Tag Archive for: Compliance Management

Risk Traceability

Best Practices for Efficient and Compliant Risk Traceability from Design to Manufacturing


Those familiar with medical device development know that risk traceability and risk management is an important aspect that threads through the entire product development process and lifecycle.

Many see risk management as discrete deliverables completed by different team members at certain phases of product development. For example, a risk analysis that focuses on the intended use and reasonably foreseeable misuse is typically first drafted at the onset of design controls by primarily those in touch with the user’s point of view – human factor engineers, marketing, clinicians, etc. While a risk analysis focused on the design occurs during the detailed design and development phase with heavy input from the design engineers. And yet another team, mostly of those on the manufacturing team contributing to the manufacturing risk analysis.

However, it’s important that risk management is treated holistically, with traceability and connections from design to manufacturing. This traceability and connection has many benefits, including compliance with ISO 14971, the standard for the application of risk management to medical devices and meeting FDA expectations for a ‘risk-based’ approach for design and manufacturing of a medical device. Other important reasons include consistency, more efficient risk analysis, and ensuring risks identified at any point throughout the product development and lifecycle are appropriately passed along and mitigated to the various team members and stakeholders addressing those issues.

Here are my best practices for ensuring risk traceability throughout the product lifecycle, from design to manufacturing, and to post-market surveillance.

RELATED: Design Transfer: Best Practices for Translating Your Device Design into Manufacturing Specifications

Main points for How

1: Create a ‘master list’ of hazards, hazardous situations, harms and severity of harms

A common early step in risk management is creating a preliminary list of hazards. I extend this concept to hazardous situations, the resulting harms from those hazardous situations, and associated severity of those harms.

As the team starts its first risk analysis, say from the application or use point of view, note the hazardous situations that tend to repeat or are very close in description to one another. After the first team session or two, take a moment to review the hazardous situations that have been named to date, determine the unique hazardous situations, and create a ‘master list’ of hazardous situations.

Next is to determine the corresponding harms and severity of those harms associated with these hazardous situations. And add these to the ‘master list.’ Again, the corresponding harm(s) to a hazardous situation is finite and doesn’t generally change. For example, take a device with a small cutting edge. The hazardous situation is the user’s exposure to the sharps edge. Let’s say the resulting associated harm is a cut with a minor severity. Thus, anytime a foreseeable event is determined by the team to lead to the hazardous situation of the user’s exposure to the sharp edge, the associated harm of a cut with a minor severity can quickly also be listed. This prevents the team needing to reassess from scratch what the associated harm should be in each future instance that this hazardous situation arises.

Use this ‘master list’ for the future risk assessments to standardize risk practices and optimize efficiency by reusing the same risk content. Picking from a list is an efficient way for the team to identify and document the associated hazardous situations for each foreseeable event, keep wording consistent, and make it easier for new team members to understand the common outcomes. Of course if a truly unique and new hazardous situation does arise, it can be added.

2: Ensure risk assessments is available for all risk management team members and partners

Given that the functions and specific team members working on risk management will change over time, it is important that there is an effective way to share and notify the team members and partners over time. For consistency and team efficiency, ensuring access to the ‘master list’ described above to the manufacturing team and vendors will give them visibility and insight to the risks they should be on guard against, as one example.

Another example is if a design feature is identified as a mitigation for a use error, this information needs to be passed along to the design engineers to ensure said feature is designed in. To build upon the sharps example from above – After the sharps hazard is first identified, the team decides to implement a physical guard around the sharp edge. This requirement needs to be passed along to the design engineers to ensure it is designed in, not added after design freeze, when changes are more costly and time consuming. Similarly, this risk can be traced to the manufacturing team to evaluate the risks of manufacturing said sharps guard to ensure it is assembled correctly and does not fail in the field. Also, if the sharps guard design changes or becomes obsolete, you would want team members to know it’s a risk control mitigation and ensure the risk concerns remain addressed and documented.

3: Pick an appropriate tool to stay organized and efficient

Traceability of risk management and requirements arising from risk management can quickly become unwieldly, especially for complex systems, electromechanical devices, and those with software. Using traditional tools like Microsoft Word™ and Excel™ documents for risk management and requirements traceability are difficult to manage and prone to mistakes and gaps due to the manual input and review required.

Using a tool like Jama Connect® allows for easier visibility to gaps in traceability, allows for automated review and notification workflows, and features that ensure consistency, all leading to a compliant risk management file with less of the errors and inefficiencies associated with manual tools. It also has ways to manage the ‘Master List’ described above and create a Global Library of risk content that can be leveraged for new projects, allowing organizations to expand its portfolio and scale efficiently.

RELATED: Understanding Integrated Risk Management for Medical Device


Risk management done right is holistic and connected throughout product lifecycle from design to manufacturing, and beyond. Follow these best practices for both a compliant and efficient way to manage risk.


In this blog, we recap an episode from the eVOTL Insights Podcast, titled “Episode 75: Cary Bryczek, Director of Solutions for A&D, Jama Software.”

Certification and the Role It Plays in the eVTOL Aircraft Market

eVTOL Insights is a leading source of news, information and analysis into the global electric vertical take-off and landing (eVTOL) aircraft and urban air mobility markets. Since their launch in April 2020, they’ve been covering the latest industry news and offering insight for leading executives in the manned and unmanned market, across both passenger and cargo-carrying services. Their in-depth news and intelligence cover a range of different topics, from new company partnerships to industry updates on certification, infrastructure, battery developments and regulation.

