulation that had governed US medical device manufacturers since 1996. For anyone marketing devices in the United States, this is the most significant change to the quality framework in almost three decades, and the two year transition window has now closed. 

What has changed

QMSR amends 21 CFR Part 820 by incorporating ISO 13485:2016 by reference, along with Clause 3 of ISO 9000:2015 for terminology. The practical effect is that FDA is no longer maintains a parallel set of quality requirements. Part 820 now points to the ISO standard, with a limited set of FDA specific provisions retained on top. 

If you already operate ISO 13485 across your global sites, most of the work is documentation, vocabulary and minimal changes in the Quality management system documentation. If your QMS was built only against 21 CFR Part 820, you have a real gap analysis to run and remediate. 

Terminology changes 

Three familiar record types have been renamed in the regulation itself, because ISO 13485 does not use those names: 

• Design History File (DHF) is replaced by the Design and Development File (DDF), defined in ISO 13485 Clause 7.3.10.
• Device Master Record (DMR) is replaced by the Medical Device File (MDF), Clause 4.2.3.
• Device History Record (DHR) does not have a direct one-for-one equivalent. The records that previously lived in the DHR now sit within production and traceability records under Clauses 7.5 and 8.2.6, generally maintained as part of the MDF. 

FDA has stated that organizations are not required to retrospectively rename existing files. New projects, however, should adopt ISO 13485 terminology and structure. Planning, inputs, outputs, verification, validation, transfer, and change management are all maintained within a single DDF. 

Design controls under the new framework 

The substance of design controls is largely unchanged, but the evidence expectations have shifted. ISO 13485 ties each stage of design and development to risk management under ISO 14971 and feedback from post-market activities. Reviewers will look for an audit trail that connects each design input to a corresponding risk control, verification record, and post-market data source. A maintained traceability matrix is now central to demonstrating compliance and is no longer treated as optional. 

Inspections 

The Quality System Inspection Technique (QSIT) was withdrawn on 2 February 2026. Inspections now follow the updated Inspection of Medical Device Manufacturers Compliance Program 7382.850, which FDA published shortly before the effective date. 

The new program is risk based. Rather than working through the four QSIT subsystems in a fixed order, investigators select areas of the QMS to examine based on product risk, complaint history, and the firm’s prior compliance record. One material change for industry: management reviews, internal audit reports, and supplier audit reports are no longer exempt from FDA inspection. Documentation in these areas should be reviewed and tightened accordingly. 

Practical steps 

1. Run a gap analysis against ISO 13485:2016 clause by clause, then against the FDA-specific provisions retained in Part 820 (sections 820.10, 820.35, and 820.45 in particular).
2. Revise document templates and SOPs using ISO 13485 clause references and the new terminology on new projects.
3. Train design and quality teams on the traceability expectations: every input should connect to an output, a verification activity, a validation activity, and a documented risk control.
4. Review existing supplier agreements. QMSR carries forward and reinforces expectations around supplier qualification, monitoring, and periodic re-evaluation.
5. Establish a clear feedback path from complaints, CAPAs, RCA, and field actions into design change reviews. The linkage should be demonstrable, not implied. 

Common mistakes 

Two assumptions interpret which can cause most of the trouble.  

1. The first is that ISO 13485 certification alone is sufficient for QMSR compliance but it is not. QMSR carries forward FDA specific requirements in areas such as labeling, UDI, and MDR reporting, and certification is not accepted as a substitute for inspection.
2. The second is the urge to rewrite legacy DHFs and DMRs to align with the new vocabulary. Existing documentation should be left in place; the new terminology applies to new and significantly modified designs.