Add skeleton sections from IMDRF.N23 to the quality manual.

rdm/init_files/documents/quality_manual/quality_manual_IMDRF.md

@@ -107,5 +107,127 @@ Organization shall have a procedure for retiring existing SOPs.
 
 # SaMD Lifecycle Support Process
 
-[[IMDRF.N23:7.0]]
+[[IMDRF.N23:7.0, IMDRF.N23:7.1]]
 
+For each product the organization shall have a SaMD product lifecycle process. This may be waterfall, agile, or a combination of the two. Required regulatory submissions usually means some degree of a waterfall process is required, however, the core development process may be more agile.
+
+The SaMD product realization, planning, and development process is outlined in the regulatory documentation manager. 
+
+Refer to the new product SOP.
+
+# Risk Management
+
+[[IMDRF.N23:7.2]]
+
+Refer to the risk management process.
+
+User based risk
+Application based risk
+Device based risk
+Environment based risk
+Security based risk
+
+# Document and Record Control
+
+[[IMDRF.N23:7.3]]
+
+Records generated to demonstrate QMS conformity shall be appropriately identified, stored, protected, and retained for the lifetime of the company.
+
+The QMS shall provide mechanisms for:
+
+IMDRF Requirement | QMS Implementation
+---|---
+Reviewing and approving documents before use. | Documents are reviewed and approved in a feature branch before merging into master thus preventing their use until reviewed and approved
+Ensuring current versions of applicable documents are available at points of use to help prevent the use of obsolete documents | All users of the QMS must ensure they are on the `master` branch and run a `git pull` to ensure they have the latest version. Alternatively, if GitHub is used as the frontend, the view will always default to master and will be up to date.
+Retaining obsolete documentation for an established period | Git will retain all history, including obsolete documentation, for an indefinite period of time.
+Controlling documents against unauthorized or unintended changes | Signed commits in git prevents unauthorized changes. Unintended changes are unlikely because of the deliberate nature of performing git actions.
+Maintaining and updating documents across all SaMD lifecycle process. | Each SOP will be periodically reviewed on a schedule based on the level of risk.
+
+# Configuration Management and Control
+
+[[IMDRF.N23:7.4]]
+
+The QMS shall control configurable items, including source code, releases, documents, and software tools in order to maintain the integrity and traceability of the configuration throughout the SaMD lifecycle. 
+
+Item | Configuration Management Plan
+---|---
+Source code | Shall be stored in git version control.
+Releases | Shall be archived in the respective device DHF.
+Documents | Shall be stored in git version control and archived in DHF.
+Software Tools | Shall be stored in git version control and archived in the device DHF. Refer to the tools inventory document for a list of approved tools and risk level.
+
+# Measurement, Analysis, and Improvement Processes and Products
+
+[[IMDRF.N23:7.5]]
+
+## Required Activities
+
+Logging and tracking of complaints.
+
+Clearing technical issues
+
+Determining problem causes and actions to address them
+
+Track critical quality characteristics of products developed
+
+Analysis of customer complaints, problem reports, bug reports, nonconformity to requirements (defects), service reports, and trends of processes and products should be used to evaluate the quality of the SaMD and SaMD process.
+
+Corrective and preventive action SOP
+
+SaMD containment of nonconforming product. Our software design and development process does not allow nonconforming product to be released to customers. 
+
+Organization shall keep a record of customer complaints.
+
+Organization shall, from time to time, shall request customer feedback reviews.
+
+# Manage Outsourced Processes, Activities, and Products
+
+[[IMDRF.N23:7.5]]
+
+Refer to new vendor SOP.
+
+# Manage Commercial-off-the-shelf (COTS) Products
+
+Refer to QMS tools validation SOP and product SOUP validation SOP.
+
+# Requirements Management
+
+[[IMDRF.N23:8.1]]
+
+Requirements shall be captured in the requirements.yml. 
+
+# Design
+
+[[IMDRF.N23:8.2]]
+
+The purpose of design is to define software architecture, components, and interfaces based on requirements. Refer to the software plan.
+
+# Development
+
+[[IMDRF.N23:8.3]]
+
+The development activity transforms the design into implementation. Refer to the software plan.
+
+# Verification and Validation
+
+[[IMDRF.N23:8.4]]
+
+Refer to the Verification and Validation plan.
+
+# Deployment
+
+[[IMDRF.N23:8.5]]
+
+TODO: Write SOPs on deploying new installations, training, configuration, for a new customer. Also detail procedures for distributing upgrades and maintenance releases.
+
+# Maintenance
+
+[[IMDRF.N23:8.6]]
+
+Maintenance activities originate from software lifecycle processes such as service monitoring, customer feedback, in-house testing, usability studies, cybersecurity findings, and socio-technological changes. Refer to the software plan.
+
+# Decommissioning 
+
+[[IMDRF.N23:8.7]]
+
+Organization shall have an end of life plan for all products. This includes sunsetting older versions that are no longer supported.