Integrations
One hub for the regulated product lifecycle management
Building a regulated product means coordinating across engineering, quality, security and AI governance, in tools that were never designed to talk to each other. ins2outs connects to the systems your team already uses and brings the documentation, decisions and evidence into a single source of truth.
Why integrations matter?
Your regulatory story lives in fragments
Requirements sit in Jira or ClickUp. Code lives in GitHub or GitLab. Test results are in TestRail. Conversations happen in Slack or Teams. AI prompts and outputs run through OpenAI. Approvals get signed in a separate eQMS. Risk registers sit in spreadsheets nobody opens between audits.
Every one of those systems holds part of the answer a notified body, auditor or regulator will ask for. That’s how compliance debt compounds, design history files go stale, and product velocity quietly drains away.
ins2outs closes the gap by connecting to where regulated work actually happens and pulling the relevant artefacts into one structured view of the product lifecycle, governed against ISO 13485, 27001, 42001, IEC 62304, EU MDR, GDPR, the EU AI Act, the EU CRA, and the rest of the standards your team operates under.
The ins2outs vision
A central hub for regulated innovation compliance
ins2outs becomes the place where every part of building a regulated product converges: lifecycle, documentation, reporting, and governance, all sharing one connected dataset.
Requirements, releases, and post-market data — all linked to the same governing system.
Engineers see what compliance needs. Compliance sees what engineering shipped.
ins2outs
One connected dataset. Lifecycle, documentation, reporting, and governance — sharing the same source of truth.
Documents live alongside the work they govern.
Every reference is live, current, and traceable to the people who acted on it.
Dashboards and audit trails build themselves from connected sources.
Submissions and external audits draw from the same data — nothing to reconcile.
Connect your tools, build your evidence automatically
Connected systems stay authoritative for their own data. ins2outs reads the relevant artefacts in, maps them to the management system structure, and links them to the controls, requirements, and risks they relate to. The original artefact stays where it was created. The regulated governance layer sits on top.
One source of truth
Each artefact lives in one place. ins2outs references it, versions it, and tracks who acted on it. No duplicate records, no copy-paste, no drift between systems an auditor will eventually compare.
Evidence builds itself
Merges, approvals, sign-offs, access reviews, and AI prompts become dated, attributable records the moment they happen. Audit trails are a by-product of work, captured continuously.
Adoption follows the work
Compliance reminders, reviews, and approvals surface inside Teams and Slack. The management system stays current because it sits in the flow that regulated teams actually live in.
Integrations that turn your tools into audit evidence
Each integration is scoped to a specific regulatory purpose, bringing structured evidence into the management system where it can be governed, traced, and audited.
Product and engineering
Issues, epics, and sprint events become traceable to requirements, CAPA records, and risk controls. The product backlog and the technical file share one structure.
Tasks, sprints, and project activity link to the requirements, risks, and design controls they relate to. Product planning stays connected to its regulated governance.
Pull requests, releases, and repository activity feed the traceability matrix. Software lifecycle evidence under IEC 62304 builds from real code events.
Merge requests, pipelines, and release tags link to requirements, risks, and design controls. The same traceability, wherever your code lives.
Test cases, runs, and results link to the requirements and risks they verify. Verification and validation evidence becomes part of the design history file, captured continuously.
AI services
Powers the AI modules (literature review, risk file generation, regulatory intelligence, complaint handling) with full prompt and output logging for ISO 42001 and EU AI Act records.
Identity and access
Sign-on, role assignments, and access reviews flow into the management system through your existing identity provider. User compliance status stays current, and approvals are signed with SSO credentials for 21 CFR Part 11.
Collaboration
Two-way notifications for tasks, document reviews, and CAPA assignments. Dedicated support channel available on the Premium plan.
Compliance tasks, review requests, and approval threads run inside the channels your team already watches. Each thread becomes an audit-traceable record.
Pass audits without the scramble
When the lifecycle and its documentation share a hub, reporting stops being a quarterly fire drill. Management reviews, audit packs, technical files, and regulator submissions all draw from the same underlying records.
Management reviews
Audit and conformity assessment
Evidence is mapped to standards (ISO 13485, 27001, 42001, IEC 62304, EU MDR, ISO 14971, GDPR, EU AI Act, EU CRA). Auditors and notified bodies get a structured view; your team answers questions instead of building decks.
Risk and CAPA dashboards
Open risks, mitigations, and corrective actions link back to the products, components, and suppliers they relate to. Status changes propagate everywhere they’re referenced.
Regulator and board reporting
Pull packs for notified bodies, competent authorities, the board, and investors from one connected dataset. Numbers match across audiences because they share a source.
See your stack inside the hub
We’ll map the systems your team already uses to build your regulated product, show how each one feeds the management system, and walk through what governance looks like once the lifecycle and its documentation share a home.