Freyr's Integrated Regulatory Management System Framework

Freyr's Integrated Regulatory Management System Framework

Freyr Certifications


ISO 13485 : 2016

Provision of Global Consulting Services Applicable to the Medical Device and In Vitro Diagnostic (IVD) Industry for

Scope of Certification

 
 
  • Provision of Global Consulting Services for Product Registrations
  • Regulatory Affairs
  • Clinical & Medical Writing
  • Quality Management System
  • Labelling & Artwork Services
  • Post Market Surveillance Services
  • Importer Services and Authorized Representation Services
  • Such as EAR
  • Swiss Rep
  • UKRP to the Medical Device and IVD Industry

ISO 27001 : 2022

Information Security Management Services cover the Software and Regulatory Services of the following departments

Scope of Certification

 
 
  • Provision of End-to-End Regulatory Software Solutions and Services
  • Encompassing Regulatory Strategy
  • Operations
  • Regulatory Affairs
  • Medical Writing
  • Labelling
  • Artwork
  • Pharmacovigilance
  • Compliance-as-a-Service catering to Medicinal Products
  • Medical Devices
  • Consumer Beauty
  • Wellness
  • Homecare
  • Lifestyle products in accordance with National and International Health Regulations
  • The operations are supported by Corporate IT Security, HR, Legal, and Administrative Functions

*Statement of Applicability V11.0 dated 16 Sep 2024.


ISO 9001 : 2015

Quality Management System covers the following departments

Scope of Certification

 
 
  • Provision of End-to-end Regulatory Software Solutions and Services
  • Encompassing Regulatory Strategy
  • Operations Regulatory Affairs
  • Medical Writing
  • Labelling
  • Artwork
  • Pharmacovigilance
  • Compliance-as-a-Service catering to Medicinal Products
  • Medical Devices
  • Consumer
  • Beauty Wellness
  • Homecare
  • Lifestyle products in accordance with National and International Health Regulations

Quality Policy

Our Commitment:

At Freyr, we are committed to delivering world-class regulatory solutions and services to our global clientele. Our mission is to empower life sciences organizations to achieve compliance, accelerate time-to-market, and ensure patient safety. We strive to be recognized as a trusted partner, driving innovation and exceeding customer expectations in the constantly evolving regulatory landscape. 

Our Objectives:

  1. Customer-Centric Approach
    We put our customers at the heart of our operations. We actively listen, collaborate, and adapt to their unique needs and challenges. By providing comprehensive and customized solutions, we aim to foster long-term partnerships based on trust, transparency, and exceptional customer experiences.
  2. Continuous Improvement through Innovation
    We embrace a culture of continuous improvement in all aspects of our business. Through proactive learning, innovation, and embracing industry best practices, we constantly enhance our services, processes, and technology solutions. We are committed to staying ahead of regulatory trends and ensuring our customers benefit from the latest advancements.
  3. Regulatory Compliance and Ethics
    We strictly adhere to global regulatory requirements and industry standards. Our operations are conducted with integrity, professionalism, and a commitment to ethical practices. We ensure that our solutions are compliant, reliable, and safeguard patient safety while upholding the highest standards of data protection and confidentiality.
  4. Talent Development:
    We recognize that our people are our greatest asset. We foster a collaborative and inclusive work environment that encourages learning, growth, and empowerment. By attracting and retaining top talent, investing in their development, and providing opportunities for advancement, we ensure the highest level of expertise, dedication, and quality in our services.
  5. Data Security, Privacy and Confidentiality:
    We prioritize the security and confidentiality of our customers’ data. We implement robust measures to protect sensitive information, comply with data protection regulations, and maintain the highest level of data integrity. Our commitment to data security ensures trust and peace of mind for our customers. Compliance with Data Protection Laws: We comply with all applicable data protection laws and regulations, including the GDPR, and other relevant privacy frameworks. We ensure that personal data is processed lawfully, transparently, and fairly.
  6. Collaboration and Partnerships:
    We believe in the power of collaboration. We actively seek partnerships and strategic alliances with industry leaders, regulatory authorities, and technology providers. By fostering synergies and leveraging collective expertise, we drive innovation, expand our capabilities, and deliver holistic solutions to our customers.
  7. Performance Excellence:
    We are committed to achieving excellence in all areas of our operations. We set clear quality objectives, monitor key performance indicators (KPIs), and regularly assess our performance against industry benchmarks. Through robust quality management systems and a commitment to continuous improvement, we ensure consistent delivery of high-quality solutions.
  8. Risk Management:
    We proactively identify, assess, and mitigate risks associated with our service delivery. By implementing robust risk management processes, we aim to prevent errors, reduce incidents, and ensure the reliability and safety of our services.

This quality policy guides our actions, decisions, and interactions as we strive to exceed customer expectations, drive industry innovation, and make a positive impact on global healthcare. It is communicated, understood, and embraced by every member of the Freyr team.

This policy will be regularly reviewed, updated as necessary, applied, and communicated to all employees, working for or on behalf of FREYR, and made available to interested parties and the public.

FREYR*: - Freyr Software Services Pvt. Ltd. and its subsidiary companies.

Information Security Policy

  1. Purpose 
    To protect Freyr’s and its customer’s information assets by preventing unauthorized access, disclosure, alteration, and destruction through an established structured information security management process. It aims to ensure confidentiality, integrity, and availability of information assets in alignment with the ISO/IEC 27001:2022 standard.
  2. Scope
    This policy applies to all employees, contractors, consultants, partners, and third-party service providers of Freyr’s information assets, systems, and networks which encompasses all digital, physical, and cloud-based systems and data managed by Freyr across its global locations.
  3. Information Security Objectives
    • Safeguarding confidentiality, integrity, and availability of information and assets for clients, stakeholders, and interested parties by implementing a structured Risk Management Framework and maintaining an Integrated Regulatory Management System (IRMS).
    • Ensuring Compliance with applicable legal and statutory / regulatory requirements across its global operations and data protection laws, including the General Data Protection Regulation (GDPR).
    • Promoting a culture of information security awareness across the organization.
    • Governance of security performance against appropriate targets and enabling continuous improvements.
  4. Information Security Controls 
    Freyr has adopted the updated Annex A control framework of ISO 27001:2022, which comprises 93 controls categorized into four key themes:
    • Organizational Controls: Establishing policies, procedures, risk management practices, and governance structures to sustain a secure operational environment.
    • People Controls: Implementing training and awareness programs, conducting background checks, and defining security responsibilities for employees and contractors.
    • Physical Controls: Enforcing access controls for buildings and restricted areas, securing equipment, and implementing physical monitoring measures.
    • Technological Controls: Utilizing encryption, multi-factor authentication (MFA), secure software and hardware configurations, and robust network security measures.
  5. Risk Management 
    The risk management process involves:
    • A robust response framework to identifying potential threats and vulnerabilities.
    • Assessing the likelihood and impact of each risk. Developing and implementing risk treatment plans based on Freyr's risk appetite.
    • Continuously monitoring risks and updating the risk register as new threats.
  6. Incident Management
    Freyr had an established proactive and structured Incident Management process to promptly identify, assess, and respond to Information security, Data Privacy and other incidents.
  7. Business Continuity and Disaster Recovery
    Freyr maintains a comprehensive Business Continuity and Disaster Recovery framework to ensure resilience in the face of disruptions to ensure continuity of services to our customers and protect the integrity of our business operations.