Evidence Product Checklist For Standard IEC 62304:2006 Medical device software Software life cycle processes



Similar documents
EVIDENCE PRODUCT CHECKLIST For the FDA Document. Guidance for Industry, FDA Reviewers and Compliance on Off-The-Shelf Software Use in Medical Devices

ISBN /17/2008 1

SUPPLIER ASSESSMENT CHECKLIST

SEPT EVIDENCE PRODUCT CHECKLIST For ISO Standard 9004:2009 Managing for the sustained success of an organization A quality management approach

Sample Pages for TEMPLATE FOR A SOFTWARE DOCUMENTATION MANAGEMENT PLAN

TEMPLATES FOR SOFTWARE CONFIGURATION MANAGEMENT DOCUMENTS DELUXE VERSION 2.0. ISBN Number:

Templates For Software Configuration Management Documents

2015. All rights reserved.

Sample pages of the TEMPLATE FOR A SOFTWARE MAINTENANCE PLAN

How To Write Software

CONSOLIDATED VERSION IEC Medical device software Software life cycle processes. colour inside. Edition

Introduction for Software Configuration Management Training


VARONIS SUPPORT PRINCIPLES

CONSULTING SERVICES AGREEMENT & GUIDE

Application Note Gemalto Access Client for windows smart card and EFS on Microsoft Windows Vista

GUIDE TO SOFTWARE ENGINEERING STANDARDS AND SPECIFICATIONS

WEBSITE DEVELOPMENT AGREEMENT & GUIDE

Medical Device Software Standards for Safety and Regulatory Compliance

Correlation matrices between 9100:2009 and 9100:2016

SSA-312. ISA Security Compliance Institute System Security Assurance Security development artifacts for systems

Motor Vehicle Repossession Services Agreement

Workers Compensation (General) Amendment (Indexation and Uninsured Liabilities) Regulation 1998

Work Injury Incident Report

2 To 1 Serial (RS-232) AUTO SWITCH. AS-251S User Manual

HUMAN RESOURCES MANAGEMENT 53 Personnel Records

November 9, /584

EA IAF/ILAC Guidance. on the Application of ISO/IEC 17020:1998

Electricity Supply (General) Amendment (Large Customers) Regulation 2005

Moving from ISO9000 to the Higher Levels of the Capability Maturity Model (CMM)

Motor Accidents Compensation Amendment Bill 2009

The following paragraphs, identified to coincide with the OHSAS 18001:2007 numbering system, provide a clause-by-clause summary of the standard.

AEG Power Solutions Downgraded To 'CCC-' On Heightened Risk Of Missing An Interest Payment; Outlook Negative

Consultation Response: Professional Indemnity Insurance

i. The enclosed software and knowledge base together are defined as the "Software".

IEC Functional Safety Assessment. Project: K-TEK Corporation AT100, AT100S, AT200 Magnetostrictive Level Transmitter.

CENTRE (Common Enterprise Resource)

CHECKLIST ISO/IEC 17021:2011 Conformity Assessment Requirements for Bodies Providing Audit and Certification of Management Systems

FRAMEWORK FOR THE PREPARATION OF ACCOUNTS. Best Practice Guidance

ISO 9001 : 2000 Quality Management Systems Requirements

ITU-T E.123. Notation for national and international telephone numbers, addresses and Web addresses

A Guide to the Business Analysis Body of Knowledge (BABOK Guide) Version 2.0

NSW Self Insurance Corporation Amendment (Home Warranty Insurance) Act 2010 No 30

Implementation of ANSI/AAMI/IEC Medical Device Software Lifecycle Processes.

