@neobiotechlabs/neobiotech-dev-agent 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +22 -0
- package/.claude-plugin/plugin.json +58 -0
- package/.mcp.json +14 -0
- package/README.md +442 -0
- package/dist/__tests__/adf.test.d.ts +1 -0
- package/dist/__tests__/adf.test.js +68 -0
- package/dist/__tests__/adf.test.js.map +1 -0
- package/dist/__tests__/annex-ii-template.test.d.ts +1 -0
- package/dist/__tests__/annex-ii-template.test.js +39 -0
- package/dist/__tests__/annex-ii-template.test.js.map +1 -0
- package/dist/__tests__/doc-render.test.d.ts +1 -0
- package/dist/__tests__/doc-render.test.js +93 -0
- package/dist/__tests__/doc-render.test.js.map +1 -0
- package/dist/__tests__/help.test.d.ts +1 -0
- package/dist/__tests__/help.test.js +31 -0
- package/dist/__tests__/help.test.js.map +1 -0
- package/dist/__tests__/jira-fields.test.d.ts +1 -0
- package/dist/__tests__/jira-fields.test.js +81 -0
- package/dist/__tests__/jira-fields.test.js.map +1 -0
- package/dist/__tests__/plugin-manifest.test.d.ts +1 -0
- package/dist/__tests__/plugin-manifest.test.js +91 -0
- package/dist/__tests__/plugin-manifest.test.js.map +1 -0
- package/dist/__tests__/setup.test.d.ts +1 -0
- package/dist/__tests__/setup.test.js +7 -0
- package/dist/__tests__/setup.test.js.map +1 -0
- package/dist/__tests__/sync-version.test.d.ts +1 -0
- package/dist/__tests__/sync-version.test.js +37 -0
- package/dist/__tests__/sync-version.test.js.map +1 -0
- package/dist/clients/risk-client.d.ts +17 -0
- package/dist/clients/risk-client.js +54 -0
- package/dist/clients/risk-client.js.map +1 -0
- package/dist/clients/xray-client.d.ts +34 -0
- package/dist/clients/xray-client.js +127 -0
- package/dist/clients/xray-client.js.map +1 -0
- package/dist/config/project-config.d.ts +14 -0
- package/dist/config/project-config.js +45 -0
- package/dist/config/project-config.js.map +1 -0
- package/dist/confluence-client.d.ts +16 -0
- package/dist/confluence-client.js +97 -0
- package/dist/confluence-client.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.js +60 -0
- package/dist/index.js.map +1 -0
- package/dist/jira-client.d.ts +35 -0
- package/dist/jira-client.js +119 -0
- package/dist/jira-client.js.map +1 -0
- package/dist/tools/annex-ii-template.d.ts +30 -0
- package/dist/tools/annex-ii-template.js +129 -0
- package/dist/tools/annex-ii-template.js.map +1 -0
- package/dist/tools/confluence.d.ts +2 -0
- package/dist/tools/confluence.js +54 -0
- package/dist/tools/confluence.js.map +1 -0
- package/dist/tools/cvss.d.ts +2 -0
- package/dist/tools/cvss.js +59 -0
- package/dist/tools/cvss.js.map +1 -0
- package/dist/tools/doc-render.d.ts +2 -0
- package/dist/tools/doc-render.js +96 -0
- package/dist/tools/doc-render.js.map +1 -0
- package/dist/tools/doc-validation.d.ts +2 -0
- package/dist/tools/doc-validation.js +221 -0
- package/dist/tools/doc-validation.js.map +1 -0
- package/dist/tools/help-data.d.ts +7 -0
- package/dist/tools/help-data.js +144 -0
- package/dist/tools/help-data.js.map +1 -0
- package/dist/tools/help.d.ts +2 -0
- package/dist/tools/help.js +39 -0
- package/dist/tools/help.js.map +1 -0
- package/dist/tools/iec.d.ts +2 -0
- package/dist/tools/iec.js +203 -0
- package/dist/tools/iec.js.map +1 -0
- package/dist/tools/init.d.ts +2 -0
- package/dist/tools/init.js +38 -0
- package/dist/tools/init.js.map +1 -0
- package/dist/tools/jira-crud.d.ts +2 -0
- package/dist/tools/jira-crud.js +142 -0
- package/dist/tools/jira-crud.js.map +1 -0
- package/dist/tools/risk.d.ts +2 -0
- package/dist/tools/risk.js +172 -0
- package/dist/tools/risk.js.map +1 -0
- package/dist/tools/traceability.d.ts +2 -0
- package/dist/tools/traceability.js +85 -0
- package/dist/tools/traceability.js.map +1 -0
- package/dist/tools/types.d.ts +13 -0
- package/dist/tools/types.js +2 -0
- package/dist/tools/types.js.map +1 -0
- package/dist/tools/usability.d.ts +2 -0
- package/dist/tools/usability.js +149 -0
- package/dist/tools/usability.js.map +1 -0
- package/dist/tools/xray.d.ts +2 -0
- package/dist/tools/xray.js +35 -0
- package/dist/tools/xray.js.map +1 -0
- package/dist/utils/adf.d.ts +27 -0
- package/dist/utils/adf.js +104 -0
- package/dist/utils/adf.js.map +1 -0
- package/dist/utils/cvss.d.ts +15 -0
- package/dist/utils/cvss.js +86 -0
- package/dist/utils/cvss.js.map +1 -0
- package/dist/utils/doc-render.d.ts +28 -0
- package/dist/utils/doc-render.js +50 -0
- package/dist/utils/doc-render.js.map +1 -0
- package/dist/utils/jira-fields.d.ts +38 -0
- package/dist/utils/jira-fields.js +53 -0
- package/dist/utils/jira-fields.js.map +1 -0
- package/dist/utils/sync-version.d.ts +2 -0
- package/dist/utils/sync-version.js +20 -0
- package/dist/utils/sync-version.js.map +1 -0
- package/package.json +49 -0
- package/skills/doc-render/SKILL.md +79 -0
- package/vendor/dev-docs-templates/templates/dev_docs/plan_template.md +104 -0
- package/vendor/dev-docs-templates/templates/dev_docs/prd_template.md +110 -0
- package/vendor/dev-docs-templates/templates/dev_docs/spec_template.md +81 -0
- package/vendor/dev-docs-templates/templates/dev_docs/tasks_template.md +122 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/checklist-clinical-evaluation.md +81 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/checklist-gspr-mdr.md +403 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/clinical-evaluation-report.md +492 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/instructions-for-use.md +132 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/literature-evaluation-table.md +15 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/mdr-declaration-of-conformity.md +75 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/post-market-clinical-follow-up-plan.md +162 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/post-market-surveillance-plan.md +175 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/risk-management-cybersecurity-checklist.md +67 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/risk-management-report.md +111 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/CA/usability-evaluation-report.md +70 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/clinical-evaluation-plan.md +154 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/list-of-hazard-related-use-scenarios.md +34 