Change & Design Control for Medical Device Companies

Getting a Handle on Your Change Control Process

Managing changes to devices, processes or documentation requires time and resources spent in the identification, preparation, prioritization, submission, review, distribution, and implementation of change requests. Changes typically involve document modifications across various types of records in Design Control, Device Master Records (DMRs), production, validation, and supplier files. Document review meetings are time consuming and involve cross-functional team members from multiple international facilities and business divisions. 

Having the right change control notification and management system can help minimize the use of company resources for personnel, budget, or time. It also limits the company's exposure to manufacturing issues, production holds, product liability actions, or product recalls.

Consider all the changes that may occur throughout a device’s life cycle because of post market surveillance activities:

  • Design Changes - to properly design safe, effective and compliant products.
  • Production Changes - to ensure the quality of materials and the final products satisfy design specifications.
  • Supplier Changes - to manage and ensure the quality of materials from third party companies.

Ensuring Changes Meet Compliance Requirements

Global regulatory requirements for change control are captured in 21 CFR Part 820 for the U.S., Medical Device Directives in Europe and ISO 9000 and ISO 13485 internationally.  ISO 9000:2000 and ISO 13485 state that any changes affecting the quality management system (including product requirements, design and development changes) should be controlled. 

These standards have similar elements and require manufacturers to establish written medical device design control procedures, which describe company-approved procedures.  All changes should be made according to these approved written company policies and procedures where “approved” means successful testing or thorough review/investigation.

Other policies include software validation guidelines that state whenever software is changed, a validation analysis should be conducted. This applies not just for validation of the individual change, but to determine the extent and impact of that change on the entire software system and ISO 13485 requirement for control of design and develop changes.  

Identifying the need for change is only the first step.  It must be followed by correct implementation of the change. The responsibility of ensuring that the change is fully implemented during routine production belongs to quality assurance and other designated personnel.

Change Control Documents Should Include These Criteria

  • Identification of the entity being changed.
  • Description of the change.
  • Identification of the affected documents.
  • Signature of the approving individual(s).
  • Approval date.
  • When the change becomes effective.

Aside from the above documentation requirements for change controls, other key elements include a formal review and approval of the change (ex. type, impact) by all company stakeholders affected, and ultimately, by the company’s quality unit.  The process of identifying and prioritizing change controls, the criteria applied in change control documentation, how they are reviewed/approved, and the training involved in the implementation of these change(s) comprise a company’s complete change management system.

Whether the change involves proposed changes, unplanned changes, or supplier implemented changes, change management process software applications provide vital links within  quality management system (QMS) software to ensure areas such as equipment, process, batch/materials, documents, computer systems, suppliers, emergency, labeling and packaging, EH&S changes, utilities and validation continue to meet current compliance requirements and product specifications throughout the medical device’s product lifecycle.

Benefits of Sparta Change Control Software


  • Effectively produces global change control records in a timely manner to support regulatory audits or third- party inspections.
  • Satisfies all international regulations like 21 CFR Part 820 for a large volume of change controls within a global organization with an end-to-end configurable workflow management solution.
  • Consolidates change control activities with one centralized tracking mechanism that allows global transparency of information and integration to other relevant systems such as complaint management, nonconformance/CAPA management, product registration tracking, or supplier management.


  • Initiates, tracks, and manages all change controls internally or globally to ensure all changes meet current compliance requirements and product specifications.
  • Instantaneously query and report on change control status by country, specific product type, product category, intended use, or other relevant classification.
  • Integrates with other systems such as ERP or MES to streamline automated retrieval of shared product information inputs across other processes such as complaint management, product registration tracking, or supplier management.
  • Decreases cycle time and production/operation costs by enforcing consistent and harmonized processes across the organization using one centralized system that can integrate with other enterprise-level control systems such as EDMS, ERP, and MES.
  • Increases transparency among stakeholders through automated alerts, sign-offs, automated audit trails, dashboards, and reports.
  • Reduces risk of lost or incomplete data through an automated closed-loop change control process.

Questions you need answered?

Contact Us
© 1995-2021 Sparta Systems, Inc. All Rights Reserved.
© 1995-2021 Sparta Systems, Inc. All Rights Reserved.Sparta Systems Logo