FDA Software Guidance; Should I be worried?

by: Stephen Tyrpak – Operations MD, US & Canada; Executive Consultant @ PQE GroupMedical Device

Much of the Food and Drug Administration’s (FDA) focus on medical device software guidance has involved software “in” or “as” a medical device. The most recent guidance document, Computer Software Assurance for Production and Quality System Software, is one of the first published guidances that focuses on the software used in the manufacturing of Medical Devices. Although the document is still in “draft”, it gives a greater emphasis on FDA’s push towards risk-based manufacturing and quality.

FDA Software Guidance _market news

Why the Change?

FDA has indicated that they “envision a future state where the medical device ecosystem is inherently focused on device feature and manufacturing practices that promote quality and patient safety.” This comes at time when manufacturers are not only creating more novel devices, but also reinventing how devices are manufactured. This means that “one size fits all” regulations with strict guidelines on how to manufacture devices, are no longer possible. This guidance document is another step forward in the agency’s movement towards integrating a risk-based approach to the full life cycle of a medical device. By guiding FDA staff and industry on how to apply a risk based approach to things like software in the manufacturing process, the agency is allowing the industry to grow at a faster rate while being more direct on what and how software shall be governed. 

What is Computer Software Assurance?

Computer Software Assurance (CSA) is a risk-based approach for establishing and maintaining confidence that software is fit for its intended use. CSA requires manufacturers to examine the software, how it impacts the end product and ultimately, how it impacts the end users. This methodology will reduce requirements for the software, of which the potential impact on the end product is low and will allow sponsors to allocate those resources to the high risk software. 

How does this impact me?

The FDA has broken the CSA Risk Framework into four sections:
1.    Identifying the Intended Use 
2.    Determining the Risk-Based Approach
3.    Determining the Appropriate Assurance Activities 
4.    Establishing the Appropriate Record 


Assuming the document is published, it will require manufacturers to re-examine how the manufacturing and quality related software are evaluated, tested and documented. Instead of having a generic software validation requirement, each manufacturer will be asked to justify the validation requirements and also maintain records that provide a responsible assurance that the software will not cause harm to the product and ultimately the end user. 

Do you need support?

PQE Group has been supporting computer system and software validation for more than 24 years.

Our experts are prepared to help medical device manufacturers understand how this guidance impacts their facilities and support the transition to this Risk-based manufacturing methodology. 


Get in touch with our Experts in US  Get in touch with our Experts in EU