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/risk-table-fmea.md +155 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/software-architecture-description.md +307 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/software-requirements-list.md +156 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/soup-list.md +82 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/EA/usability-evaluation-plan.md +103 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/global/bug-fixes-documentation-list.md +35 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/global/change-evaluation-list.md +100 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/global/list-of-known-anomalies.md +29 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/algorithm-validation-report.md +170 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/checklist-software-release.md +52 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/checklist-software-requirements-review.md +50 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/software-architecture-checklist.md +41 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/software-detailed-design.md +321 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/software-system-test-plan.md +155 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/ER/sprint/usability-evaluation-protocol.md +63 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/PA/intended-use.md +116 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/PA/mdr-classification-document.md +114 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/PA/risk-management-plan.md +198 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/PA/software-development-maintenance-plan.md +225 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/PA/system-requirements-spec.md +182 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/information_security/information-security-controls.md +966 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/information_security/information-security-policy-and-scope.md +99 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/quality-manual-policy-objectives.md +187 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-capa.md +112 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-change-management.md +128 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-clinical-evaluation.md +102 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-feedback-management.md +140 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-integrated-software-development.md +361 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-post-market-surveillance.md +159 -0
- package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/sop-software-problem-resolution.md +99 -0
|
@@ -0,0 +1,99 @@
|
|
|
1
|
+
# Information Security Policy And Scope
|
|
2
|
+
|
|
3
|
+
| ISO 27001:2023 Section | Document Section |
|
|
4
|
+
|-------------------------------------------------------------------------|------------------|
|
|
5
|
+
| 4.3 Determining the scope of the information security management system | 1. |
|
|
6
|
+
| 4.4 Information security management system | (All) |
|
|
7
|
+
| 5.1 Leadership and commitment | 8. |
|
|
8
|
+
| 5.2 Policy | 2. |
|
|
9
|
+
| 5.3 Organizational roles, responsibilities and authorities | 8. |
|
|
10
|
+
|
|
11
|
+
## Summary
|
|
12
|
+
|
|
13
|
+
The Information Security Policy describes the scope of the Information Security Management System (ISMS), its
|
|
14
|
+
documented procedures and a description of their interactions.
|
|
15
|
+
|
|
16
|
+
## 1. Scope
|
|
17
|
+
|
|
18
|
+
The policy described in this document outlines the framework to manage information security in *\<your company
|
|
19
|
+
name\>*.
|
|
20
|
+
|
|
21
|
+
This policy applies to all employees, contractors, and third-party vendors of [Organization Name] who have
|
|
22
|
+
access to electronic and physical information systems and data.
|
|
23
|
+
|
|
24
|
+
## 2. Policy Statement
|
|
25
|
+
|
|
26
|
+
*\<your company name\>* commits to maintaining the confidentiality, integrity, and availability of all its
|
|
27
|
+
information assets. This is achieved through:
|
|
28
|
+
|
|
29
|
+
* Implementing a comprehensive Information Security Management System (ISMS) compliant with ISO/IEC 27001:2023
|
|
30
|
+
standards.
|
|
31
|
+
* Regularly assessing the information security risks and implementing the appropriate measures to mitigate
|
|
32
|
+
identified risks.
|
|
33
|
+
* Ensuring that information security is an integral part of all IT and business processes.
|
|
34
|
+
* Providing ongoing training and support to all staff to ensure they understand their roles and
|
|
35
|
+
responsibilities in safeguarding sensitive information.
|
|
36
|
+
* Regularly reviewing and updating the ISMS to address new security challenges and business changes.
|
|
37
|
+
|
|
38
|
+
## 3. Information Security Principles
|
|
39
|
+
|
|
40
|
+
* Confidentiality: Ensuring that information is accessible only to those authorized to have access.
|
|
41
|
+
* Integrity: Safeguarding the accuracy and completeness of information and processing methods.
|
|
42
|
+
* Availability: Ensuring that authorized users have access to information and associated assets when required.
|
|
43
|
+
|
|
44
|
+
## 4. Risk Management
|
|
45
|
+
|
|
46
|
+
The organization will regularly carry out risk assessments to identify, evaluate, and address risks associated
|
|
47
|
+
with information security.
|
|
48
|
+
|
|
49
|
+
## 5. Incident Management
|
|
50
|
+
|
|
51
|
+
A structured approach will be followed to handle security breaches or incidents, which includes incident
|
|
52
|
+
reporting, investigation, and mitigation strategies to prevent future occurrences.
|
|
53
|
+
|
|
54
|
+
## 6. Compliance
|
|
55
|
+
|
|
56
|
+
Compliance with this policy will be monitored and reviewed as part of the ongoing performance evaluation
|
|
57
|
+
process. Violations of this policy will result in disciplinary action, which may include termination and legal
|
|
58
|
+
action, depending on the severity of the breach.
|
|
59
|
+
|
|
60
|
+
## 7. Policy Review
|
|
61
|
+
|
|
62
|
+
This policy will be reviewed annually or in response to significant organizational or technological changes to
|
|
63
|
+
ensure its continuing suitability, accuracy, and effectiveness.
