SlideShare ist ein Scribd-Unternehmen logo

QAdvis - software risk management based on IEC/ISO 62304

Robert Ginsberg
Robert Ginsberg

Software risk management based on IEC/ISO 62304, for medical devices.

TechnologieBusiness
1 von 47
1 The role of Risk Management in EN IEC 62304 by Robert Ginsberg, QAdvis robert.ginsberg@QAdvis.com www.QAdvis.com Webinar 28 August 2013
2  30+ years in SW Development  20+ years in Medical Device SW  Co-author of IEC 62304, 80001-1, 80002-1 and 80002-2  Working member of Cenelek TK-62 Robert.Ginsberg@QAdvis.com Introduction of the speaker
3 Key competence areas • Turn key quality systems • Sharepoint based • Digital signatures • Efficient and lean • Validated and compliant QMS in-the- cloud •Project management •Product software validation •Regulated software validation •Requirement managent •Risk management •Verification and validation •SQA System development • Interim management • Expert advise • Audits/Mock audits/assessments • Remediation, WL, Import detention, compliance projects • PMA, 510k, CE-mark, EC-cert • Vigilance, recall, post market surveillance • Clinical evaluation/clinical expertise • Standards (ISO 13485, ISO 14971, IEC 62304, IEC 62366, …) QA&RA Consulting •CE-marking •ISO 13485 •EN 62304 •SW life cycle •Risk management •QSR •Lean and Six sigma Training/courses • Training and Consulting • In cooperation with Oriel Stat a Matrix Oriel - Lean and Six Sigma •Providing European representation for non-EU MedTech companies •Active member of EAAR: European Association of Authorised Representatives European Authorized Representation
4 Before we start … • There will be time for questions after the presentation • You can use the chat function to contact the convener, Sebnem Hoffsten • More complicated question, please call or email: – +46 8 621 01 05 – robert.ginsberg@qadvis.com
55 The Big Picture for software in a Medical Device regarding MDD ISO 14971 IEC 62366 IEC 62304 SW lifecycle Usability Risk management MDD (AIMD) (IVDD) IEC 60601-1 … … Device ReferenceHarmonized
6 IEC 62304 calls for RM activities through the whole development lifecycle Planning Development Release Maintenance SW Risk Management
7 QA and SW engineers have to find efficient implementation of IEC 62304
8 It is challenging to find a proper level of effort for SW RM Productivity Compliance
9 Risk mgmt can enable effective, safe and compliant V&V strategy
10 Use SW risk mgmt to regulate your efforts when testing the product Death or injury Minor injury No harm • Thorough QA • Additional QA activities • Basic QA
11 Governments and Agencies are enforcing new regulation across time EU-Commission/US Government MDD/Public Health Service Act Agencies Medical Products Agency/FDA Laws and Regulations SFS 1993:584/21 CFR 820 Guidance docs Standards – 13485, 14971, 62304
12 The Bar is Raised Over Time Accident People get hurt or die Public reaction New laws and regulations
13 Patient journal mix up caused death of a young woman 13 Case report: Socialstyrelsen 2007 ”When Sofie came into ER, the treating doctor used the wrong patient journal. In the computerized journal system at the hospital there were two patients with similar names and social security numbers. Based on the contents of the wrong journal Sofie was treated with drugs that led to her death.”
14 There is a new version of EN 14971 addressing acceptance criteria
15 Quality assurance techniques have a long history in the industry
16 There is a migration of QA techniques to the Medical Device area Medical Device guidelines SIL MISRA Safety Cases
17 FDA is expecting static analyzers to be implemented as part of the V&V
18 There is a number of techniques available for Risk Management Risk manage- ment FTA HAZOP FMECA Check- lists
19 HAZOP Methodology use guide words as a “creativity trigger” for hazards Guide Word Para- meter Deviation
20 HAZOP can be used for detecting usability related hazards Patient Journal retrieval Hospital information system 1 Other than Patient Identific- ation Other patient than expected was selected Similar social security number in picklist Wrong treatment Full social security no. has to be entered Verification vs patient name still needed Mandatory approval of correct patient name RoGi
21 Fault Tree Analysis is a top down technique useful at early stages Top Level Event Faults /Low Level Event Causes Mitigator Root Cause
Example of a Fault Tree Analysis for: Doctor cannot access patient records Top Level Event Faults /Low Level Event Causes Risk Control Measure Root Cause/Basic Event Doctor cannot access ...
23 FMECA is a bottom up technique to find failure modes of components/items • Bottom up • Risk ranking ( probability * severity ) • Can become very detailed and cumbersome • From the beginning oriented to HW • Can be introduced when Items are defined
24 Items and units are the building blocks of a software system Software system Item X Item Y Item Z Unit Unit Unit Unit SOUP
25 Each manufacturer needs to find his own mix of techniques for Risk Mgmt C A U S E C O N S Q U E N C E
26 62304 calls for life cycle approach to risk mgmt based on ISO 14971 • Identification of Intended use • Identification of Hazards, FTA and FMECA • Estimation of Risk(s) Risk analysis Risk evaluation • Option analysis • Implementation of risk control measures • Risk/benefit analysis • Risks from risk control measures • Completeness of risk control Risk control Residual risk Risk management report (Post-) Production
27 Risk Control Measures are expected to be expressed as requirements • Evaluation of new risks due to implementation of RCMs • Re-evaluation of RM file when appropriate regarding changes in requirements • Update of system requirements when appropriate
28 Defining a safe architecture is one of the major tasks in the SW RM process Safe architecture • Proper partitioning • Testable • Predictable behavior • ”Flight recorder” – On lab – In field
29 Assurance of RCMs can be done with a number of techniques Static Manual Reviews Sneak circuit analysis Automated Analysis tools Misra/PC-lint Code Sonar McCabe Dynamic Manual Usability tests Automated Testdriven development Junit/Cunit Memory analysis Insure++ Modelling Automated Modeldriven design and test UML
30 System Plan Execute Evaluate Report Integration Plan Execute Evaluate Report Unit Plan Execute Evaluate Report Verification activities are expected to be planned upfront and fully executed
31 GUI A GUI B Control A Control B HW driver Req I Req II Req III Two views to consider Func- tional reqs - architecture
32 Risk driven Item/Unit verification is an explicit expectation in 62304 C – High Risk B – Some risk A - No risk • Even more test • More test • Basic test effort • To do more test for risk related units • Some guidance on how to implement this
33 Risk driven requirement verification is an underlying expectation in 62304 C – High Risk B – Some risk A - No risk • Even more test • More test • Basic test effort • To do more test for risk related features • Significant freedom on how to implement this
34 Example on how Risk Analysis acti- vities can relate to key documents Customer reqs PHA (checklist) Sys arch & SW reqs System RA (FTA) SW arch SW RA (FMECA)
35 OutputProcessInput Customer Require- ments Hazard check list Preliminary Hazard Analysis Application specification Hazard list SW system safety classification (A, B or C) Definitions Example of an IPO diagram for Preliminary Hazard Analysis
36 It is very difficult to find probability for a SW failure Risk analysis Risk evaluation Risk control Residual risk Risk management report (Post-) Production
37 Software fails systematically Random failures • Ionizing radiation • Wear out, fatigue Systematic failures • Software • Incorrectly rated fuse Consensus does not exist for a method of estimating systematic fault rates quantitatively!
38 Probability of SW to fail is expected to be 100% Combination of SW failure and user action Probability of Harm P0 = (P1 * P2) User Probability of HS leading to Harm P2 Software Probability of Hazardous Situation P1 = 100%
39 The key message in 62304 is to do software engineering for safety Safe design Protective measures in device Protective measures in process Information
40 Risk based V&V strategy can utilize the resources efficiently
41 Example of a risk based requirement test strategy Req class Verification A B C Scripted (Req Based) M M M Independent Review O M M Exploratory O O M • M = Mandatory O = Optional • Risk control measures included in reqs
42 Example of risk based Item/Unit test strategy Unit Verification In Item A In Item B In Item C Rule check M M M Basic unit test O M M Review O M M 100% Code coverage O O M Independent review O O M • M = Mandatory • O = Optional
43 Software risk management can be time consuming and hard
44 Good software engineering is the key to successful risk management SW engi- neering Risk Mana- Gement Quality Manage- ment
45 A good starting point is to document what already is done
46 Building a solid V&V process can enable productivity Synergus can contribute with consulting within: • Auditing and reviews • Mentoring • Risk manager role • SQA role (Software Quality Assurance) • Process development and documentation • Product documentation • Implementation of supporting IT-tools
47