As well as daily news, they interview industry professionals as part of their popular podcast series, produce short news videos for their YouTube channel and host virtual networking sessions on the final Friday of every month. To learn more, visit eVTOL Insights

eVOTL Insights Podcast

In Episode 75 of their podcast series, Cary Bryczek, Director of Solutions for Aerospace & Defense at Jama Software, is interviewed by Jason Pritchard, of eVTOL Insights, about the eVTOL aircraft market.

Cary is a member of the International Counsel on Systems Engineering MBSE initiative, a certified Configuration Management Professional (CM2-P), and a member of the Women in Aerospace organization. She is focused on helping companies utilize their data and digital capabilities to deliver aerospace and defense systems and services effectively. Her background has spanned both government civilian, defense contractor, and software vendor roles. At Jama Software, she has helped lead the company in Systems Engineering and Model-Based Systems Engineering domain expertise, as well as sales to help make Jama Connect a globally-recognized requirements management platform.

During this conversation, Cary talks about Jama Connect’s role in the eVTOL aircraft market, how it can help companies with the certification process, and some of the work it has been doing this year.

Click on the Play button below to listen to the episode and see below for a brief preview of that conversation.


Podcast Preview

Jason Pritchard: Hi, I’m Jason Pritchard and welcome to the eVTOL insights podcast. A brilliant show featured guests from companies in the EV tour aircraft and urban air mobility markets. Throughout each episode, we’ll be finding out about their exciting projects, which will help revolutionize the way we travel in future and get their insights into the current state of the industry.

In this episode, I’m joined by Cary Bryczek, director of solutions for Aerospace and Defense at Jama Software. Cary received her BS in electrical engineering from the University of Miami. She is a member of the International Council on Systems Engineering (INCOSE), MBSE initiative, certified configuration management professional, and member of the Women in Aerospace Organization.

Cary is focused on helping companies utilize their data and digital capabilities to deliver aerospace and defense systems and services effectively. Her background has spanned both government civilian, defense contractor, and software vendor roles. At Jama, she has helped lead the company in systems engineering and model-based systems engineering domain expertise, as well as sales, helping to make Jama Connect a globally recognized ALM platform. She has more than 25 years of experience implementing systems engineering in the industrial and aerospace industries with roles at the US government, Lockheed Martin, PTC, and Jama Software. Cary, thank you so much for joining me on the eVTOL insights podcast.

Cary Bryczek: Thanks, Jason, it’s really great to be here. I’m excited to talk to your community.

Jason Pritchard: So we’ve talked a little bit about your background, but are you able to tell us a bit more about that and really how you came to work at Jama software?

Cary Bryczek: I’ve always been a technology geek. I went the electrical engineering route at university, but then in the working world, I came to find my place doing systems engineering more than anything else. The first part of my career did a lot of work with the government itself and then worked with Lockheed Martin. And then 16 years ago, one of the software vendors that was trying to sell software to our team said, “Hey, Cary, want to come join me at a new company and be my sales engineer?” After I asked him what that was, because I had never heard of a sales engineer before, I decided that it sounded super exciting and I made the career jump.

And then eight years ago, I joined Jama Software, who at the time was positioned as a startup poised to be a market disruptor. And I’ve enjoyed working every day for the past eight years, bringing the most modern tools technology to our customers, working with tiny, innovative startups to big companies. What I enjoy most is bringing the art of systems engineering and the discipline of regulatory compliance to new groups to help them achieve success. No two days at Jama Software are alike for me and I really love that about my job.

Jason Pritchard: Are you up to now tell our audience a bit more about Jama Software, for those of us in the audience that might be unfamiliar with the work that you do or even not necessarily in this industry as well? Are you able to tell us a bit more about the company’s role and really how that plays into the emerging eVTOL aircraft and urban air mobility market?

Cary Bryczek: I think we’re different than any other company that you have interviewed on your podcasts yet. We’re not making super interesting eVTOL vehicles. We’re a tools company. We’re known in the industry as, this market disruptor who has reinvented application lifecycle management. And now we’re the market leader in requirements management. There’s a big need in the eVTOL marketplace to modernize tools and use software as a solution for cloud-native, web-based applications that reduces the IT overhead.

eVTOL startups, they’re wanting to use their investment money in great engineering minds of people instead of building and maintaining tooling, or using decades-old tooling software that’s not purpose-built for aviation, and having to even retain staff on top of it all to keep it working. So Jama Connect is really its software that’s used throughout the certification process, which begins with definition and agreement of the working methods used for certification of the aircraft.

Related: 2022 Industry Predictions for Airborne Product and Systems Development 

Cary Bryczek: During this phase, customers are using Jama Connect to capture goals, objectives, marketing information, and even sales information. More importantly, they’re capturing the concept of operations for the air vehicle. But it’s also used to store the process documentation itself that describes the engineering process that the organization is going to use during the entire program and type certification process. The rest of the phases of the type certification process, it closely mirrors the classic systems engineering V model. And then Jama Connect, being an ALM tool, which is used to do things like requirements management, test management, manage traceability, do baseline control and configuration management, Jama Connect is used to author and maintain requirements, safety requirements, and assist in the validation of those requirements by facilitating things like review and approval mechanisms. Our software retains a full audit trail that can be reported on live, instantaneously, or even exported to document format When you have to share that with the ASO or the FAA.

