![]() Though I have used ISO 27001 as a starting point for companies which make Software as a Medical Device (SaMD) or software only products. We usually use the ISO 13485 standard as the "core" standard since this is the medical device standard. Initially, I would say that there is no requirement for such an item or document, however, it does help an external auditor (and internal auditor) tremendously to see how the company has structured and managed their quality system, especially across different standards. I can comment on the structure and content of this cross-reference matrix or cross-matrix type of document. Unfortunately I could not provide such a cross-matrix due to intellectual property, but maybe someone in a medical device company could share some examples they have. This could be typically located in a Quality Manual type document or a separate document/spreadsheet showing how each requirement is met. If your organisation is looking to meet all of these requirements, it would be beneficial to create a cross-matrix on how each of the requirements are met. There are also key differences with the main one being the structure itself. ![]() ![]() There are some similarities between the EU MDR regulation 2017/745, ISO 13485 standard for quality management systems of medical devices, and ISO 27001 standard for quality management systems for information systems.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |