Templates: software development plan and software configuration management plan
By Mitch on Wednesday 29 February 2012, 19:15 - Templates - Permalink
Here are the Software Development Plan Template and the Software Configuration Management Plan Template
These templates are technical ones. But they are closely linked to project management hence they contain sections about reponsibilities.
They amplify the Project Management Plan Template, when it is not detailed enough to give all necessary information about the organization of a project.
These templates deal with sections of IEC 62304 about project organisation, software configuration and problem resolution. Use them to answer to those requirements of the standard.
The next one will be about delivery.
Stay tuned, my list of templates is growing fast!
I gather all my templates on the templates page. You'll find them all there.
Please, fell free to give me feedback on my e-mail email@example.com
I share this template with the conditions of CC-BY-NC-ND license.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 France License.
It is a nice template to start with. It can be utilize to track your work on a regular basis. Thank for sharing your knowledge and slide.
Thank you so much, very useful templates. And congratulations for the blog, very nice and often updated: you're helping me a lot in my everyday work!
I'm going to put "check Mitch's blog" on my everyday schedule ;)
There's no "Like" button in this blog engine.
So I just say it: "Like"!
Hi thanks for the great posts. I was wondering what criteria you use for ranking the system for risk analysis. In the template you have included Occurrence and consequence of hazard and "add other criteria". Have you used any other criteria like detection?
If a third criteria was introduced how do you construct a 3d risk index?
Another question what are your criteria for acceptability (how do you know what ranges go in which risk index) and how do you validate that this criteria works?
These are some issues I am having trying to put together a risk management plan!
Thanks a lot for your help.
Hi Joe, thanks for your feeback.
Yes, detection is a criteria commonly used. Usually, Risk index is often made of: probability x detectability x consequence.
Detectability is used in FMECA (Failure Mode, Effects, and Criticality Analysis) method. Bibliography exists that proves that this method and its criteria works. I think that you should try your own risk assessment with 2 criteria and 3 criteria to see what happens in your specific case. You could define it with 5 levels: remote, low, moderate, high, very high. For each level, you should also define what is detected: is it the user who detects the hazardous situation or is it the software with self-chekcs?
The criteria for acceptability shall be something simple like a threshold on the risk index: every risk index above the threshold shall be mitigated. See annex of ISO 14971 about criteria for acceptablity. There are useful examples.
A possible method to validate if this criteria works, is to have someone who is expert in clinical use of your future device do a qualitative risk assessment. If there are discrepancies between the risks he/she finds not acceptable and your threshold, you should redefine the threshold.
Hey MItch, Thanks for the templates! I think it's great that you share them openly.
Personally, I prefer to include the configuration management in the software development plan, but I guess that only works if things are rather simple :) for larger enterprise companies, it probably makes more sense to keep those separate.