Architecture decisions made in the first sprint have consequences for your CE-mark submission years later. I help teams structure their software development so that the compliance evidence their regulatory team needs is produced as a natural output of the process — not retrofitted under pressure before a submission deadline.
What I bring
I am an ISO 13485 internal auditor with experience running full QMS audit cycles at a Fortune-100 medical device company — 3–4 audits per year across ISO 9001, 13485, 14001, and OHSAS 45001. I know what a QMS audit looks like from the inside.
On the software side, I am familiar with IEC 62304 requirements and can structure architecture and development practices around them. This is not a substitute for a dedicated regulatory affairs specialist — I am an architect, not a notified body consultant.
Scope of work
This is typically combined with MedTech System Architecture rather than engaged separately:
- Structuring the system architecture so that development produces the documentation trail a QMS audit or CE-mark review expects
- Flagging architectural decisions that create compliance risk early — before they are expensive to change
- Helping founders without a regulatory background understand what the review process will look for technically
For full regulatory compliance programmes — QMS setup, CE-mark submission management, EU MDR navigation — I work with specialist contacts in that field and can make introductions. Note: my network covers FDA-facing regulatory guidance for US-market startups; EU MDR specialist referrals are a separate conversation.
Virtual Frontier 