Switch language

Agile Compliance - IEC 62304 explained for agile teams

16-Jan-2023 - wolfgang

Estimated reading time: 2 minutes

Below is an overview picture taken from 62304 explaining what you need to do from a regulatory view.

62304 and the regulatory view

Each of these boxes above become documents to deliver together with other documents with the proof that you followed some processes mentioned in the standards.

Let’s look at one example “5.2 Software requirements analysis”

Before you start ‘analyzing’ the requirements you need to have the software development plan in place, which tells you where the software requirements come from (e.g. product requirements, risk analysis, etc), how these software requirements are reviewed to ensure they are complete, correct, don’t contradict each other etc. Besides planning these activities the standard requires you to document the results and prove (“objective evidence”) that you followed your plan:

 documentation related to 5.2 software requirements analysis

Example: documentation related to 5.2 software requirements analysis

The principle is the same for all levels of your software development activities, you need documents which:

  • describe what you want to do (development plans, verification plans …);
  • the results of following the plans (requirements, tests descriptions, …);
  • proof that the results are correct (verification and validation) and processes have been followed (minutes, reviews, …).

Types of document

Types of documents to be created

One important aspect in the above documents is the traceability, so for example you need to be able to list all requirements for your software and link them to their sources (are these coming from the user, intended use or are risk controls?) and their children (e.g. how are they tested, how does that translate in architecture or do I need some third party libraries).

A common view to visualize these two needs (the documents and the traceability between) is the V-Model. There’s many variations of that but the principle is this:

 V-model

Common visualization: A simplified V-model

Coming from the agile world there this obviously conflicts with the agile manifesto that saysWorking software over comprehensive documentation”. And indeed, if you need to comply with the standards there is no way you can avoid the documentation. If you are not willing to create some documentation, change the industry... BUT you can achieve this working with modern agile software development principles, adding only a small extra effort to create up-to-date documentation needed for certification. To learn how, wait for the next articles of this series, specifically Part 4 - Bridging the Requirements Gap between Agile and Regulation in Medical Devices, coming soon.

© 2021 All rights are reserved, v Manage cookies on this site Legal / Impressum