Quick Links: Skip to main page content Skip to Search Skip to Topics Menu Skip to Common Links
  • Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

Recognized Consensus Standards: Medical Devices
  • Print
  • Share
  • E-mail
-
Super Search Devices@FDA
510(k) | DeNovo | Registration & Listing | Adverse Events | Recalls | PMA | HDE | Classification | Standards
CFR Title 21 | Radiation-Emitting Products | X-Ray Assembler | Medsun Reports | CLIA | TPLC
 

New Search Back To Search Results
Part B: Supplementary Information Sheet (SIS)
FR Recognition List Number 030 Date of Entry 01/15/2013 
FR Recognition Number 13-33
Standard
AAMI  TIR 36:2007
Validation of software for regulated processes
Scope/Abstract
Applies to any software used to automate device design, testing, component acceptance, manufacturing, labeling, packaging, distribution, and complaint handling or to automate any other aspect of the quality system as defined by the Quality System Regulation (21 CFR 820). In addition, it applies to software used to create, modify, and maintain electronic records and to manage electronic signatures that are subject to the validation requirements (21 CFR 11). This TIR can also be broadly applied wherever software automates processes regulated by the FDA. This TIR applies to software used in the production of a device and to software used in implementation of the device manufacturer's quality system. It does not apply to software used as a component, part, or accessory of a medical device or software that is itself a medical device.
Extent of Recognition
Complete standard
Rationale for Recognition
This standard is relevant to medical devices and is recognized on its scientific and technical merit and/or because it supports existing regulatory policies.

NOTE: Conformance to this standard may not satisfy all the cybersecurity requirements outlined in Section 524B of FD&C Act or the recommendations in the (1) listed below (Relevant FDA Guidance). Manufacturers should consider the information contained within these resources in their assessment of cybersecurity for their device.
Relevant FDA Guidance and/or Supportive Publications*
1. Cybersecurity in Medical Devices: Quality Management System Considerations and Content of Premarket Submissions, Guidance for Industry and Food and Drug Administration Staff, issued February 2026.

2. Content of Premarket Submissions for Device Software Functions, Guidance for Industry and Food and Drug Administration Staff, issued June 2023.

3. Off-The-Shelf Software Use in Medical Devices, Guidance for Industry and Food and Drug Administration Staff, issued August 2023.

4. General Principles of Software Validation; Final Guidance for Industry and FDA Staff, January 2002

Appropriate Use of Voluntary Consensus Standards in Premarket Submissions for Medical Devices - Guidance for Industry and Food and Drug Administration Staff, issued September 2018.
FDA Technical Contacts
 Christopher Brown
  FDA/OC/CDRH/OPEQ/OHTIV/
  301-796-0380
  Christopher.Brown@fda.hhs.gov
 Aneesh Deoras
  FDA/OC/CDRH/OPEQ/OHTII/DHTIIA/
  240-402-4363
  aneesh.deoras@fda.hhs.gov
 Binoy Mathews
  FDA/OC/CDRH/OPEQ/OHTI/DHTIC/
  301-796-6475
  Binoy.Mathews@fda.hhs.gov
Standards Development Organization
AAMI Association for the Advancement of Medical Instrumentation http://www.aami.org
FDA Specialty Task Group (STG)
Software/Informatics
*These are provided as examples and others may be applicable.
-
-