NATO STANDARD AQAP-2310 NATO QUALITY MANAGEMENT SYSTEM REQUIREMENTS FOR AVIATION, SPACE AND DEFENCE SUPPLIERS

HEALTH ADMINISTRATION (AREA HEALTH SERVICES) AMENDMENT ACT 1986 No. 52

Actuarial Standard of Practice No. 23. Data Quality. Revised Edition

Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience

DRAFT GUIDELINES FOR ADVERTISING AND MARKETING OF FINANCIAL PRODUCTS

Nationale Borg Group Outlook Revised To Developing On Uncertainties Related To Sale News; 'A-' Ratings Affirmed

MODEL WARRANTY BILL OF SALE & GUIDELINES

EDUCORE ISO Expert Training

Motor Accidents Compensation Amendment Act 2010 No 98

Accident Compensation (Financial Responsibility and Transparency) Amendment Bill

Certified Professional in Configuration Management Glossary of Terms

CIP Cyber Security Configuration Change Management and Vulnerability Assessments

CP14 ISSUE 5 DATED 1 st OCTOBER 2015 BINDT Audit Procedure Conformity Assessment and Certification/Verification of Management Systems

ISO 9000 Quality Standard Background Information Quality Systems Implementation

Spanish Multi-Cedulas Rating Actions As Of Aug. 2, 2012

R.V.I. Guaranty Co. Ltd. And Subsidiaries 'BBB' Ratings Affirmed After Insurance Criteria Change; The Outlook Is Stable

2 COMMENCEMENT DATE 5 3 DEFINITIONS 5 4 MATERIALITY 8. 5 DOCUMENTATION Requirement for a Report Content of a Report 9

Nokia for Business. Nokia and Nokia Connecting People are registered trademarks of Nokia Corporation

irods Consortium Customer Support Plan

Quick Guide to Using your Nokia Phone with Windows 95 Fax - Exchange for Windows 95 or Windows Messaging for Windows 95

Digipass Plug-In for IAS. IAS Plug-In IAS. Microsoft's Internet Authentication Service. Installation Guide

SOFTWARE DEVELOPMENT STANDARD FOR SPACECRAFT

WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE

Electricity Transmission System Operator TenneT's Hybrid Equity Content Revised To Intermediate; 'A-' Ratings Affirmed

Insurer Mapfre Ratings Raised To 'A' On Spain Upgrade; Outlook Stable

Considerations When Validating Your Analyst Software Per GAMP 5

AEG Power Solutions Downgraded To 'CC' On Intended Debt Restructuring; Outlook Negative

IAASB Main Agenda (December 2010) Agenda Item. Limited Assurance Survey Issues and Proposals

Attachment 2 Project Management Plan Template PROJECT MANAGEMENT PLAN WORK PERFORMED UNDER AGREEMENT SUBMITTED BY PRINCIPAL INVESTIGATOR SUBMITTED TO

Installment Receivables and Card Shopping Receivables

Selective Insurance Group Inc. And Operating Companies Ratings Affirmed; Outlook Revised To Negative

MBIA U.K. Insurance Ltd.

Bertelsmann SE & Co. KGaA's Hybrid Equity Content Revised To "Intermediate"; 'BBB+/A-2' Ratings Affirmed

Foreign Exchange Inspection Manual

EMR-3000 Quick Start Guide. IB E Rev. A. Contents. Description

IBM Rational Rhapsody

TTL to RS232 Adapter User Guide

Eagle Machining, Inc. Quality Management System

Best Practices for Breaking Down the Barriers to Centralized Virtual Server Backup and Recovery

Espírito Santo Centrais Elétricas S.A. 'BB+' Global Scale And 'braa+' National Scale Ratings Affirmed, Outlook Stable

LETTER OF INTENT FOR BUSINESS TRANSACTION & GUIDELINES

Occupational Health and Safety Act 2000

Motor Accident Commission Act 1992

Space Project Management

DOMAIN NAME ASSIGNMENT & GUIDELINES

Cloud Computing Contracts. October 11, 2012

CONSIGNMENT AGREEMENT & GUIDE

Case Study Food Manufacturing Company

Workers Compensation (Insurance Premiums) Amendment (Premium Discount Scheme) Regulation 2001

NAB CONNECT MERCHANT TRANSACTION REPORTING SERVICE

Market Data Analysis - Pacific Life

FINANCIAL SERVICES (GENERAL INSURANCE MEDIATION BUSINESS (REGISTRATION AND FEES)) (JERSEY) ORDER 200-

ios Deployment Simplified FileMaker How To Guide

Transcription:

Evidence Product Checklist For Standard IEC 62304:2006 Medical device software Software life cycle processes ISBN 978-0-9770309-4-1 SEPT Product # 40 7/8/2008 1

