Customer Related Processes SOP – ISO 13485 & MDSAP

The customer related processes SOP ISO 13485 addresses a requirement that is often underestimated in its regulatory significance. Customer related processes — governed by ISO 13485:2016 Clause 7.2 and assessed as a dedicated audit task under MDSAP — define how a medical device organization determines, reviews, and communicates product and service requirements with its customers. Inadequate controls over customer requirements determination, contract review, and customer communication are a consistent source of audit findings — particularly in organizations that treat Clause 7.2 as a formality rather than a structured, documented process.

This Customer Related Processes SOP gives your quality team a complete, audit-ready framework to systematically determine, review, and manage all requirements related to your products and services — fully aligned with ISO 13485:2016 Clause 7.2 and MDSAP audit program requirements.

What’s Included

• P-19 Customer Related Process Procedure — step-by-step instructions covering determination of requirements related to the product (customer-specified requirements, unstated requirements, regulatory and statutory requirements, and organizational requirements), review of product requirements before commitment to supply, handling of requirement amendments and contract changes, customer communication channels and responsibilities covering product information, enquiries, order handling, complaints, and advisory notices, and record requirements for all customer-related activities

Who Is This For

Quality managers, sales managers, customer service teams, and management representatives at medical device companies seeking ISO 13485 certification, preparing for MDSAP audits, or formalizing the interface between commercial activities and quality management system requirements — particularly organizations where the boundary between sales commitments and QMS-controlled processes is not clearly defined or documented.

Why This SOP and Not Starting from Scratch

While Clause 7.2 is one of the shorter clauses in ISO 13485, developing a procedure that genuinely satisfies Notified Body and MDSAP auditor expectations — rather than simply restating the clause text — requires experience with how auditors probe this process in practice. This takes 3–5 hours of a regulatory professional’s time. This package is immediately usable, written by an experienced ISO 13485 Lead Auditor and former Notified Body auditor — reflecting what auditors actually look for when assessing customer related processes during certification and surveillance audits.

✓ Instant download after purchase ✓ Fully editable Word format ✓ Compatible with ISO 13485:2016 and MDSAP ✓ Updated April 2026 ✓ Used by quality teams across EU, US and Canada

Frequently Asked Questions

Q: What does ISO 13485 Clause 7.2 require for customer related processes? A: Clause 7.2 requires organizations to determine requirements related to the product — including customer-specified requirements, applicable regulatory requirements, and any additional requirements the organization considers necessary. It also requires a formal review of those requirements before committing to supply, and documented communication channels with customers covering product information, enquiries, contracts, complaints, and advisory notices.

Q: How does this procedure interact with the complaint management process? A: The procedure defines customer communication channels and requirements, including the interface with complaint management for handling customer feedback and complaints. It establishes the point at which a customer communication becomes a complaint requiring formal handling under the complaint management procedure — ensuring the two processes operate as a connected system rather than in isolation.

Q: Does this procedure address regulatory and statutory requirements as part of product requirements? A: Yes. The procedure explicitly requires the determination of applicable regulatory and statutory requirements as part of the product requirements review — ensuring that regulatory obligations are captured as requirements at the point of contract or order review, not identified for the first time during production or post-market activities. The procedure is also aligned with EU MDR 2017/745, article 10 (QMS Requirements).

Q: How does MDSAP assess customer related processes? A: Under the MDSAP audit approach, customer related processes are assessed as a dedicated audit task within the Measurement, Analysis and Improvement process audit sequence. Auditors review evidence that product requirements are formally determined and reviewed before commitment to supply, that changes to requirements are communicated and documented, and that customer communication channels are defined and operational.

Q: Is this suitable for companies selling through distributors rather than directly to end users? A: Yes. The procedure is applicable to both direct and indirect sales models. For organizations selling through distributors, the procedure covers the determination and review of distributor requirements as customer requirements — including any specific regulatory, labeling, or product configuration requirements imposed by the distributor for their target market.

Q: In what format is the document delivered? A: The procedure is delivered in fully editable Microsoft Word (.docx) format, instantly after purchase.