What services does JCC Group provide for pharmaceutical and biologics manufacturers?

JCC Group offers end-to-end regulatory consulting services for pharmaceutical and biologics companies, including 21 CFR Part 211 cGMP compliance, Quality Management System (QMS) design, validation strategy, FDA inspection readiness, supplier qualification, data integrity assessments, and harmonization with ICH international standards (Q7, Q8, Q9, Q10, and Q11). Our consultants partner with clients across the full product lifecycle — from facility start-up and clinical-stage manufacturing through commercial production and post-approval changes.

What types of companies does JCC Group work with?

We support a broad spectrum of clients, including emerging biotech startups, contract manufacturers (CMOs/CDMOs), mid-size pharmaceutical companies, global drug manufacturers, biologics and cell & gene therapy developers, and international manufacturers exporting to the U.S. market. Whether you are launching your first product or managing a multi-site global operation, our services scale to fit your needs.

What is 21 CFR Part 211, and who must comply?

21 CFR Part 211 establishes the FDA's Current Good Manufacturing Practice (cGMP) requirements for finished pharmaceuticals. It applies to any company involved in manufacturing, processing, packaging, labeling, or holding human and veterinary drug products distributed in the United States — including drug substance and drug product manufacturers, contract facilities, and repackagers.

How does JCC Group help companies achieve 21 CFR Part 211 compliance?

We provide comprehensive support including cGMP gap assessments, QMS design and implementation, SOP and documentation development, equipment qualification (IQ/OQ/PQ), process and cleaning validation, quality control laboratory compliance, change control programs, CAPA systems, and mock FDA inspections. Our team builds compliance programs tailored to your operations — not generic templates.

Does JCC Group support biologics manufacturers under 21 CFR Part 211?

Yes. While biologics are also governed by 21 CFR Part 600-series regulations, Part 211 still applies to many aspects of biologic drug product manufacturing. We support biologics manufacturers across monoclonal antibodies, recombinant proteins, vaccines, cell and gene therapies, and biosimilars — addressing both small-molecule and large-molecule complexities.

What are ICH guidelines, and why do they matter?

The International Council for Harmonisation (ICH) develops globally recognized standards for pharmaceutical quality, safety, and efficacy. Compliance with ICH guidelines — especially Q7 (API GMP), Q8 (Pharmaceutical Development), Q9 (Quality Risk Management), Q10 (Pharmaceutical Quality System), and Q11 (Drug Substance Development) — is essential for companies seeking global market access and harmonized regulatory approval across the U.S., EU, Japan, and other ICH regions.

How does JCC Group help companies align with ICH standards?

Our consultants integrate ICH principles into every aspect of our consulting work. We design Pharmaceutical Quality Systems aligned with ICH Q10, implement quality risk management frameworks per ICH Q9, support development activities under Q8/Q11, and ensure API manufacturing aligns with ICH Q7 — enabling clients to meet both FDA expectations and global harmonized requirements simultaneously.

Can JCC Group build a Quality Management System (QMS) from scratch?

Absolutely. We design and implement complete Quality Management Systems for new facilities, startups, and companies transitioning from clinical-stage to commercial manufacturing. Our QMS deliverables include Quality Manuals, SOPs, work instructions, forms, Master Production Records, Batch Production Records, change control systems, and integrated documentation control platforms.

Does JCC Group provide ongoing QMS maintenance and support?

Yes. Beyond initial implementation, we offer long-term advisory services to keep your QMS current with evolving regulations, support periodic management reviews, conduct internal audits, manage CAPA effectiveness checks, and provide regulatory intelligence updates. Many clients engage us as their long-term regulatory partner rather than a one-time consultant.

What happens during a mock FDA inspection conducted by JCC Group?

Our mock inspections replicate real FDA methodology — including facility walkthroughs, document reviews, employee interviews, and front-room/back-room dynamics. We assess your operations against 21 CFR Part 211, your QMS, and applicable ICH standards, then deliver a detailed report with prioritized findings, root cause insights, and clear remediation recommendations.

Can JCC Group help if we received a Form 483 or FDA Warning Letter?