Jama Connect, inside of the application is providing what we like to call it Live Traceability™, but the traceability meaning these the real time views of requirements, safety data, verification and validation, test data, even when that data is originating in other engineering tools. Early on in Jama Software’s career, as it was being developed, is that we wanted to make collaboration an important theme built into our engineering tool. Our founders were engineers themselves, and when they were working on contracts for other companies, they found that they had to do a lot of manual back and forth in review and approval, and things changed, and it was impossible to keep track of that. So we’ve decided that collaborative engineering, as part of the work that every engineer does in their day to day tasks, instead of handing off work to be recorded and filed by dedicated tool staff, is a real big game changer. The more people that you have collaborating and working on the data in the engineering tool, the more efficient the organization has become.

And so our vision is to really make the job of the certification engineer as sufficient as possible, because they’re the ones that, in a lot of cases, they have to look and analyze the audit trail. And then the systems engineers, like the chief systems engineers, they have to do the role of hearding the chickens to make sure that everybody stays on track and analyzing, making sure that everybody really follows that process. So having collaboration mechanisms built right into the software makes it so much easier for engineers to get their work done.

To listen to the entire podcast, visit: Cary Bryczek of Jama Software Talks Certification and the Role It Plays in the eVTOL Marketplace

TÜV SÜD Certification

The Top Six Things You Should Know About TÜV SÜD

In the quest for innovation, product testing, compliance, and safety certifications remain key to accessing markets and gaining customers. No one wants to buy a product, service, or process that hasn’t been thoroughly vetted by an independent body. In the context of global markets, few certifications carry the importance or significance of those from TÜV SÜD, but in the United States, the various companies that are part of the TÜV Association are not widely known. So, what is TÜV SÜD, and why is it so important to product development? 

Here are the top six questions and answers about TÜV SÜD: 

1: What does TÜV SÜD stand for?

“TÜV” stands for “Technischer Überwachungsverein,” which translates to “Technical Inspection Association” in English. There are several independent companies that are part of the TÜV Association; TÜV SÜD is headquartered in Munich and employs approximately 25,000 people around the globe. 

2: What type of company is TÜV SÜD?

TÜV SÜD is focused on protecting people and the environment through rigorous testing, certification, auditing, and advisory services. The company helps ensure regulatory compliance of new and updated technologies, especially in automotive innovation and development, and it functions as a notified body in Europe for medical devices. The TÜV companies trace their origins back to the 1860s when they were first formed to oversee the safety of steam engines. 

3: What is the difference between TÜV SÜD and TÜV Rheinland?

TÜV SÜD and TÜV Rheinland are different companies that both provide similar services. All TÜV companies are at least 25.1% owned by the TÜV Association. There are currently six main members of the TÜV Association, all of whom are denoted by the brand “TÜV” plus the regional suffix, such as SÜD or Rheinland. The other TÜV companies include TÜV Nord, TÜV Thüringen, TÜV Saarland, and TÜV Austria. 

RELATED READING: Monolithic Power Systems Uses Jama Connect to Manage Complexities and Compliance

4: What is a TÜV SÜD Certification?

A TÜV SÜD Certification assures governing bodies and consumers that a product, service, or process has passed relevant safety testing and meets relevant compliance requirements. The certification process is rigorous and comprehensive and involves multiple steps, including steps to review requirements and establish processes followed during development. 

5: Why is achieving TÜV SÜD Certification so important?

TÜV Certification is recognized internationally as a sign of quality and thorough review—similar to an ISO or UL certification. Although it originated in Germany, it is regarded globally as evidence that your product, service, or process has attained high standards of safety, quality, and sustainability. With a TÜV SÜD Certification, you can achieve access to additional markets and give your customers peace of mind. 

6: Is Jama Connect® certified by TÜV SÜD?

Jama Connect received its first TÜV SÜD certification in 2016. Jama Connect is TÜV SÜD certified for developing safety-related products according to ISO 26262 (up to ASIL D) and IEC 61508 (up to SIL 3). Jama Software is the first vendor that is both SaaS and Agile to receive the certification. In 2019, Jama Software completed additional certification for Jama Connect as a software tool for the development of medical devices according to IEC 62304 and railway applications according to EN 50128. 

RELATED READING: How Jama Software’s TÜV SÜD Certification Helps Customers Build Safer Products

Don’t neglect important certifications. Even if you are already pursuing other certifications, the TÜV SÜD Certification could be an important addition to your automotive, medical, or railway products and services. Jama Connect can help you meet the requirements tracing and process needs that will set you up to achieve the TÜV SÜD Certification and expand to new markets and customers. To learn more, contact us. 

2022 Airborne Predictions

In many ways, 2021 was a continuation of the changes brought about in 2020, a year that’s been described as “unprecedented” and “unparalleled.” In a unique way, 2021 has offered us an idea of evolving innovations and technology on the horizon for teams across industries. These changing conditions will present a variety of new landscapes and will offer unique challenges, opportunities, and more than likely, many surprises.   

