1. The Problem Each Module Solves
| Module | Problem solved (one line) |
|---|---|
| QES (Quality Event System) | Quality signals lost in email and chat before reaching CAPA. |
| Document Control | Documents drift in network folders; revisions unsigned; effective dates slip. |
| Approval Engine + e-signature | Email approvals do not satisfy 21 CFR Part 11. |
| Audit Trail | "Who changed this and why" — the most asked auditor question. |
| Project Management | Devices, teams, milestones scattered across tools. |
| User / Role / Permission / Organisation | Multi-tenant SaaS with regulator-grade isolation. |
| Notification + Todo | Regulatory deadlines and approval queues do not announce themselves. |
| Scheduled job framework | Periodic regulatory work running unattended. |
| Technical File (hardware) | MDR Annex II demands a structured TF; SMEs put it in folders. |
| SaMD Technical File | Hardware TF tab structure collapses for Software-as-a-Medical-Device. |
| Master Technical File (MTF) | Static documents around the design matrix (Plans, GSPR, NB certs, DoCs, IFU master) drift. |
| UDI Registry | MDR Art. 27 and FDA UDI Rule require structured UDI; EUDAMED needs it post-28-May-2026. |
| Traceability Matrix | Requirements ↔ Risks ↔ Design ↔ Tests scattered across documents. |
| Risk Management (ISO 14971) | A Risk Management File chained from hazards through controls to verification. |
| Training | ISO 13485 §6.2 demands documented competence evidence. |
| CAPA | ISO 13485 §8.5.2 + FDA 21 CFR 820.100 require structured CAPA. |
| Vigilance | MDR Art. 87–92 + FDA 21 CFR 803/806 impose strict reporting clocks. |
| EUDAMED Compliance | The 28 May 2026 + Q3 2026 EUDAMED deadlines are hard. |
| Management & Audit | ISO 13485 §5.6 management review + §8.2.3 internal audit scattered across spreadsheets. |
| AI Governance | EU AI Act + FDA SaMD + IEC 42001 demand per-AI-system lifecycle evidence. |
| Supplier | MDR Annex II §5 + 21 CFR 820.50 + ISO 13485 §7.4 demand controlled supplier management. |
| Cybersecurity | ISO 27001 + SOC-2 + FDA Sept-2023 cyber + MDR §17 demand structured cyber evidence. |
| Change-Management AI | The regulatory ripple of any change — forgotten ripples = #1 audit-finding cause. |
| Regulatory Health Score | "Can we sell tomorrow?" — one number per device per regulator. |
| Smart Impact Mapper | The AI engine behind Change-Management AI; 11 nodes; HITL by design. |
| AI Findings Inbox + HITL | One queue where every AI proposal is approved by a PIN-signing human. |
1.5 Wrapper’s Architecture, in Plain English
Wrapper is a log-based electronic QMS. Every regulated artefact — a complaint, a corrective action, a training assignment, a risk evaluation, a design output, a supplier qualification, an AI dataset card — is a row in a Log, not a folder of files.
Every row in every Log follows a structured lifecycle: Draft → In Review → Approved / Effective → (optionally) Superseded or Retired. Transitions are guarded by an Approval engine that captures electronic signatures meeting FDA 21 CFR Part 11 (PIN-validated, with a controlled-vocabulary "meaning" — Approve, Acknowledge, Sign-as-Author) and writes them to a tamper-evident, INSERT-only signature ledger. A separate Audit Trail records who did what, when, and why, on every object mutation.
Underneath the regulated logs runs an AI Findings inbox: a polymorphic queue of AI-proposed regulatory actions where a human reviewer must approve each item before it takes effect — the EU AI Act Art. 14 Human-in-the-Loop contract made operational. AI assistants never autonomously close regulated records; they propose, humans dispose.
Cross-cutting, the Change-Management AI watches every change and evaluates a rules table (90+ rules across four families). When a rule fires, it writes structured findings into the AI Findings inbox listing the documents to review, the tests to re-run, the certificates to re-issue, and the regulator obligations triggered. Closure of follow-up tasks rolls back into the Regulatory Health Score — a deterministic 0–100 number per device per regulator.