Empfohlen

Medical Device Software
Medical Device SoftwareMedical Device Software
Medical Device Softwareheilbrigdisidnadurinn
 
IEC 62304 Action List
IEC 62304 Action List IEC 62304 Action List
IEC 62304 Action List MethodSense, Inc.
 
IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management MethodSense, Inc.
 
Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Sterling Medical Devices
 
Understanding IEC 62304
Understanding IEC 62304Understanding IEC 62304
Understanding IEC 62304MethodSense, Inc.
 
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMApplying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMAligned AG
 
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Intland Software GmbH
 
FDA Regulations and Medical Device Pathways to Market
FDA Regulations and Medical Device Pathways to MarketFDA Regulations and Medical Device Pathways to Market
FDA Regulations and Medical Device Pathways to MarketMethodSense, Inc.
 

Empfohlen

Medical Device Software
Medical Device SoftwareMedical Device Software
Medical Device Softwareheilbrigdisidnadurinn
 
IEC 62304 Action List
IEC 62304 Action List IEC 62304 Action List
IEC 62304 Action List MethodSense, Inc.
 
IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management IEC 62304: SDLC Conformance and Management
IEC 62304: SDLC Conformance and Management MethodSense, Inc.
 
Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Critical Steps in Software Development: Enhance Your Chances for a Successful...
Critical Steps in Software Development: Enhance Your Chances for a Successful...Sterling Medical Devices
 
Understanding IEC 62304
Understanding IEC 62304Understanding IEC 62304
Understanding IEC 62304MethodSense, Inc.
 
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMApplying IEC 62304 Risk Management in Aligned Elements - the medical device ALM
Applying IEC 62304 Risk Management in Aligned Elements - the medical device ALMAligned AG
 
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...
Compliance with medical standards iec 62304, iso 14971, iec 60601, fda title ...Intland Software GmbH
 
FDA Regulations and Medical Device Pathways to Market
FDA Regulations and Medical Device Pathways to MarketFDA Regulations and Medical Device Pathways to Market
FDA Regulations and Medical Device Pathways to MarketMethodSense, Inc.
 
