Case Study Details
Case Study Information
Project Name: Post Market Product Security
Service: Cybersecurity & QMS Integration
Client: Private
Complete Date: 2019
Developed and helped implement a post market product security program for a multi-billion-dollar medical device company, enabling them to properly manage cybersecurity events on products in the market.
This project was required to ensure cybersecurity was integrated in the organizations quality management system, in alignment with regulatory guidance, for post market management of products. It helped ensure the organization had proper processes in place for dealing with cybersecurity vulnerabilities in their marketed products.
Device FDA Submission
The project involved the following:
- Development Of An End-To-End Workflow From Event Identification Through Public Communication
- New Product Security Processes, Work Instructions And Templates, Which Were Approved And Released In The Quality Management System
- Updating Of Existing Quality Processes For Integration, Such As Complaint Handling And Escalation
- Reviewing Static Application Security Testing And Software Composition Analysis Test Results And Supporting The Development Teams On Items Requiring Remediation
- Development And Support On The Rollout Of A Product Security Website, Which Is Used For Vulnerability Disclosure And Alerting On Cybersecurity Related To Their Products