As we enter a new year of further changes, Jama Software asked select thought leaders – both internal and external – across various industries for the trends and events they foresee unfolding over the next year and beyond.  

This is the fourth part of our five-part series. In this blog, we asked for feedback on product and systems development trends anticipated for the airborne product and systems development industry in 2022 and beyond.  

First, we’ll hear from Cary Bryczek – Principal Solutions Architect at Jama Software, Michael Soden – Lead Product Manager for Safety Analysis at Ansys, and Mazen El Hout – Product Manager for Embedded Software for A & D at Ansys. Then, we hear from Vance Hilderman – Chief Technical Officer at AFuzion Inc.

Read our other 2022 Industry Predictions here: Part One – Engineering Predictions, Part Two – Medical Device Predictions, Part Three – Automotive Predictions, and Part Five – Insurance Development Market Predictions.

Airborne Predictions 2022 Part I:  

Design Trends

Q: What product, systems, and software development trends are you expecting to take shape in 2022?

Cary Bryczek, Jama Software: In 2022 we will see even more new space launch companies and unmanned aircraft systems (UAS) both enter the market as new companies and those that are already in the market will receive more funding. The commercial demand and competition among companies is driving some very exciting technologies to mature at a rapid pace.  

Q: What are the biggest trends you’re seeing in your industry right now? How will they impact A&D product, systems, and software development? 

Ansys: Regarding commercial aviation, major trends include the rise of the new air mobility to transport passengers in jammed cities. Those air-taxi services would require air vehicles capable of taking off and landing vertically. Some of them are piloted and others fully autonomous. Most of them rely on fuel-alternative propulsion systems, such as full electric or hybrid propulsion, which means completely new energy and system architectures that should be safe and performant.

Also, fixed-wing transport aircraft are moving in the autonomous direction with single pilot aircraft initiatives at some aircraft manufacturers with high impacts on cockpit display systems. In the defense industry, autonomous systems are also gaining attention with the use case of manned fighter jet supported by unmanned loyal wingman, or a swarm of drones doing formation, involving the use of artificial intelligence and machine learning techniques to extend capabilities of traditional methods of developing control systems and software. 

Tool Innovation

Q: From an A&D engineering toolset perspective, what are some of the processes you think forward-thinking firms will be working to leverage or incorporate into their process and why? 

Ansys: Key development processes include Model-Based System Engineering, Model-Based Safety Analysis, and Code Generation, to cope with the increasing complexity of next generation systems and reduce their time to market and cost of development. Model-based Design leads to harmonized safety analysis with system and software designs. In addition, cloud-based computing is becoming essential to benefit from high performance computing services and effective storage, easier maintenance, and better collaboration.  

Q: In terms of product and systems development, what do you think will remain the same over the next decade? What will change? 

Cary Bryczek, Jama Software: It is such an exciting time for technology right now and a lot of what consumer, aerospace systems and defense systems will see in the next decade is already here. We will just see that technology is being incorporated into more and more systems. AI capabilities will do more and more of the heavy lifting such as data parsing so that systems such as the Mars Reconnaissance Rover (MRO) can provide selective data back to engineers faster. The explosion of data is at the heart of everything. It is both a boon and a burden. Those companies that learn to exploit the sheer amount of data being captured from every device and system will be faster to bring their technology to market. Data privacy challenges will likely remain the same as they are now with political climates and some now talking about de-globalization.  

RELATED POST: Webinar Recap – Transformative Airborne Systems Development


Q: What changing regulatory guidelines do you anticipate having an impact on companies in 2022? 

Ansys: Several regulations are impacting new systems design. First, the regulations related to the usage of AI and machine learning inside autonomous air vehicles are driven by standardization such as European Organization for Civil Aviation Equipment (EUROCAE) where Ansys contributes with major industrial players. Regulations related to VTOL aircraft with advanced controls, controls are published as special conditions and mean of compliance by certification authorities (eg EASA). Additionally, many other regulations and special conditions are related to Hybrid Electric and Hydrogen propulsion.

In terms of safety standards, there is a new revision of safety standard: SAE ARP4761 A (including Model-Based Safety Analysis), expected to be published in 2022 extending safety analysis methods and the DO-356, describing cybersecurity methods and consideration for airborne systems. As for engineering standards, the Object Management Group is releasing a new version 2 of SySML on system modeling language, which will transform the way engineers create their systems design. 

Q: How do you foresee regulations shifting in Air and Space Product and Systems Development over the next decade?  

Cary Bryczek, Jama SoftwareRegulators in the EU, US, and China will all be trying to find ways to accelerate changes to their existing regulations in order to keep pace with the rate of aircraft (manned and unmanned) technology change and new development. The most challenging of regulations center around the safe operation of unmanned aircraft systems (UAS) as well as classification of new types of aircraft that use existing airframes but now use different propulsion and avionics systems. Aircraft of today and tomorrow just don’t fit neatly into the regulatory bodies existing definitions. For space systems and operations, there are no less than 42 ISO standards alone under development. Many of these center around space debris, interference, and quality measures. 

Biggest Challenges

Q: What are some of the biggest challenges you think A&D engineering firms will be working to overcome in 2022? 

