Subscribe to the SoftComply Blog
Stay connected with SoftComply and receive new blog posts in your inbox.
Marion Lepmets
If you’re developing a medical device, you must prove that it is safe and effective. That proof lives in your documents: your procedures, design records, risk assessments, and test reports. Managing those documents properly is called “document control”. At first, this might sound like an administrative detail — a few...
Marion Lepmets
Picture this: You have just finished writing your requirements specification and saved it as “Requirements_final.doc” Then come the edits, code reviews, and compliance feedback. Suddenly you’re looking at three files: “Requirements_final_v2.doc”, “Requirements_final_really_final.doc”, and “Requirements_fixed_final.doc”. Which one’s actually the final one? You send one to the team, but they build from...
Marion Lepmets
During Atlassian Team25 Europe, the Compliance Alliance hosted the 4th Compliance Workshop in Barcelona. Despite a wild thunderstorm, nearly 30 compliance enthusiasts braved the rain to join the workshop – a session packed with insights on AI in regulated industries, Atlassian Isolated Cloud, Cybersecurity of Marketplace Cloud apps, and selling...
Marion Lepmets
Every company depends on others to survive. From your cloud provider to your payroll processor, your business is connected to a web of vendors. But here’s the reality: over 60% of data breaches originate from third-party vendors. This is why managing your vendor security risks has become more important than...
Marion Lepmets
Most companies have informal risk discussions in meetings. You know the type – “What happens if our lead developer leaves?” or “What if this big deal doesn’t close?”. These conversations usually end without any real action plan and you find yourself talking about the same risks over and over again....
Marion Lepmets
Project managers know that uncertainty is the enemy of successful delivery. You’ve got potential risks lurking around every corner, assumptions that might prove wrong, current issues demanding attention and dependencies that could slip at any moment. This is where RAID comes in (and no, I’m not talking about the data...