Agile Development And Medtech
Agile Development And MedtechAgile Development And Medtech
Agile Development And MedtechRobert Ginsberg
 
ISO 62304 & TIR 45
ISO 62304 & TIR 45ISO 62304 & TIR 45
ISO 62304 & TIR 45Havas Lynx Group
 
ISO/IEC80001 - Do we need another standard?
ISO/IEC80001 - Do we need another standard?ISO/IEC80001 - Do we need another standard?
ISO/IEC80001 - Do we need another standard?Robert Ginsberg
 
When Medical Device Software Fails Due to Improper Verification & Validation ...
When Medical Device Software Fails Due to Improper Verification & Validation ...When Medical Device Software Fails Due to Improper Verification & Validation ...
When Medical Device Software Fails Due to Improper Verification & Validation ...Sterling Medical Devices
 
Static Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareStatic Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareErika Barron
 
Process and Regulated Processes Software Validation Elements
Process and Regulated Processes Software Validation ElementsProcess and Regulated Processes Software Validation Elements
Process and Regulated Processes Software Validation ElementsArta Doci
 
Software controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilitySoftware controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilityASQ Reliability Division
 
Death by documentation - Medical Device Development Challenges
Death by documentation - Medical Device Development ChallengesDeath by documentation - Medical Device Development Challenges
Death by documentation - Medical Device Development ChallengesAligned AG
 
What You Need to Know About Medical Electrical Standards Updates (and how the...
What You Need to Know About Medical Electrical Standards Updates (and how the...What You Need to Know About Medical Electrical Standards Updates (and how the...
What You Need to Know About Medical Electrical Standards Updates (and how the...Greenlight Guru
 
Computerized system validation_final
Computerized system validation_finalComputerized system validation_final
Computerized system validation_finalDuy Tan Geek
 
CSV - Computer System Validation
CSV - Computer System Validation CSV - Computer System Validation
CSV - Computer System Validation JayaKrishna161
 
Overview on “Computer System Validation” CSV
Overview on “Computer System Validation” CSVOverview on “Computer System Validation” CSV
Overview on “Computer System Validation” CSVAnil Sharma
 
Massmedic mar2004g
Massmedic mar2004gMassmedic mar2004g
Massmedic mar2004gmitmohan
 
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...Greenlight Guru
 
Human factors and ergonomics society 20120311
Human factors and ergonomics society 20120311Human factors and ergonomics society 20120311
Human factors and ergonomics society 20120311Jones Wu
 
Computerized System Validation : Understanding basics
Computerized System Validation : Understanding basics Computerized System Validation : Understanding basics
Computerized System Validation : Understanding basics Anand Pandya
 
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...Greenlight Guru
 
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...Greenlight Guru
 
Validation and part 11 compliance of computer systems and data
Validation and part 11 compliance of computer systems and dataValidation and part 11 compliance of computer systems and data
Validation and part 11 compliance of computer systems and dataGlobalCompliancePanel
 
Computer-System-Validation
Computer-System-ValidationComputer-System-Validation
Computer-System-ValidationHal Plant
 
Software design for_medical_devices_europe_conferent_19012011[1]
Software design for_medical_devices_europe_conferent_19012011[1]Software design for_medical_devices_europe_conferent_19012011[1]
Software design for_medical_devices_europe_conferent_19012011[1]Erik Vollebregt
 
ASQ Clinic On Risk 09
ASQ Clinic On Risk 09ASQ Clinic On Risk 09
ASQ Clinic On Risk 09JDhuwalia
 

Weitere ähnliche Inhalte

Was ist angesagt?

Agile Development And Medtech
Agile Development And MedtechAgile Development And Medtech
Agile Development And MedtechRobert Ginsberg
 
ISO/IEC80001 - Do we need another standard?
ISO/IEC80001 - Do we need another standard?ISO/IEC80001 - Do we need another standard?
ISO/IEC80001 - Do we need another standard?Robert Ginsberg
 
When Medical Device Software Fails Due to Improper Verification & Validation ...
When Medical Device Software Fails Due to Improper Verification & Validation ...When Medical Device Software Fails Due to Improper Verification & Validation ...
When Medical Device Software Fails Due to Improper Verification & Validation ...Sterling Medical Devices
 
Static Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareStatic Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareErika Barron
 
Process and Regulated Processes Software Validation Elements
Process and Regulated Processes Software Validation ElementsProcess and Regulated Processes Software Validation Elements
Process and Regulated Processes Software Validation ElementsArta Doci
 
Software controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilitySoftware controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilityASQ Reliability Division
 
Death by documentation - Medical Device Development Challenges
Death by documentation - Medical Device Development ChallengesDeath by documentation - Medical Device Development Challenges
Death by documentation - Medical Device Development ChallengesAligned AG
 
What You Need to Know About Medical Electrical Standards Updates (and how the...
What You Need to Know About Medical Electrical Standards Updates (and how the...What You Need to Know About Medical Electrical Standards Updates (and how the...
What You Need to Know About Medical Electrical Standards Updates (and how the...Greenlight Guru
 
Computerized system validation_final
Computerized system validation_finalComputerized system validation_final
Computerized system validation_finalDuy Tan Geek
 
CSV - Computer System Validation
CSV - Computer System Validation CSV - Computer System Validation
CSV - Computer System Validation JayaKrishna161
 
