Updated for FDA CSA Feb 2026 & QMSR Transition

Pass your next regulatory
audit with confidence

Clause-level gap assessments and audit-ready templates built by a certified regulatory professional with 14+ years of hands-on audit experience. Covering FDA, ICH, EU MDR, ISO 13485, and 40+ frameworks globally.

Get the Gap Assessment Toolkit Book a Consultation
535
Assessable Criteria
40+
Regulatory Frameworks
6
Compliance Domains
Feb 2026
Citations Verified
0 Major Findings
Across 60+ regulatory audits
14+ Years
In regulatory affairs & quality assurance
Cross-Sector
Medical devices, pharma, SaMD & clinical trials
RAC · CMQ/OE · CPHQ · Lead Auditor · LSSBB · AiE
Certified regulatory & quality professional
Regulatory Intelligence

Current as of February 2026

Every citation verified. Every framework tracked. Our templates and assessments reflect the latest regulatory landscape.
Effective Feb 3, 2026

FDA Computer Software Assurance

Level 2 revision of the CSA final guidance. Title updated to "Quality Management System Software" aligning with the QMSR/ISO 13485 harmonization. Risk-based approach: intended use, process risk assessment, proportionate assurance activities, objective evidence. Supports unscripted testing and digital evidence over paper documentation.

FDA CSA Final Guidance (Feb 2026) · Supersedes Sept 2025 version · Replaces GPSV Section 6
Effective Feb 2, 2026

QMSR / 21 CFR Part 820 Transition

The QMSR final rule withdrew the majority of Part 820 requirements and incorporated ISO 13485:2016 by reference. All quality management system documentation should now reference ISO 13485:2016 as incorporated by 21 CFR Part 820. 21 CFR Part 11 remains independently applicable and is not affected by this change.

21 CFR Part 820 (QMSR) · ISO 13485:2016 incorporated by reference · Part 11 unchanged
Step 4 Final Guideline

ICH E6(R3) Good Clinical Practice

Finalized January 6, 2025 and published January 14, 2025. This is the definitive GCP guideline, not a draft. Step 5 regional implementation timelines vary by jurisdiction; EU implementation expected under the Clinical Trials Regulation (EU CTR 536/2014). Organizations should verify their regulatory authority's implementation date.

ICH E6(R3) Step 4 · Adopted Jan 6, 2025 · Published Jan 14, 2025
Warning Letter Analysis

What FDA is actually citing in 2024-2026

We analyzed 3,303 FDA warning letters from 2021 through February 2026 to identify where enforcement is focused and what your organization should prioritize.
3,303
Warning letters analyzed (2021-2026)
2x
QSR device letters rose from 14 to 28, 2022 to 2023
76%
of QSR device letters cite "Adulterated" as sole classification
2x
IDE letters doubled from 9 (2022) to 18 (2023)

Top finding categories in QSR & BIMO letters

Design Controls (820.30)
#1
CAPA Deficiencies (820.100)
#2
Complaint Handling (820.198)
#3
Change Control / Unauthorized Changes
#4
Data Integrity / Source Documentation
#5
View the full analysis: 9 interactive charts, 7 case studies, quarterly trend data
Capabilities

Six pillars of compliance intelligence

From initial gap assessment through audit preparation, every service maps to specific regulatory requirements and delivers actionable outcomes.

AI Compliance Analysis

Upload your documentation and receive instant gap analysis against any supported regulatory framework. Identifies non-conformities, maps requirements to evidence, and prioritizes findings by risk.

21 CFR Part 11 · ISO 13485 · EU MDR

Third-Party Software (TPS) / COTS Fit-for-Use Assessment

GAMP 5 2nd Edition categorization with FDA CSA (Feb 2026) risk-based evaluation framework. Vendor assessment, intended use documentation, and process risk determination for commercial off-the-shelf (COTS) and configured products.

GAMP 5 · FDA CSA · Vendor Qualification

Gap Assessment & Remediation

Automated gap identification with risk-rated findings and prioritized remediation plans. Each gap maps to specific regulatory clauses with recommended corrective actions, responsible parties, and target timelines.

Risk-rated · Clause-level · Actionable

Regulatory Intelligence

Automated monitoring of FDA, ICH, EMA, MHRA, ISO, and IEC updates. Receive notifications when guidance changes affect your compliance posture, with impact assessments and recommended actions.

