Managing ISO 26262 Compliance with Modern Requirements
Easily manage ISO 26262 compliance while accelerating development cycle
Go-to Microsoft partner for requirements management since 2015
Standards
Learn how Modern Requirements4DevOps is aligned with popular industry standards
Managing ASPICE Compliance with Modern Requirements
Managing ASPICE Compliance with Modern Requirements Automotive Software Performance Improvement
21 CFR Part 11: Frequently Asked Questions
A CFR Part 11 questions and answers blog by Modern Requirements
Facilitate the Medical Device Design Controls with Modern Requirements
Achieve quicker compliance, shorter development cycle times, and faster value delivery
Managing ISO 17491 Compliance within Azure DevOps using Modern Requirements
Comply with ISO 17491 in an automated and efficient manner
Covered Standards
Compliance Matrix
| Standards | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
| SOC2 | This is a standard for service organizations that handle customer data. SOC2 requires that organizations establish and maintain a system of controls to ensure the confidentiality, integrity, and availability of customer data. Requirements management is an important part of these controls, as it ensures that customer requirements for data handling and protection are met. | General | Access Control | Access controls to ensure that only authorized users can access data. Access controls should be in place to ensure that only authorized individuals are granted access to view or modify requirements or other sensitive data. | Smart Docs, CoPilot4DevOps |
| Requirements Gathering | Ability to gather and document requirements from stakeholders, including identifying the needs and expectations of the system or service under review | Smart Docs, FAQ | |||
| Requirements Management | Ability to manage and maintain the requirements throughout the development process, including version control, change management, and approval workflows | Versioning, Impact Assessment and Approval | |||
| Traceability | Ability to establish and maintain traceability between requirements and other project artifacts, such as design, testing, and documentation | Traceability Matrix | |||
| Testing | Ability to design and execute tests to verify that the system or service under review meets the requirements and specifications | Test Hub | |||
| Documentation | Ability to document the requirements, design, testing, and other project artifacts in a clear and concise manner | Smart Docs, Simulation, Smart Reports, Smart Note and Email | |||
| Security | Ability to ensure the security and confidentiality of the requirements and other project artifacts, as well as the system or service under review | Security and Access Control | |||
| Collaboration | Ability to enable collaboration among team members and stakeholders, including sharing and discussing project artifacts | Smart Docs, Simulation, Smart Reports, Smart Note, Email and Review | |||
| Auditing | Audit logging to record any changes made to requirements. Audit logs should be maintained to provide an audit trail and flag all changes made to requirements, including who made the change and when it was made. | Traceability Matrix and Review | |||
| Reporting | Reporting capabilities to provide evidence of compliance. The requirements management tool should be able to produce reports that provide evidence of compliance with SOC2, such as reports on access controls or audit logs. | Smart Reports |
| Standards | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
| ISO 9001 | This is an international standard for quality management systems. It requires that an organization establish a process for managing its requirements and ensure that they are met throughout the product or service lifecycle. | General | Traceability | Ability to trace requirements to their source | Traceability Matrix |
| Change Management | Ability to track and manage changes to requirements | Versioning, Impact Assessment and Approval | |||
| Version Control | Ability to track versions of requirements | Versioning, Impact Assessment and Baseline | |||
| Baseline Management | Ability to manage and track approved requirements | Baseline | |||
| Requirements Analysis | Ability to analyze and validate requirements | Requirements Analysis | |||
| Requirements Collaboration | Ability to collaborate and share requirements | Smart Docs, Simulation, Smart Reports, Smart Note and Email | |||
| Requirements Reporting | AAbility to generate reports on requirements | Smart Reports |
| Standards | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
| ISO 9000 | ISO 9000 requires that organizations establish a process for managing their requirements and ensure that they are met throughout the product or service lifecycle. | General | Documented requirements | The organization must establish and maintain documented requirements for its products or services, including those related to quality. | Smart Docs, Smart Note and Email |
| Requirements review | The organization must review the documented requirements before they are finalized to ensure that they meet the customer’s needs. | Review and Approval | |||
| Requirements validation | The organization must validate the requirements to ensure that they are complete, correct, and unambiguous. | FAQ, CoPilot4DevOps, Review and Approval | |||
| Requirements changes | The organization must have a process in place for managing changes to the documented requirements. | Baseline, Versioning and Impact Assessment | |||
| Requirements traceability | The organization must establish and maintain traceability between the requirements and the product or service design and development stages. | Traceability Matrix and Coverage Analysis | |||
| Requirements verification | The organization must verify that the product or service meets the documented requirements. | Test Hub, Review and Approval | |||
| Requirements acceptance | The organization must obtain customer acceptance of the product or service in accordance with the documented requirements. | Test Hub, Review and Approval |
Standard | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
ISO 26262 | ISO 26262 requires that organizations establish a process for managing the safety requirements of their systems, including the management of safety requirements throughout the development lifecycle. | General | Traceability | Ability to trace requirements and their implementation throughout the development process | |
Baseline Management | Ability to manage multiple versions of requirements and their associated artifacts | ||||
Change Management | Ability to manage changes to requirements and associated artifacts throughout the development process | Change Management. Versioning and Impact Assessment | |||
Review and Approval | Ability to review and approve requirements and associated artifacts prior to implementation | ||||
Requirements Validation | Ability to validate requirements and ensure they are complete, consistent, and unambiguous | ||||
Requirements Reuse | Ability to reuse requirements across multiple projects or products | Requirements Reuse | |||
Requirements Prioritization | Ability to prioritize requirements based on their importance and impact on the system | Requirements Prioritization | |||
Requirements Traceability Reporting | Ability to generate reports that show the traceability of requirements and their implementation throughout the development process | ||||
Requirements Change Impact Analysis | Ability to analyze the impact of changes to requirements on the system and its associated artifacts |
