ISO 13485 has been revised in 2016 to expand its scope to external suppliers and service providers in addition to medical device manufacturers. Key changes include requiring a risk-based approach to device safety and performance, controlling all changes to processes, and validating computer software used in quality management systems. The standard also places more emphasis on handling customer complaints, controlling nonconforming products, and maintaining design and development files. Organizations must comply with the new ISO 13485 requirements starting in March 2016.