If you have read through the requirements of the ISO 13485 medical devices management system, you have probably encountered the term ‘top management’ countless times. 

But do you know what exactly these terms refer to? Does it mean executive or senior management or the management of a specific department?

Today’s article aims to answer these queries through simple explanations.

So, if your company is pursuing the ISO 13485 certification and is eager to learn about its terms, continue reading!

Who Is The Top Management In ISO 13485?

According to ISO 9001, top management is an individual or a group of individuals who control and direct an organization. These individuals are at the highest level of an organization, with the power to provide resources and delegate authority.

Responsibility Of Your Top Management Concerning ISO 13485 Medical Device Management System

Now that you know what ‘top management’ means, check out their responsibilities according to the ISO 13485 medical devices management system.

Management commitment

ISO 13485 requires top management to provide evidence of their dedication to the creation, implementation, and maintenance of the QMS. 

It requires the management to 

  • Communicate the significance of applicable regulatory and customer requirements,
  • Establish quality policy,
  • Ensure the establishment of the quality objectives,
  • Conduct management reviews,
  • Ensure the availability of resources.

Customer focus

Your company’s top management should ensure that you have determined and met the customer and regulatory requirements.

Quality policy

Besides establishing the quality policy, your top management should ensure the policy

  • Applies to the organization’s purpose,
  • Includes a commitment to comply with applicable requirements and maintain the effectiveness of the QMS,
  • Offers a framework for developing and reviewing quality objectives,
  • Go through reviews for continuing stability,
  • Is communicated throughout the organization and understood by relevant parties.


Top management should ensure your organization establishes quality objectives at relevant levels and functions. The ISO 13485 medical devices management system standard requires the objectives to be measurable and aligned with the quality policy.

Furthermore, when planning the quality management system, the top management should ensure that 

  • They carry out the plan to meet the general requirements of the standard and the company’s quality objectives,
  • They maintain the integrity of the QMS when implementing changes to it.

Responsibility, authority, and communication

ISO 13485 certification requires top management to oversee and ensure the process of defining, documenting, and communicating responsibilities and authorities.

Top management should document the interrelation of all personnel whose work affects the QMS. The leaders should ensure the personnel have the authority and independence to perform their tasks.

Appointing members to perform the following tasks also comes under the responsibility of top management.

  • Documenting processes,
  • Reporting on the effectiveness and required improvement of the QMS,
  • Promoting the applicable QMS and regulatory requirements across the organization,

To maintain internal communication, top management shall establish appropriate communication processes.

Management review

Your top management is responsible for reviewing the company’s medical device QMS at documented and planned intervals. They should ensure the adequacy, effectiveness, and continuing stability of the QMS. During the review, leaders should assess improvement opportunities, the need for changes, quality policy, and quality objectives.

ISO 13485 provides a list of ideal inputs and outputs for management review for top management to consider.

Wrapping Up

In a nutshell, top management can be any individual or group that has the highest control or authority over your organization. 

Regardless of who your top management is, ensure they adhere to the above ISO 13485 medical devices management system clauses. Otherwise, you will not be able to achieve the ISO 13485 certification. You can check out the official ISO 13485 requirement lists to learn more about the standard and management responsibilities.

Author's Bio: 

Blue Wolf Certifications is a business partner to various accredited certification bodies. To put it another way, we are one of their auditors, a regional office.
Our auditors have been described as transparent, open, fair and supportive. And even easy to talk to and helpful.
Our audits have been described as nonthreatening, relaxing, straightforward, orderly, professional and painless.
Take the advice of our clients, we will make your ISO certification journey easier and less stressful.
We can audit and provide accredited certifications for ISO 9001, ISO 14001, ISO 27001, ISO 37001, ISO 45001 and other certifications.