|
|
64
|
+
|
|
65
|
+
## 8. Organizational Roles, Responsibilities and Authorities
|
|
66
|
+
|
|
67
|
+
> Describe the roles of the people in your company. Typically this is done by drawing an organigram (you could
|
|
68
|
+
> use draw.io for that). Or, you just use a table like below.
|
|
69
|
+
>
|
|
70
|
+
> Minimum requirement information: required qualification and description of tasks related to QMS process
|
|
71
|
+
> involvement If applicable, add: report / authority, access rights, etc.
|
|
72
|
+
|
|
73
|
+
| Role | People |
|
|
74
|
+
|-----------------|---------------------------|
|
|
75
|
+
| CEO | Steve Jobs |
|
|
76
|
+
| CTO | Steve Wozniak |
|
|
77
|
+
| ISO | Oliver Eidel |
|
|
78
|
+
|
|
79
|
+
All C-level roles (CEO, CTO, CMO) are referred to as the Management. Management is generally responsible to
|
|
80
|
+
endorse and support the Information Security Policy by providing the necessary resources and authority to
|
|
81
|
+
implement it.
|
|
82
|
+
|
|
83
|
+
The Information Security Officer (ISO) is responsible for maintaining the ISMS and ensuring the policy is
|
|
84
|
+
implemented, monitored, reviewed, and updated.
|
|
85
|
+
|
|
86
|
+
All Employees are required to adhere to this policy and report any security breaches or incidents to the
|
|
87
|
+
designated authority.
|
|
88
|
+
|
|
89
|
+
Required qualification for this role:
|
|
90
|
+
|
|
91
|
+
* Fluent in German and English language
|
|
92
|
+
* Training in the field of information security management
|
|
93
|
+
|
|
94
|
+
---
|
|
95
|
+
|
|
96
|
+
Template Copyright [openregulatory.com](https://openregulatory.com). See [template
|
|
97
|
+
license](https://openregulatory.com/template-license).
|
|
98
|
+
|
|
99
|
+
Please don't remove this notice even if you've modified contents of this template.
|
package/vendor/dev-docs-templates/templates/mdr_docs/global/qms/quality-manual-policy-objectives.md
ADDED
|
@@ -0,0 +1,187 @@
|
|
|
1
|
+
# Quality Manual, Policy and Objectives
|
|
2
|
+
|
|
3
|
+
| ISO 13485:2016 Section | Document Section |
|
|
4
|
+
|------------------------|------------------|
|
|
5
|
+
| 4.1.1 | 1. |
|
|
6
|
+
| 4.1.2 | 4. |
|
|
7
|
+
| 4.2.1 b) | (All) |
|
|
8
|
+
| 4.2.2 | (All) |
|
|
9
|
+
| 5.3 | 2. |
|
|
10
|
+
| 5.4.1 | 2. |
|
|
11
|
+
|
|
12
|
+
## Summary
|
|
13
|
+
|
|
14
|
+
The Quality Manual describes the scope of the Quality Management System, its documented procedures and a
|
|
15
|
+
description of their interactions.
|
|
16
|
+
|
|
17
|
+
## 1. Scope
|
|
18
|
+
|
|
19
|
+
The QMS described in this Quality Manual applies to all products of *\<your company name\>*.
|
|
20
|
+
|
|
21
|
+
### Role of Company
|
|
22
|
+
|
|
23
|
+
> Other roles besides manufacturer are: Authorized representative, distributor.
|
|
24
|
+
|
|
25
|
+
*\<your company name\>* is a manufacturer of Medical Devices.
|
|
26
|
+
|
|
27
|
+
### Applicable Standards
|
|
28
|
+
|
|
29
|
+
The following table only gives an overview of the most relevant regulation and standards. For a comprehensive overview, see the list of applicable standards (reference here).
|
|
30
|
+
|
|
31
|
+
| Standard / Regulation / Law | Why Applicable? |
|
|
32
|
+
|-----------------------------|-----------------------------------------------------------|
|
|
33
|
+
| EU Regulation 2017/745 | Regulation for medical devices for human use |
|
|
34
|
+
| EU Regulation 2021/2226 | Regulation for electronic instructions for use |
|
|
35
|
+
| EN ISO 13485:2016 | QMS required by essential requirements of MDD/MDR |
|
|
36
|
+
| EN ISO 14971:2019 | Risk management for medical devices |
|
|
37
|
+
| IEC 62304:2006 | Software development for medical devices |
|
|
38
|
+
| IEC 62366-1:2015 | Usability evaluation for medical devices |
|
|
39
|
+
|
|
40
|
+
### Exclusions
|
|
41
|
+
|
|
42
|
+
The following sections of ISO 13485:2016 will be excluded due to the product being stand-alone software:
|
|
43
|
+
|
|
44
|
+
* 6.4.2 Contamination control
|
|
45
|
+
* 7.5.2 Cleanliness of product
|
|
46
|
+
* 7.5.5 Particular requirements for sterile medical devices
|
|
47
|
+
* 7.5.7 Particular requirements for validation of processes for sterilization and sterile barrier systems
|
|
48
|
+
* 7.5.9.2 Particular requirements for implantable medical devices
|
|
49
|
+
* 7.5.11 Preservation of product
|
|
50
|
+
|
|
51
|
+
## 2. Quality Policy & Objectives
|
|
52
|
+
|
|
53
|
+
### Quality Policy
|
|
54
|
+
|
|
55
|
+
> Describe what your company is about, specifically, its mission and things which are important for it. Maybe
|
|
56
|
+
> you're developing software for patients with a certain disease and your goal is to improve their lives.
|
|
57
|
+
>
|
|
58
|
+
> In addition, the policy should include a commitment to meet legal requirements, keep the QMS up to date and
|
|
59
|
+
> define quality objectives to work towards.
