top of page

Building Robust IVDs – Fundamentals of regulated product development (Part 1)

  • Mar 2
  • 3 min read

Updated: May 11


The Hierarchy of regulatory requirements

In established medical device and IVD markets, regulatory requirements are structured in a clear hierarchy. Laws define the legal obligations manufacturers must meet. These are supported by regulations, which translate the law into more detailed, enforceable requirements. Finally, guidelines and technical standards sit beneath regulations, providing practical guidance on how compliance can be achieved.


Blue chevron design on black background highlighting hierarchy: Law/Legislative Act, Regulations, Guidelines in regulatory markets.

 

Why regulation matters in IVD development

The primary objective of medical device and in vitro diagnostic (IVD) regulation is simple but critical: to protect patients and public health by ensuring unsafe products never reach the market. For IVD manufacturers, understanding and navigating regulatory requirements is not a box-ticking exercise—it is fundamental to successful product development and commercialisation.


While regulatory frameworks vary between countries, there has been a long-standing effort to harmonise global requirements. This began with the Global Harmonisation Task Force (GHTF) in the 1990s and continues today through the International Medical Device Regulators Forum (IMDRF). These initiatives aim to align principles, terminology, and expectations across major markets.


The role of Regulatory Authorities

A Regulatory Authority is the legally empowered body that controls the sale and use of medical devices within a specific jurisdiction. These authorities have the power to:


  • Prevent non-compliant products from entering the market

  • Stop the sale or importation of devices

  • Enforce corrective actions where safety or performance is compromised


For IVD developers, this means regulatory compliance must be designed into the product from the outset—not added as an afterthought.


Risk classification drives regulatory burden

Chart displaying medical device classifications: Class III (High Risk), IIb (Medium-high), IIa (Low-medium), I (Low Risk).

One of the most important regulatory concepts is risk-based classification. The higher the risk or novelty of an IVD, the greater the level of scrutiny applied by regulators. This directly impacts:


  • The number and scope of performance studies required

  • The volume of technical documentation

  • The complexity and duration of regulatory submissions


In practical terms: Higher risk = more evidence = more structured development planning


How Device Scope helps

At Device Scope, we support clients in building regulatory-ready development strategies from day one. By aligning technical, clinical, and regulatory thinking early, we help teams avoid costly rework, reduce time to market, and build confidence with regulators




Quality Management Systems – The Backbone of Compliant IVD Development



What is a Quality Management System (QMS)?

A Quality Management System (QMS) is a formalised framework that defines how an organisation plans, controls, records, and improves its activities to consistently deliver safe and effective products.


For IVD manufacturers, a QMS ensures that:

  • Activities are planned and proceduralised

  • Responsibilities and accountabilities are clearly defined

  • Products meet predefined acceptance criteria

  • Records provide objective evidence of compliance

  • Risks are identified, evaluated, and minimised


Beyond good business practice, a QMS is a regulatory requirement in almost every major market.


ISO 13485: the global benchmark

The most widely recognised QMS standard for medical devices and IVDs is ISO 13485:2016. This standard defines a process-based approach to quality management covering:

  • Design and development

  • Manufacturing and supply chain

  • Risk management

  • Post-market activities


Importantly, ISO 13485 applies across the entire product lifecycle, from concept through to market surveillance. In the early phases of product development Design Controls focus on planning, inputs, outputs, design review, verification, validation, and design transfer, and then in the latter stages Change Control applies to modifications of established specifications, processes, or QMS documents. With Risk Management being used throughout the product lifecycle to identify, assess, control, and review potential risks to quality system processes to prevent product defects and improve performance.



Risk-based thinking is central

ISO 13485 requires manufacturers to adopt a risk-based approach across all processes. This links directly with formal risk management activities and ensures that:

  • Higher-risk activities receive greater control

  • Quality efforts are proportionate and effective

  • Patient safety remains the primary focus


Why QMS maturity matters

Without a documented and implemented QMS:

  • Regulatory approval is not possible in most regions

  • Product launches are delayed or blocked

  • Companies are exposed to audit findings and enforcement action


A well-designed QMS, however, becomes a strategic asset—supporting scalability, efficiency, and investor confidence.


Device Scope works with IVD developers to feed information into their QMS system, and where no QMS exists then help establish practical and right-sized QMS frameworks for regulatory expectations without unnecessary bureaucracy—supporting both innovation and compliance.




This is part 1 of a 2-part series. For part 2, see:


 
 
 

Comments

bottom of page