Evidence Product Checklist For Standard IEC 62304:2006 Medical device software Software life cycle processes ISBN 978-0-9770309-4-1 Author: Stan Magee CCP Produced by Software Engineering Process Technology (SEPT) 2725 NW Pine Cone Drive Issaquah, WA. 98027 Tel. 425-391-2344 E-mail: Stanmagee@smartwire.net Web Site: www.12207.com 2007. Software Engineering Process Technology (SEPT) All rights reserved. 7/8/2008 2

Evidence Product Checklist For Standard IEC 62304:2006 Medical device software Software life cycle processes Introduction The process of defining what is necessary for compliance with a standard for software life cycle processes such as IEC 62304:2006 is often confusing and laborious because the directions contained in the guidelines are unclear or ambiguous. To aid in determining what is actually recommended by the document in the way of physical evidence of compliance, the experts at SEPT have produced this checklist. This checklist is constructed around a classification scheme of physical evidence comprised of policies, procedures, plans, records, documents, audits, and reviews. There must be an accompanying record of some type when an audit or review has been accomplished. This record would define the findings of the review or audit and any corrective action to be taken. For the sake of brevity this checklist does not call out a separate record for each review or audit. All procedures should be reviewed but the checklist does not call out a review for each procedure, unless the standard calls out the procedure review. In this checklist manuals, reports, scripts and specifications are included in the document category. The author has carefully reviewed the document IEC 62304:2006 Medical device software Software life cycle processes" and defined the physical evidence recommended based upon this classification scheme. SEPT has conducted a second review of the complete list to ensure that the documents producers did not leave out a physical piece of evidence that a reasonable person would expect to find. It could certainly be argued that if the document did not call it out then it is not recommended; however, if the document was used by an organization to improve its process, then it would make sense to recognize missing documents. Therefore, there are documents specified in this checklist that are implied by the standard, though not specifically called out in the document, and they are designated by an asterisk (*) throughout this checklist. These items are classified as suggested. If a document is called out more than one time, only the first reference is stipulated. If there are no new requirements or suggestions in a particular clause or sub-clause then the clause or sub-clause is omitted throughout sections 2-8. There are occasional situations in which a procedure or document is not necessarily separate and could be contained within another document. For example, the Data Base " could be a part of the Software ". The author has called out these individual items separately to ensure that the organization does not overlook any facet of physical evidence. If the organization does not require a separate document, and an item can be a subset of another document or record, then this fact should be denoted in the detail section of the checklist for that item. This should be done in the form of a statement reflecting that the information for this document may be found in section XX of XYZ. If the organizational requirements do not call for this physical evidence for a particular project, this should also be denoted with a statement reflecting that this physical evidence is not recommended and why. The reasons for the evidence not being recommended should be clearly presented in this 7/8/2008 3

statement. Further details on this step are provided in the Detail Steps section of the introduction. The size of these documents could vary from paragraphs to volumes depending upon the size and complexity of the project or business requirements. IEC 62304:2006 Information technology Medical device software Software life cycle processes checklist This checklist was prepared by analyzing each clause of this document for the key words that signify a: Procedure Records ( Including Lists, Manuals, Reports, Scripts and Specifications) Audit Review This checklist specifies evidence that is unique. After reviewing the completed document, the second review was conducted from a common sense reasonable man approach. If a document or other piece of evidence appeared to be recommended, but was not called out in the document, then it is added with an asterisk (*) after its notation in the checklist. The information was transferred into checklist tables, based on the type of product or evidence. Using the Checklist When a company is planning to use IEC 62304:2006 Information technology Medical device software Software life cycle processes standard, the company should review the evidence checklist. If the company s present process does not address an IEC 62304:2006 product, then this question should be asked: Is the evidence product recommended for the type of business of the company? If in the view of the company the evidence is not recommended, the rationale should be documented and inserted in the checklist and quality manual. This rationale should pass the reasonable person rule. If the evidence is recommended, plans should be prepared to address the missing item(s). Detail Steps An organization should compare the proposed output of their organization against the checklist. In doing this, they will find one of five conditions that exist for each item listed in the checklist. The following five conditions and the actions required by these conditions are listed in the table below. Condition 1. The title of the documented evidence specified by the checklist (document, plan, etc) agrees with the title of the evidence being planned by the organization. Action Required Record in checklist that the organization is compliant. 7/8/2008 4