|
|
60
|
+
|
|
61
|
+
### Quality Objectives
|
|
62
|
+
|
|
63
|
+
> Whatever policy you outlined above, now you need to make it measurable by defining objectives which can be
|
|
64
|
+
> tracked. Those objectives should not (only) refer to the quality of your devices but the quality of your QMS
|
|
65
|
+
> and the overall work of your organization. Typical examples are: hiring excellence in staff, providing,
|
|
66
|
+
> best-of-class device performance, high standards of customer satisfaction, etc.
|
|
67
|
+
|
|
68
|
+
### Key Performance Indicators (KPIs)
|
|
69
|
+
|
|
70
|
+
> Auditors might ask you: how do you keep track of a quality objective, to see if it was achieved or not? The
|
|
71
|
+
> answer is: Key Performance Indicators. As part of your management review, you have to review all QMS
|
|
72
|
+
> processes plus your quality policy and objectives at least annually. Now, you can meet both requirements at
|
|
73
|
+
> the same time by defining KPIs for your QMS processes. You can then argue that by achieving your KPIs, you
|
|
74
|
+
> make sure that your processes run well, which also meets your quality objectives.
|
|
75
|
+
|
|
76
|
+
> These are your action items:
|
|
77
|
+
> 1. Make sure to define at least one KPI for each QMS process.
|
|
78
|
+
> 2. Make sure each quality objectives translates into at minimum one process KPI. Where there's no
|
|
79
|
+
> corresponding process for a quality objective, you define additional KPIs that are not process-related.
|
|
80
|
+
> 3. You can document those KPIs either in each SOP or in a separate overview sheet. For example, you can use
|
|
81
|
+
> the template for a management review report for that purpose.
|
|
82
|
+
>
|
|
83
|
+
> Also see regulatory requirements: ISO 13485, para. 4.1.3.a (process KPIs) and para. 5.6.2 (management review
|
|
84
|
+
> input).
|
|
85
|
+
>
|
|
86
|
+
> In this section here, describe where you define your KPIs and how you keep track of them. For example, say
|
|
87
|
+
> that you define KPIs in every single SOP or reference to a separate, central overview sheet. Ideally, KPIs
|
|
88
|
+
> are tracked by each process owner independently.
|
|
89
|
+
|
|
90
|
+
## 3. Roles
|
|
91
|
+
|
|
92
|
+
> Describe the roles of the people in your company. Typically this is done by drawing an organigram (you could
|
|
93
|
+
> use draw.io for that). Or, you just use a table like below.
|
|
94
|
+
>
|
|
95
|
+
> Minimum requirement information: required qualification and description of tasks related to QMS process
|
|
96
|
+
> involvement If applicable, add: report / authority, access rights, etc.
|
|
97
|
+
|
|
98
|
+
| Role | People |
|
|
99
|
+
|-----------------|---------------------------|
|
|
100
|
+
| CEO | Steve Jobs |
|
|
101
|
+
| CTO | Steve Wozniak |
|
|
102
|
+
| Product Manager | Ada Lovelace |
|
|
103
|
+
| QMO | Oliver Eidel |
|
|
104
|
+
|
|
105
|
+
All C-level roles (CEO, CTO, CMO) are referred to as the Management. Management is generally responsible to
|
|
106
|
+
define responsibilities and authorities, to define and communicate Quality Policy and Goals and to ensure that
|
|
107
|
+
the whole organization is oriented towards them.
|
|
108
|
+
|
|
109
|
+
> See ISO 13485, para. 5.1, para. 5.5.1
|
|
110
|
+
|
|
111
|
+
The Quality Management Officer (QMO) is responsible for:
|
|
112
|
+
|
|
113
|
+
* ensuring that processes needed for the company’s quality management system are documented
|
|
114
|
+
* reporting to top management on the effectiveness of the quality management system and any need for
|
|
115
|
+
improvement
|
|
116
|
+
* ensuring the promotion of awareness of applicable regulatory requirements and QMS requirements throughout the
|
|
117
|
+
organization.
|
|
118
|
+
|
|
119
|
+
Required qualification for this role:
|
|
120
|
+
|
|
121
|
+
* Fluent in German and English language
|
|
122
|
+
* At minimum one year of professional experience in the fields of quality management and regulatory affairs
|
|
123
|
+
|
|
124
|
+
> See ISO 13485, para. 5.1, para. 5.5.2
|
|
125
|
+
|
|
126
|
+
Person Responsible for Regulatory Compliance (PRRC) Responsibilities of the PRRC are in accordance with
|
|
127
|
+
Art. 15 MDR as follows:
|
|
128
|
+
|
|
129
|
+
* Ensure (review / release) the conformity of the devices is appropriately checked in accordance with the QMS
|
|
130
|
+
before a device is released (also see Art. 10 Para. 9 MDR)
|
|
131
|
+
* Ensure (review / release) that the technical documentation and the EU declaration of conformity are drawn up
|
|
132
|
+
and kept up-to-date for all medical devices (also see Art. 10 Para. 4 and Art. 6 MDR)
|
|
133
|
+
* Ensure (review / release) that obligations for post-market surveillance are complied with in accordance with
|
|
134
|
+
Art. 10 Para. 10 MDR
|
|
135
|
+
* Ensure (review / release) that the reporting obligations of Articles 87 to 91 MDR are fulfilled (FSCA /
|
|
136
|
+
incidents, also see Art. 10 Para. 13 MDR)
|
|
137
|
+
* Ensure that, in the case of investigational devices, the statement referred to in Section 4.1 of Chapter II
|
|
138
|
+
of Annex XV MDR is issued.
|
|
139
|
+
|
|
140
|
+
The PRRC shall not be subjected to Management instructions while carrying out his/her responsibilities
|
|
141
|
+
specified above. His/her tasks may be delegated to other roles as long as it is ensured that final
|
|
142
|
+
responsibility stays with the PRRC. She or he has the power and authority to represent the company in the
|
|
143
|
+
scope of his/her responsibilities, e.g. in communicating with state authorities.
