Speaking for SGS, our certs are issued thusly:
ISO13485 - accredited by United Kingdom Accreditation Service (UKAS).
The certificates have three year expiry, subject to annual surveillance and triennial recertification. We get an annual office by UKAS, I think they typically waive field audits.
ISO13485 under CMDCAS - accredited by Standards Council of Canada (SCC), in turn regulated by Health Canada (HC). The certificates have three year expiry, subject to annual surveillance and triennial recertification. The audit team must always include a HC/SCC-qualified auditor.
We get an annual office audit (on us) by someone from SCC that has a medical devices background and is co-approved by HC. We also have a field audit (i.e. someone watching us watching you!), usually conducted by the same auditor as above, anywhere in the world.
MDD QMS - we are notified by the United Kingdom Medicines and Healthcare products Regulatory Agency. The certificates have three/five year expiry, subject to annual surveillance and triennial recertification.
MDD Class III devices get their own review - i.e. design dossier audit - and the resulting certificate is good for five years.
The MHRA performs a detailed office audit annually, we've had anywhere from three to nine man-days onsite. Their audit is a combination of assessing our management systems, and also reviewing our clinical decision-making, and they bring an assorted team to accomplish that. They also perform field audits, in the UK and/or overseas, on an approximately annual basis.
This is all off the top of my head, so I'm not guaranteeing it's gospel-accurate!
