Updated May 18, 2022

Do Auditors Read Your Code?

Dr. Oliver Eidel


We’re wondering whether our auditor will read the source code of our software. Does that mean we have to choose a programming language which many people know, like Python?

Short Answer

No, your auditor won’t read your code.

Long Answer

Think about it this way: The probability of your auditor being a software developer is low (yes, I was also surprised to learn this). If they were a software developer, that’s probably a few decades ago and their last programming experience included punch cards and mainframes.

Sarcasm aside, you could approach this problem from another angle: What would be the most efficient way for an auditor to understand what your software does? Probably not by reading your code. Maybe by using the software. But that’s also something which is not typically done. It might also require specific medical experience and/or a specific setting (say, being in an Operating Room).

No, the most efficient way (so far?) is to read through your documentation, specifically your software requirements. Ideally, those should provide even an uninitiated reader with an overview of the behavior of your software. In addition, you need to document your software architecture and tests, your auditor is also going to look at those.

Congratulations! You read this far.

Get notified when we post something new.

Sign up for our free newsletter.

I work as a regulatory consultant for Healthcare software startups. I try to publish all my knowledge here so that startups can certify their medical devices themselves in the future.

If you're still lost and have further questions, just send me an email and I'll be happy to answer them for free. More about me

No Cookie For You Privacy Policy Imprint
No QMS on this planet will save you from creating crappy software.