Design Review Checklist
Summary
The Design Review Checklist verifies that your medical device design is complete and ready for transition to verification and validation. This systematic review ensures all design inputs are properly implemented, user needs are addressed, and risk controls are incorporated before proceeding to testing phases.
Why is Design Review Checklist important?
Design review serves as a critical quality gate between design and verification phases. Regulators require evidence that your design process was systematic and complete before you begin testing. This checkpoint prevents costly rework by identifying missing requirements, incomplete designs, or inadequate risk controls early. The checklist provides objective criteria to demonstrate that your design outputs meet all inputs and are ready for validation, ensuring regulatory compliance and reducing development risks.
Regulatory Context
Under 21 CFR Part 820.30 (Design Controls):
- Design review is mandatory before verification activities (Section 820.30(e))
- Must verify design outputs meet design inputs and user needs
- Review must be conducted by qualified individuals not directly responsible for the design
- Documented evidence of review completion is required
- Design controls apply to all Class II and III devices and most Class I devices
Special attention required for:
- Software medical devices (FDA Guidance on Software as Medical Device)
- Design input validation against user needs and intended use
- Risk management integration per ISO 14971
- Traceability between user needs, design inputs, and design outputs
Under 21 CFR Part 820.30 (Design Controls):
- Design review is mandatory before verification activities (Section 820.30(e))
- Must verify design outputs meet design inputs and user needs
- Review must be conducted by qualified individuals not directly responsible for the design
- Documented evidence of review completion is required
- Design controls apply to all Class II and III devices and most Class I devices
Special attention required for:
- Software medical devices (FDA Guidance on Software as Medical Device)
- Design input validation against user needs and intended use
- Risk management integration per ISO 14971
- Traceability between user needs, design inputs, and design outputs
Under EU MDR 2017/745:
- Design review required under EN ISO 13485:2016 Section 7.3.4
- Must demonstrate compliance with General Safety and Performance Requirements (Annex I)
- Review outcomes must support technical documentation requirements (Annex II)
- EN ISO 14971:2019 risk management integration mandatory
Special attention required for:
- Article 10(9) quality management system requirements
- Annex I GSPR compliance verification through design
- Clinical evaluation planning integration (Article 61)
- Software lifecycle processes per IEC 62304 (if applicable)
Guide
Your design review checklist systematically evaluates three critical areas to ensure regulatory compliance and design completeness.
General Design Review
The primary checklist verifies fundamental design control requirements. Each user need must have traceable identifiers linking to design inputs and outputs. Your user needs should address all stakeholder requirements including patients, healthcare providers, and regulatory bodies. Verify that user needs consider intended use comprehensively, covering normal operation, reasonably foreseeable misuse, and environmental conditions.
Design inputs must align precisely with user needs while incorporating applicable standards and regulatory requirements. Your product design should demonstrate manufacturability through detailed specifications, assembly instructions, and process controls. Most critically, verify that risk control measures identified in your risk management process are properly integrated into the design rather than relying solely on protective measures or information for safety.
Software Architecture Review
For software medical devices, conduct additional verification focusing on requirements implementation and safety classification. Ensure your software architecture implements all system and software requirements with clear traceability. Each software system must have determined safety classification following IEC 62304 standards.
Document all software items and interfaces comprehensively, including data flows, communication protocols, and integration points. Verify that interfaces between software items and with hardware are properly specified and supported. For Software of Unknown Provenance (SOUP), ensure your architecture supports proper operation and integration with documented version control and risk assessments.
Confirm that your software architecture is implementable with available resources, considering development team capabilities, timeline constraints, and technical infrastructure requirements.
Physical Product Review
Hardware components require verification of design schematics completeness ensuring all electrical, mechanical, and assembly drawings meet specified requirements. Material selection must demonstrate biocompatibility through appropriate testing per ISO 10993 series and durability validation for intended use duration.
Your design must address comprehensive safety factors including electromagnetic compatibility (EMC), electrical safety, mechanical integrity, and environmental resilience. Even software-only devices often require EMC consideration for deployment hardware.
Packaging and shelf-life design must comply with sterility requirements (if applicable), environmental protection needs, and labeling regulations while supporting the intended product lifecycle.
Example
Scenario
You are reviewing the design of a mobile ECG monitoring app with a connected hardware sensor before proceeding to verification testing. Your team has completed user needs analysis, system requirements, software architecture, and hardware design. The design review ensures all components are ready for validation.
Example Design Review Checklist
ID: DRC-001-ECG-Monitor
Purpose: This checklist verifies that the ECG monitoring system design is confirmed and design inputs were properly generated based on user needs.
Scope: This checklist applies to the Mobile ECG Monitor System including mobile application and sensor hardware.
Design Review Checklist
| Checklist Items | Yes/No | Justification if No |
|---|---|---|
| Each user need has an identifiable number for traceability. | Yes | User needs UN-001 through UN-015 all assigned unique identifiers |
| The user needs address all relevant stakeholder requirements. | Yes | Requirements from cardiologists, patients, and IT administrators captured |
| The user needs take into consideration all relevant aspects of intended use. | Yes | Includes home monitoring, clinical review, and emergency detection scenarios |
| The user needs include all necessary organizational, technical, or other requirements. | Yes | HIPAA compliance, FDA cybersecurity, and clinical workflow requirements included |
| The user needs are not ambiguous, self-contradicting or conflicting with each other. | Yes | Requirements review identified and resolved three conflicts in version 2.0 |
| Design inputs align with user needs, intended use, and regulatory requirements. | Yes | Traceability matrix demonstrates complete alignment with 21 CFR 820.30 |
| Product design can be manufactured, assembled, and tested. | Yes | Manufacturing partner confirmed feasibility and provided cost estimates |
| Risk control measures have been incorporated into the design, if applicable. | Yes | Implemented encryption, signal validation algorithms, and fail-safe mechanisms |
Software Products
| Criteria | Yes/No | Comments |
|---|---|---|
| The software architecture implements all system and software requirements. | Yes | Architecture review confirmed coverage of SRS-001 through SRS-087 |
| All software systems are listed and their respective safety class has been determined. | Yes | Mobile app: Class B, Cloud backend: Class A, Sensor firmware: Class B |
| All software items are listed and described, including interfaces. | Yes | 12 software items documented with API specifications and data schemas |
| The software architecture supports interfaces between software items and between software items and hardware. | Yes | Bluetooth LE, HTTPS REST APIs, and USB interfaces fully specified |
| The architecture supports proper operation of any SOUP items, as needed. | Yes | React Native, AWS services, and encryption libraries properly integrated |
| The software architecture can be implemented with resources provided by the manufacturer. | Yes | Development team skills assessed, AWS infrastructure capacity confirmed |
Physical Products
| Checklist Items | Yes/No | Justification if No |
|---|---|---|
| Design and assembly schematics of the product are complete and meet requirements. | Yes | Electrical schematics, PCB layout, and enclosure drawings approved by engineering |
| Material selection meets biocompatibility and durability needs. | Yes | Medical-grade silicone tested per ISO 10993-5, ABS plastic for 5-year lifecycle |
| Physical, environmental, performance, and safety factors have been considered in the design. | Yes | IP65 rating for water resistance, drop testing specifications, EMC compliance plan |
| Design follows Electromagnetic Compatibility (EMC), safety, and environmental compliance, if applicable. | Yes | Pre-compliance testing completed, formal EMC testing scheduled before release |
| Design of packaging and shelf-life is compliant with product and regulatory requirements. | Yes | 24-month shelf life validated, packaging includes all required labeling elements |