FDA · ICH · EMA · MHRA · ISO · IEC

SaMD & Clinical Trial Support

IMDRF classification, IEC 62304 software lifecycle, IEC 62366-1 usability engineering, and ISO 14155 clinical investigation planning. End-to-end support from software classification through clinical evidence generation.

IMDRF · IEC 62304 · IEC 62366-1 · ISO 14155

Data Integrity & Security

ALCOA+ assessment methodology, audit trail reviews, 21 CFR Part 11 electronic records/signatures compliance. Covers the 2003 Scope and Application guidance and 2024 expanded interpretation for cloud and digital health technologies.

ALCOA+ · 21 CFR Part 11 · Audit Trails
Now Available

Gap Assessment Toolkit

$897 $499 One-time purchase

Total value if purchased separately: $897. You save $398.

Eight audit-ready templates with 535 assessable criteria covering six major compliance frameworks. Every regulatory citation has been verified against current published versions as of February 2026. Designed for FDA, EMA, and MHRA inspection preparation.

Get the Toolkit — $499

Digital delivery via email within 1 business hour during business hours (typically within minutes).

30-day money-back guarantee. If the toolkit doesn't meet your compliance needs, we'll refund your purchase.
A regulatory consultant charges $300-500/hour. This toolkit replaces weeks of manual gap assessment work.

What's Included

  • xlsx
    FDA 21 CFR Part 11 Gap Assessment
    46 assessable criteria
  • xlsx
    EU GMP Annex 11 Gap Assessment
    139 assessable criteria
  • xlsx
    ICH E6(R3) Assessment Tool
    101 assessable criteria
  • xlsx
    Data Integrity ALCOA+ Assessment
    69 assessable criteria
  • xlsx
    CSV/CSA Assessment Template
    80 assessable criteria
  • xlsx
    QMSR / ISO 13485:2016 Gap Assessment
    100 assessable criteria · Includes 820-to-13485 mapping & transition readiness
  • docx
    Remediation Plan Template
    12-column gap register · 12 regulatory references
  • docx
    Executive Summary Template
    12 sections · Placeholder variables for criteria counts

Why This Toolkit

Every regulatory citation verified against current published versions
6 major compliance frameworks in one integrated toolkit
Risk-rated criteria with built-in remediation tracking
Ready for FDA, EMA, and MHRA inspection preparation
Dual CSV/CSA framework coverage for organizations in transition
About

Built by a regulatory professional, not a tech startup

Zach Galloway, Founder of RegulatoryIQ
Zach Galloway
Founder, RegulatoryIQ

Quality and regulatory affairs leader with 14+ years guiding medical device, pharmaceutical, Software as a Medical Device (SaMD), and clinical trial programs through global regulatory requirements. Hands-on experience leading regulatory and quality operations across FDA, EU MDR, MHRA, TGA, Health Canada, PMDA, ISO 13485, and ICH GCP frameworks.

  • Zero major findings across 60+ regulatory and Sponsor/CRO audits
  • Led quality operations through a $13M digital therapeutics merger, harmonizing QMS processes and maintaining multi-framework compliance
  • Built SaMD validation frameworks supporting FDA pre-submissions, 510(k), and De Novo applications
  • Compressed CAPA resolution timelines by 59% and reduced audit findings by 60% through process optimization
  • Consulting engagements spanning medical device compliance, usability engineering (IEC 62366-1), data integrity risk assessments, QMSR/ISO 13485 mock audits, and QMS buildout for healthcare technology platforms
  • Combines deep regulatory expertise with AI and machine learning capabilities, including development of this platform

"Every template and assessment is built from hands-on audit experience, not generated by AI and left unreviewed. When you buy from RegulatoryIQ, you're getting the same frameworks I use in real consulting engagements."

RAC Regulatory Affairs Certification – RAPS
CMQ/OE Manager of Quality/OE – ASQ
CPHQ Healthcare Quality – NAHQ
ACRP-CP Clinical Research – ACRP
Lead Auditor ISO 9001, 13485, 27001
LSSBB Lean Six Sigma Black Belt
RIMS-CRMP Certified Risk Management
AiE AI Engineer – ARTiBA
GCP ML Google Cloud Prof. ML Engineer
AWS ML AWS Machine Learning, Specialty
Advisory Services

Regulatory Advisory Services

Need more than templates? Work directly with a certified regulatory professional on your specific compliance challenges.

Gap Assessment Review

Have your gap assessment findings reviewed by an experienced auditor. Get a prioritized remediation roadmap with risk-rated action items and realistic timelines.