Yes — rapid-response remediation is one of our core specialties. Our team conducts immediate root cause investigations, develops comprehensive CAPA plans, drafts written responses that meet FDA expectations, and manages the remediation process from start to finish. We have helped clients successfully close significant findings and restore compliance under tight deadlines.

Types of FDA Medical Device Inspections: 2026 Guide

Navigating the Path to Market in a Regulated IndustryDiscover the types of FDA medical device inspections in 2026. Stay compliant and prepare effectively with our comprehensive guide!

FDA medical device inspections are formally categorized under Compliance Program 7382.850, a risk-based framework that took effect in February 2026 alongside the Quality Management System Regulation (QMSR). This framework replaces the legacy Quality System Inspection Technique (QSIT) with a process-oriented model aligned to ISO 13485, organizing all medical device regulatory inspections around six Quality Management System (QMS) Areas and four Other Applicable FDA Requirements (OAFRs). For regulatory professionals, understanding the distinct types of FDA medical device inspections is not optional preparation. It is the foundation for knowing what FDA investigators will examine, how deeply they will examine it, and what documentation you need ready before they arrive.

1. What are the types of FDA medical device inspections in 2026?

The CP 7382.850 risk-based framework defines six distinct inspection types, each with a specific trigger, scope, and assigned inspection model. Knowing which type applies to your facility determines the depth of review you should prepare for.

Baseline surveillance inspections apply to manufacturers with no prior FDA inspection history or no Medical Device Single Audit Program (MDSAP) audit on record. These receive the most thorough review under Inspection Model 2, which requires comprehensive coverage of multiple specified elements across every QMS Area.
Non-baseline surveillance inspections apply to manufacturers with an established FDA inspection or MDSAP audit history. These use Inspection Model 1, which requires evaluating at least one element per QMS Area. The scope is narrower, but investigators still exercise critical judgment in selecting which elements to examine.
Compliance follow-up inspections are triggered by prior regulatory action, such as a Warning Letter, consent decree, or injunction. These inspections verify whether corrective actions have been implemented effectively, using Model 1 coverage focused on the areas cited in the original action.
For-cause inspections respond to specific signals: consumer complaints, adverse event reports, or product safety concerns. FDA may inspect MDSAP sites for cause even when routine surveillance is waived, making this type a critical risk for manufacturers who assume MDSAP certification provides full coverage.
Specific Product Risk Assignments (SPRA) are targeted inspections tied to a particular device or product risk identified by FDA’s Center for Devices and Radiological Health (CDRH). These follow Model 1 and focus on the risk elements specific to the flagged product.
PMA preapproval inspections are mandatory for high-risk devices pending Premarket Approval (PMA). These prioritize high-risk devices pending FDA approval and use Model 2’s comprehensive review, focused specifically on the device under review and its associated risk profile.
PMA postmarket inspections follow up on approved high-risk devices and apply Model 1 coverage to assess ongoing compliance with approved specifications and postmarket surveillance requirements.

2. How do FDA inspection models 1 and 2 differ?

The inspection model assigned to a given inspection type determines the depth and breadth of what FDA investigators will review. This distinction is one of the most practical pieces of knowledge a regulatory professional can carry into audit preparation.

Feature	Inspection Model 1	Inspection Model 2
Coverage requirement	At least one element per QMS Area and OAFR	Multiple specified elements per QMS Area and OAFR
Applies to	Non-baseline surveillance, compliance follow-up, for-cause, SPRA, PMA postmarket	Baseline surveillance, PMA preapproval
Investigator discretion	High. Investigators select elements based on risk signals	Lower. Elements are pre-specified and comprehensive
Documentation depth	Targeted to selected elements	Broad. All major QMS processes subject to review
Typical duration	Shorter	Longer and more resource-intensive

Model 1 and Model 2 differ in element depth, and readiness audits should replicate this distinction to prepare efficiently. A manufacturer preparing for a baseline inspection who uses the same internal audit approach as one preparing for a non-baseline inspection will have significant gaps in Model 2 element coverage.

Under Model 2, investigators are expected to review multiple elements within areas like Design and Development and Corrective and Preventive Action (CAPA). Under Model 1, the investigator applies critical thinking to select elements based on risk signals observed during the inspection, which means your documentation must be traceable and defensible across all areas even when only a subset is formally reviewed.

