Quality & Compliance Glossary

AssurX provides a practical, industry-proven glossary of Quality, Regulatory, and Operational Excellence terms to help teams speak the same language across sites, systems, and functions.

Why a Quality Glossary Matters

In regulated industries, inconsistent terminology creates risk. Different teams may use the same term to mean different things, leading to audit findings, process gaps, and misaligned corrective actions.

The AssurX Quality & Compliance Glossary provides clear, practical definitions used by quality, regulatory, operations, and IT teams across manufacturing, life sciences, utilities, and other regulated environments. These definitions are grounded in real-world quality management systems—not academic theory.

Use this glossary to standardize language across teams, support audits, accelerate onboarding, and improve communication across your quality processes.

Glossary of QMS Terms by Category

Acceptance Criteria

Defined conditions that a product, change, or process must meet to be approved or released.

Audit (Internal)

An internal examination of processes, documentation, and compliance to verify adherence to standards and internal procedures.

Audit (External / Third-Party)

An independent assessment conducted by customers, regulators, or certification bodies.

Audit Trail

Tamper-evident, chronological records showing who performed what action, when, where, and why — essential for regulatory compliance.

CAPA (Corrective and Preventive Action)

Structured investigation of root causes with actions to correct existing issues and prevent recurrence.

Change Control

A formalized process for assessing, approving, implementing, and verifying changes to documents, processes, or products.

Closed-Loop Quality

A continuous system where issues, actions, verifications, and monitoring are interconnected to ensure permanent resolution.

Complaint Management

Structured capture, investigation, classification, and resolution of customer product issues.

Conformance / Nonconformance (NC)

Meeting or failing to meet specified requirements; NCs require documented investigation and disposition.

Deviation

A temporary or unplanned departure from an approved process or specification.

Document Control

Centralized management of controlled documents through creation, approval, versioning, training, and retirement.

DMR (Device Master Record)

The complete, approved set of instructions and specifications for producing a medical device.

DHF (Design History File)

Evidence that a device was designed according to approved procedures and regulatory expectations.

DHR / eDHR (Device History Record)

Documentation showing how each unit or batch was manufactured, inspected, and released.

eBR (Electronic Batch Record)

Real-time, automated capture of batch production data for complete traceability.

Effectiveness Check

Verification that corrective/preventive actions are working as intended.

GxP (Good Practice Regulations)

Umbrella term including GMP, GCP, GLP, GDP, etc., governing quality and safety in regulated industries.

ISO 9001

Standard defining QMS requirements for organizations across industries.

ISO 13485

Standard defining QMS requirements specific to medical device manufacturers.

MIR (Medical Incident Report)

Mandatory reporting of device-related adverse events in the EU.

eMDR (Electronic Medical Device Report)

Electronic submission of device adverse events to the FDA.

Notified Body (NB)

EU-designated organization authorized to assess product conformity (e.g., for CE marking).

CE Marking

Indicates conformity with EU safety and performance requirements.

Periodic Review

Scheduled evaluation of documents, suppliers, risks, and processes for ongoing accuracy and compliance.

Process Owner

The individual accountable for documentation, performance, metrics, and continual improvement of a defined process.

Quality Assurance (QA)

Planned activities ensuring processes consistently produce compliant results.

Quality Control (QC)

Operational inspection/testing to verify product quality.

QMS (Quality Management System)

Structured framework of processes, controls, and responsibilities that ensure product quality and compliance.

QSR (Quality System Regulation)

FDA-required QMS framework for medical devices (21 CFR Part 820).

Risk Management File (RMF)

Comprehensive record of risk assessments, mitigations, and controls maintained throughout a product’s life.

Supplier Quality Management

Processes ensuring suppliers meet specification, compliance, and performance requirements.

Training & Competency Management

Ensuring personnel have the required knowledge, skills, and documented training.

URS (User Requirements Specification)

Document describing what the user needs the system to accomplish.

Validation (Process)

Providing evidence that a process consistently produces results meeting predetermined specifications.

Verification

Confirmation that requirements have been met (e.g., testing, inspection).

Workflow Automation

Digital routing, approvals, and escalations that enforce consistency and reduce human error.

5×5 Risk Matrix

Grid used to evaluate severity and probability of risk events.

ALARP (As Low As Reasonably Practicable)

Risk must be reduced to a level that is tolerable and feasible.

Control Measure

Action taken to reduce risk probability or severity.

Detection (FMEA Term)

Likelihood that a failure will be detected before impact.

Failure Mode Drift

Gradual changes in how failures occur due to environment, supplier variation, or uncontrolled processes.