Overview on “Computer System Validation” CSV
Overview on “Computer System Validation” CSVOverview on “Computer System Validation” CSV
Overview on “Computer System Validation” CSVAnil Sharma
 
Massmedic mar2004g
Massmedic mar2004gMassmedic mar2004g
Massmedic mar2004gmitmohan
 
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...Greenlight Guru
 
Human factors and ergonomics society 20120311
Human factors and ergonomics society 20120311Human factors and ergonomics society 20120311
Human factors and ergonomics society 20120311Jones Wu
 
Computerized System Validation : Understanding basics
Computerized System Validation : Understanding basics Computerized System Validation : Understanding basics
Computerized System Validation : Understanding basics Anand Pandya
 
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...Greenlight Guru
 
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...Greenlight Guru
 
Validation and part 11 compliance of computer systems and data
Validation and part 11 compliance of computer systems and dataValidation and part 11 compliance of computer systems and data
Validation and part 11 compliance of computer systems and dataGlobalCompliancePanel
 
Computer-System-Validation
Computer-System-ValidationComputer-System-Validation
Computer-System-ValidationHal Plant
 

Was ist angesagt? (20)

Agile Development And Medtech
Agile Development And MedtechAgile Development And Medtech
Agile Development And Medtech
 
ISO 62304 & TIR 45
ISO 62304 & TIR 45ISO 62304 & TIR 45
ISO 62304 & TIR 45
 
ISO/IEC80001 - Do we need another standard?
ISO/IEC80001 - Do we need another standard?ISO/IEC80001 - Do we need another standard?
ISO/IEC80001 - Do we need another standard?
 
When Medical Device Software Fails Due to Improper Verification & Validation ...
When Medical Device Software Fails Due to Improper Verification & Validation ...When Medical Device Software Fails Due to Improper Verification & Validation ...
When Medical Device Software Fails Due to Improper Verification & Validation ...
 
Static Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device SoftwareStatic Analysis and the FDA Guidance for Medical Device Software
Static Analysis and the FDA Guidance for Medical Device Software
 
Process and Regulated Processes Software Validation Elements
Process and Regulated Processes Software Validation ElementsProcess and Regulated Processes Software Validation Elements
Process and Regulated Processes Software Validation Elements
 
Software controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliabilitySoftware controlled electron mechanical systems reliability
Software controlled electron mechanical systems reliability
 
Death by documentation - Medical Device Development Challenges
Death by documentation - Medical Device Development ChallengesDeath by documentation - Medical Device Development Challenges
Death by documentation - Medical Device Development Challenges
 
What You Need to Know About Medical Electrical Standards Updates (and how the...
What You Need to Know About Medical Electrical Standards Updates (and how the...What You Need to Know About Medical Electrical Standards Updates (and how the...
What You Need to Know About Medical Electrical Standards Updates (and how the...
 
Computerized system validation_final
Computerized system validation_finalComputerized system validation_final
Computerized system validation_final
 
CSV - Computer System Validation
CSV - Computer System Validation CSV - Computer System Validation
CSV - Computer System Validation
 
Overview on “Computer System Validation” CSV
Overview on “Computer System Validation” CSVOverview on “Computer System Validation” CSV
Overview on “Computer System Validation” CSV
 
Massmedic mar2004g
Massmedic mar2004gMassmedic mar2004g
Massmedic mar2004g
 
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
How to get your COVID-19 Related Medical Device to Market Under FDA Emergency...
 
Human factors and ergonomics society 20120311
Human factors and ergonomics society 20120311Human factors and ergonomics society 20120311
Human factors and ergonomics society 20120311
 
Computerized System Validation : Understanding basics
Computerized System Validation : Understanding basics Computerized System Validation : Understanding basics
Computerized System Validation : Understanding basics
 
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
4 Quality System Musts for Medtech Startups to Get Safer Products to Market F...
 
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
FDA's 510(k) Modernization: What if Anything has Changed? Is Changing? Will C...
 
Validation and part 11 compliance of computer systems and data
Validation and part 11 compliance of computer systems and dataValidation and part 11 compliance of computer systems and data
Validation and part 11 compliance of computer systems and data
 
Computer-System-Validation
Computer-System-ValidationComputer-System-Validation
Computer-System-Validation
 

Andere mochten auch

Software design for_medical_devices_europe_conferent_19012011[1]
Software design for_medical_devices_europe_conferent_19012011[1]Software design for_medical_devices_europe_conferent_19012011[1]
Software design for_medical_devices_europe_conferent_19012011[1]Erik Vollebregt
 
ASQ Clinic On Risk 09
ASQ Clinic On Risk 09ASQ Clinic On Risk 09
ASQ Clinic On Risk 09JDhuwalia
 
Risk Management Remediation Overview
Risk Management Remediation OverviewRisk Management Remediation Overview
Risk Management Remediation OverviewRuss Pizzuto
 
We Got a Warning Letter – Now What? How to Keep Calm in a Compliance Storm
We Got a Warning Letter – Now What? How to Keep Calm in a Compliance StormWe Got a Warning Letter – Now What? How to Keep Calm in a Compliance Storm
We Got a Warning Letter – Now What? How to Keep Calm in a Compliance StormDesign World
 