|
|
144
|
+
|
|
145
|
+
Required qualification for this role:
|
|
146
|
+
|
|
147
|
+
* Fluent in English language
|
|
148
|
+
* Knowledge of the role and responsibilities of a ‘Person Responsible for Regulatory Compliance’ according to
|
|
149
|
+
Art. 15 MDR
|
|
150
|
+
* Higher education degree in law, medicine, pharmacology or engineering
|
|
151
|
+
* OR: four years of professional experience in the fields of quality management and regulatory affairs
|
|
152
|
+
* At minimum one year of professional experience in the fields of quality management and regulatory affairs
|
|
153
|
+
|
|
154
|
+
## 4. Processes
|
|
155
|
+
|
|
156
|
+
> List all your SOPs here. This list is highly company-specific and might therefore be currently incomplete.
|
|
157
|
+
>
|
|
158
|
+
> **Important Note:**
|
|
159
|
+
>
|
|
160
|
+
> Also mention if one of these processes is outsourced to a third party (typical examples: internal auditing
|
|
161
|
+
> or clinical evaluation done by a regulatory consultant, software development done by an external agency; see
|
|
162
|
+
> ISO 13485:2016, para. 4.1.5 for more context).
|
|
163
|
+
|
|
164
|
+
| SOP | Process Category | Internal / Outsourced |
|
|
165
|
+
|--------------------------------------------|------------------|-----------------------|
|
|
166
|
+
| SOP Corrective and Preventive Action | Management | Internal |
|
|
167
|
+
| SOP Clinical Evaluation | Core | Outsourced (?) |
|
|
168
|
+
| SOP Product Certification and Registration | Core | Internal |
|
|
169
|
+
| SOP Change Management | Core | Internal |
|
|
170
|
+
| SOP Deployment | Core | Internal |
|
|
171
|
+
| SOP Document and Record Control | Support | Internal |
|
|
172
|
+
| SOP Integrated Software Development | Core | Internal |
|
|
173
|
+
| SOP Feedback Management | Core | Internal |
|
|
174
|
+
| SOP Internal Auditing | Management | Outsourced (?) |
|
|
175
|
+
| SOP Management Review | Management | Internal |
|
|
176
|
+
| SOP Post-Market Surveillance | Management | Internal |
|
|
177
|
+
| SOP Problem Resolution | Core | Internal |
|
|
178
|
+
| SOP Software Validation | Support | Internal |
|
|
179
|
+
| SOP Update of Regulations | Support | Internal |
|
|
180
|
+
| SOP Vigilance | Core | Internal |
|
|
181
|
+
|
|
182
|
+
---
|
|
183
|
+
|
|
184
|
+
Template Copyright [openregulatory.com](https://openregulatory.com). See [template
|
|
185
|
+
license](https://openregulatory.com/template-license).
|
|
186
|
+
|
|
187
|
+
Please don't remove this notice even if you've modified contents of this template.
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
# SOP Corrective and Preventive Action (CAPA)
|
|
2
|
+
|
|
3
|
+
| ISO 13485:2016 Section | Document Section |
|
|
4
|
+
|------------------------|------------------|
|
|
5
|
+
| 8.5.1 | (All) |
|
|
6
|
+
| 8.5.2 | (All) |
|
|
7
|
+
| 8.5.3 | (All) |
|
|
8
|
+
|
|
9
|
+
## Summary
|
|
10
|
+
|
|
11
|
+
This SOP describes how CAPAs are implemented and tracked.
|
|
12
|
+
|
|
13
|
+
| | |
|
|
14
|
+
|--------------------------------|----------------------------------------------------------|
|
|
15
|
+
| **Process Owner** | *\<enter role of process owner\>* |
|
|
16
|
+
| **Key Performance Indicators** | *\<enter KPIs to be tracked for the Management Review\>* |
|
|
17
|
+
|
|
18
|
+
## Process Steps
|
|
19
|
+
|
|
20
|
+
### 1. Input for CAPA
|
|
21
|
+
|
|
22
|
+
Various events may lead to creation of CAPA. Examples include:
|
|
23
|
+
|
|
24
|
+
* Product or QMS non-conformities
|
|
25
|
+
* Customer complaints
|
|
26
|
+
* Internal bug reports, e.g. by developers
|
|
27
|
+
* Audit findings
|
|
28
|
+
* Post-market surveillance findings, including trends
|
|
29
|
+
* Management review findings, including trends
|
|
30
|
+
|
|
31
|
+
These inputs may be received from any person inside or outside the company. The QMO is responsible for
|
|
32
|
+
creating the CAPA and tracking its resolution.
|
|
33
|
+
|
|
34
|
+
CAPAs are tracked in the CAPA list.
|
|
35
|
+
|
|
36
|
+
| Participants |
|
|
37
|
+
|--------------|
|
|
38
|
+
| QMO |
|
|
39
|
+
|
|
40
|
+
| Input | Output |
|
|
41
|
+
|---------------------------------|--------------|
|
|
42
|
+
| Non-conformity, complaint, etc. | CAPA created |
|
|
43
|
+
|
|
44
|
+
### 2. Decision on Next Steps and Immediate Action
|
|
45
|
+
|
|
46
|
+
If immediate action is necessary (e.g. field safety corrective action or a notification to authorities according to SOP Vigilance), the QMO consults the
|
|
47
|
+
Person Responsible for Regulatory Compliance. Immediate action is carried out without undue delay (see ISO 13485 para. 8.5.2).
|
|
48
|
+
|
|
49
|
+
In any case, the QMO discusses the next steps with the person closest to the issue, e.g. for software bugs, the
|
|
50
|
+
Head of Software Development.
|
|
51
|
+
|
|
52
|
+
| Participants |
|
|
53
|
+
|-----------------------------------------------------------------------------------------|
|
|
54
|
+
| QMO |
|
|
55
|
+
| Medical Device Safety Officer / Person Responsible for Regulatory Compliance (optional) |
|
|
56
|
+
|
|
57
|
+
| Input | Output |
|
|
58
|
+
|-------|---------------------------|
|
|
59
|
+
| CAPA | CAPA, updated with action |
|
|
60
|
+
|
|
61
|
+
### 3. Root Cause Analysis
|
|
62
|
+
|
|
63
|
+
The QMO coordinates a root cause analysis with the person closest to the issue. The preferred method for this
|
|
64
|
+
is Five Whys. The result is added to the CAPA list.