Pro Tip: Map your internal audit schedule to the inspection model most likely to apply to your facility. If you have no prior FDA inspection history, treat every internal audit as a Model 2 exercise until your baseline inspection is complete.

3. FDA’s six QMS Areas and four OAFRs explained

CP 7382.850 organizes review by six QMS Areas and four OAFRs, and every inspection type maps its element selection to this structure. Understanding what each area covers tells you exactly where investigators will focus their attention.

The six QMS Areas are:

Management Oversight: Leadership accountability, quality policy, management review records, and organizational resources.
Production and Service Provision: Manufacturing controls, process validation, labeling, and device history records.
Design and Development: Design controls, risk management files, design verification and validation, and design transfer documentation.
Change Control: Procedures for managing changes to devices, processes, and software, including impact assessments.
Outsourcing and Purchasing: Supplier qualification, supplier audits, and controls over outsourced processes.
Measurement, Analysis, and Improvement: Internal audits, complaint handling, nonconforming product controls, and CAPA.

The four OAFRs are Medical Device Reporting (MDR), Reports of Corrections and Removals, Medical Device Tracking, and Unique Device Identification (UDI). These requirements sit outside the core QMS structure but are reviewed in every inspection type. Gaps in MDR documentation or UDI compliance are among the most common findings FDA investigators cite, particularly in for-cause inspections triggered by adverse event reports.

FDA investigators trace risk threads across QMS Areas to assess systemic quality management effectiveness rather than reviewing each area in isolation. A complaint in the Measurement, Analysis, and Improvement area may prompt the investigator to follow the thread into Design and Development or Change Control, depending on the nature of the risk.

4. Comparing inspection types: triggers, models, and preparation

The table below summarizes the key attributes of each FDA medical device inspection type to give regulatory professionals a fast reference for preparation planning.

Inspection type	Trigger	Model	Scope focus
Baseline surveillance	No prior FDA or MDSAP history	Model 2	All QMS Areas, comprehensive elements
Non-baseline surveillance	Established inspection or MDSAP history	Model 1	Risk-selected elements per area
Compliance follow-up	Prior regulatory action	Model 1	Cited areas and corrective action effectiveness
For-cause	Complaint, adverse event, or product risk signal	Model 1	Risk-specific elements and OAFRs
SPRA	CDRH-identified product risk	Model 1	Product-specific risk elements
PMA preapproval	High-risk device pending approval	Model 2	Device-specific comprehensive review
PMA postmarket	Approved high-risk device	Model 1	Postmarket surveillance and ongoing compliance

Preparation recommendations vary significantly by inspection type. For baseline and PMA preapproval inspections, your readiness package must cover every QMS Area with complete documentation. For non-baseline and for-cause inspections, the priority shifts to risk traceability: can you demonstrate that your CAPA system, complaint handling, and design controls are connected and functioning as a system?

MDSAP participation reduces routine surveillance but does not eliminate regulatory oversight or triggered inspections. Manufacturers enrolled in MDSAP should maintain the same documentation discipline they would for a direct FDA inspection, particularly for CAPA effectiveness and supplier audit records.

FDA investigators now have authority to request internal audit reports, supplier audits, and management reviews under the new QMSR rules. This is a meaningful expansion from prior practice and one that many manufacturers are not yet prepared for.

Pro Tip: Before any inspection, prepare a risk-traceability matrix linking your complaint records, CAPA files, risk management documentation, and design controls. This single document can significantly reduce the time investigators spend requesting additional records and demonstrates systemic quality management.

You can also use the MDSAP audit alignment guide from Jjccgroup to cross-reference your MDSAP outputs against FDA’s CP 7382.850 element expectations, which is particularly useful for non-baseline surveillance preparation.

Key takeaways

FDA medical device inspections under CP 7382.850 are defined by six distinct types, each assigned to either Inspection Model 1 or Model 2, and preparation must be calibrated to the specific model and trigger that applies to your facility.

