• Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

Recognized Consensus Standards

  • Print
  • Share
  • E-mail
Super Search Devices@FDA
510(k) | DeNovo | Registration & Listing | Adverse Events | Recalls | PMA | HDE | Classification | Standards
CFR Title 21 | Radiation-Emitting Products | X-Ray Assembler | Medsun Reports | CLIA | TPLC

New Search Back To Search Results
Part B: Supplementary Information Sheet (SIS)
FR Recognition List Number 040 Date of Entry 08/14/2015 
FR Recognition Number 13-77
IEC ISO 29147 First edition 2014-02-15
Information technology - Security techniques - Vulnerability disclosure
This International Standard gives guidelines for the disclosure of potential vulnerabilities in products and online services. This International Standard details the methods a vendor should use to address issues related to vulnerability disclosure. This International Standard
a) provides guidelines for vendors on how to receive information about potential vulnerabilities in their products or online services,
b) provides guidelines for vendors on how to disseminate resolution information about vulnerabilities in their products or online services,
c) provides the information items that should be produced through the implementation of a vendor's vulnerability disclosure process, and
d) provides examples of content that should be included in the information items.

This International Standard is applicable to vendors who respond to external reports of vulnerabilities in their products or online services.
Extent of Recognition
Complete standard
Rationale for Recognition
This standard is relevant to medical devices and is recognized on its scientific and technical merit and/or because it supports existing regulatory policies.
Public Law, CFR Citation(s) and Procode(s)*
21CFR 820.100 C.A.P.A.
21CFR 820.198 Complaint files
21CFR 820.30e Design review.
21CFR 820.50 Purchasing controls
21CFR 820.90 Non-conforming product
21CFR 820.30i Design changes
FDA Technical Contact
 Brian Fitzgerald
Standards Development Organizations
IEC International Electrotechnical Commission http://www.iec.ch/
ISO International Organization for Standardization https://www.iso.org/
FDA Specialty Task Group (STG)
*These are provided as examples and others may be applicable.