How I came to hate Excel & decided to develop an automated Risk Management tool for JIRA

January 9, 2017

Part I

By Matteo Gubellini, VP of Regulatory Affairs of SoftComply*

“Ok, let’s follow a few of these risk mitigation actions down to outputs and verification activities” says the auditor.

Typical question. Actually there couldn’t be a more typical audit question. Traceability.

We have been here dozens of times. And every time it’s the same feeling.

You just hope that the auditor will not pick an action that has accidentally slipped through the cracks.

No matter how bulletproof your quality system is, how many times you and your team have reviewed the risk documents and traceability matrices. You are always worried that there could be one of them that was missed by everyone.

Someone forgot to transfer it to the requirements, or forgot to trace it, or mixed it with something that sounded almost the same.

Because every project is the same; at the end of it, the final push, all hands on deck, everybody is rushing. Hundreds of requirements, risk mitigation actions, verification protocols, deviations, reports to write, approvers that are offsite or nowhere to be found.

Did we forget something…?

And sometimes it happens – “Oh, it seems we can’t find this one…”

Panic in the backroom

While I try to bring the attention of the auditor to another topic, I know a few meters away my colleagues are scrambling through the endless Excel files, trying to find that bloody risk mitigation action.

The auditor is getting impatient. It’s the last day, they are already behind schedule, they don’t need another delay.

Even if it was there, even when you print those gigantic excel files on A3, or on a plotter, you just can’t read them. They are just too big. And the page layout function of excel is not the best.

But to be completely fair to Mr. Gates, this is not what Excel was designed to do. It’s great when you can use a combo of Lookup, Match and so on to automatically populate the Risk column, but this is not its main purpose.

Excel is a Spreadsheet.

Spreadsheets are used to manipulate data. Not to manage risk and traceability.

“So this action..?” the auditor asks again.

“It’s here, it’s just a very large document, it may take a while to find it” and I smile (only on the outside).

The door behinds me opens and I hope the answer is coming. A colleague whispers in my ear: “6th page, 13th row”

Yes it’s there. I knew it! I smile again (this time on the inside too).

I point it to the auditor and we follow it through the end, without any damage. Well done team!

“Great, let’s pick another one…” the auditor continues.

Deep breaths. Deep breaths.

In the next week’s blog, I will tell you more about the Risk Management tool we developed for JIRA.

Also coming soon – articles about design control, guidance documents for software in or as a medical device, international standards and risk assessment for software based medical devices…

* SoftComply is a developer of Cloud and Server based tools that help companies manage their software risks and implement their quality systems based on the medical device software regulations www.softcomply.com

Read more about SoftComply Risk Manager

Table of Contents

Ready to get started?

Contact us to book a demo and learn how SoftComply can cover all your needs

Risk Management Software Buyers Guide
Picture of Marion Lepmets

Marion Lepmets

CEO
April 24, 2025

INTRODUCTION If you are a risk management professional or business owner, you understand that organizations today face a complex risk landscape driven by technological advancements, evolving regulatory frameworks, and globalization. Developments in AI, cloud computing, and IoT have introduced significant risks, with cybercriminals using these same tools to launch more...

Compliance Lunch Workshop Marion
Picture of Marion Lepmets

Marion Lepmets

CEO
April 20, 2025

Compliance is (finally) on everyone’s radar now that Atlassian is targeting business teams and business users in specific verticals and everyone is talking about solutions rather than apps. This is also why SoftComply hosted the 3rd edition of the Compliance Workshop on April 10, 2025 during Atlassian Team event. The...

Ultimate Guide to ISO 14971 Risk Management
Picture of Marion Lepmets

Marion Lepmets

CEO
April 16, 2025

Who Is This Guide For? At SoftComply, we understand the importance of proper risk management. From costly design changes to product recalls and bad press, not accounting for risks is in fact the single biggest gamble that companies are taking today. If you are a medical device manufacturer, marketer, designer,...