|
|
65
|
+
|
|
66
|
+
| Participants |
|
|
67
|
+
|------------------------------------|
|
|
68
|
+
| QMO |
|
|
69
|
+
| Other people in company (optional) |
|
|
70
|
+
|
|
71
|
+
| Input | Output |
|
|
72
|
+
|-------|-------------------------------|
|
|
73
|
+
| CAPA | CAPA, updated with root cause |
|
|
74
|
+
|
|
75
|
+
### 4. Implementation of Action
|
|
76
|
+
|
|
77
|
+
The QMO coordinates defining and implementing corrective and preventive action. Additionally, the QMO takes
|
|
78
|
+
into account adverse negative implications and verifies that the actions do not adversely affect the ability
|
|
79
|
+
to meet applicable regulatory requirements or the safety and performance of the medical device. Outcomes are
|
|
80
|
+
documented in the CAPA list.
|
|
81
|
+
|
|
82
|
+
| Participants |
|
|
83
|
+
|------------------------------------|
|
|
84
|
+
| QMO |
|
|
85
|
+
| Other people in company (optional) |
|
|
86
|
+
|
|
87
|
+
| Input | Output |
|
|
88
|
+
|-------|--------------------------------|
|
|
89
|
+
| CAPA | CAPA, updated with action plan |
|
|
90
|
+
|
|
91
|
+
### 5. Verification and Check of Effectiveness
|
|
92
|
+
|
|
93
|
+
The QMO conducts the verification and effectiveness review of the implemented action. These are defined as
|
|
94
|
+
below. Thereafter, the QMO closes the CAPA.
|
|
95
|
+
|
|
96
|
+
* Verification: Documenting proof of implementation of actions taken.
|
|
97
|
+
* Effectiveness: Review of the effectiveness of actions taken.
|
|
98
|
+
|
|
99
|
+
| Participants |
|
|
100
|
+
|--------------|
|
|
101
|
+
| QMO |
|
|
102
|
+
|
|
103
|
+
| Input | Output |
|
|
104
|
+
|-------|--------------------------------------------------------------------|
|
|
105
|
+
| CAPA | CAPA, updated with verification, effectiveness review, closed date |
|
|
106
|
+
|
|
107
|
+
---
|
|
108
|
+
|
|
109
|
+
Template Copyright [openregulatory.com](https://openregulatory.com). See [template
|
|
110
|
+
license](https://openregulatory.com/template-license).
|
|
111
|
+
|
|
112
|
+
Please don't remove this notice even if you've modified contents of this template.
|
|
@@ -0,0 +1,128 @@
|
|
|
1
|
+
# SOP Change Management
|
|
2
|
+
|
|
3
|
+
| Classes | IEC 62304:2006 Section | Document Section |
|
|
4
|
+
|---------|------------------------|------------------|
|
|
5
|
+
| A, B, C | 6.2.3 | 2 |
|
|
6
|
+
| A, B, C | 6.2.4 | 2 |
|
|
7
|
+
| A, B, C | 6.2.5 | 2 |
|
|
8
|
+
| A, B, C | 6.3.1 | 3 |
|
|
9
|
+
| A, B, C | 6.3.2 | 3 |
|
|
10
|
+
| A, B, C | 7.4.1 | 2 |
|
|
11
|
+
| B, C | 7.4.2 | 2 |
|
|
12
|
+
| B, C | 7.4.3 | 2 |
|
|
13
|
+
| A, B, C | 8.2.1 | 2 |
|
|
14
|
+
| A, B, C | 8.2.2 | 3 |
|
|
15
|
+
| A, B, C | 8.2.3 | 3 |
|
|
16
|
+
| A, B, C | 8.2.4 | 3 |
|
|
17
|
+
| A, B, C | 9.4 | (All) |
|
|
18
|
+
|
|
19
|
+
## Summary
|
|
20
|
+
|
|
21
|
+
This SOP describes how we evaluate and make changes to our software after it’s released.
|
|
22
|
+
|
|
23
|
+
| | |
|
|
24
|
+
|--------------------------------|----------------------------------------------------------|
|
|
25
|
+
| **Process Owner** | *\<enter role of process owner\>* |
|
|
26
|
+
| **Key Performance Indicators** | *\<enter KPIs to be tracked for the Management Review\>* |
|
|
27
|
+
|
|
28
|
+
## General Considerations
|
|
29
|
+
|
|
30
|
+
### Feedback Classification
|
|
31
|
+
|
|
32
|
+
Feedback is either classified as a **bug fix** or a **regular change request**:
|
|
33
|
+
|
|
34
|
+
* **Bug fixes:** By definition, bug fixes only constitute minor changes to the software code and complement
|
|
35
|
+
existing device features instead of introducing new ones or removing existing ones. Bug fixes must
|
|
36
|
+
not 1) Constitute significant changes to the medical device as defined by the criteria outlined in the
|
|
37
|
+
change assessment list and 2) Introduce new risks or failure modes
|
|
38
|
+
* **Regular Change Requests:** All other changes that are not classified as a bug fix.