Point	Details
Six inspection types defined	Baseline, non-baseline, compliance follow-up, for-cause, SPRA, and PMA preapproval and postmarket each have distinct triggers and scopes.
Two models determine depth	Model 2 requires comprehensive multi-element review; Model 1 requires at least one element per QMS Area with investigator-selected focus.
MDSAP does not eliminate oversight	MDSAP participation reduces routine surveillance but FDA retains authority for for-cause and compliance follow-up inspections at MDSAP sites.
OAFRs reviewed in every inspection	MDR, corrections and removals, device tracking, and UDI are assessed regardless of inspection type or model.
Internal audits must match inspection models	Generic internal audits leave model-specific element gaps; audits should replicate the Model 1 or Model 2 structure most likely to apply.

What the 2026 framework actually demands from regulatory professionals

Having worked through the transition from QSIT to CP 7382.850 with multiple manufacturers, the shift that catches teams off guard is not the new terminology. It is the investigator’s expanded discretion under Model 1.

Under the old QSIT framework, you could reasonably predict which subsystems would be reviewed and prepare accordingly. Under Model 1, the investigator follows risk signals. If a complaint record looks thin, they will follow that thread into CAPA. If a CAPA looks disconnected from design controls, they will go there next. The inspection becomes a live risk assessment, not a checklist walkthrough.

The teams that handle this well are the ones who have built genuine risk traceability across their QMS, not just documentation that satisfies each area in isolation. A complaint that has a clear link to a risk management file, a CAPA with measurable effectiveness criteria, and a management review that actually discusses systemic trends: that is what Model 1 readiness looks like in practice.

The other underestimated issue is the new authority to review internal audit reports. Many companies have internal audit programs that were never designed to be shown to FDA. The findings are vague, the corrective actions are generic, and the follow-up is inconsistent. Under the current rules, that document is now fair game. If your internal audit program would embarrass you in front of an investigator, that is the first thing to fix before your next inspection.

For companies enrolled in MDSAP, the temptation is to treat MDSAP certification as a compliance shield. It is not. MDSAP readiness cannot be limited to certification outputs. FDA will still come for cause, and when they do, they expect the same rigor they would find in a direct inspection.

— Mike

How Jjccgroup supports FDA inspection readiness

Preparing for the full range of FDA medical device inspection types requires more than a checklist. It requires a readiness strategy calibrated to the specific inspection model, your facility’s inspection history, and the risk profile of your device portfolio.

Jjccgroup brings over 30 years of regulatory consulting experience to FDA inspection preparation, offering customized readiness audits that replicate the Model 1 and Model 2 element selection logic FDA investigators apply. Their team supports alignment of internal audit programs, CAPA systems, and risk management documentation with CP 7382.850 expectations. For manufacturers facing baseline inspections, PMA preapproval reviews, or triggered for-cause visits, Jjccgroup’s regulatory approval consulting provides the structured preparation that turns a high-stakes inspection into a manageable, well-documented process.

FAQ

What triggers a for-cause FDA medical device inspection?

For-cause inspections are triggered by specific risk signals such as consumer complaints, adverse event reports, or product safety concerns identified by FDA. MDSAP-participating manufacturers are not exempt from for-cause inspections even when routine surveillance is waived.

What is the difference between Inspection Model 1 and Model 2?

Model 1 requires at least one element reviewed per QMS Area, with investigators selecting elements based on risk. Model 2 requires comprehensive review of multiple specified elements across all QMS Areas and applies to baseline surveillance and PMA preapproval inspections.

Does MDSAP certification replace FDA inspections?

MDSAP audit reports can substitute for routine FDA surveillance inspections, but FDA retains full authority to conduct for-cause and compliance follow-up inspections at MDSAP-enrolled sites. Ongoing documentation discipline and CAPA effectiveness remain required regardless of MDSAP status.

What QMS areas does FDA review during a medical device inspection?

FDA reviews six QMS Areas: Management Oversight, Production and Service Provision, Design and Development, Change Control, Outsourcing and Purchasing, and Measurement, Analysis, and Improvement. All four OAFRs covering MDR, corrections and removals, device tracking, and UDI are also assessed in every inspection type.

What documentation can FDA investigators request under the 2026 QMSR rules?

Under the current rules, FDA investigators can request internal audit reports, supplier audit records, and management review minutes, which represents a significant expansion from prior inspection authority. Manufacturers should treat these documents as inspection-ready at all times.