2. The title of the documented evidence specified by the checklist (document, etc) disagrees with the title of the evidence planned by the organization but the content is the same. 3. The title of the documented evidence specified by the checklist (document, etc) is combined with another piece of evidence. 4. The title of the documented evidence specified by the checklist (document, etc) is not planned by the organization because it is not required. 5. The title of the documented evidence called out by the checklist (document, etc) is not planned by the organization and should be planned by it. Record in the checklist the evidence title the organization uses and record that the organization is compliant, and the evidence is the same although the title is different. Record in the checklist the title of the evidence (document, etc) in which this information is contained. Record in the checklist that the evidence is not required and the rationale for this decision. Record in the checklist when this evidence will be planned and reference a plan for accomplishing the task. Components of the Checklist This checklist is composed of 9 sections: Section 1. Introduction Section 2. Composites of all recommended and suggested IEC 62304:2006 - Medical device software Software life cycle processes evidence products. Sections 3-8. Individual checklists for each evidence type. Section 9. About the Author Product Support All reasonable questions concerning this checklist or its use will be addressed free of charge for 60 days from time of purchase, up to a maximum of 4 hours consultation time. Warranties and Liability Software Engineering Process Technology (SEPT) makes no warranties implied or stated with respect to this checklist, and it is provided on an as is basis. SEPT will have no liability for any indirect, incidental, special or consequential damages or any loss of revenue or profits arising under, or with respect to the use of this document. 7/8/2008 5

Section 2 IEC 62304:2006 Evidence Products Checklist By Clause IEC 62304:2006 Clause Number, Name and Software Safety Classifications 4.0 General requirements 4.1 Quality management system 4.2 Risk Procedures s Records s Audits and Reviews for Procedures for Procedures for s for s for Records for Records for s for s for Audits for Reviews for Audits* for Reviews* 7/8/2008 6

Section 2 IEC 62304:2006 Evidence Products Checklist By Clause IEC 62304:2006 Clause Number, Name and Software Safety Classifications 4.3 Software safety classification 5.0 Software development process 5.1 Software development planning 5.1.1 Software development plan Procedures s Records s Audits and Reviews Assignment of Software Safety Class Procedure Risk File Safety Class * Safety Class Records* Risk File Safety Class Risk File Safety Class Safety Class Records 7/8/2008 7

Section 2 IEC 62304:2006 Evidence Products Checklist By Clause IEC 62304:2006 Clause Number, Name and Software Safety Classifications 5.1.2 Keep software development plan updated 5.1.3 Software development plan reference to system design and development 5.1.4 Software development standards, methods and tools planning Class C Procedures s Records s Audits and Reviews Design and Validation Procedure Coordination Procedure Standards, Methods and Tools Standards, Methods and Tools Update Records Update Records Standards, Methods and Tools 7/8/2008 8

Section 2 IEC 62304:2006 Evidence Products Checklist By Clause IEC 62304:2006 Clause Number, Name and Software Safety Classifications 5.1.5 Software integration and integration testing planning Class B, C 5.1.6 Software verification planning 5.1.7 Software risk management planning 5.1.8 ation planning 5.1.9 Software configuration management planning Procedures s Records s Audits and Reviews Integration (Including SOUP) Integration Test Verification Risk ation Configuration Integration (Including SOUP) Integration Test Verification Risk ation Configuration Integration (Including SOUP) Integration Test Verification Risk ation Configuration 7/8/2008 9

Section 2 IEC 62304:2006 Evidence Products Checklist By Clause IEC 62304:2006 Clause Number, Name and Software Safety Classifications 5.1.10 Supporting items to be controlled Class B, C 5.1.11 Software configured item control before verification Class B, C 5.2 Software requirements analysis 5.2.1 Define and document software requirements from system requirements Procedures s Records s Audits and Reviews Support Item Configuration Items Under Control Prior to Verification Records Support Item Support Item Configuration Items Under Control Prior to Verification Records 7/8/2008 10

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information