|
|
39
|
+
|
|
40
|
+
### Guidance Documents
|
|
41
|
+
|
|
42
|
+
The processing of changes is based on the following regulatory provisions and guidances:
|
|
43
|
+
|
|
44
|
+
* **Medical Device Regulation, Annex IX Chapter II Section 4.10:** *"Changes to the approved device shall
|
|
45
|
+
require approval from the notified body which issued the EU technical documentation assessment certificate
|
|
46
|
+
where such changes could affect the safety and performance of the device or the conditions prescribed for
|
|
47
|
+
use of the device. Where the manufacturer plans to introduce any of the above-mentioned changes it shall
|
|
48
|
+
inform the notified body which issued the EU technical documentation assessment certificate thereof. The
|
|
49
|
+
notified body shall assess the planned changes and decide whether the planned changes require a new
|
|
50
|
+
conformity assessment in accordance with Article 52 or whether they could be addressed by means of a
|
|
51
|
+
supplement to the EU technical documentation assessment certificate. In the latter case, the notified body
|
|
52
|
+
shall assess the changes, notify the manufacturer of its decision and, where the changes are approved,
|
|
53
|
+
provide it with a supplement to the EU technical documentation assessment certificate."*
|
|
54
|
+
* **Medical Device Coordination Group (MDCG) Document 2020-03:** “Guidance on significant changes regarding
|
|
55
|
+
the transitional provision under Article 120 of the MDR with regard to devices covered by certificates
|
|
56
|
+
according to MDD or AIMDD”
|
|
57
|
+
|
|
58
|
+
## Process Steps
|
|
59
|
+
|
|
60
|
+
### 1. Creation of Change Request
|
|
61
|
+
|
|
62
|
+
Changes proposals can originate from various sources, e.g.:
|
|
63
|
+
|
|
64
|
+
* Internal design ideas
|
|
65
|
+
* Market research
|
|
66
|
+
* Customer feedback (see process for feedback management)
|
|
67
|
+
* Post-Market Surveillance (see process for post-market surveillance)
|
|
68
|
+
* Changes to the QMS
|
|
69
|
+
|
|
70
|
+
They can originate from anywhere inside the company.
|
|
71
|
+
|
|
72
|
+
The Product Manager creates a change request ticket in the company’s project management software with a
|
|
73
|
+
description of the proposed change.
|
|
74
|
+
|
|
75
|
+
| Participants |
|
|
76
|
+
|----------------------------------------------|
|
|
77
|
+
| Anyone in the company with a change proposal |
|
|
78
|
+
|
|
79
|
+
| Input | Output |
|
|
80
|
+
|-----------------|----------------------------------------------------------|
|
|
81
|
+
| Change proposal | Documented change request (ID per product version) |
|
|
82
|
+
|
|
83
|
+
### 2. Evaluation of Change
|
|
84
|
+
|
|
85
|
+
The Product Manager, together with a Regulatory Affairs Manager and the Head of Software Development, then
|
|
86
|
+
evaluates the proposed change. In a first step, it is assessed if the change constitutes a bug fix or not. In
|
|
87
|
+
case of a bug fix, the Product Manager directly proceeds with the evaluation as part of the bug fixes
|
|
88
|
+
documentation list (link here).
|
|
89
|
+
|
|
90
|
+
If the change does not constitute a bug fix but rather a regular change request, it is evaluated whether the
|
|
91
|
+
change:
|
|
92
|
+
|
|
93
|
+
1. Is a significant change (refer to e.g. MDCG 2020-03 for guidance)
|
|
94
|
+
2. Introduces any new risks and whether those are acceptable
|
|
95
|
+
3. Impacts any existing risk control measures
|
|
96
|
+
4. Is technically feasible
|
|
97
|
+
5. Makes sense for the product strategy of the company
|
|
98
|
+
|
|
99
|
+
The evaluation is documented as part of the Change Evaluation List and results in a decision on whether the change is implemented and whether the Notified Body needs to be involved if the change is significant. These two decisions are documented in the change request ticket.
|
|
100
|
+
|
|
101
|
+
If required, a Notified Body shall be informed before the implementation of changes.
|
|
102
|
+
Multiple proposed changes can be batched and discussed in one session.
|
|
103
|
+
|
|
104
|
+
If the change request relates to the change of parts of the QMS, the change is assessed with the second part of the change evaluation list for "organizational changes".
|
|
105
|
+
|
|
106
|
+
| Participants |
|
|
107
|
+
|------------------------------|
|
|
108
|
+
| Product Manager |
|
|
109
|
+
| Head of Software Development |
|
|
110
|
+
| Regulatory Affairs Manager |
|
|
111
|
+
|
|
112
|
+
| Input | Output |
|
|
113
|
+
|----------------|-----------------------------|
|
|
114
|
+
| Change request | Completed change evaluation |
|
|
115
|
+
|
|
116
|
+
### 3. Implementation, Verification, Validation, Update of Documentation
|
|
117
|
+
|
|
118
|
+
Change requests result as input to the SOP Software Development and are implemented accordingly.
|
|
119
|
+
|
|
120
|
+
This includes verification, validation and release activities while ensuring traceability. The relevant
|
|
121
|
+
documentation is updated and released with an updated declaration of conformity.
|
|
122
|
+
|
|
123
|
+
---
|
|
124
|
+
|
|
125
|
+
Template Copyright [openregulatory.com](https://openregulatory.com). See [template
|
|
126
|
+
license](https://openregulatory.com/template-license).
|
|
127
|
+
|
|
128
|
+
Please don't remove this notice even if you've modified contents of this template.
|
|
@@ -0,0 +1,102 @@
|
|
|
1
|
+
| Regulatory Requirement | Document Section |
|
|
2
|
+
|------------------------|------------------|
|
|
3
|
+
| MDR Annex XIV | All |
|
|
4
|
+
| MEDDEV 2.7/1, rev. 4 | All |
|
|
5
|
+
| MDCG 2020-6 | All |
|
|
6
|
+
|
|
7
|
+
## Summary
|
|
8
|
+
|
|
9
|
+
This SOP describes the development of medical devices in accordance with regulatory requirements of Annex XIV (MDR) regarding medical device clinical performance. It ensures the level of
|
|
10
|
+
demonstrated safety and risk-benefit ratio that is required for our medical devices both for initial
|
|
11
|
+
certification and for continued safe use in the market.
