Background:

I work for a company that offers customized networking, security, server, and computing solutions. We are in the process of expanding our Dedicated customer base, a large number of which are manufacturers of medical devices and subject to FDA regulations.

In an effort to improve our "marketing appeal", executive management has decided that we are going to comply with all of the same requirements as our end user customers, so that we can also say that we are an "FDA regulated establishment". We simply won't have any of the responsibilities or take any of the actual risks that our customers will.

My question - because of the fact that we will never be determining the specifications for products (in other words, never be engaged in any activity that the FDA has even the slightest interest in...), wouldn't that be misrepresentation? We're even going so far as to begin working with firms to come in and audit our Quality System to the CGMP requirements...

For the record, as a Quality professional, I’ve been attempting to shift the focus to ISO 13485 Certification, something that I feel is both more value-added and easier to attain especially since we’re already ISO 9001:2000 certified. Since it isn’t as well known as the FDA, combined with several misconceptions about the standard that refuse to be clarified, this option has been dismissed