Submission of the IVDR Technical File: What Manufacturers Really Need to Get Right (Team‑NB, Sept. 2025)
Medical devices regulation
On 4 September 2025, Team‑NB published a new version of its best‑practice guidance for submitting technical documentation in accordance with Annexes II and III of IVDR (EU) 2017/746.
Behind its somewhat austere title, the document is nonetheless a goldmine of information for manufacturers of in vitro diagnostic devices (IVDs).
The goal is clear: to harmonize notified bodies’ (NBs) expectations regarding technical file review, based on real‑world feedback and commonly observed gaps.
And while it’s not a legally binding text, it would be seriously unwise to ignore it.
1. Why this guidance matters for IVD manufacturers
Review timelines are lengthening, requests for additional information are piling up, and frustration is growing.
In this context, the guidance aims to establish a clear, realistic reference point for what NBs actually expect.
This document reflects collaborative work among several NBs that are members of Team‑NB. It doesn’t impose new regulatory requirements—but it makes explicit what is often implicit. In other words, it lays out the “rules of the game” that reviewers are already applying.
So it’s a valuable tool to anticipate expectations, structure files more efficiently, and avoid time‑consuming back‑and‑forth.
2. Key NB expectations according to the position paper
2.1. Clear, organized, traceable documentation
The guidance emphasizes from the outset: a file may be technically compliant but entirely unreadable in presentation.
NBs expect a logical, navigable structure, with complete documents—not fragmented—and explicit cross‑references.
To do:
Use traceability matrices
Highlight the GSPR requirements tied to each demonstration
Ensure each report is dated, signed, and versioned
2.2. Coherence across the file sections
Frequent causes of rejection or requests for additional information:
The declaration of conformity cites a different intended use than the IFU
The risk analysis doesn’t include the warnings listed on the label
The Basic UDI‑DI differs between documents
These discrepancies, often seemingly minor, undermine reviewer confidence. The guidance reminds us: internal coherence is as critical as regulatory compliance.
2.3. Risk management and performance: a critical interface
One of the most useful insights is the connection between different file components.
In particular, risk management must be aligned with:
performance evaluation results (analytical and clinical)
usability test outcomes
intended use conditions
A lack of consistency here may cause the NB to question the overall validity of the submission.
2.4. Clinical performance: there’s no room for ambiguity
The guidance is clear: a Performance Evaluation Plan (PEP) is required, and the corresponding Performance Evaluation Report (PER) must be a standalone, structured, and up‑to‑date document.
Clinical performance isn’t established by a few bibliographic references. It requires:
clinical studies (unless justified otherwise)
transparent methodology
traceability to claimed indications
The guidance refers notably to MDCG documents 2022‑2 and 2022‑9.
2.5. Cybersecurity and software: rising expectations
IVD software manufacturers (including companion apps) must be prepared to supply comprehensive software documentation:
architecture, version control, SOUP, test protocols, V&V
cybersecurity risk analysis
release procedures, known issue management
Overlooking or underestimating this section is now one of the main reasons for rejection or suspension of review.
3. Two practical examples illustrating the real‑world implications
Case 1 – A Class C PCR test manufacturer
A European SME submits a technical file for a respiratory PCR test. The IFU is well translated but doesn’t align with the performance evaluation plan (positivity criteria differ).
Consequence:
The NB halts the review and requests a formal clarification—adding three months of delay due to an easily avoidable internal inconsistency.
Case 2 – A companion software for a CDx
A software developer supports a companion diagnostic for an anticancer drug. The software is well described—but cybersecurity documentation is minimal, with no dedicated risk analysis.
Consequence:
The reviewer demands a full cybersecurity report, an update plan, and SOUP validation. The project is frozen until these deliverables are produced.
4. Mini‑FAQ: what manufacturers often ask
Is this document mandatory?
No, but it accurately reflects real NB expectations. Ignoring it would be a misstep.
Should I redo files already submitted?
Not necessarily, but a cross‑check with this guidance can help avoid surprises during renewals or audits.
Does it replace the MDCG documents?
No, it complements them by offering an operational perspective on the requirements.
Does it apply to all devices?
Yes, to all IVDR‑subject IVDs, classes A through D.
Can CSDmed support us?
Absolutely. We offer targeted critical reviews or full support in file preparation.
5. What next? What should manufacturers do?
Here’s what we recommend at CSDmed:
Use the guidance as a self‑assessment tool before submission
Verify internal coherence across intended use, IFU, risk analysis, PER etc.
For complex devices (software, CDx, Class D), prepare comprehensive software and cybersecurity documentation
Train your teams on these expectations—especially those writing or compiling files
Embed systematic traceability into documents from the design phase
6. Conclusion
This Team‑NB document is not an additional burden.
It’s a means to streamline interactions with your notified body, anticipate roadblocks, and save precious time.
Better to integrate these best practices now than await negative feedback six months later.
CSDmed helps manufacturers build robust, coherent IVDR technical files aligned with real NB expectations.
Need audit support or strategic guidance? Let’s talk.