What Will the Inspector Ask About PMS? FDA, NB & MDSAP Questions Guide (2026)

Level 1 — Explain It Like I'm Five

Imagine a teacher comes to check your homework — but they don't tell you exactly when. They look at your notebook, ask you questions about what you wrote, and check if you did all the assignments. If you did everything, you get a gold star. If you forgot some, you have to fix them.

A regulatory inspection is the same thing. The inspector comes to your company, asks to see your records, and checks if you're watching your medical devices properly. The good news: they usually ask the same kinds of questions every time.

Level 2 — The General Picture

Every major regulatory authority inspects or audits your PMS system. The approach varies — FDA sends government inspectors, EU uses Notified Body auditors, MDSAP uses accredited third-party auditing organizations — but they all ask the same fundamental questions:

Are you collecting PMS data from all required sources?
Are you analyzing it with defined methods?
Are you acting on what you find?
Are you documenting everything — including when you decided NOT to act?
Are you closing the loop — feeding PMS findings back into risk management and design?

Level 3 — The Exact Questions, by Inspection Type

FDA Inspection (QSIT / New CP 7382.850)

FDA inspectors typically start with CAPA (the #1 cited subsystem) and work backwards into complaints:

"Show me your complaint file for [specific device]. Pull 10 recent complaints."
"For this complaint — walk me through how you determined it was [not] reportable."
"Show me the MDR you filed for this event. When did you become aware? When did you file?"
"Show me your trend analysis for the past 12 months. How do you detect trends?"
"This complaint led to a CAPA. Show me the root cause analysis, the corrective action, and the effectiveness verification."
"Show me your management review minutes. Where is the PMS data discussion?"

EU Notified Body Audit (MDR)

NB auditors focus on the documented deliverables and their interconnections:

"Show me your PMS Plan for [device]. Is it device-specific?"
"Show me the current PSUR. When was it last updated? Walk me through the benefit-risk conclusion."
"Show me the PMCF Plan. What clinical questions are you addressing? What data have you collected?"
"How does PMS data feed into your Clinical Evaluation Report? Show me the linkage."
"Show me your trend reporting methodology. What statistical method do you use? What are your thresholds?"
"Show me evidence that PMS findings updated your risk management file."

MDSAP Audit (Chapter 5)

MDSAP auditors evaluate the process holistically across 5 jurisdictions:

"Walk me through a complaint from intake to closure."
"Show me how you determine reportability for [each jurisdiction where you sell]."
"Show me your data analysis methodology and outputs."
"Show me 3 CAPAs initiated from PMS data. What was the root cause? Was effectiveness verified?"
"Show me your external monitoring process — how do you track competitor events and regulatory changes?"

The 8 documents to have ready (any inspection)

Complaint register (last 12–24 months, searchable)
Complaint investigation files (10–15 samples ready)
MDR/vigilance decision log with rationale for every determination
CAPA records (open + recently closed, with effectiveness evidence)
Trend analysis reports (monthly/quarterly)
Management review minutes showing PMS data discussion
Risk management file (ISO 14971) with post-market data integrated
PSUR/PMS Report + PMCF plan/report (EU MDR markets)

Level 4 — The Deeper Analysis

How inspectors actually think

Experienced inspectors don't audit your documents — they audit your decisions. They pick a complaint that looks like it should have been reported, then check whether you reported it. They pick a trend that looks significant, then check whether you acted on it. They pick a CAPA, then check whether the fix actually worked. Every inspection is a test of your judgment, not just your paperwork.

The "thread-pull" technique

FDA inspectors (and experienced NB auditors) use the "thread-pull" technique: they pick ONE complaint and follow it through every connected system — complaint → investigation → reportability decision → MDR report → CAPA → effectiveness check → risk file update → management review. A single broken link in this chain creates a finding. The best preparation is to pull 5–10 threads yourself before the inspector arrives.

Pre-inspection intelligence

FDA's new CP 7382.850 inspection program uses pre-inspection intelligence — your MAUDE reports, your recall history, your 483 history — to decide what to inspect. If your MAUDE data shows a spike in events for a specific failure mode, expect the inspector to pull complaints and CAPAs for exactly that failure mode. The implication: your PMS data quality directly determines how targeted (and potentially painful) your inspection will be.

Frequently Asked Questions

What does an FDA inspector look for in a PMS system?

FDA inspectors focus on the CAPA subsystem first (the #1 most cited area in warning letters), then trace backwards into complaint handling and adverse event reporting. They pull 10–15 random complaint files and check: was the complaint investigated? Was reportability assessed and documented? Were reports filed within required timelines? Did significant findings trigger CAPAs? Were CAPA effectiveness checks performed? They also review trend analysis reports, management review minutes, and risk management files for evidence that PMS data drives decision-making.

How do I prepare for a PMS-focused regulatory inspection?

Conduct a mock audit 4–6 weeks before the expected inspection: pull 10–15 random complaint files and verify investigation completeness, check all filed adverse event reports for timeline compliance, review your trend analysis output, trace 3 CAPAs from origin through effectiveness verification, verify your risk management file was updated with PMS data in the past 12 months, and check management review minutes for PMS data discussion. Have all 8 key documents organized and indexed for rapid retrieval. Train PMS personnel on how to answer inspector questions clearly and accurately.

What is the most common PMS-related FDA 483 finding?

The most common PMS-related FDA 483 observation is inadequate CAPA procedures (21 CFR 820.100), cited in 26 warning letters in FY2025. The second most common is deficient complaint handling (21 CFR 820.198), cited in 23 warning letters. Specifically: complaints closed without root cause analysis, reportability assessments missing or not documented, CAPA effectiveness not verified, and trend analysis absent or inadequate. The pattern is consistent year after year — these are systemic, not random, failures.

How is a Notified Body PMS audit different from an FDA inspection?

FDA inspectors audit your system by sampling records and following evidence trails — they focus on whether your processes actually work. NB auditors under MDR focus more on the documented deliverables — PMS Plan, PSUR, PMCF plan/report — and whether they meet the specific MDR content requirements. FDA asks "did you actually investigate this complaint?" NB asks "does your PMS Plan address all the data sources required by Article 84?" Both approaches can uncover gaps, but they target different weaknesses. Preparing for both means you need both process evidence AND complete documentation.

What Will the Inspector Ask About My PMS System? 4-Level Guide (2026)