Select all the resources you are interested in downloading.
Quality System Inspection Technique (QSIT) is an inspection framework developed by the U.S. Food and Drug Administration (FDA) to systematically assess medical device manufacturers’ compliance with quality regulations.
QSIT uses a top-down, subsystem-based approach: FDA inspectors begin at the management level, then “drill down” through key quality system subsystems such as management controls, corrective actions/preventive actions (CAPAs), design controls, and production & process controls.
Rather than examining every document or activity, QSIT focuses inspections on core systemic elements and uses sampling to evaluate whether procedures are defined, documented, and implemented effectively.
The intent of QSIT is to make inspections more efficient and consistent, helping FDA field staff focus on meaningful indicators of systemic quality performance rather than minor deviations.
In practice, manufacturers use QSIT as a guide for preparing for inspections, ensuring their quality systems are robust and audit-ready in critical areas
In the medical device regulatory arena, frameworks such as the international standard ISO 13485:2016 and the U.S. regulation formerly known as the Quality System Regulation (QSR) under 21 CFR Part 820 form the foundational why and what of quality systems. ISO 13485 provides a globally recognized model for an effective quality management system (QMS) that ensures devices are consistently safe and effective, while the FDA’s QSR (now evolving into the Quality Management System Regulation or QMSR) embodies that model in U.S. law.
The guiding philosophy behind these regulations is that manufacturers must have systems—not just products—that proactively ensure quality: documented procedures, risk-based thinking, supplier control, corrective actions/preventive actions, and traceability from design to postmarket surveillance. ISO 13485 emphasizes risk-based decision-making and lifecycle controls, and the FDA’s inspection technique (QSIT) is a structured top-down subsystem review that evaluates whether firms have defined, implemented, and maintained their QMS.
In terms of scope and jurisdiction, the FDA regulates finished medical devices marketed in the U.S., enforcing the Federal Food, Drug, and Cosmetic Act and implementing regulations like 21 CFR Part 820. Meanwhile, ISO 13485 applies globally and is not a law in itself, but when incorporated by reference (as the FDA’s QMSR will do), it becomes a regulatory requirement. These frameworks relate to each other in that the FDA is now revising its domestic QMS regulation to align more closely with ISO 13485. On January 31, 2024, the FDA published a final rule to move toward the QMSR, incorporating ISO 13485:2016 by reference while retaining U.S.-specific requirements.
Historically, the QSR (21 CFR Part 820) had not been significantly revised since the mid-1990s, and inspection practices like QSIT had been used for years. The move toward QMSR and harmonization with ISO 13485 reflects an evolution from compartmental, checklist-based inspections to more modern, risk-based, process-oriented oversight—helping manufacturers operating globally align their systems and facilitating more consistent regulatory expectations.
The QSIT outlines how medical device manufacturers must structure and maintain their quality systems to demonstrate compliance with federal regulations. These requirements are primarily defined under 21 CFR Part 820 (the Quality System Regulation) and supported by related standards such as 21 CFR 803 (Medical Device Reporting), 21 CFR 806 (Corrections and Removals), and 21 CFR 821 (Device Tracking). Together, these rules establish the framework for ensuring that every stage of device design, production, and distribution meets regulatory and safety expectations.
To comply, manufacturers must document and maintain robust systems for management controls, design controls, production and process controls, and corrective action/preventive action (CAPA). These systems must be supported by detailed technical specifications and validation protocols demonstrating that processes consistently yield devices meeting predefined quality standards. Equipment calibration, maintenance logs, and procedures for handling nonconforming products all serve as critical evidence of compliance.
Documentation is central to QSIT. Companies must be able to present current procedures, training records, audit schedules, management review minutes, and CAPA documentation during inspections. The FDA’s “establish, document, implement” principle requires having written procedures and also proving that they are active and effective through records and interviews.
Testing, verification, and validation protocols ensure that both design and manufacturing processes perform as intended. Design history files (DHF) and device master records (DMR) must include verification results, validation reports, and change control documentation.
Finally, firms are responsible for timely reporting and continuous oversight. They must respond to Form 483 observations within 15 business days, report adverse events under MDR requirements, and conduct regular internal audits and management reviews. Maintaining compliance is an ongoing, cyclical process of documentation, validation, review, and improvement—one that QSIT formalizes to safeguard product quality and patient safety.
The medical device industry is the primary focus of the FDA’s Quality System Inspection Technique (QSIT). It establishes a structured approach to evaluating whether device manufacturers comply with 21 CFR Part 820, which governs the Quality System Regulation (QSR). QSIT inspections assess key subsystems such as management controls, design controls, corrective actions/preventive actions (CAPA), production and process controls, and documentation practices. For medical device manufacturers, QSIT ensures that quality is built into every stage of a product’s lifecycle—from concept and design through manufacturing, labeling, and postmarket monitoring. Inspectors verify that companies “establish, document, and implement” procedures that consistently produce safe and effective devices. The process also encourages a culture of continuous improvement, requiring robust internal audits, management reviews, and training programs. In an increasingly globalized market, adherence to QSIT satisfies FDA expectations and aligns closely with ISO 13485, streamlining compliance for companies selling internationally.
