Navigating FDA Cybersecurity Requirements for Medical Devices – A Case Study
This case study describes the experience of a multinational medical device manufacturer meeting the FDA cybersecurity requirements. The company is operating in the MedTech sector developing a class 2/IIb device consisting of hardware and software. The company spent about 2 years working on the security risk management of the device. In addition, they also embarked […]
Information Security (ISO 27001) Risk Management Best Practices for 2025
Keeping your data safe is vital for every business. One way to do this is by following ISO 27001. But how can we manage these information security risks with a tool like Jira? Let’s dive in! What is Information Security Risk Management Information Security Risk Management is all about identifying, assessing, and managing risks to […]
Integrate Risk Management in Software Development Lifecycle – Guide for 2024
Integrating risk management into the Software Development Lifecycle (SDLC) of a product is crucial to its success. It enhances the safety, security and reliability of your software product. When you identify, assess, and mitigate risks early, you can avoid bigger problems down the line. Think of it as a systematic approach. You start by identifying […]
Hazard Analysis In Jira (Quick Guide)
If your team is working in Jira and you need to conduct hazard analysis, you can do so using the SoftComply Risk Manager Plus app. Hazard analysis is crucial in safety-critical product development, especially for medical devices. If you prefer to watch the video instead of reading, you can do so here. Key Takeaways: Understanding […]
How to use CVSS in Jira
What is CVSS and when to use it? The Common Vulnerability Scoring System (CVSS) is a standardized framework for rating the severity of security vulnerabilities. The CVSS was developed and is maintained by the Forum of Incident Response and Security Teams (FIRST). FIRST is an international consortium that aims to foster cooperation and coordination in […]
Don’t Keep a Risk Register in Excel (Use Jira)
If you’re considering using Excel for your risk register, this video explains why that might not be the best choice. Instead, we introduce a more effective alternative using Jira and dedicated risk management plugins. If you prefer watching over reading, check out the full video. Key Takeaways: What is a Risk Register The document where […]
Jira Risk Management Workflow Tutorial
In this article, we will look at the 4 steps needed to build a Risk Register in Jira. For those of you fluent in Jira, this tutorial will be focusing on risk lifecycle management not the native Jira issue workflows. What is a Risk Register and why create it in Jira? The document where an […]
3 Best Jira Risk Register Plugins for 2025
What is a Risk Register and Where to Build It? Risk Management is an essential governance practice for enterprise, product, portfolio, information security and project management. Proactive risk management ensures that the most significant risks that could impact the organization’s objectives are effectively mitigated. The document where an organization or a risk manager records all identified […]
Risk Manager: Roles & Responsibilities, Techniques & Trends
A risk manager continuously identifies, assesses, and mitigates potential risks that could impact an organization’s objectives. They develop strategies to minimize threats, ensure compliance with regulations, and protect company’s financial stability and reputation. Very often there is no one person called Risk Manager in an organisation. Risk management responsibilities are most typically shared between project […]
NIS2 and DORA Compliance and Protecting your Atlassian Cloud Data
This is a guest-article from Atlassian Marketplace Partner, Revyz In late 2022, the European Parliament introduced the Network and Information Systems Directive (NIS2) and the Digital Operational Resilience Act (DORA) to enhance cybersecurity across the EU. NIS2 requires compliance by EU member states by October 18th, 2024, focusing on robust security measures for digital service […]
