Understanding ANSI/AAMI SW96:2023 – Security Risk Management Guidance

Upcoming Virtual Courses

Overview

The creation and integration of security risk management processes into an existing medical device manufacturer’s quality management system is a difficult task.  This training will provide the framework for the required engineers and managers across differing domains to plan and execute this update.  The US FDA recognized publications, AAMI SW96, TIR57, and TIR97, will be used to demonstrate the uniqueness of security risk management and its key aspects in the premarket and post market phases. A mixture of lectures and practical exercises will be used.


Objectives

Starting with the core processes and terms of a security risk management program, the students will learn why security risk management is best performed parallel to traditional ISO 14971 risk management processes focused on patient safety.  Key topics such as risk scoring, vulnerability processing, use of software bills of material, post market monitoring, end of support planning, and customer communications will be addressed.

Intertwined with the lecture content, students will have the opportunity during breakout sessions to explore the practical use of the material provided to them.  Upon completing the course, the students will have a strong foundation in security risk management and be ready to integrate processes into their quality system.

What to expect

Over the course of (6) hours, the attendee will:

  • Understand security risk management terms, processes, and activities.
  • Understand the differences and similarities between security and safety risk management.
  • Understand how to integrate security risk management into an existing risk management quality system.

Who Should Attend?

Software, systems, security, and risk management engineers and managers, or others involved in the integration and use of a medical device manufacturer security risk management program.


Virtual Training Information

Our virtual training environment allows you to have direct interaction with your instructors and your fellow attendees. AAMI uses Zoom for virtual classes. You can test your connectivity and ability to use Zoom at zoom.us/test.
For virtual training courses, we request that you register at least one week in advance of the course start date to allow sufficient time for shipping of training materials and devices (Please allow two weeks for non-U.S. addresses). If you register within these time frames, AAMI cannot guarantee you will receive material prior to the start of the course but you will have access to digital versions of the materials. If you have any questions, please email education@aami.org.

Faculty

David Nelson

David has a background in Software Engineering and has 26+ years of experience developing and validating Medical Devices. He currently is an Associate Software Director for Boston Scientific Neuromodulation.  His responsibilities include managing all aspects of software development and validation including security risk.  In addition, David is a faculty member at AAMI and has been developing and instructing courses for more than 12 years.

Michael Seeberger

Boston Scientific – Global Product

Cybersecurity Group|Product Cybersecurity Manager