• Document Type

    Cybersecurity

  • SOAR® Companion Course

    Course 16:
    Cybersecurity

    Cybersecurity Threat Model and Risk Assessment Template

    The purpose of Cybersecurity Threat Model and Risk Assessment is to identify potential and actual system/device vulnerabilities and conduct a risk assessment using a risk/benefit approach per ISO 14971. This template includes the following tools to help facilitate the risk assessment.
    • Cybersecurity Threat Model framework – STRIDE Model
    • Cybersecurity Exploitability Calculation using CVSS
    • Automatic calculation of Cybersecurity Risk/Benefit
    • Common list of Cybersecurity harms
    • Common list of Cybersecurity assets
    • Cybersecurity Risk controls
    • Technical Cybersecurity examples
    • Ability to customize automation

    All DHF Templates are suitable for FDA or EU submission and are included in our DIY Cybersecurity Kit.
    Write your awesome label here.

    Key Standards & Guidance

    All of our premium templates satisfy FDA standards and requirements
    • 21 Code of Federal Regulations – Part 11 Electronic Records; Electronic Signatures
    • 21 Code of Federal Regulations – Part 820 Quality System Regulation for Medical Devices and In Vitro Diagnostic Products
    • AAMI TIR45:2012 - Guidance on the Use of AGILE Practices in the Development of Medical Device Software
    • AAMI/ISO 80002-2:2017 - Medical device software— Part 2: Validation of software for medical device quality systems
    • AAMI/ISO TIR24971:2020 - Medical devices — Guidance on the application of ISO 14971
    • ANSI/AAMI HE75:2009 (R2018) Human Factors Engineering - Design Of Medical Devices
    • FDA Content of Premarket Submissions for Software Contained in Medical Devices
    • FDA Design Controls Guidance for Medical Device Manufacturers
    • FDA General Principles of Software Validation
    • FDA Guidance Applying Human Factors and Usability Engineering to Medical Devices​
    • FDA Off-The-Shelf Software Use in Medical Devices
    • IEC 60601-1 Medical electrical equipment
    • IEC 62304 – Medical Device Software – Software Life Cycle Processes
    • IEC 62366-1:2015 Medical Devices - Part 1: Application Of Usability Engineering To Medical Devices
    • IEC 82304 – Health Software - Part 1: General requirements for product safety
    • IEC/TR 80002-1:2009 - Medical device software – Part 1: Guidance on the application of ISO 14971 to medical device software
    • IEC/TR 80002-3:2014 - Medical device software -- Part 3: Process reference model of medical device software life cycle processes (IEC 62304)
    • IEEE 610.12-1990 - IEEE Standard Glossary of Software Engineering Terminology
    • ISO 9001:2015 Quality management systems — Requirements
    • ISO 13485:2016 Medical Devices – Quality Management Systems
    • ISO 14971:2019 - Medical devices – Application of risk management to medical devices
    • ISO/IEC/IEEE 29148-2018 - Systems and software engineering -- Life cycle processes -- Requirements engineering
    • REGULATION (EU) 2017/745 – Medical Device Regulation
    • REGULATION (EU) 2017/746 – In Vitro Diagnostic Regulation

    Grassroots Dx © 2024

    Explore

    Contact

    Welcome!

    Your getaway for online digital health learning.