• Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

Recognized Consensus Standards: Medical Devices

  • Print
  • Share
  • E-mail
-
Super Search Devices@FDA
510(k) | DeNovo | Registration & Listing | Adverse Events | Recalls | PMA | HDE | Classification | Standards
CFR Title 21 | Radiation-Emitting Products | X-Ray Assembler | Medsun Reports | CLIA | TPLC
 

New Search Back To Search Results
Part B: Supplementary Information Sheet (SIS)
FR Recognition List Number 040 Date of Entry 08/14/2015 
FR Recognition Number 13-78
Standard
INCITS ISO IEC  30111 First edition 2013-11-01 (R2019)
Information technology - Security techniques - Vulnerability handling processes
Scope/Abstract
This International Standard gives guidelines for how to process and resolve potential vulnerability information in a product or online service.

This International Standard is applicable to vendors involved in handling vulnerabilities.
Extent of Recognition
Complete standard
Rationale for Recognition
This standard is relevant to medical devices and is recognized on its scientific and technical merit and/or because it supports existing regulatory policies.
Public Law, CFR Citation(s) and Procode(s)*
Regulation Number Device Name Device Class Product Code
21CFR 820.100 C.A.P.A.
21CFR 820.198 Complaint files
21CFR 820.30e Design review.
21CFR 820.50 Purchasing controls
21CFR 820.90 Non-conforming product
21CFR 820.30i Design changes
Relevant FDA Guidance and/or Supportive Publications*
1. Postmarket Management of Cybersecurity in Medical Devices - Guidance for Industry and Food and Drug Administration Staff, issued December 2016.

Appropriate Use of Voluntary Consensus Standards in Premarket Submissions for Medical Devices - Guidance for Industry and Food and Drug Administration Staff, issued September 2018.
FDA Technical Contact
 CDRH Division of Medical Device Cybersecurity
  FDA/OC/CDRH/OST/ORR/
  --
  CyberMed@fda.hhs.gov
Standards Development Organizations
INCITS International Committee for Information Technology Standards https://www.incits.org/
ISO International Organization for Standardization https://www.iso.org/
IEC International Electrotechnical Commission http://www.iec.ch/
FDA Specialty Task Group (STG)
Software/Informatics
*These are provided as examples and others may be applicable.
-
-