Do Auditors Read Your Code?

Dr. Oliver Eidel
Updated May 8, 2024
1
answer
0 comments

Question

We’re wondering whether our auditor will read the source code of our software. Does that mean we have to choose a programming language which many people know, like Python?

Short Answer

No, your auditor won’t read your code.

Long Answer

Think about it this way: The probability of your auditor being a software developer is low (yes, I was also surprised to learn this). If they were a software developer, that’s probably a few decades ago and their last programming experience included punch cards and mainframes.

Sarcasm aside, you could approach this problem from another angle: What would be the most efficient way for an auditor to understand what your software does? Probably not by reading your code. Maybe by using the software. But that’s also something which is not typically done. It might also require specific medical experience and/or a specific setting (say, being in an Operating Room).

No, the most efficient way (so far?) is to read through your documentation, specifically your software requirements. Ideally, those should provide even an uninitiated reader with an overview of the behavior of your software. In addition, you need to document your software architecture and tests, your auditor is also going to look at those.

On a slighty different note: You want to get your medical software certified under MDR but don’t know where to start? No worries! That’s why we built the Wizard. It’s a self-guided video course which helps you create your documentation yourself. No prior knowledge required. You should check it out.

Or, if you’re looking for the most awesome (in our opinion) eQMS software to manage your documentation, look no further. We’ve built Formwork, and it even has a free version!

If you’re looking for human help, did you know that we also provide consulting? We’re a small company, so we can’t take on everyone – but maybe we have time for your project? We guide startups from start to finish in their medical device compliance.

Comments

Leave the first comment