Mobile Medical Devices: A Trip to the Trenches of Design and Test
Mobile Medical Devices: A Trip to the Trenches of Design and TestMobile Medical Devices: A Trip to the Trenches of Design and Test
Mobile Medical Devices: A Trip to the Trenches of Design and TestSterling Medical Devices
 
Risk Management integrated pub
Risk Management integrated pubRisk Management integrated pub
Risk Management integrated pubManfred Walder
 
EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...
EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...
EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...YourEncoreInc
 
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Greenlight Guru
 
An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...
An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...
An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...Yoshio SAKAI
 
Effective medical device validation introduction manual advance
Effective medical device validation introduction manual advanceEffective medical device validation introduction manual advance
Effective medical device validation introduction manual advanceguest2d7d1cac
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and RemediationCarahsoft
 
Building your credibility with LinkedIn
Building your credibility with LinkedInBuilding your credibility with LinkedIn
Building your credibility with LinkedInTariq Ahmad
 
Create Your Company Page
Create Your Company PageCreate Your Company Page
Create Your Company PageTariq Ahmad
 
FDA Design Controls: What Medical Device Makers Need to Know
FDA Design Controls: What Medical Device Makers Need to KnowFDA Design Controls: What Medical Device Makers Need to Know
FDA Design Controls: What Medical Device Makers Need to KnowGreenlight Guru
 
Webinar: Europe's new Medical Device Regulations (MDR)
Webinar: Europe's new Medical Device Regulations (MDR)Webinar: Europe's new Medical Device Regulations (MDR)
Webinar: Europe's new Medical Device Regulations (MDR)EMERGO
 
Image segmentation ppt
Image segmentation pptImage segmentation ppt
Image segmentation pptGichelle Amon
 
Basics of Failure Analysis
Basics of Failure AnalysisBasics of Failure Analysis
Basics of Failure Analysisevolve2013
 
Introduction to SlideShare for Businesses
Introduction to SlideShare for BusinessesIntroduction to SlideShare for Businesses
Introduction to SlideShare for BusinessesSlideShare
 

Andere mochten auch (19)

Software design for_medical_devices_europe_conferent_19012011[1]
Software design for_medical_devices_europe_conferent_19012011[1]Software design for_medical_devices_europe_conferent_19012011[1]
Software design for_medical_devices_europe_conferent_19012011[1]
 
ASQ Clinic On Risk 09
ASQ Clinic On Risk 09ASQ Clinic On Risk 09
ASQ Clinic On Risk 09
 
Risk Management Remediation Overview
Risk Management Remediation OverviewRisk Management Remediation Overview
Risk Management Remediation Overview
 
We Got a Warning Letter – Now What? How to Keep Calm in a Compliance Storm
We Got a Warning Letter – Now What? How to Keep Calm in a Compliance StormWe Got a Warning Letter – Now What? How to Keep Calm in a Compliance Storm
We Got a Warning Letter – Now What? How to Keep Calm in a Compliance Storm
 
Mobile Medical Devices: A Trip to the Trenches of Design and Test
Mobile Medical Devices: A Trip to the Trenches of Design and TestMobile Medical Devices: A Trip to the Trenches of Design and Test
Mobile Medical Devices: A Trip to the Trenches of Design and Test
 
Risk Management integrated pub
Risk Management integrated pubRisk Management integrated pub
Risk Management integrated pub
 
EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...
EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...
EU Medical Device Regulation: Preparing for Disruptive (yet Incomplete) Regu...
 
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
Clinical Evaluation in the EU for Medical Devices: Understanding the Changes ...
 
An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...
An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...
An Extended Notation of FTA for Risk Assessment of Software-intensive Medical...
 
Effective medical device validation introduction manual advance
Effective medical device validation introduction manual advanceEffective medical device validation introduction manual advance
Effective medical device validation introduction manual advance
 
Risk Management and Remediation
Risk Management and RemediationRisk Management and Remediation
Risk Management and Remediation
 
Building your credibility with LinkedIn
Building your credibility with LinkedInBuilding your credibility with LinkedIn
Building your credibility with LinkedIn
 
Create Your Company Page
Create Your Company PageCreate Your Company Page
Create Your Company Page
 
FDA Design Controls: What Medical Device Makers Need to Know
FDA Design Controls: What Medical Device Makers Need to KnowFDA Design Controls: What Medical Device Makers Need to Know
FDA Design Controls: What Medical Device Makers Need to Know
 
Webinar: Europe's new Medical Device Regulations (MDR)
Webinar: Europe's new Medical Device Regulations (MDR)Webinar: Europe's new Medical Device Regulations (MDR)
Webinar: Europe's new Medical Device Regulations (MDR)
 
IMAGE SEGMENTATION.
IMAGE SEGMENTATION.IMAGE SEGMENTATION.
IMAGE SEGMENTATION.
 