QSIT is equally critical for manufacturers of in vitro diagnostic (IVD) devices, which include reagents, analyzers, and testing kits used to detect diseases and health conditions. Because diagnostic accuracy directly impacts patient outcomes, the FDA applies the same QSR principles to IVDs as it does to other medical devices. Under QSIT, inspectors evaluate design validation, risk analysis, process verification, and software controls within the diagnostic manufacturing process. IVD companies must document each step that affects test precision and reliability, including calibration, lot-to-lot consistency, and quality control testing. QSIT also ensures that labeling, instructions for use, and packaging meet regulatory and performance standards. Given the complexity of global diagnostic supply chains, manufacturers often face added scrutiny regarding supplier qualification and component traceability. Through QSIT, the FDA reinforces a systems-based approach, ensuring that manufacturers maintain rigorous documentation and validation protocols to protect patient safety and diagnostic integrity.
Manufacturers of combination products (products that integrate drugs, biologics, or medical devices into a single therapeutic system) face unique regulatory challenges. Because these products cross traditional category boundaries, they must comply with both drug good manufacturing practice (GMP) requirements (i.e., 21 CFR 210/211) and device QSR (21 CFR 820) requirements. QSIT provides the FDA’s primary framework for evaluating the device component of these products. During inspections, QSIT helps ensure that design controls, risk assessments, and manufacturing processes meet the same standards expected of stand-alone devices. For example, in a drug-eluting stent, the device delivery mechanism must meet QSIT expectations for validation and process control, while the drug portion must comply with pharmaceutical GMPs. This harmonized approach encourages integration of quality management systems across all components, promoting consistency and reducing compliance gaps. Ultimately, QSIT gives regulators a unified way to assess how manufacturers coordinate device and drug quality processes, ensuring final products are safe, effective, and reliably produced.
While QSIT does not directly regulate biologic manufacturing, it significantly affects biotechnology and bioprocessing equipment manufacturers—companies that produce the systems used to develop, purify, and analyze biologics and cell-based products. Equipment such as fermenters, filtration units, and analytical instruments often qualify as medical devices or accessories, making them subject to QSIT oversight. For these manufacturers, QSIT emphasizes process validation, calibration, and preventive maintenance as central compliance pillars. Because bioprocessing environments require precise control of temperature, pressure, and sterility, even minor equipment deviations can compromise product quality. QSIT inspections verify that manufacturers have validated their processes, documented their maintenance cycles, and established CAPA systems to prevent recurrence of failures. As life sciences organizations adopt advanced automation and digital control systems, QSIT principles also help ensure that software and hardware integrations are verified and traceable. The result is a robust quality infrastructure that supports both regulatory compliance and the high performance standards expected in biologics production.
As the FDA increasingly regulates software that performs medical functions independently of hardware, QSIT principles are being applied to Software as a Medical Device (SaMD) and digital health solutions. Developers must demonstrate that their software meets the same quality and validation requirements as traditional medical devices. This includes establishing design controls, risk management procedures, verification and validation protocols, and change management systems. QSIT inspections for SaMD focus on whether the software development lifecycle (SDLC) is well-defined and documented and whether testing and release processes ensure consistent, reliable performance. Cybersecurity, data integrity, and version control are also key elements under scrutiny. For companies in digital health, aligning with QSIT provides a blueprint for FDA readiness, ensuring that software updates, algorithm changes, and integrations with third-party platforms are managed under a formal quality system. In a field where innovation moves quickly, QSIT offers a structured framework that balances regulatory compliance with agile development and continuous improvement.
A Level 1 QSIT inspection is a full, comprehensive audit that reviews all four major subsystems: management controls, design controls, CAPA, and production and process controls.
A Level 2 inspection is more limited, usually focused on one subsystem or a specific issue.
For Level 1, prepare companywide documentation, training records, and audit trails. For Level 2, focus on the targeted subsystem and any related corrective actions or recent changes.
Recent QSIT observations most often involve weaknesses in corrective action/preventive action (CAPA) procedures, design control documentation, and complaint handling. Investigators frequently cite incomplete root cause analyses, inadequate verification of corrective actions, and missing or poorly maintained design history files. Other recurring issues include insufficient supplier controls and inadequate process validation, all of which point to gaps in quality system consistency and oversight.
QSIT requirements and ISO 13485 standards both focus on establishing and maintaining an effective quality management system for medical devices. They align in areas such as CAPA, document control, and risk management. The key difference is that QSIT is an FDA inspection framework based on U.S. regulatory requirements under 21 CFR Part 820, while ISO 13485 is an international certification standard emphasizing continual improvement and global compliance.
Respond to Form 483 observations quickly, clearly, and thoroughly. Submit a written response to the FDA within 15 business days, addressing each cited issue individually. Include a root cause analysis, corrective action/preventive action documentation, and evidence of implementation or a timeline for completion. Demonstrate accountability, transparency, and commitment to long-term compliance, as well-structured responses can significantly influence the FDA’s next steps.