|
|
12
|
+
|
|
13
|
+
| | |
|
|
14
|
+
|--------------------------------|----------------------------------------------------------|
|
|
15
|
+
| **Process Owner** | *\<enter role of process owner\>* |
|
|
16
|
+
| **Key Performance Indicators** | *\<enter KPIs to be tracked for the Management Review\>* |
|
|
17
|
+
|
|
18
|
+
## Process Steps
|
|
19
|
+
|
|
20
|
+
### 1.1 Clinical Evaluation Plan
|
|
21
|
+
|
|
22
|
+
The clinical evaluation is initiated following a Management decision to place a new or updated medical device
|
|
23
|
+
on the market. The organization follows this process both for initial market placement and for continuous
|
|
24
|
+
updates during the marketing phase.
|
|
25
|
+
|
|
26
|
+
The initial clinical evaluation is planned as part of the Clinical Evaluation Plan. During the marketing
|
|
27
|
+
phase, this plan is continuously updated as part of the Post-Market Clinical Follow-Up.
|
|
28
|
+
|
|
29
|
+
External partners can be involved in both conducting the initial clinical evaluation and the post-market
|
|
30
|
+
clinical follow-up in order to ensure higher clinical expertise during the process and lower the risk of
|
|
31
|
+
regulatory nonconformity. In this case, different external partners should be evaluated with regard to
|
|
32
|
+
sufficient experience (see MEDDEV 2.7/1 rev. 4 section 6.2). The *\<Head of the Medical Team\>* serves as the
|
|
33
|
+
point of contact to provide all relevant information to the partner.
|
|
34
|
+
|
|
35
|
+
> NOTE: if your organization maintains a purchasing process, the selection of an external partner for the
|
|
36
|
+
> clinical evaluation should be subject to supplier evaluation.
|
|
37
|
+
|
|
38
|
+
| | |
|
|
39
|
+
|--------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
|
40
|
+
| Participants | Medical Team |
|
|
41
|
+
| Input | Initial release: decision on new device, preliminary product specifications (intended use, risk assessment, available preclinical data, information on equivalent devices, etc.) |
|
|
42
|
+
| Output | Initial release: completed Clinical Evaluation Plan |
|
|
43
|
+
|
|
44
|
+
|
|
45
|
+
### 1.2 Clinical Evaluation Report
|
|
46
|
+
|
|
47
|
+
Relevant data is collected and analyzed as part of writing the Clinical Evaluation Report to evaluate the
|
|
48
|
+
device’s clinical performance. The clinical evaluation shall consider at least the following points:
|
|
49
|
+
|
|
50
|
+
* Intended Use (incl. user and patient population, use environment, device features)
|
|
51
|
+
* Data to support equivalence with other devices (if applicable)
|
|
52
|
+
* Discussion of state of the art technology
|
|
53
|
+
* Discussion of the selected categories of clinical data, the quality of clinical data and its sufficiency to
|
|
54
|
+
support an overall balanced risk-benefit ratio of the device and compliance with the General Safety
|
|
55
|
+
Performance Requirements (MDR).
|
|
56
|
+
|
|
57
|
+
In the course of data collection and analysis, new risks may be identified and are documented accordingly as
|
|
58
|
+
updates to the risk management file.
|
|
59
|
+
|
|
60
|
+
> NOTE: where a Notified Body is involved in the conformity assessment of the device and the Medical team
|
|
61
|
+
> identifies remaining uncertainty with regard to the sufficiency of the clinical data, the Notified Body can
|
|
62
|
+
> be contacted to discuss additional measures (e.g., as part of the post-market clinical follow-up) that ensure
|
|
63
|
+
> product conformity and approval.
|
|
64
|
+
|
|
65
|
+
| | |
|
|
66
|
+
|--------------|-------------------------------------------------------------------------|
|
|
67
|
+
| Participants | Medical Team |
|
|
68
|
+
| Input | Product specifications |
|
|
69
|
+
| Output | Completed Clinical Evaluation Report<br>If necessary: updated risk file |
|
|
70
|
+
|
|
71
|
+
### 1.3 Post-Market Clinical Follow-Up (PMCF)
|
|
72
|
+
|
|
73
|
+
Following the initial clinical evaluation, the organization plans the post-market clinical follow-up for the
|
|
74
|
+
medical device, ensuring its continuous safety and sufficient performance during the marketing phase. The PMCF
|
|
75
|
+
serves as input to regularly update the clinical evaluation.
|
|
76
|
+
|
|
77
|
+
The Medical team is responsible to compile and implement a Post-Marketing Clinical Follow-Up Plan, including
|
|
78
|
+
at minimum:
|
|
79
|
+
|
|
80
|
+
* Methodology for data collection and justification for selected methods
|
|
81
|
+
* Consideration of new data related to the risk management file, the claims discussed in the Clinical
|
|
82
|
+
Evaluation Report or applicable regulations
|
|
83
|
+
* Specification of the PMCFP period (no longer than one year), including a time plan for PMCF activities and
|
|
84
|
+
the next update of the clinical evaluation
|
|
85
|
+
|
|
86
|
+
The CAPA process must be initiated if new information collected as part of the PMCF activities indicates that
|
|
87
|
+
a balanced risk-benefit ratio and the safety of the device is in question.
|
|
88
|
+
|
|
89
|
+
All PMCF activities conducted per PMCF period are documented in a Post-Market Clinical Follow-Up Report.
|
|
90
|
+
|
|
91
|
+
| | |
|
|
92
|
+
|--------------|------------------------------------------------------------------------------------------------------------------------------|
|
|
93
|
+
| Participants | Medical team |
|
|
94
|
+
| Input | Clinical Evaluation Report New clinical data during the marketing phase |
|
|
95
|
+
| Output | Completed Post-Market Clinical Follow-Up Plan and Report<br>If necessary: PMCF measures (e.g., CAPA, updated risk file, etc.) |
|
|
96
|
+
|
|
97
|
+
---
|
|
98
|
+
|
|
99
|
+
Template Copyright [openregulatory.com](https://openregulatory.com). See [template
|
|
100
|
+
license](https://openregulatory.com/template-license).
|
|
101
|
+
|
|
102
|
+
Please don't remove this notice even if you've modified contents of this template.
|