PTC Integrity Compliance

Meet Compliance Standards and Solve Technical Challenges Quickly and Efficiently

Meet Compliance Standards and Solve Technical Challenges Quickly and Efficiently
Companies are rapidly shifting from relying on hardware to relying on software for the innovations that differentiate their products in the market.  This shift has presented a number of challenges that PTC Integrity, a single, enterprise product, delivers solutions for including:

  • Managing development costs as applications become more and more complex
  • Delivering software releases predictably, on time and of expected quality
  • Collaborating across dynamic, global teams
  • Compliance to standards such as TL 9000
  • Leveraging the potential of Software Product Lines (SPL) to reduce costs and cycle times when expanding product lines
  • Adopting Agile methods across hundreds of people while preserving product, project management visibility and demonstrating compliance to standards

Compliance is a topic that continues to grow in relevance across a wide set of industries. In industries where safety is critical, new functional safety standards—such as ISO 26262 in automotive—continue to emerge. Company’s must take these standards very seriously and cannot let them impede productivity, time-to-market or increase development costs.  PTC Integrity offers compliance solutions for several industries including:

Medical Device / Life Sciences

Challenge PTC Integrity Lifecycle Solution Benefits
Challenge Management of Documentation and Records Solution
  • All documents can be stored and versioned with appropriate access controls
  • Automatically generates design history file DHF reports
Benefits Reduce effort to create DHF from weeks to minutes
Challenge Identification and Traceability Solution
  • Unique identification of each document and asset
  • Named trace relationships between all assets
Benefits Significant time savings
Challenge Document Controls and
Change Management
Solution
  • Automated workflow for effective process enforcement
  • Powerful change control automatically documents all allowed changes
Benefits
  • Automated and enforced processes
  • Full change history without overhead
Challenge Managing Risk and
Reducing Recalls
Solution
  • Simplified electronic tracking of requirements, risks and mitigations with relationships and dependencies
  • Automatically compute Risk Priority Number (RPN)
  • Automated support for V-Model with named relationships between requirements, design, and software assets and their associated verification and validation assets
Benefits
  • Reduced risk
  • Improve productivity while maintaining compliance and managing risk

Risk Management (ISO 14971)

The FDA and ISO 14971:2007 both acknowledge that the use of medical device technology entails some level of risk. The goal of risk management is to reduce product risk and to identify and understand the level of remaining risk and the impact that has on the user’s safety and the effectiveness of the product. PTC Integrity provides a configurable framework to apply the risk management practices of ISO 14971:2007 which allows organizations to improve the safety and effectiveness of their devices and enables them to demonstrate regulatory compliance. The benefits of using PTC Integrity for risk management of medical devices include:

  • Compliance with ISO 14971:2007 — The PTC Integrity solution for medical device companies provides a configurable Risk Management platform that leverages ISO 14971 risk management methodologies through the implementation of Hazard and Risk Analysis documentation, coupled with risk management and risk control processes that can be traced to product design as well as verification and validation records.
  • Automation of Complex Reports — ISO 14971:2007 and the regulatory requirements based upon this standard have specific reporting requirements, including the generation of a Risk Management File which details the risk analysis, risk evaluation, the implementation and verification of the risk control measures; and the assessment of the acceptability of any residual risk(s). PTC Integrity automates the generation of this report through built-in traceability reports, allowing companies to easily export all of the risk documentation and any traced artifacts and verification results.
  • Configurable Risk Metrics and Policies — Organizations can tailor the PTC Integrity solution and refine the terminology to suit their needs. For example, the values for Severity and Occurrence on a Risk may have their definitions modified to be quantitative rather than qualitative. The computations used to determine Risk Level (Acceptable, Unacceptable, Investigate) may also be tailored for the organization on a per-project basis to allow the solution to be applicable to a variety of devices with distinct intended uses. Support is also provided for RPN calculations of Risk.
  • Risk Coverage Charting and Reporting — Through real-time charting and reporting, PTC Integrity enables engineers to at a glance determine coverage across each of the risk domains. This includes the ability to identify Hazards that have no corresponding Risks, Risks that have no corresponding Mitigation or Control Measure, as well as Risk Control Measures which have not been verified.

Engineering Standards

DO-178/ED-12:
RTCA DO-178B and EUROCAE ED-12B set rigorous safety standards on the commercial aerospace industry governing both the quality of the flight software embedded in aircraft and the processes and tools used to produce the software. The standards require engineering organizations to implement lifecycle processes that emphasize requirements-based development and independent verification for safety-critical embedded applications. Strong emphasis is also placed on change and configuration management as the basis for repeatability, traceability, and third-party reviews. Further, organizations must apply these processes uniformly across all product development lifecycle artifacts, from requirements to test plans and results, rather than simply to software configurations.DO-178C/ED-12C:
There are numerous updates and enhancements included in DO-178C/ED-12C. Among them are modernization of the standards to address newer development methods such as model-based development, object-oriented technology, and formal methods. The new standards also provide more comprehensive guidance on tool qualification across the lifecycle, including practitioner tools used to automate the new practices already mentioned.Organizations already using PTC Integrity to unify the lifecycle have been able to adapt to the additional requirements of the ‘C’ revisions with less disruption because they already have an integral view of all lifecycle information. They also find it easier to adopt newer methods, such as model-based development, adapting their lifecycle processes to meet certification requirements associated with the new methods using PTC Integrity’s single, integral data model and workflow engine.

PTC Integrity Accelerates Innovation of Software in Aerospace & Defense Data Sheet

Certification agencies, Designated Engineering Representatives (DERs), manufacturers, and suppliers are facing numerous challenges as they attempt to adapt to the relentless pace of change in the industry. Certification and qualification processes that were sufficient just a decade ago are failing to address the industry shift to software-driven innovation. Among the many challenges the industry is struggling to solve:

  • Software changes relentlessly, in much greater volume, at a much faster rate, across the entire product lifecycle, including engineering, manufacturing, and service. This creates myriad challenges in change and configuration management processes and tools, especially when change must be tracked across such a wide range of engineering lifecycle artifacts
  • Establishing, maintaining, and tracking traceability across all artifacts and throughout the full product lifecycle becomes overwhelming
  • Modern engineering practices make certification and qualification using a standard that is nearly two decades old more challenging:
    • Model-based development places models traditionally used peripherally for design into a much more central role in the lifecycle, including simulation, verification, and validation — challenging traditional approaches to certification and tool qualification
    • Agile/lean methods are employed to increase agility and reduce lifecycle cost and schedule, but must be adapted to engineering development lifecycles designed to meet the stringent requirements of aircraft certification

PTC Integrity addresses the challenges of DO-178/ED-12:

PTC Integrity enables engineering organizations to solve these challenges by providing a single, integral source of truth for the entire engineering lifecycle, including software artifacts. It is purpose-built to enable tracking of change, configuration, and traceability across all lifecycle artifacts in a single data model. Tool suites built by lashing many point tools together fail to provide the same comprehensive visibility, control, and tracking across all lifecycle artifacts, leaving the organization to collect the information needed to satisfy the standards from multiple sources which often overlap in some areas and leave gaps in others — resulting in an incomplete and inconsistent view of the lifecycle.


ISO 26262

International standards such as ISO 26262, a new functional safety standard for the automotive industry, provide frameworks to improve company policies, practices and processes. Public perception and government regulations compel automotive development organizations to adhere to the relevant standards. While these standards are an opportunity to improve process and product quality and safety, they also impose risks to cost efficiency and development cycle time. The ultimate responsibility for compliance is on the vehicle manufacturer. Thus a higher capability level in CMMI or Automotive SPICE and ISO 26262 compliance gives suppliers significant competitive edge.

Implementing standards can be time-consuming and expensive. It has been estimated that complying with ISO 26262 may cost the automotive industry hundreds of millions of dollars. This is further complicated by the global and differentiated development environment of today’s automotive industry; applying standards to processes and artifacts across multiple isolated systems and disciplines is a daunting task.

Automobile engineering companies have turned to PTC Integrity as a compliance solution certified by compliance certification bodies such as TÜV SÜD Automotive GmbH.  The following are examples of capabilities provided by PTC Integrity that have reduced the cost and the time required to implement and prove compliance:

  • Manage all assets and processes in a single data model, from requirements to test results, models and calibrations, and risks and mitigations
  • Manage end-to-end traceability of these assets and be able to show that every requirement has been validated and every risk has been mitigated
  • Ensure strict change management procedures are adhered to across all lifecycle assets
  • Automate and enforce compliance requirements for model-driven development (MDD), providing trace-through model support

PTC has been a trusted partner to leading OEMs and suppliers in the automotive industry for more than ten years. Our customers have been able to reach and demonstrate compliance in the following standards quickly and efficiently:

  • Automotive SPICE (ISO/IEC 15504) — With the shift to a greater reliance on software for product innovation and differentiation, automobile engineering companies are turning to ISO/IEC 15504, otherwise known as Automotive SPICE, to improve the way that software is developed and as a means to evaluate the capabilities of potential suppliers. PTC has been a thought leader in software development for more than 10 years, and has provided custom software development process management solutions to major automotive engineering companies
  • ISO 26262 — Safety is one of the key issues of today’s and tomorrow’s automobile development. With the complexity, software content, and electronic implementation in today’s vehicles, there are increasing risks of systematic failures that can lead to unsafe conditions. ISO 26262 is being developed to reduce risks by providing feasible requirements and processes

CMMI

CMMI is an industry standard for systems engineering, integrated product development, software engineering and supplier sourcing maturity. The flexible process and workflow capabilities of PTC Integrity enable companies to easily evolve through maturity levels, while our partners and professional services staff can provide ongoing assistance to companies moving up and through the various levels toward CMM certification from performed to optimizing

  • Automated Audit Tracking and Control enables organizations to trace the origins and detail of change to business-critical applications — and even the documented software process itself
  • Flexible Process-Centric Architecture allows businesses to construct repeatable processes and workflows tuned to Capability Maturity Model compliance initiatives
  • Management Reporting provides senior IT staff with detailed measures of performance on defects, incident reports and project completion statistics over time
  • Service Expertise including:
    • Process assessment and definition workshops
    • Implementation planning
    • Health Checks
    • Training such as KPI Assessment workshops in conjunction with partners and CMM-level certification in conjunction with partners

Sarbanes-Oxley

With the enactment of Sarbanes-Oxley (SOX) and other compliance initiatives, software and tools designed to automate the process of compliance have become a necessity. By automating compliance with application lifecycle management, organizations can meet compliance demands without the costly diversion of financial and human resources. Organizations benefit over the long term by creating leaner and more focused business processes and improving development controls.

Regulatory compliance goes far beyond Sarbanes-Oxley. The flexible PTC Integrity Application Lifecycle Management (ALM) solution can support compliance with a number of regulations including the life sciences industry’s FDA 21 CFR Part 11, the healthcare industry’s HIPAA, the automotive industry’s SPICE, Canada’s Bill 198, the financial industry’s Basel II and Asia/Pacific’s JSOX.ALM software from PTC ensures application changes and engineering or IT processes are documented, repeatable and auditable ― thereby ensuring effective compliance.Companies such as BNSF Railway, Verizon Wireless, Campbell’s Soup, Teva Pharmaceutical and dressbarn all rely on PTC Integrity to automate processes and sharpen their development and IT controls, enabling new levels of productivity and compliance.Our approach to compliance consists of requirements management, change management, process and workflow, versioning, deployment and release management in addition to process and lifecycle management best practices and expertise. PTC Integrity supports many process methodologies and maturity models such as SPICE, Six Sigma, CMMI and ITIL.

IT Industry Standards

ITIL

PTC Integrity links application development to your data center. Our industry-certified solution for ITIL provides support for change, configuration and release processes and directly links them to processes found in the development phase of the application lifecycle. PTC Integrity is the only product to provide a single platform that spans the process needs of IT operations and application development, giving you a way to improve process control, traceability and visibility from system inception to delivery, and across custom and packaged software environments.

You are seeking a way to extend ITIL processes, provide vital links to development, and improve IT governance. You are seeking a solution that serves your business entirely, providing unified process control across IT operations and application development. And, you want to eliminate barriers to communication and collaboration that inhibit speed of delivery.

PTC Integrity provides an integrated platform that harmonizes the disciplines of ALM and IT Service Management, providing you with:

  • Incident lifecycle ownership — Provides visibility and traceability around incident status/state.
  • Request for change — Connects requests for change (RFCs) to software defects and bill-of-materials (BOM) as well as to impacted configuration items.
  • Communication of planned change to customers — Provides customers with visibility into status and progress against RFCs within the development lifecycle.
  • Impact assessment on proposed change — Associates all affected artifacts including business requirements, source code, configuration files, test cases design and business process data to RFCs to understand the full impact of change upon your systems and environment.
  • Leverage configuration data for release and deployment management — When software change is released back to production, automatically close the ticket, attach deployed information and relay status back to development.

PTC Integrity is an open platform, completely adaptable into existing technology environments. Key integrations into various Service Desk, Asset Tracking and Discovery applications are available as part of the solution.

PTC Integrity can be implemented for application service management in conjunction with your existing IT operational technologies including, but not limited to:

  • HP OpenView Service Desk
  • HP Service Center
  • BMC Remedy Service Desk
  • BMC Service Desk Express
  • Ecora Audit Professional

Agile and ITIL

Continuous Integration and Continuous Delivery are key Agile concepts that enable organizations to improve the quality of the applications delivered to operations from the development group. These concepts can make life even harder, however, for the operations group that typically struggles with the deployment of complex multi-platform modern applications.

It is imperative that the relationship between these groups becomes more collaborative (a key Agile tenet) for these highly iterative processes to flourish. It is also critical that these processes are automated such that the hand off from Agile ALM processes to Release Management and ITSM processes is coordinated, secure, and essentially incorruptible.

PTC Integrity provides the platform necessary to easily automate Agile and traditional release processes, ensuring consistent and rapid deployments of your applications. The PTC Integrity Agile solution is ideally suited to addressing the process and control needs of an organization trying to reconcile ITIL and Agile practices.

Simple Share Buttons