Image segmentation ppt
Image segmentation pptImage segmentation ppt
Image segmentation ppt
 
Basics of Failure Analysis
Basics of Failure AnalysisBasics of Failure Analysis
Basics of Failure Analysis
 
Introduction to SlideShare for Businesses
Introduction to SlideShare for BusinessesIntroduction to SlideShare for Businesses
Introduction to SlideShare for Businesses
 

Ähnlich wie QAdvis - software risk management based on IEC/ISO 62304

Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...3GDR
 
Understanding Risk Management & Cyber security Principles in Medical Devices
Understanding Risk Management & Cyber security Principles in Medical DevicesUnderstanding Risk Management & Cyber security Principles in Medical Devices
Understanding Risk Management & Cyber security Principles in Medical DevicesKeerthi Gunasekaran
 
Presentation: TGA - Software inspections and therapeutic goods
Presentation: TGA - Software inspections and therapeutic goodsPresentation: TGA - Software inspections and therapeutic goods
Presentation: TGA - Software inspections and therapeutic goodsTGA Australia
 
RBI for Power Generation
RBI for Power GenerationRBI for Power Generation
RBI for Power GenerationNikhil Kumar
 
Risk Based Design & SCE
Risk Based Design & SCERisk Based Design & SCE
Risk Based Design & SCEadepp
 
ADEPP Monitor & Risk Based Design
ADEPP Monitor & Risk Based DesignADEPP Monitor & Risk Based Design
ADEPP Monitor & Risk Based DesignFabienne Salimi
 
Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...Ahmed Hasham
 
Metrology & The Consequences of Bad Measurement Decisions
Metrology & The Consequences of Bad Measurement DecisionsMetrology & The Consequences of Bad Measurement Decisions
Metrology & The Consequences of Bad Measurement DecisionsRick Hogan
 
Why requirements - for Medical Devices
Why requirements - for Medical DevicesWhy requirements - for Medical Devices
Why requirements - for Medical DevicesYves Berquin
 
Safety life cycle seminar IEC61511
Safety life cycle seminar IEC61511Safety life cycle seminar IEC61511
Safety life cycle seminar IEC61511Luis Atencio
 
Presentation to MHF Regulator on RiskView Risk Management Solutions
Presentation to MHF Regulator on RiskView Risk Management SolutionsPresentation to MHF Regulator on RiskView Risk Management Solutions
Presentation to MHF Regulator on RiskView Risk Management SolutionsPeter Lacey
 
What Is Process Safety Engineering
What Is Process Safety EngineeringWhat Is Process Safety Engineering
What Is Process Safety Engineeringsmpr_iqbal
 
Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...
Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...
Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...Greenlight Guru
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfICS
 

Ähnlich wie QAdvis - software risk management based on IEC/ISO 62304 (20)

Application of Quality Risk Management in Commissioning & Qualifcation
Application of Quality Risk Management in Commissioning & QualifcationApplication of Quality Risk Management in Commissioning & Qualifcation
Application of Quality Risk Management in Commissioning & Qualifcation
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
 
Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...Health apps regulation and quality control case studies and session 2 present...
Health apps regulation and quality control case studies and session 2 present...
 
ASTM Standard E 2500 for Commissioning and Qualifications
ASTM Standard E 2500 for Commissioning and QualificationsASTM Standard E 2500 for Commissioning and Qualifications
ASTM Standard E 2500 for Commissioning and Qualifications
 
Understanding Risk Management & Cyber security Principles in Medical Devices
Understanding Risk Management & Cyber security Principles in Medical DevicesUnderstanding Risk Management & Cyber security Principles in Medical Devices
Understanding Risk Management & Cyber security Principles in Medical Devices
 
Presentation: TGA - Software inspections and therapeutic goods
Presentation: TGA - Software inspections and therapeutic goodsPresentation: TGA - Software inspections and therapeutic goods
Presentation: TGA - Software inspections and therapeutic goods
 
RBI for Power Generation
RBI for Power GenerationRBI for Power Generation
RBI for Power Generation
 
Risk Based Design & SCE
Risk Based Design & SCERisk Based Design & SCE
Risk Based Design & SCE
 
ADEPP Monitor & Risk Based Design
ADEPP Monitor & Risk Based DesignADEPP Monitor & Risk Based Design
ADEPP Monitor & Risk Based Design
 
Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...Computerized system validation (CSV) as a requirement for good manufacturing ...
Computerized system validation (CSV) as a requirement for good manufacturing ...
 
Application of Q R M in Manufacturing Operations
Application of Q R M in Manufacturing Operations Application of Q R M in Manufacturing Operations
Application of Q R M in Manufacturing Operations
 
Metrology & The Consequences of Bad Measurement Decisions
Metrology & The Consequences of Bad Measurement DecisionsMetrology & The Consequences of Bad Measurement Decisions
Metrology & The Consequences of Bad Measurement Decisions
 
Why requirements - for Medical Devices
Why requirements - for Medical DevicesWhy requirements - for Medical Devices
Why requirements - for Medical Devices
 
Safety life cycle seminar IEC61511
Safety life cycle seminar IEC61511Safety life cycle seminar IEC61511
Safety life cycle seminar IEC61511
 
Presentation to MHF Regulator on RiskView Risk Management Solutions
Presentation to MHF Regulator on RiskView Risk Management SolutionsPresentation to MHF Regulator on RiskView Risk Management Solutions
Presentation to MHF Regulator on RiskView Risk Management Solutions
 
Computer systems compliance
Computer systems complianceComputer systems compliance
Computer systems compliance
 
Rbi
RbiRbi
Rbi
 
What Is Process Safety Engineering
What Is Process Safety EngineeringWhat Is Process Safety Engineering
What Is Process Safety Engineering
 
Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...
Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...
Software as a Medical Device (SaMD) Challenges and Opportunities for 2021 and...
 
