Part B: Supplementary Information Sheet (SIS) |
FR Recognition List Number
|
040
|
Date of Entry 08/14/2015
|
FR Recognition Number
|
13-78
|
Standard | |
INCITS ISO IEC 30111 First edition 2013-11-01 (R2019) Information technology - Security techniques - Vulnerability handling processes |
|
Scope/AbstractThis International Standard gives guidelines for how to process and resolve potential vulnerability information in a product or online service.
This International Standard is applicable to vendors involved in handling vulnerabilities. |
|
Extent of Recognition
|
Rationale for Recognition
This standard is relevant to medical devices and is recognized on its scientific and technical merit and/or because it supports existing regulatory policies. |
|
Public Law, CFR Citation(s) and Procode(s)*
Regulation Number |
Device Name |
Device Class |
Product Code |
21CFR 820.100 C.A.P.A. |
21CFR 820.198 Complaint files |
21CFR 820.30e Design review. |
21CFR 820.50 Purchasing controls |
21CFR 820.90 Non-conforming product |
21CFR 820.30i Design changes |
|
Relevant FDA Guidance and/or Supportive Publications*
1. Postmarket Management of Cybersecurity in Medical Devices - Guidance for Industry and Food and Drug Administration Staff, issued December 2016.
Appropriate Use of Voluntary Consensus Standards in Premarket Submissions for Medical Devices - Guidance for Industry and Food and Drug Administration Staff, issued September 2018. |
|
FDA Technical Contact
|
Standards Development Organizations
|
FDA Specialty Task Group (STG)
|
*These are provided as examples and others may be applicable. |