Ansys: Building sustainable and performant system architectures without safety compromises is a big challenge we see at the product design level.  More and more autonomous and connected systems imply more vulnerability in the systems, therefore cybersecurity is mandatory to prevent cyberattacks.  Electronics reliability for autonomous vehicles is another important element to consider when dealing with the physics of failure. Finally, a key element to boost productivity and innovation is to provide scalable and cloud accessible engineering tools, for a more collaborative and distributed way of working. 

Q: Any major disruptions to Air and Space Product and Systems Development industry you’re anticipating in 2022? 

Cary Bryczek, Jama SoftwareThe COVID Pandemic will remain a major disruptor across the board. Supply chains are highly complex with manufacturers juggling multiple suppliers and subcontractors to design and integrate the products. Just in time materials processes which prior to covid were a best practice is now one cause of delays. Larger companies will seek to produce components themselves or acquire the companies that can do this for them. 


Q: What sorts of process adjustments do you think development teams will need to make to be successful in 2022? 

Cary Bryczek, Jama Software: Regulatory training at all levels of both engineering and business staff will be important. Digital engineering tools and approaches are being pushed into both engineers and project managers’ hands at an increasing pace. Understanding not only how to use them but how to use them within the highly complex regulatory landscape in an efficient manner will be key. 

Q: What do you think will remain the same in your industry throughout 2022? 

Ansys: The full electric air mobility, even though it seems very promising, will most likely not be fully mature in 2022, in terms of technology, regulations, and infrastructure. 

Q: What do you predict for regulation in the A&D industry in 2022? Will those trends still be prevalent 5 years from now? 10 years? 

AnsysMany regulations for the use of AI in embedded software related to the certified context will emerge leading to fully autonomous flight for small/medium aircraft. 

Evolving Landscape

Q: What do you think will be some of the differentiators between a company surviving to see 2030, and those that do not? 

Cary Bryczek, Jama Software: The companies that will successfully survive to 2030 are those who are able to A) continuously perform rapid impact analyses during any phase their product’s lifecycles as requirements change and disruptions to supply chains take place. Companies that do not have robustly integrated design and lifecycle data or only utilize manual processes are at a higher risk of failure when the product they bring to market is late or are at the mercy of delays to their supply chains. B) Companies will need to walk a careful tightrope of exposing enough of their project to the outside world to attract much needed investment funding and yet still keep their intellectual property secret. C) Companies will need to invent new ways to retain their talent to prevent evaporation of knowledge and their specific expertise.  

Q: Where do you see Jama Software fitting in as the product development landscape evolves, and what can our customers expect as 2022 approaches? 

Cary Bryczek, Jama SoftwareThe gap between the customer and business stakeholders and engineering groups historically has been where the engineering side is a black box. The proliferation of digital engineering strategies is now making the box more transparent. The practice of requirements management as a now collaborative effort across teams enables faster communication between teams and faster validation of requirements – Validation of the RIGHT requirements not to be confused with product validation. Requirements today must traverse many tools in the digital ecosystem. In 2022 more Jama Software customers will integrate requirements with tools in their digital ecosystem enabling higher degrees of collaboration and efficient analysis. 

RELATED POST: Aerospace Compliance – When Failure Is Not An Option

Airborne Predictions 2022 Part 2:  

Vance Hilderman, CTO, AFuzion Inc:  

“It was the best of times; it was the worst of times.”   

Surely, Charles Dickens was the earliest aerospace forecaster when he wrote those famous words decades before the Wright brother’s first flight.  But was Dickens really channeling the Covid pandemic and today’s aerospace unprecedented changes?  Likely not, but the “more things change, the more they remain the same” holds true.  

Every two or three years I’m asked to predict next year’s aerospace news. I always chuckle, then provide a disclaimer, “In one baseball season, Ted Williams failed to get on base almost 60% of the time; that made his season the world’s best.” That’s right: 40% success in baseball, and entrepreneurship, is a winning season. With that disclaimer at heart, here’s my “winning season for 2022” predictions: 

  1. Supply chain issues are not going away soon. The aviation In-sourcing trend occurring BEFORE Covid is now going to accelerate due to added long-distance supplier (read “offshore”) disruptions. Aero companies will bring back development and manufacturing even faster – expect a record pace giving advantage to those with automated processes and tools already under their control.  
  2. Autonomous passenger flight is still a decade away. Sorry – I know that’s not the news you want to hear. Truly great strides have been made and we’re now “40%” of the way there. Safety, airspace management, and certification authority acceptance are all still “in work.” But fear not: if you’re healthy with a 20-year life expectancy remaining, you will see autonomous passenger flights. Absolutely your children will. 
  3. eVTOL (electric Vertical Takeoff & Landing) aircraft REALLY are coming. If you can’t spell “eVTOL” or “UAM” you’re taking that Covid isolation too far. But 90% of today’s eVTOL players won’t succeed.  Watch for 20-25 of last year’s players to not be in the game at the end of 2022.  Who will succeed? Easy: two groups of eVTOL players will succeed:  1) Those early companies with solid funding already received and actually flying aircraft (even if near-final-prototypes), and 2) Longstanding manufacturers with prior success mass-manufacturing either cars or regular aircraft.    

If you’re not in group #1 or #2, we simply wish you the best and celebrate your optimism. 