Practical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdfPractical Advice for FDA’s 510(k) Requirements.pdf
Practical Advice for FDA’s 510(k) Requirements.pdf
 

Kürzlich hochgeladen

MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesManik S Magar
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...amber724300
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integrationmarketing932765
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Hiroshi SHIBATA
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...itnewsafrica
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...Karmanjay Verma
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...BookNet Canada
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Karmanjay Verma
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Nikki Chapple
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sectoritnewsafrica
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 

Kürzlich hochgeladen (20)

MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotesMuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
MuleSoft Online Meetup Group - B2B Crash Course: Release SparkNotes
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
JET Technology Labs White Paper for Virtualized Security and Encryption Techn...
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data IntegrationBridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
Bridging Between CAD & GIS: 6 Ways to Automate Your Data Integration
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024Long journey of Ruby standard library at RubyConf AU 2024
Long journey of Ruby standard library at RubyConf AU 2024
 
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...Zeshan Sattar- Assessing the skill requirements and industry expectations for...
Zeshan Sattar- Assessing the skill requirements and industry expectations for...
 
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...React JS; all concepts. Contains React Features, JSX, functional & Class comp...
React JS; all concepts. Contains React Features, JSX, functional & Class comp...
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
Transcript: New from BookNet Canada for 2024: BNC SalesData and LibraryData -...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#Microservices, Docker deploy and Microservices source code in C#
Microservices, Docker deploy and Microservices source code in C#
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
Microsoft 365 Copilot: How to boost your productivity with AI – Part one: Ado...
 
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
4. Cobus Valentine- Cybersecurity Threats and Solutions for the Public Sector
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 

