---
title: Medical Device Framework Pack
description: An installable framework pack that adds FDA 21 CFR Part 11, Part 820/QMSR, and ISO 13485 to Compliance Yoke — with a control crosswalk and an AI-assisted mapping drafter grounded in your own control library.
---

# Medical Device Framework Pack

The Medical Device Framework Pack extends Compliance Yoke with the frameworks a
device manufacturer lives under — **FDA 21 CFR Part 11** (electronic records and
signatures), **FDA 21 CFR Part 820 / QMSR** (device quality system), and **ISO
13485** — and crosswalks them to each other and to your existing SOC 2 controls.

It installs as data: frameworks, criteria, a shared control library, and the
mappings between them. Nothing about the compliance engine changes — your
readiness scores, evidence, and audit exports all work over the new frameworks
the same way they work over SOC 2.

## What "aligned" means here

FastYoke helps you **organize and evidence** control coverage against these
frameworks. It does not certify, validate, or attest that your system is
compliant — those are determinations you and your auditor make. The pack gives
you the structure (criteria, controls, mappings, readiness roll-ups) to run that
work; the judgment stays with your quality and regulatory teams.

## Installing the pack

From the Compliance workspace, open **Framework Packs** and install the Medical
Device pack. Installation:

- seeds the three frameworks and their criteria,
- seeds a shared **control library** (audit trail, electronic signatures, access
  control, design controls, CAPA, complaint handling, document control, training,
  management review, and validation),
- seeds the **crosswalk** — both the control-to-criteria mappings and the
  criterion-to-criterion equivalences, and
- opens a **Framework Crosswalk** page so you can browse every mapping.

Uninstalling reverses all of it cleanly. Install and uninstall are scoped to your
workspace and are safe to re-run.

## The crosswalk

The pack ships two complementary views of how the frameworks relate:

- **Evidence reuse** — one control mapped to criteria across several frameworks,
  so a single piece of evidence (an audit-trail configuration, a signed record)
  answers Part 11, ISO 13485, and SOC 2 at once. You maintain the control once;
  it counts everywhere it is mapped.
- **Requirement equivalence** — a direct criterion-to-criterion table (for
  example, Part 820 corrective-and-preventive-action lines up with ISO 13485
  corrective action), with a short rationale on each row so a reviewer can see
  *why* two requirements are treated as equivalent.

## AI-assisted crosswalk

Mapping a control library onto a new framework by hand is slow. The pack includes
an **AI crosswalk drafter** that proposes control-to-criterion mappings for a
given criterion.

It is deliberately conservative:

- **Grounded in your data.** Suggestions are retrieved from *your* control
  library using an on-device semantic search — the model only sees controls you
  actually have. If nothing relevant is found, it returns an
  insufficient-evidence result **without** calling a language model at all.
- **Draft-only.** Every suggestion is a draft. Nothing is written to your
  compliance records until a reviewer with the right permission accepts it.
- **Cited.** Each draft names the control ids it drew on, so a reviewer can check
  the reasoning before accepting.

Accepted mappings are stored as normal crosswalk records, tagged as
AI-originated and marked accepted, so your audit trail shows exactly which
mappings a human reviewed and approved.

Enabling the AI drafter requires turning on compliance AI for your workspace and
configuring a language-model provider in Settings.
