Risk management of medical IT networks: an ISO/IEC 15504 compliant approach to assessment against IEC 80001-1

Authors:
Silvana Togneri MacMahon;Fergal McCaffery;Frank Keenan
Affiliations:
Dundalk Institute of Technology, Ireland;Dundalk Institute of Technology, Ireland;Dundalk Institute of Technology, Ireland
Venue:
Proceedings of the 2013 International Conference on Software and System Process
Year:
2013

Citing 1
Cited 0

Benefits Resulting from the Combined Use of ISO/IEC 15504 with the Information Technology Infrastructure Library (ITIL)

PROFES '02 Proceedings of the 4th International Conference on Product Focused Software Process Improvement

Quantified Score

Hi-index	0.00

Visualization

Abstract

The incorporation of a medical device into an IT network can introduce risks that may not have been addressed during the design and manufacture of the device. IEC 80001-1 is a lifecycle risk management standard which was developed to address these risks. This paper presents research which has been performed to date which has led to the development of a Process Reference Model (PRM) and Process Assessment Model (PAM) which can be used by Healthcare Delivery Organisations to assess themselves against IEC 80001-1. This paper also presents future work in this area which includes the development of an assessment method for IEC 80001-1 and the validation of the PRM, PAM and assessment method.