Scope: 2-4 hour engagement
Ideal for: Organizations preparing for FDA, EMA, or MHRA inspections
FDA 21 CFR Part 11 · ISO 13485 · EU MDR · ICH E6(R3) · ALCOA+

QMS & Compliance Consulting

From QMSR transition planning to SaMD classification, get hands-on guidance from someone who has done it.

Scope: Project-based or retainer
Ideal for: Pharma, biotech, and medical device companies navigating regulatory transitions
QMS buildout · CSV/CSA · Vendor qualification · Design controls · CAPA · Audit prep

Mock Audit & Inspection Readiness

Know what an auditor will find before they find it. Mock audits modeled on real FDA, Notified Body, and Sponsor/CRO audit approaches.

Scope: 1-3 day engagement
Ideal for: Companies expecting inspections within the next 6 months
Track record: Zero major findings across 60+ real audits

Typical response within 1 business hour. Initial 15-minute scoping calls are complimentary.

Free Resource

FDA 21 CFR Part 11 Quick Assessment

Not sure where your gaps are? Start with our free 10-criteria quick assessment covering the most commonly cited Part 11 deficiencies in FDA inspections. Takes 5 minutes, identifies your highest-risk areas, and shows you exactly what auditors look for.

10-question self-assessment checklist
Based on real FDA 483s & warning letters
PDF delivered to your inbox

No spam. We only send regulatory updates and product announcements.

Questions

Frequently asked questions

What format are the templates in?
Assessment checklists are in Excel (.xlsx) with structured worksheets, dropdown selections, and built-in scoring. Implementation templates (Remediation Plan, Executive Summary) are in Word (.docx) with professional formatting and regulatory reference tables.
Are these updated for the 2026 QMSR transition?
Yes. The toolkit includes a dedicated QMSR / ISO 13485:2016 Gap Assessment with 100 criteria, a transition readiness checklist, and a full 820-to-ISO 13485 clause mapping reference. All other templates also reflect the QMSR final rule effective February 2, 2026, the FDA CSA guidance (February 3, 2026), and ICH E6(R3) finalization. Every regulatory citation was verified against current published versions in February 2026.
Can I use these across multiple sites or facilities?
Yes. Templates are delivered as editable files with no DRM or usage restrictions. Use them across as many sites, projects, or audits as needed within your organization.
Who built these templates?
RegulatoryIQ templates are developed by Zach Galloway, a certified regulatory and quality professional (RAC, CMQ/OE, CPHQ, LSSBB, Lead Auditor) with 14+ years of hands-on experience across FDA, EU, and ISO compliance frameworks. Every template reflects the same methodologies used in real consulting engagements.
What if I find an error in a regulatory citation?
We stand behind our accuracy. If you identify an incorrect or superseded citation, contact us and we'll issue a corrected version within 48 hours.
Is there a refund policy?
Yes. We offer a 30-day money-back guarantee. If the toolkit doesn't meet your compliance needs, contact for a full refund.
Do you offer consulting services?
Yes. We offer gap assessment reviews, QMS and compliance consulting, and mock audit/inspection readiness engagements. Contact for a complimentary 15-minute scoping call.
In Development

AI-Powered Compliance Platform

We're building an AI-powered regulatory compliance analysis platform with document upload, automated gap detection, and continuous monitoring. Join the waitlist for early access and founding member pricing.

No spam. We'll notify you when early access opens.

Coverage

40+ regulatory frameworks

Global coverage across FDA, EMA, MHRA, TGA, Health Canada, ANVISA, PMDA, and international standards bodies.
21 CFR Part 11 FDA CSA (Feb 2026) 21 CFR Part 820 / QMSR ISO 13485:2016 EU GMP Annex 11 EU MDR 2017/745 ICH E6(R3) ICH Q9(R1) GAMP 5 2nd Edition IEC 62304 IEC 62366-1 ISO 14971 ISO 14155 ISO 9001:2015 ISO/IEC 27001 ALCOA+ EU CTR 536/2014 PIC/S PI 041-1 MHRA Data Integrity WHO TRS 996 FDA Cybersecurity (Feb 2026) IMDRF SaMD 45 CFR Part 46 NIST AI RMF EU AI Act
256-bit TLS Encryption
GDPR-Ready
Payments via Stripe
No Credit Card Data Stored
Get in Touch

Ready to streamline your compliance?

Whether you need a gap assessment, custom templates, consulting, or full-platform access, we can help scope the right approach for your organization.