Don't know where to start? Watch our free starter videos and save lots of time and consultant fees

Articles Quality Management

November 15, 2023

ISO 13485 KPIs: Example Key Performance Indicators For Your ISO 13485 Processes

Sören Hornof

KPIs are like scorecards for organizations, helping them track how well they’re doing and if they’re moving closer to their goals. In the world of ISO 13485 (Section 4.1.3 and Section 8.2.5), process KPIs are important to be compliant. They are the metrics by which the health of our processes is measured.

The perfect opportunity for a health check-up of your process is the Management Review pursuant to ISO 13485:2016 Section 5.6. Of course we also have a template for the Management Review SOP and the Management Review Report. In the Management Review you’ll look at every process and evaluate whether it performs well. To approach it systematically, you need a metric that shows if the process achieved what it is meant to do: those metrics are your KPIs.

You can either define the KPIs for every process in the respective SOPs themselves, and/or you can keep an overview of the KPIs in the template for the Management Review Report.

While the standard does not require a certain number of KPIs, a common number for startups would be to have one or two KPIs per process. But any number higher than 0 is acceptable. This is also depending on the maturity of your QMS. The KPIs will evolve in the course of the Management Reviews and over the years. When you deem some metrics to yield no insights, you are well advised to change them for the upcoming term or even throughout the year.

Following the S.M.A.R.T approach, it makes sense to define a target for your KPIs (goal). That makes the assessment easier in the Management Review, as you can easily determine whether the outcome is acceptable or not.

In case you have no idea which KPIs you could use for your processes, here’s a list of examples:

CAP-SOP: Corrective and Preventive Action

CERT-SOP: Product Certification and Registration

CEV-SOP: Clinical Evaluation

CHM-SOP: Change Management

CSV-SOP: Computerized System Validation

DPL-SOP: Deployment

DRC-SOP: Document and Record Control

SWD-SOP: Integrated Software Development

(Includes Usability Evaluation and Risk Management)

FBM-SOP: Feedback Management

HRA-SOP: Human Resources Administration

IAU-SOP: Internal Auditing

MGR-SOP: Management Review

PCH-SOP: Purchasing

PMS-SOP: Post-Market Surveillance

PRS-SOP: Problem Resolution

URG-SOP: Update of Regulations

VIG-SOP: Vigilance


There is (almost) no right or wrong when it comes to KPIs. Especially when you’re setting up your QMS from scratch, you likely don’t know (yet) what’s the most important metric for your processes. The KPIs listed above give you a good headstart. Thoughout the years, you will look at these metrics at least once per year in the Management Review. Some of them will prove as helpful, some you might need to replace in order to measure the right things and to keep improving. The quality of your KPIs will be proportional to the maturity of your QMS (hopefully).

Keep in mind that KPIs should facilitate an assessment of the performance of the process. When we take the example of the CAPA process, you might think that measuring the number of CAPAs per year makes sense. However, it is not a good indicator for the process. A lot of CAPAs doesn’t mean that the process is bad while few CAPAs likewise doesn’t say anything. Maybe not all CAPAs are reported, maybe you’re opening a CAPA for too many minor issues. The goal of the KPI is to indicate whether the CAPA process does what it should do when you need it.

Likewise, the goal with KPIs is not to always achieve the goal that you’ve set yourself, but rather to actually paint a comprehensive picture of the quality of your products, services and organizational structure. You can always say you’ve achieved your goal if your goal is to “have a product”. It’s not valuable though. If you set out to have zero customer complaints, it’s way harder, but this metric is more likely to show you whether you’re on the right path.

In this regard, the 13485 requirement to measure your processes can actually be helpful for your business. So thanks for requiring this, 13485.

On a slighty different note: You want to get your medical software certified under MDR but don't know where to start? No worries! That's why we built the Wizard. It's a self-guided video course which helps you create your documentation yourself. No prior knowledge required. You should check it out.

Or, if you're looking for the most awesome (in our opinion) eQMS software to manage your documentation, look no further. We've built Formwork, and it even has a free version!

If you're looking for human help, did you know that we also provide some limited consulting? It's limited because we are not many people. We guide startups from start to finish in their medical device compliance.

Congratulations! You read this far.

Get notified when we post something new.

Sign up for our free newsletter.

Sören Hornof

Hi! I am a Pharmacist with great enthusiasm for technology and innovation. Health has always been my major passion and I strongly believe that medical devices will change the world of care. Therefore, I am very happy to be able to work with progressive startups and contribute to this development.


If you have any questions or would like to share your opinion publicly, feel free to comment below. If you'd like to reach out privately, send us a message.

No QMS on this planet will save you from creating crappy software.