Failure Mode and Effects Analysis (FMEA)

Structured method to identify and prioritize potential failures.

Harm

Physical injury or damage to health.

Hazard

Potential source of harm.

ISO 14971

Standard for medical device risk management.

Mitigation

Action taken to reduce risk likelihood or impact.

Occurrence (FMEA Term)

Likelihood of a failure happening.

Risk Assessment

Identification, evaluation, and prioritization of risks.

Risk Control

Activities to reduce risk to acceptable levels.

Risk Priority Number (RPN)

Severity × Occurrence × Detection.

Risk Priority Trend

Long-term tracking of RPN changes to evaluate effectiveness over time.

Residual Risk

Risk remaining after mitigations.

Severity (FMEA Term)

Impact of a failure on product or user.

Traceability Matrix

Correlation between requirements, risks, tests, and controls.

5 Whys

Iterative questioning method to drill down to root cause.

8D Methodology

Structured team-based problem-solving with defined stages (D1–D8).

Brainstorming

Ideation technique for identifying potential causes.

Cause-and-Effect Diagram (Fishbone / Ishikawa)

Visual tool categorizing potential causes of a problem.

Containment Action

Immediate action to isolate a problem and prevent further impact.

Corrective Action

Elimination of root cause of a detected issue.

DMAIC

A data-driven Six Sigma methodology—Define, Measure, Analyze, Improve, and Control.

Error-Proofing (Poka-Yoke)

Designing processes to prevent mistakes or make them immediately detectable.

Fault Tree Analysis (FTA)

Top-down analysis for identifying combinations of failures leading to an event.

Pareto Analysis

80/20 rule; identifies the most significant contributors to a problem.

Root Cause

Underlying factor that, when removed, prevents recurrence.

Verification of Effectiveness (VoE)

Formal confirmation that corrective actions have succeeded.

AQL (Acceptable Quality Limit)

Maximum defective rate still considered acceptable in sampling.

Bill of Materials (BOM)

List of components and materials required for manufacturing.

Calibration

Process ensuring instruments perform within known accuracy.

COQ (Cost of Quality)

Cost of preventing, detecting, and correcting defects.

Escape

Defective product moving to the next stage without detection.

First Pass Yield (FPY)

Percentage of units that pass testing without rework.

Incoming Inspection

Verification of material quality from suppliers.

Lot Traceability

Ability to track materials throughout production.

MRB (Material Review Board)

Committee deciding NC disposition (scrap, rework, use-as-is).

Nonconforming Material

Material not meeting required specifications.

Product Quality Escape

Defect reaching the customer.

Supplier Audit

Assessment of supplier capability and compliance.

Supplier Escape

Supplier-originated defect that bypasses controls.

Supplier Scorecard

Quantitative evaluation of supplier performance.

21 CFR Part 11

Regulation governing electronic records and signatures.

Audit Logging

System tracking of digital activities.

Backup & Recovery

Processes ensuring data protection and system restoration.

CSV (Computer System Validation)

Documented evidence that a system performs as intended.

Digital Signature

Electronic signature with authentication, integrity, and non-repudiation.

IQ/OQ/PQ

Installation, Operational, and Performance Qualification for validated systems.

Permission Model

Role-based access control for system users.

Version Control

Tracking updates to documents, software, or configurations.

CAPA Cycle Time

Duration from issue initiation to CAPA closure.

Dashboard

Visual display of quality metrics.

Key Performance Indicator (KPI)

Quantifiable measure of process performance.

Key Quality Indicator (KQI)

KPIs specifically tied to quality outcomes.

OEE (Overall Equipment Effectiveness)

Composite measure of equipment performance (availability × performance × quality).

SPC (Statistical Process Control)

Use of control charts to monitor stability.

AssurX offers the entire QMS suite in a single, reliable platform. In the cloud or on-premise in addition to unparalleled professional services.

AssurX Enterprise Quality Management Software Brochure
AssurX Cloud-native QMS
AssurX Provides Comprehensive Professional Services for QMS Implementations

Every Solution You Will Ever Need in a Quality Management System

Business climate can change overnight. Quality regulations and standards continue to evolve. Keep your organization always ready to adapt with the right solutions. All solutions come pre-validated with complete documentation, saving time, reducing risk, and ensuring rapid deployment.

Audit Management

CAPA Management

Calibration Management

Change Management

Complaint Management

Customer Quality Management

Deviation Management

Document Management

EHS Incident Management

Nonconformance Management

Quality Management Review

Risk Management

Supplier Quality Management

Training Management

Validation Management Solution

Quality and Compliance Systems for Every Enterprise.