  1. Covid forced remote work to be a reality, with great harm to those lacking defined processes and management structures supportive of remote work. In 2022, those aerospace companies with strong planning and remote development capabilities will further distance themselves from competitors. Companies embracing automated (and even semi-automated, but substantially less continuous manual intervention) will see profits and market share increase. Aviation automation tool vendors and aircraft/avionics developers with strong automation culture will be powering the decade ahead, starting in 2022.  
  2.   After a decade of struggles, experts now say Lockheed is in the driver’s seat, passenger seat, and all the other seats when it comes to fighter jets. And for buyers with ample (read “huge”) budgets, the F-35 is an easy choice. But add improved radar, improved stealth, and improved missiles, and the fighter jet itself is a platform, not the end-all. Ask yourself: what kind of computer or device are you using to read this article right now? Does it really matter or is the software and content more relevant?  Exactly.  
  3.   Yesterday’s shortening time-to-market will seem like a joke compared to 2022’s massively intensifying pressures.  New companies, new industries, and even countries new to aviation are all forcing greatly decreased product launch times.  Companies providing tools to assist with efficiency (such as AFuzion’s and Jama Software’s  DO-178C software development frameworks will see greatly increased sales but also even greater competition (details here: https://afuzion.com/plans-checklists/). 
  4. And my final forecast: all the smart people who predicted an end to Covid in 2021 and 2022 (Bill G, are you reading? 😉) will see their predictions to have been as correct as the majority of their prior predictions (really now, “email spam will be eliminated by 2006” –  go Google that one – too much time on private jets with other interests).  Folks, I predict Covid and its variants will be with us for years.  We’ll manage -humans are often frail but adaptable.  We’ll get our collective international acts together and form a more cohesive international Covid travel management policy and most of us will be flying as we were before. Except much less business travel (and more pleasure!)  because all the predictions above (Read #1 through #6) will REDUCE the need for business travel.  

There you have it:  hoping I beat Ted Williams record-breaking 40%+ success rate.  And that means I hope to see you wherever you are someday, but hopefully for pleasure, not just business! 

Thanks for tuning into our 2022 Predictions Series! To see some of the incredible products, software, and systems our customers are building with Jama Connect, visit our CUSTOMER STORIES PAGE 


Design History Files

Design history files were first required by the FDA in 1990 for medical devices. Learn how DHFs impact product teams, and get Jama Software’s DHF template.

In the competitive world of medical device development, medical device companies can’t afford to lag behind the pack. Streamlining the design and approval process is vital to getting products to market in a timely manner. Proper documentation is key to a smooth approval process.

One essential ingredient to medical device documentation is the Design History File, or DHF. While a bad DHF may not result in non-compliance, a good DHF can make the difference between a smooth compliance process and a bumpy one. To create a good DHF that streamlines compliance, design teams should know what to include—and what to avoid—as they go through the entire design and approval process.

What’s a Design History File, and How are They Used by Product Teams Working on Medical Devices?

Before reviewing all of the essential DHF ingredients, it can help to back up and establish what it is and why it’s important.

The Design History File is a collection of documents that describe the design and development activities of a medical device. Its purpose is to demonstrate that the device was developed using the design control process needed to meet FDA requirements.


Design Control Process

Figure 1: Design Control Process for Meeting FDA Requirements


The DHF requirement was established as part of the Safe Medical Devices Act of 1990. The act describes the DHF in section 21 CFR 820.30, sub-section (j) as follows:

“Each manufacturer shall establish and maintain a DHF for each type of medical device. The DHF shall contain or reference the records necessary to demonstrate that the design was developed in accordance with the approved design plan and the regulations of this part.”

There are two key terms in the DHF requirement: “establish” and “maintain.” “Establish” means that the development team must define, document, and implement requirements. Evidence is found in procedures, work instructions, drawings, and other similar documents. “Maintain” means that the team must review, approve, and update requirements. Evidence of maintenance is typically found in document control or change control systems of a company.

While a comprehensive DHF is vital to the FDA approval process, design teams will realize other benefits of maintaining the DHF, including:

What is the difference between DHF and DMR?

The DHF is one of three pillars of design compliance for medical devices:

  1. Design controls: The moving parts of product design and development.
  2. Design History File (DHF): The collection of records from design and development activities.
  3. Device Master Record: The “recipe” for product manufacturing once the design is complete.

As one of the pillars of design compliance, the DHF is important, but it cannot hold up the design process on its own. It’s one leg of a tripod, and removing any one of the legs means that the entire design compliance process may tip over. Equally important to the process are design controls and the Device Master Record, or DMR.

What are design controls, and how does the DHF establish the design control process?

Design controls establish a plan to manage new product development; they are the process pieces that guide development along a predictable path to ensure that requirements are met. The Safe Medical Devices Act requires that manufacturers of Class II and Class III medical devices (and some Class I devices as well) implement design controls over the development process.