Standard | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
CFR Part 11 | This is a regulation that governs electronic records and signatures in the pharmaceutical and medical device industries. CFR Part 11 requires that organizations manage their requirements for electronic records and signatures and ensure that they are accurate, complete, and secure. | Medical | Electronic Records | Ability to manage electronic records in a secure, reliable, and auditable manner | Electronic Records Management |
Electronic Signatures | Ability to capture and manage electronic signatures in a secure, reliable, and auditable manner |
Standard | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
ISO 13485 | ISO 13485 requires that organizations establish a process for managing the requirements for their medical devices and ensure that they are safe, effective, and meet regulatory requirements. | Medical | Risk management | Risk management capabilities to identify and manage risks related to medical device requirements. The tool should provide risk management capabilities that allow risks related to medical device requirements to be identified and managed. | |
Traceability | Ability to trace requirements and their implementation throughout the development process | ||||
Design and Development Planning | Ability to plan and manage the design and development process, including requirements management and verification | Simulation, Diagramming and Usecase | |||
Design Input | Ability to capture and manage requirements and input from stakeholders and other sources | ||||
Design Output | Ability to manage design output and ensure that it meets all applicable requirements and specifications | ||||
Design Verification and Validation | Ability to verify and validate the design to ensure that it meets all applicable requirements and specifications | ||||
Design Changes | Ability to manage changes to the design throughout the development process, including their impact on other requirements and specifications | ||||
Document Control | Ability to manage documents and records associated with the product or service in a controlled and auditable manner | ||||
Supplier Management | Ability to manage suppliers and ensure that they meet all applicable requirements and specifications | Supplier Management | |||
Training and Competence | Ability to provide training and ensure the competence of personnel involved in the design, development, and production or service delivery process | ||||
Document Management | Document management capabilities to manage documentation related to medical device requirements: The tool should provide document management capabilities that allow documentation related to medical device requirements to be managed and tracked. | Smart Docs and Smart Note |
Standard | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
ISO 14971 | ISO 14971 requires that organizations establish a process for managing the requirements for risk management and ensure that risks are identified, analyzed, evaluated, and controlled throughout the product lifecycle. | General | Risk management | The tool needs to identify and manage risks related to the safety of medical devices throughout the development process, including the use of risk analysis techniques and risk management plans. | |
Risk Analysis | Ability to analyze and evaluate risks associated with medical devices, including identifying hazards and assessing their severity and probability of occurrence | ||||
Post-Market Surveillance | Ability to monitor and report on the performance and safety of medical devices after they have been released to the market | ||||
Production and Post-Production Information | Ability to manage information related to the production and post-production of medical devices, including changes to the device and any associated risks | ||||
Document Control | Ability to manage documents and records associated with medical devices in a controlled and auditable manner | ||||
Traceability | Ability to trace requirements and their implementation throughout the development process, including the identification of risks and risk control measures | ||||
Design and Development Planning | Ability to plan and manage the design and development process for medical devices, including requirements management and verification | Simulation, Diagramming and Usecase | |||
Design Input | Ability to capture and manage requirements and input from stakeholders and other sources for medical devices | ||||
Traceability features | The tool needs to enable the linking of safety requirements to other requirements and work products to ensure that safety requirements are met. | Work item linking | |||
Reporting capabilities | The tool needs to provide evidence of compliance with ISO 14971 by generating reports on risk management activities. |
Standard | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
ISO 17491 | ISO 17491 specifies a test method for determining the resistance of protective clothing against penetration by chemicals. | General | Traceability features | The tool needs to enable the linking of software requirements to system requirements and design to ensure that software requirements are met. | |
Requirements Documentation | Ability to document requirements in a clear and concise manner | ||||
Design and Development Planning | Ability to plan and manage the design and development process for medical devices, including requirements management and verification | Simulation, Diagramming and Usecase | |||
Reporting capabilities | The tool needs to provide evidence of compliance with ISO 14971 by generating reports on risk management activities. | ||||
Change Management | Ability to manage changes to project artifacts, including requirements, design, and code |
Standard | Description | Industry | Relevant Features | Feature Description | MR4DevOps Feature |
|---|---|---|---|---|---|
ASPICE | (Automotive Software Process Improvement Capability determination) is an industry-standard guideline for evaluating software development processes. | Automotive and Manufacturing | Traceability features | The tool needs to enable the linking of software requirements to system requirements and design to ensure that software requirements are met. | |
Requirements Elicitation | Ability to identify, collect and document requirements from stakeholders | ||||
Requirements Analysis | Ability to analyze requirements for consistency, completeness, feasibility, and testability | ||||
Requirements Documentation | Ability to document requirements in a clear and concise manner | ||||
Requirements Management | Ability to manage changes to requirements, including version control and approval workflows |
Versioning and Approval | |||
Requirements Verification | Ability to verify that requirements have been implemented correctly and meet the specified criteria | ||||
Change Management | Ability to manage changes to project artifacts, including requirements, design, and code | ||||
Metrics and Analysis | Ability to collect and analyze metrics related to project progress, quality, and efficiency | Metrics and Analysis | |||
Collaboration | Ability to enable collaboration among team members and stakeholders, including sharing and discussing project artifacts | ||||
Configuration | The tool needs to control and document changes to software requirements, including who made the changes and why. | ||||
Test Plans | Capability to manage work products related to software requirements: The tool needs to provide support for work products related to software requirements, such as test plans and test cases. |
