Six documents covering every SaMD regulatory requirement: IEC 62304 classification, SOUP management, cybersecurity, PCCP for AI/ML, 510(k) submission, and post-market monitoring.
Instant download. For engineers and regulatory teams building software-based medical devices.
Software-only medical devices face a unique set of requirements: IEC 62304 software lifecycle, SOUP management, mandatory cybersecurity documentation (post-2022 Omnibus), and — for AI/ML devices — Predetermined Change Control Plans. Most device teams discover these gaps during FDA review, not before.
This toolkit gives engineers and regulatory teams the document templates and checklists to build a complete SaMD regulatory package from day one — before the 510(k) submission, not after the FDA deficiency letter.
Structured in the order you would build a SaMD regulatory file.
IEC 62304 software safety classification (A/B/C), FDA SaMD guidance alignment, and a risk-based classification decision tree. Covers intended use, state of healthcare situation, and significance of information categories for FDA and IMDRF frameworks.
Software of Unknown Provenance component inventory, risk evaluation worksheet, and update controls per IEC 62304 §8.1. Tracks vendor, version, license, known anomalies, and impact on SaMD safety classification.
Threat modeling worksheet (STRIDE), SBOM checklist, and FDA 2023 cybersecurity guidance alignment. Covers pre-market cybersecurity documentation requirements, exploit mitigations, and vulnerability disclosure process.
FDA AI/ML guidance-aligned PCCP covering algorithm change protocol, performance monitoring plan, and impact assessment framework. Built for ML-enabled SaMD seeking locked or adaptive algorithm approval.
Software documentation requirements for 510(k), IEC 62304 lifecycle evidence mapping, and predicate strategy for software devices. Covers software description, level of concern, hazard analysis, and V&V documentation.
Real-world data collection framework, KPI definitions, and algorithm drift detection methodology. Maps to FDA post-market requirements and IMDRF SaMD post-market surveillance guidance.
Every document is structured around IEC 62304 software lifecycle requirements — the international standard FDA and notified bodies reference for SaMD submissions.
FDA's Predetermined Change Control Plan framework is mandatory for adaptive AI/ML SaMD. This toolkit includes a complete PCCP template aligned to the 2024 FDA final guidance.
The Omnibus Bill (Dec 2022) made cybersecurity documentation a statutory requirement for SaMD submissions. This toolkit covers pre-market and post-market cybersecurity obligations.
Open-source and third-party software components are a leading source of IEC 62304 audit findings. The SOUP template gives you the inventory and risk evaluation structure auditors expect.
Stripe checkout. Instant download after payment.
“I built these templates from 12 years of running a Class II/III medical device manufacturing operation. Every document reflects what FDA investigators actually ask for — not what consultants think they ask for. We use these exact frameworks at AB Medical.”
Joshua Millage, CEO — AB Medical Technologies
“When you've been through enough FDA inspections, you learn what documentation gaps get flagged and which ones slide. These templates close the gaps that matter. We developed them alongside our own QMS buildout and they've held up under audit.”
Rick, Director of Engineering & Regulatory — AB Medical Technologies
Software as a Medical Device (SaMD) is software that performs a medical purpose without being part of a hardware medical device. FDA, EU MDR, and IMDRF apply SaMD-specific requirements. If your software analyzes patient data, drives clinical decisions, or is marketed as a medical device — it qualifies.
Most SaMD that is not Class I exempt requires either a 510(k) (most Class II) or a PMA (Class III). The submission requires specific software documentation per FDA's guidance on off-the-shelf software and IEC 62304 lifecycle evidence. Document 05 in this toolkit covers the full software documentation package for 510(k) submissions.
A Predetermined Change Control Plan describes the types of algorithm changes you plan to make post-clearance and how you will validate them without a new submission. FDA's 2024 final guidance makes PCCPs the primary pathway for AI/ML SaMD seeking flexibility to update their algorithms post-market. If you're building ML-enabled SaMD, you likely need one.
IEC 62304 is the international standard for medical device software lifecycle processes. FDA recognizes IEC 62304 and explicitly references it in SaMD submissions guidance. Compliance with IEC 62304 is the most direct way to satisfy FDA software documentation requirements — Document 05 maps the 510(k) checklist to IEC 62304 section by section.
Start with the right structure. Add your device-specific data. Submit with confidence.