Design controls include:

  • Design inputs: The physical and performance requirements for the type of device. May also include types of materials needed, interfaces with other devices, and even packaging required, especially if the device must be sterilized.
  • Design outputs: Usually the final specifications for the device, typically documented in models, drawings, engineering analysis, etc. Outputs should trace directly back to initial requirements. Design outputs are the basis of the Design Medical Record (DMR).
  • Design review: A formal review by the design team and any other relevant parties, such as sales, marketing, manufacturing, etc. Documentation of the review should include the date, participants, version/revision reviewed, and results.
  • Design verification: This process verifies that the design output meets the requirements expressed by the design inputs and that specifications are correct. Documentation of this process must include the date, participants, version/revision reviewed, and the verification method and results.
  • Process validation: Process validation involves producing the device with a normal, low-level production process to confirm that the device will function as designed outside of the prototype process. Documentation of the process is required for the DHF.
  • Design validation: In this process, each manufacturer validates device design under specific conditions on small production lots or batches. The DHF documentation must include identification of the design, methods of production, date, and individuals performing the validation.
  • Design transfer: The process of transferring design into production, distribution, and installation specifications.
  • Design changes: May be referred to as “engineering change” or “enterprise change,” this process identifies and documents any design changes.
  • Design history file: This is the formal document prepared for each medical device that includes either all documents generated in product development process OR an index of documents and locations where they are stored.

As you can see, the DHF is one of many design controls, but it also serves as the repository of records of all other design controls. Think of it as the final stop for the information generated by all other design controls.

What is in a Device Medical Record (DMR)?

The third leg in the tripod supporting your compliance process is the Device Medical Record, or DMR. Think of the DMR as the “recipe” that resulted from the design controls to manufacture the device according to design specifications. It’s more than just a production traveler—it will include device specifications, compositions, drawings, formulations, software specifications, etc., as well as production process specifications, including appropriate equipment, methods, procedures and environments, such as clean rooms, humidity controls, quality assurance procedures, and any specialized equipment needed. The DMR will include everything from beginning to end of the production and shipping process, including any relevant installation instructions.

What are some pitfalls to avoid when compiling the DHF?

Many companies make costly and time-consuming errors when creating their DHFs, leading to longer-than-necessary audits and failed FDA inspections. Avoid these mistakes, and you’ll minimize lost time and unnecessary costs getting to market.

Jama Software hosted a webinar led by Quality Centric Consulting to review:

  • The top DHF errors that are costing you money
  • How to tackle 21 CFR 820.30 requirements
  • How Jama Connect™ streamlines the DHF process

Five of the most common pitfalls of the DHF include:

Not having a DHF: Usually small companies strapped for resources will put all their efforts into designing and getting a product to market, with the intention of doing the DHF later on. This could be due to a lack of understanding of what DHF outputs are required.

Chaotic and unorganized DHF: This is more typical in paper-based companies that keep all information in binders, but leave off dates or include unapproved documents, making it impossible to organize at the time of an audit or inspection. Disorganization — whether paper- or email-based — also makes it difficult to manage changes and revisions due to information silos and lack of sharing information.

Including unnecessary documents: Adding business documents, such as supplier quotes, financial information or unused concepts, can bring a flurry of unwanted questions from inspectors. This can also be a symptom of not having a DHF tool or template, as well as a linear process that involves lengthy review and approval times.

Unmaintained DHF: Often companies use either outdated or improper technology for the job. Paper-based systems, email, shared folders with read-write access and the like, are not always effective document controls. This can lead to lost copies of important records, making a DHF non-compliant.

Not traceable to outputs: Without a DHF, it’s impossible to create your DMR, and very difficult to establish your traceability matrix. If design control results are not well documented, easy to locate or current, your DMR will fail to be compliant.

RELATED POST: Avoid the Most Common Challenges of the Design History File

Creating the DHF may feel like a heavy burden, but it is the key to a smooth compliance process. By treating the DHF as part of your design and development process from the beginning, these requirements become seamless and help ease the path to compliance.

Jama Connect can help traceability and requirements management and encourage a systems approach to medical device development, making the creation of a DHF more seamless and streamlined than ever before. To learn more, contact Jama Software.

To learn more about how Jama Software can help Product Teams stay compliant, visit Jama Connect Solutions for Medical Development



Compliance Management

Behind every successful product and product launch lies a complicated process that can involve multiple oversight agencies, cross-functional teams, and stakeholders. Within an organization’s governance, risk management, and compliance (GRC) framework, product teams must pursue market innovation while remaining in compliance. Staying in compliance with the vast array of rules, procedures, and contract clauses that govern product development can be a full-time job, and lack of management can lead to delays and failures that result in lost revenue, damaged reputation, or even legal action.

With so much on the line, every development project should have a process within the GRC framework to monitor compliance risk and compliance activities along the way. Unfortunately, compliance management can be difficult to integrate into the full design process, and compliance delays can hold up a product launch. Product teams often need a better way to integrate compliance management into the development process. Those teams that include compliance management in their processes can reduce the risk of failure—and potentially improve their speed to market.

What is compliance management, and how does it help product teams ship on time?

Compliance can refer to a variety of different laws, guidelines, standards, processes, procedures, or other controlling documents, including contracts. Compliance management refers to the intentional process by which designated team members or compliance officers monitor and control design, development, launch, and fulfillment to ensure that all legal, contractual, and procedural requirements are met.

Ideally, compliance management involves both people and a system that is fully integrated across functions of the organization. The more integrated the compliance management in the development lifecycle, the more likely it is to detect potential compliance issues before they cause long-term harm to companies or consumers.

A fully integrated compliance management system can help your product team ship on time or early by keeping all compliance factors top of mind during the design, development, and fulfillment process. When teams are ensuring compliance throughout the entire development lifecycle, unforeseen delays and consumer issues are less likely to derail product success.

