Improving software risk management practices in a medical device company

John Burton, Fergal McCaffery, Ita Richardson

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Software is becoming an increasingly important aspect of medical devices (MDs) and MD regulation. MDs can only be marketed if compliance and approval is achieved from the appropriate regulatory bodies. MD companies must produce a design history file detailing the processes undertaken in the design and development of their MD software. The safety of all MD software produced is of primary importance and it is crucial that an effective and efficient risk management (RM) process is in place. The authors have developed a software process improvement RM model that integrates regulatory MD RM requirements with the goals and practices of the Capability Maturity Model Integration (CMMI). This model is known as the RM Capability Model (RMCM). This paper evaluates how introducing the RMCM into a MD company improved their RM process.

Original languageEnglish
Title of host publicationMaking Globally Distributed Software Development a Success Story - International Conference on Software Process, ICSP 2008, Proceedings
Pages24-35
Number of pages12
DOIs
Publication statusPublished - 2008
EventInternational Conference on Software Process, ICSP 2008 - Leipzig, Germany
Duration: 10 May 200811 May 2008

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5007 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceInternational Conference on Software Process, ICSP 2008
Country/TerritoryGermany
CityLeipzig
Period10/05/0811/05/08

Keywords

  • Action research
  • BSI
  • CMMI
  • Compliance
  • Evaluation
  • FDA
  • Medical device standards
  • Process assessment
  • Risk management
  • Software process improvement
  • Verification

Fingerprint

Dive into the research topics of 'Improving software risk management practices in a medical device company'. Together they form a unique fingerprint.

Cite this