Commit 18252300 authored by Luka Trbojevic's avatar Luka Trbojevic

Add ISO 13485 page

parent e1eed158
Pipeline #55289562 passed with stages
in 28 minutes and 6 seconds
......@@ -131,8 +131,9 @@ extra_js:
%a{ href: "" } PCI Compliance,
%a{ href: "" } HIPAA,
%a{ href: "" } GDPR,
%a{ href: "" } IEC 62304:2006
%a{ href: "" } IEC 62304:2006.
%a{ href: "" } ISO 13485:2016.
%a{ href: "/solutions/compliance" }
Learn how GitLab improves compliance
layout: markdown_page
title: "Meeting ISO 13485:2016 Requirements with GitLab"
## Using GitLab as a Quality Management System for ISO 13485:2016
ISO 13485:2016 is an international standard specifying requirements for a quality management system (QMS) for organizations involved in one or more stages of the medical device lifecycle - from design to disposal - including the suppliers and vendors to those organizations.
Using GitLab's portfolio and project management (PPM) tools, you may be able to drive compliance with requirements across ISO 13485:2016.
### Can GitLab be used as part of an ISO 13485:2016 QMS?
While every organization has its own unique needs and every application used as part of its QMS must be evaluated based on those needs, GitLab offers many features and controls that can make it a useful tool in an ISO 13485:2016 QMS.
GitLab can be used as both an application within the QMS and a functional tool to enable faster development and deployment. By merging PPM under the same roof as development and deployment, you can better centralize and simplify your QMS while increasing collaboration between teams and reducing silos.
Because GitLab is not a compliance tool and makes no guarantees about compliance, every usage of GitLab to meet compliance requirements has to be evaluated by your organization in the context of your its unique needs.
### Creating and managing documentation
Documentation management is a key aspect of an ISO 13485:2016 QMS. GitLab has several built-in tools to help your organization manage the creation, modification, tracking, and distribution of documentation:
* The [Wiki]( is a documentation system that's built into each GitLab project. Wiki pages can be created and managed through an easy-to-use web interface or Git for more advanced users. A complete [history]( of all wiki pages is maintained so a comprehensive record can be kept.
* GitLab offers several [integrations](, including [Jira](, making it easy to extend GitLab's PPM features.
* [Project import and export]( can be used to effectively create project-level templates, making it easy to create and replicate more complex workflows. Project exports include everything in the project, including issues and files, making it a powerful tool for sophisticated workflows.
### Defining and enforcing processes
As part of your QMS you may have process enforcement requirements. GitLab offers several tools to enforce process, standards, review, and approvals for both documentation and code:
* [Merge request approvals]( can be used to enforce requirements and require review by specific persons or teams before merging the change. Beyond enforcing software requirements, this can be a powerful tool for document control change management for files stored in a project repository.
* [Push rules]( can be used to set requirements for commit messages. One example of how this can be used is to enforce a requirement that every commit must reference a requirement in Jira or the wiki.
* [Protected branches]( allow you to enforce rules for creating, pushing to, and deleting branches.
* In the future, the [Requirements Management]( product category will allow for a more complete and structured way to granularly enforce and audit compliance with complex requirements.
### ISO 13485:2016 software validation with GitLab
A challenging new requirement in ISO 13485:2016 is QMS software validation. It requires organizations create procedures to evaluate software used in its QMS, evaluate the software before use and, as appropriate, as changes are made to the software.
One solution to creating validation procedures are [description templates](
* With description templates, you can create procedures in the form of an [issue]( Within a description template, you can upload or link to forms and other files, create task lists, and more. This means you can create a comprehensive, easy-to-follow validation process where work can be tracked and file can referenced or uploaded. All actions in an issue, such as when the description is edited or a comment is made, are logged, making it easy to maintain a comprehensive record of all actions taken in the issue.
* Because of how easy description templates are to use, anybody on your team can initiate the validation process by simply creating an issue and selecting the appropriate template.
* Issues can be further organized using [issue boards](
Another is to use the [wiki](
* Because the wiki is a more familiar interface, it may be best suited to store the validation procedure. Using a wiki may also be more accessible to non-technical staff compared to description templates.
* You can also incorporate description templates into your validation procedure hosted on the wiki. When [creating]( a new issue, you can add the `?issuable_template=Template Name` parameter to the end of the new issue page URL. When people visit the link, it will take them to the new issue page with the appropriate description template already selected, removing the need for staff to manually find and select the correct template.
### Learn more about GitLab PPM
To learn more about GitLab PPM, [watch GitLab product manager Victor Wu]( show how GitLab itself is created using GitLab PPM.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment