Our Process

How we build software that is compliant from day one.

1

Discovery 1–2 weeks

A focused phase to understand your challenge, map the regulatory landscape, and design the right system — before we build anything.

  • Stakeholder mapping and use case definition
  • Identify applicable regulations (MDR, IVDR, IEC 62304, ISO 14971, IEC 62366, and more)
  • Preliminary software safety classification (Class A / B / C)
  • System architecture sketch and scope definition
  • Deliverable: Discovery summary with system design, regulatory roadmap, and clear next steps
2

Analysis 2–4 weeks

Regulatory classification, gap analysis, and scope definition

  • Formal software safety classification
  • Gap analysis against existing documentation / QMS
  • Define development scope, milestones, and acceptance criteria
  • Risk management plan (ISO 14971)
  • Deliverables: Project plan, gap analysis report, risk management plan
3

Development 2–12 months

Engineering with integrated documentation — in your QMS or ours

  • Iterative development with continuous verification
  • Software requirements specification (SRS)
  • Software architecture & detailed design
  • Risk analysis updates with each iteration
  • Usability engineering file (IEC 62366) where applicable
  • Deliverables: Working software, SRS, architecture doc, risk file, design history
4

Verification 2–6 weeks

Testing, traceability, and review against the requirements specification

  • Unit, integration, and system testing
  • Full requirements traceability matrix
  • Formal review of all documentation artifacts
  • Deliverables: Test reports, traceability matrix, verification summary
5

Handover 2–4 weeks

Submission-ready documentation package for the notified body

  • Compile technical documentation package
  • Support during notified body audit / review
  • Knowledge transfer and training
  • Deliverables: Technical file, release notes, training materials

After Go-Live

Post-market surveillance, application support, and ongoing maintenance

Timelines depend on regulatory classification, system complexity, and your existing documentation. We'll give you a realistic estimate after Discovery.

MVP Fast-Track

Whether you're a startup validating a medical device concept or an enterprise building a proof-of-concept — validate your idea with a working MVP, documented per IEC 62304 from day one. Nothing is wasted when you scale up.

4–8 weeks from kickoff to validated MVP

1 — Define & Build

  • Gather and document requirements (user needs, intended use)
  • Classify risk & define regulatory scope
  • Build a working, validatable MVP
  • Document per IEC 62304 as we go — not after the fact

2 — Validate & Decide

  • Client validates the MVP against their use case
  • Core verification against requirements
  • Decision point: scale up, pivot, or iterate

What you get

  • Working MVP your stakeholders can touch
  • IEC 62304 documentation baseline (SRS, architecture, risk) — ready to build on
  • Clear scale-up roadmap for full conformity

Book a free introductory call — we'll discuss your project and outline actionable next steps.

Book a meeting
Thorsten Knöller Ben John
Thorsten Knöller & Ben John, Managing Directors