[Aaron]

UPDATE: I’ve met a couple of times recently with Alex Strombergsson from Veeva to discuss the QuickVault eQMS and was pleased with what I saw. This is not the same as the Vault eQMS. QuickVault is a new streamlined, pre-configured version which is designed for small to medium-sized medical device companies, who need something that can be up and running quickly. Veeva offers a flexible licensing structure for QuickVault for companies on a tight budget. I recommend that anyone shopping for an eQMS include QuickVault on their short list.

[Aaron]

Cullom, I’ve been using Ketryx for the past 6 months with a SaMD startup. Ketryx is architected differently from other SW tools I’ve used since it’s intended to work as a layer over other tools such as Jira. So it might not be a good fit for everyone but it’s working well for this startup. Ketryx is designed for fast-moving SW teams and the AI-enabled features they’ve incorporated are time savers (such as automatically creating draft test cases from SW requirements) and the features are evolving rapidly.

In a broader sense, I recommend that companies looking to buy any eQMS (or ALM system) should expect AI-enabled features incorporated into the tool. Properly implemented, AI technology can have a big impact on everyday compliance work.

-Aaron

[Aaron]

Alex,

Thank you for the detailed reply. Those are very good points that you bring up and I agree that companies don’t always think carefully enough about their real needs from an eQMS or other enterprise software. In my consulting work I focus on risk management and design controls and don’t set up quality systems. However, I work with many startups and am often asked for a recommendation for an eQMS, especially for ones that are suitable to small companies on a tight budget.

More frequently, I help clients implement requirements management tools, test management tools, and issue tracking tools which used to be referred to as “ALM systems” but now I find they’re sometimes called eQMS, which is confusing. As you point out, a good comparison table should show how very different some of these software packages are. For example, Jira is an issue tracking tool that over the past 15 years has acquired many more features but it’s still best suited for tracking tasks and issues in tickets. It would be a stretch to call it an eQMS but I believe it was included in the comparison table because SW teams who are new to medical devices may think they can do everything with Jira (or GitHub or G-suite).

So I think a new version of the comparison table I shared, that actually compares key eQMS features of various SW tools (not just pricing, licensing, hosting) would be very valuable in this forum.

Any volunteers?

-Aaron

[Aaron]

Holly, I don’t personally have any experience with Veeva software tools but I think this forum would be a great place to collect that kind of information (somebody out there must know).

For anyone trying to make an informed, rational decision about purchasing an eQMS system, it’s very hard to get clear information. Insights from everyone’s personal experiences would be a way to cut through that ‘fog’ about the differences between various software options.

[Aaron]

Joe,

Expanding on what Niki wrote, this is an important topic that seems to lead to a lot of confusion and flawed methodology. The P1, P2 probabilities are part of the ISO 14971 risk model but that doesn’t mean they should be explicit columns in a risk table. My recommendation is to make sure that everyone involved in risk assessments understands the P(harm) = P1 x P2 model but that only P(harm) is listed in the risk docs.

I’ve worked on many Risk Management Files under different quality systems over the past 20 years and I’ve seen a lot of mistakes in how P1 and P2 are combined. Simply taking the minimum of P1 and P2 as the P(harm) value is not going to be accurate in all cases. Theoretically it should be a multiplication of the P1 and P2 probability values. Unfortunately, this is not practical because most companies use rankings (e.g., 1 – 5) instead of actual probability values and you can’t multiply the rankings. Some companies use a complex lookup table to derive P(harm) from P1 and P2 rankings but those have to be very carefully designed to not distort the combined probabilities across all ranges. That’s why I think it’s more robust to list only the overall P(harm) in the released risk documents.

There’s a related question here, too, about whether FMEAs should even include Probability of Harm or should be limited to only Probability of Failure but that’s a topic for another thread.

-Aaron