QAdvis - software risk management based on IEC/ISO 62304

  • 1. 1 The role of Risk Management in EN IEC 62304 by Robert Ginsberg, QAdvis robert.ginsberg@QAdvis.com www.QAdvis.com Webinar 28 August 2013
  • 2. 2  30+ years in SW Development  20+ years in Medical Device SW  Co-author of IEC 62304, 80001-1, 80002-1 and 80002-2  Working member of Cenelek TK-62 Robert.Ginsberg@QAdvis.com Introduction of the speaker
  • 3. 3 Key competence areas • Turn key quality systems • Sharepoint based • Digital signatures • Efficient and lean • Validated and compliant QMS in-the- cloud •Project management •Product software validation •Regulated software validation •Requirement managent •Risk management •Verification and validation •SQA System development • Interim management • Expert advise • Audits/Mock audits/assessments • Remediation, WL, Import detention, compliance projects • PMA, 510k, CE-mark, EC-cert • Vigilance, recall, post market surveillance • Clinical evaluation/clinical expertise • Standards (ISO 13485, ISO 14971, IEC 62304, IEC 62366, …) QA&RA Consulting •CE-marking •ISO 13485 •EN 62304 •SW life cycle •Risk management •QSR •Lean and Six sigma Training/courses • Training and Consulting • In cooperation with Oriel Stat a Matrix Oriel - Lean and Six Sigma •Providing European representation for non-EU MedTech companies •Active member of EAAR: European Association of Authorised Representatives European Authorized Representation
  • 4. 4 Before we start … • There will be time for questions after the presentation • You can use the chat function to contact the convener, Sebnem Hoffsten • More complicated question, please call or email: – +46 8 621 01 05 – robert.ginsberg@qadvis.com
  • 5. 55 The Big Picture for software in a Medical Device regarding MDD ISO 14971 IEC 62366 IEC 62304 SW lifecycle Usability Risk management MDD (AIMD) (IVDD) IEC 60601-1 … … Device ReferenceHarmonized
  • 6. 6 IEC 62304 calls for RM activities through the whole development lifecycle Planning Development Release Maintenance SW Risk Management
  • 7. 7 QA and SW engineers have to find efficient implementation of IEC 62304
  • 8. 8 It is challenging to find a proper level of effort for SW RM Productivity Compliance
  • 9. 9 Risk mgmt can enable effective, safe and compliant V&V strategy
  • 10. 10 Use SW risk mgmt to regulate your efforts when testing the product Death or injury Minor injury No harm • Thorough QA • Additional QA activities • Basic QA
  • 11. 11 Governments and Agencies are enforcing new regulation across time EU-Commission/US Government MDD/Public Health Service Act Agencies Medical Products Agency/FDA Laws and Regulations SFS 1993:584/21 CFR 820 Guidance docs Standards – 13485, 14971, 62304
  • 12. 12 The Bar is Raised Over Time Accident People get hurt or die Public reaction New laws and regulations
  • 13. 13 Patient journal mix up caused death of a young woman 13 Case report: Socialstyrelsen 2007 ”When Sofie came into ER, the treating doctor used the wrong patient journal. In the computerized journal system at the hospital there were two patients with similar names and social security numbers. Based on the contents of the wrong journal Sofie was treated with drugs that led to her death.”
  • 14. 14 There is a new version of EN 14971 addressing acceptance criteria
  • 15. 15 Quality assurance techniques have a long history in the industry
  • 16. 16 There is a migration of QA techniques to the Medical Device area Medical Device guidelines SIL MISRA Safety Cases
  • 17. 17 FDA is expecting static analyzers to be implemented as part of the V&V
  • 18. 18 There is a number of techniques available for Risk Management Risk manage- ment FTA HAZOP FMECA Check- lists
  • 19. 19 HAZOP Methodology use guide words as a “creativity trigger” for hazards Guide Word Para- meter Deviation
  • 20. 20 HAZOP can be used for detecting usability related hazards Patient Journal retrieval Hospital information system 1 Other than Patient Identific- ation Other patient than expected was selected Similar social security number in picklist Wrong treatment Full social security no. has to be entered Verification vs patient name still needed Mandatory approval of correct patient name RoGi
  • 21. 21 Fault Tree Analysis is a top down technique useful at early stages Top Level Event Faults /Low Level Event Causes Mitigator Root Cause
  • 22. Example of a Fault Tree Analysis for: Doctor cannot access patient records Top Level Event Faults /Low Level Event Causes Risk Control Measure Root Cause/Basic Event Doctor cannot access ...
  • 23. 23 FMECA is a bottom up technique to find failure modes of components/items • Bottom up • Risk ranking ( probability * severity ) • Can become very detailed and cumbersome • From the beginning oriented to HW • Can be introduced when Items are defined
  • 24. 24 Items and units are the building blocks of a software system Software system Item X Item Y Item Z Unit Unit Unit Unit SOUP
  • 25. 25 Each manufacturer needs to find his own mix of techniques for Risk Mgmt C A U S E C O N S Q U E N C E
  • 26. 26 62304 calls for life cycle approach to risk mgmt based on ISO 14971 • Identification of Intended use • Identification of Hazards, FTA and FMECA • Estimation of Risk(s) Risk analysis Risk evaluation • Option analysis • Implementation of risk control measures • Risk/benefit analysis • Risks from risk control measures • Completeness of risk control Risk control Residual risk Risk management report (Post-) Production
  • 27. 27 Risk Control Measures are expected to be expressed as requirements • Evaluation of new risks due to implementation of RCMs • Re-evaluation of RM file when appropriate regarding changes in requirements • Update of system requirements when appropriate
  • 28. 28 Defining a safe architecture is one of the major tasks in the SW RM process Safe architecture • Proper partitioning • Testable • Predictable behavior • ”Flight recorder” – On lab – In field
  • 29. 29 Assurance of RCMs can be done with a number of techniques Static Manual Reviews Sneak circuit analysis Automated Analysis tools Misra/PC-lint Code Sonar McCabe Dynamic Manual Usability tests Automated Testdriven development Junit/Cunit Memory analysis Insure++ Modelling Automated Modeldriven design and test UML
  • 30. 30 System Plan Execute Evaluate Report Integration Plan Execute Evaluate Report Unit Plan Execute Evaluate Report Verification activities are expected to be planned upfront and fully executed
  • 31. 31 GUI A GUI B Control A Control B HW driver Req I Req II Req III Two views to consider Func- tional reqs - architecture
  • 32. 32 Risk driven Item/Unit verification is an explicit expectation in 62304 C – High Risk B – Some risk A - No risk • Even more test • More test • Basic test effort • To do more test for risk related units • Some guidance on how to implement this
  • 33. 33 Risk driven requirement verification is an underlying expectation in 62304 C – High Risk B – Some risk A - No risk • Even more test • More test • Basic test effort • To do more test for risk related features • Significant freedom on how to implement this
  • 34. 34 Example on how Risk Analysis acti- vities can relate to key documents Customer reqs PHA (checklist) Sys arch & SW reqs System RA (FTA) SW arch SW RA (FMECA)
  • 35. 35 OutputProcessInput Customer Require- ments Hazard check list Preliminary Hazard Analysis Application specification Hazard list SW system safety classification (A, B or C) Definitions Example of an IPO diagram for Preliminary Hazard Analysis
  • 36. 36 It is very difficult to find probability for a SW failure Risk analysis Risk evaluation Risk control Residual risk Risk management report (Post-) Production
  • 37. 37 Software fails systematically Random failures • Ionizing radiation • Wear out, fatigue Systematic failures • Software • Incorrectly rated fuse Consensus does not exist for a method of estimating systematic fault rates quantitatively!
  • 38. 38 Probability of SW to fail is expected to be 100% Combination of SW failure and user action Probability of Harm P0 = (P1 * P2) User Probability of HS leading to Harm P2 Software Probability of Hazardous Situation P1 = 100%
  • 39. 39 The key message in 62304 is to do software engineering for safety Safe design Protective measures in device Protective measures in process Information
  • 40. 40 Risk based V&V strategy can utilize the resources efficiently
  • 41. 41 Example of a risk based requirement test strategy Req class Verification A B C Scripted (Req Based) M M M Independent Review O M M Exploratory O O M • M = Mandatory O = Optional • Risk control measures included in reqs
  • 42. 42 Example of risk based Item/Unit test strategy Unit Verification In Item A In Item B In Item C Rule check M M M Basic unit test O M M Review O M M 100% Code coverage O O M Independent review O O M • M = Mandatory • O = Optional
  • 43. 43 Software risk management can be time consuming and hard
  • 44. 44 Good software engineering is the key to successful risk management SW engi- neering Risk Mana- Gement Quality Manage- ment
  • 45. 45 A good starting point is to document what already is done
  • 46. 46 Building a solid V&V process can enable productivity Synergus can contribute with consulting within: • Auditing and reviews • Mentoring • Risk manager role • SQA role (Software Quality Assurance) • Process development and documentation • Product documentation • Implementation of supporting IT-tools
  • 47. 47