Compliance and Governance


Orcanos Compliance Engine provides a “Virtual Auditor” that scan the compliance of project data in respect for specific industry regulation, and quality best practice, such as compliance with ISO 14971, IEC 62304 and ISO 13485 and more.

Orcanos Compliance Engine is a flexible tool that allows defining any regulation in the tool or in a simple Excel or Google Sheet, defining the standard, section, classification in case of medical device (CLASS I, II, III), Remediation, and many other parameters, and then import these regulations into Orcanos ALM and QMS platform and connect it to electronic records.

Orcanos QMS Compliance Engine then scans project data based on the specific regulations, and specific logic attached to it and shows the faults in an executive summary. Together with Orcanos dashboard and notification mechanism, you would have better control and monitoring.


The compliance engine is actually a set of electronic records named Compliance Audit (Code=CCA), that are managed in the ALM Templates project (and only there).

The Compliance engine is activated from the main menu

In order to enable Compliance and Governance option

Go to Admin->Data Sharing and Settings->Modules

Check the Compliance and Governance option to the relevant groups (default=”All”)


The mechanism of the compliance engine is quite simple. You need to define Compliance Audit work items (We will refer to them as CCA)

Then you need to build a filter (or several filters) to be applied ONLY to ALM Templates project

To set up compliance Audit work item:

  • Enter ALM Templates project
  • Open Work Items in the main menu
  • Select the Compliance Audit work item on the left side
  • Click the PLUS button to add Compliance Audit item

Lets review CCA properties

Note: You can add as many custom fields as you like to format the CCA to your needs

  • Key – unique identifier, system generated
  • Name – the short description of the Compliance audit check. Could be a paragraph of a standard, or anything you like
  • Compliance Remediation – What is required to resolve this CCA, in case it failed (text)
  • Compliance Class – in case it related to Medical Device, you can select the Safety Class (I, II, III)
  • Compliance Standard – list of standards (Such as IEC 62304, ISO 13485, ISO 14971…)
  • Work Item – If this CCA is required to check a specific work item – select the relevant work item from this list
  • Compliance Enumerator – internal numbering
  • Compliance Logic – this is the heart of the engine. Here you select the Logic to apply when running the Compliance engine check. This list is constantly updated. The available values are as follows:
    • SP_COMPLIANCE_DEFECT_STATUS_CHECK – Check how many statuses of the Defect item are Active (Fail) or Complete (Pass)
    • SP_COMPLIANCE_FAIL_TEST_CHECK – Check how many test cases in the selected project are Pass (Pass) or Fail (Fail)
    • SP_COMPLIANCE_STATUS_CHECK – Check how many statuses of the selected work item are Active (Fail) or Complete (Pass)
    • SP_COMPLIANCE_TEST_TRACE – Select how many records of the selected work item have test traceability (Pass) and how many miss traceability (Fail)
    • SP_COMPLIANCE_TRACE_APPROVED_CHECK – Select how many records of the selected work item have traceability to COMPLETED STATUS work items (Pass) and how many are not (Fail)
    • SP_COMPLIANCE_TRACE_CHECK – Select how many records of the selected work item have traceability (Pass) and how many are not (Fail)
    • SP_COMPLIANCE_TRACE_PASS_TEST_CHECK – Select how many records of the selected work item have test traceability with status Pass (Pass) and how many are not (Fail)
    • SP_COMPLIANCE_UNACCEPTED_RISK – Select how many risks are in the acceptable zone after mitigation (Pass) and how many are not (Fail)
    • SP_COMPLIANCE_FILTER_BASE – this is the most powerful mechanism to build a compliance rule. You can actually set  rule based on a filter. There are 2 files that you can use:
      • Compliance Audit total – show the total items audited (for example – All software requirements)
      • Compliance Audit Inconsistency – shows the total items failed in a specific rule (for example – all software requirements without test cases

Note: For traceability auditing, you need to link item in the audited project to the CCA in order for this audit to Pass

  • Status – Status of the CCA
  • Compliance Module – Module classification, such as CAPA, Requirements Management, Test Management, Risk Control and more
  • Compliance Regulatory Authority – Such as CE, FDA
  • Compliance Criticality – This is a system field to be used to indicate how critical this CCA is (High Medium Low)
  • Compliance Type
    • Standard checklist – from the actual standard
    • Best practice – not necessarily section in standard, but satisfies a specific requirement in the standard. For example, checking if defect statuses are completed is not a requirement in the standard of IEC 62304 but it is a best practice in Orcanos system to make sure all defects are verified
  • Compliance Section – the section in the standard (Text)


Now you can create as many filters as you like for auditing safety, design, all, quality, etc.

These filters will group list of CCA items that will be used in the audit

The fields you select in the filter will be shown on the audit report that is executed

For more information about filters – click here

Note: You must include Priority and Remediation in the filter


To run the compliance engine:

  • Select Compliance and Governance in the main menu
  • On the left side, click Run Assessment

  • Select the Project you wish to check
  • Select the Compliance View you wish to apply

  • Click Run Button

You will get the results as follows:

Each audit (CCA) can be expanded with the Expand button on the right

  • Green/Red Pass/Fail – The indication Pass or Fail depends on the result. If a group of e-records was audited, and one was failed, the check will be marked as failed
  • Name of CCA
  • Number of items audited
  • Number of items failed in the audit
  • List of the fields selected in the filter (values only)
  • Description – CCA description
  • Remediation – CCA remediation
  • Related items – if there are relations to the CCA – you will see them here
  • Criticality (High Medium Low) is shown on the right side of each CCA


Compliance Custom Fields

Leave A Comment?

You must be logged in to post a comment.