ISO 9001:2015 organises its requirements around the Annex SL high-level structure shared by all modern ISO management system standards. That structure groups clauses into context of the organisation, leadership, planning, support, operation, performance evaluation, and improvement. For a first-time implementer, this architecture is both a map and a checklist: each clause represents a discrete body of work that must be addressed before certification can be claimed. In a medical device context, teams implementing ISO 9001:2015 often do so as a stepping stone toward ISO 13485, the FDA Quality Management System Regulation (QMSR), or the EU MDR, so the groundwork laid here carries direct regulatory weight.
A gap analysis is the standard starting point. It compares your current documented practices, responsibilities, and records against each clause requirement and produces a ranked list of deficiencies. Without a disciplined gap analysis, organisations routinely under-scope the effort: they complete documented procedures but leave training records, infrastructure controls, or supplier qualification evidence untouched. Those gaps surface during the Stage 1 audit, causing delays that could have been avoided with a structured review upfront.
First-time implementers most commonly stumble on three areas: defining the scope and exclusions correctly in clause 4.3, building a risk-based thinking approach into planning rather than treating it as a separate exercise, and confusing document control requirements with the need for a separate, rigid document hierarchy. A checklist approach reframes the standard into concrete, verifiable actions tied to clause numbers, making ownership and progress visible to leadership without requiring deep standards expertise from every contributor.
Working through a well-structured checklist also accelerates the transition from ISO 9001:2015 to the stricter device-specific standards that most medical device manufacturers ultimately need. Clause mappings between ISO 9001 and ISO 13485 are well-documented, and organisations that build their QMS with those mappings in mind avoid costly rework when they pursue the additional certification. The checklist is not a shortcut: it is a sequenced project plan that keeps the implementation audit-ready at every stage.
The whitepaper below walks through the implementation checklist qmsWrapper teams use.