To fully integrate compliance management, teams need a development process that includes touchpoints for assessing compliance. The process should include activities such as:

  • Standard operating procedures
  • Safety and security procedures
  • Reporting and documentation
  • Internal and external audits

Integrating all of these activities will help ensure that teams are fully prepared to establish compliance with applicable standards, regulations, and laws before launch, reducing the possibility of costly delays or failures.

RELATED: A Guide to Understanding ISO Standards

What is compliance control?

Compliance control is a set of guidelines and policies designed to provide a framework for compliance to product teams and stakeholders. These guidelines and policies apply to everyone involved in compliance management—from board of directors to compliance officers or compliance managers to team members.

Common internal compliance controls can include the following:

  • Published standards, policies, and operating procedures
  • Training and documented completion of training
  • Internal audits
  • Contracts

External compliance controls are those that originate anywhere outside the company:

  • Laws and regulations
  • Industry standards
  • External audits
  • External risk assessments

What is a compliance management system?

A compliance management system is a program that integrates written documents, processes, functions, controls, tools, and anything else that helps organizations comply with regulations and reduce risks to consumers that arise due to violation of applicable law. While a comprehensive compliance management system will include appropriate tools such as software, it will also clearly define the roles of various stakeholders, including:

  • Team members
  • Compliance officers or compliance managers
  • Board of directors
  • Internal auditors

The compliance management system will also define processes for:

  • Assessing and responding to consumer complaints
  • Addressing results of a compliance audit
  • Providing relevant compliance training as appropriate
  • Keeping informed of regulatory change
  • Taking corrective action when products are found in violation

RELATED POST: How to Perform Better Impact Analysis on Upstream and Downstream Relationships

Why is maintaining compliance so important for product teams working in regulated industries?

Former US Deputy Attorney General Paul McNulty has stated, “If you think compliance is expensive, try non-compliance.” In any industry, non-compliance can lead to fines, product failures, and lawsuits—not to mention the cost of lost reputation, customers, and business.

For teams working in regulated industries, maintaining compliance is especially important as there are often unique safety and regulatory issues at hand. In industries such as automotive, aerospace, and medical devices, one product that fails to meet regulatory or legal standards could potentially lead to the kind of product failure that results in loss of property or human life.

Studies by the Ponemon Institute reveal that non-compliance can cost as much as 2.65 times what compliance costs. What’s more, the institute found that non-compliance costs increased by 45% between 2011 and 2017.

What are best practices for compliance management?

While the specific practices for compliance management will vary according to industry, there are some best practices for compliance management that any product team can use to ensure a successful product launch.

  • Identify compliance officers: If your company doesn’t have a dedicated compliance officer, identify someone on your team who can at least serve as an ad hoc compliance officer. Identifying the right person (or people) early in the development process will give a central point of contact so that no one is wondering who is in charge of compliance.
  • Learn relevant requirements: All members of the team should at least have a familiarity with the regulatory and legal environment around product development. In addition, everyone should subscribe to government and industry mailing lists or websites to stay up-to-date on changes to regulations. One study found that regulatory monitoring saved companies an average of $1.03 million.
  • Create a central repository of requirements: Rather than simply documenting requirements that are relevant only to one team or project, companies should create a central source of information for all compliance requirements, including internal procedures and standards. With one central source for all teams to access and contribute to, teams are less likely to miss requirements in the development process.
  • Establish traceability between requirements and standards, regulations, and other relevant compliance documents: By documenting traceability between the compliance requirements and project artifacts, product teams create a robust analysis tool that can provide invaluable detail and information for audits and reviews.
  • Implement tools that support compliance management: While there’s no substitute for having human input and control over compliance management, there’s no question that having the right tools can make compliance a more manageable task. The right tool will support product teams by providing a central source for traceability, requirements management, analysis, documentation, and all related activities.

What makes a compliance program effective?

A comprehensive and effective compliance program will:

  • Reduce costs: When teams have a program in place for comprehensive compliance management, it’s almost inevitable that the team or company will save money overall.
  • Improve risk management: Evaluating and assessing risks throughout the lifecycle will improve risk management across the development lifecycle. Good compliance management will help teams identify and assess risks early in the development process.
  • Keep product development well within organizational GRC framework: An effective compliance program will keep development in compliance with internal controls and the overall organizational GRC framework.
  • Improve speed to market: When compliance is fully integrated into product design and development, the risk of delays drops, and chances of shipping on time or early increase.

RELATED POST: Checklist: Selecting a Requirements Management Tool

What tools and software can help product teams maintain compliance during the application lifecycle?

A compliance management solution is an important piece of any compliance management system. Within the overall framework of a compliance management system, a compliance management solution will support workflows, self-assessments, surveys, and issue remediation. In addition, intuitive dashboards and charts can provide real-time insights into compliance processes. 

How can Jama help teams working in highly regulated industries, like medical and aerospace, maintain compliance during the application lifecycle?

Jama Connect gives product teams the tools they need to integrate compliance management into the design lifecycle. By tracking requirements and giving teams the traceability they need, Jama Connect simplifies compliance management by integrating it fully into the application lifecycle. To learn more about Jama Connect, contact us for a demo.