Why applicability rationales lose traceability over time

Traceability problems in applicability rationales

Most organisations can point to an Applicable List and say, “This is where our applicability decisions live.” On paper, that suggests control. In practice, many teams find that while decisions are documented, the reasoning behind them is far less robust. The decision is there, but the path that led to it is harder to follow.

Over time, rationales fade, fragment, or become tied to specific individuals. What remains is an applicability decision without a clear link back to the regulatory source or the interpretation that justified it. Traceability exists structurally, but not always in a way that can be relied on.

How rationale decay starts

Rationales are usually written at moments of focus: during classification work, ahead of a submission, or in preparation for an audit. At that point, the reasoning is clear, the regulatory context is fresh, and the people involved remember why a requirement was handled in a certain way.

But regulatory work does not stop there. Guidance evolves, interpretations mature, and teams change. Small adjustments are made along the way, often through conversations, emails, or meeting notes rather than formal updates. Because the decision itself is still considered valid, the original rationale is rarely revisited. Gradually, the reasoning that once made the decision defensible becomes harder to reconstruct.

Nothing visibly breaks when this happens. The Applicable List still looks complete. The decisions are still recorded. What quietly decays is the ability to explain why those decisions were made.

When rationales become person-dependent

In many organisations, traceability slowly shifts from documentation to people. Someone knows why a requirement was interpreted a certain way. Someone remembers a discussion with a notified body. Someone can explain the context behind a non-applicable decision.

This works until it doesn’t. When that person is unavailable, has moved on, or is simply not part of the conversation, the rationale cannot be reproduced. The Applicable List shows a decision, but the reasoning behind it is partial, outdated, or missing altogether. Applicability is no longer something the organisation can clearly demonstrate on its own; it becomes something that depends on who is asked.

What breaks under audit pressure

Audits expose this weakness quickly. Auditors rarely question whether applicability decisions exist. They focus on whether those decisions can be explained, traced back to regulatory sources, and defended consistently.

When rationales cannot be clearly articulated, or when different team members provide different explanations for the same decision, confidence erodes. The issue is often not that the decision itself is wrong, but that it cannot be shown to be grounded in consistent reasoning. What appears as a documentation issue is, in reality, a traceability problem.

The longer rationales have been allowed to decay, the harder they are to reconstruct under pressure. Teams are forced into retrospective explanations, relying on memory, assumptions, or interpretations of what the rationale must have been at the time.

Why this problem compounds over time

Rationale decay rarely stays isolated. As products evolve, markets expand, or responsibility shifts between teams, unclear reasoning is reused as if it were still solid ground. Decisions are copied, adapted, or referenced without full visibility into their original basis.

Over time, inconsistencies emerge. Similar products are treated differently. The same requirement is justified in different ways. Applicability decisions start to drift — not because teams disagree, but because the original reasoning is no longer visible or shared.

At that point, the Applicable List still exists, but it no longer functions as a reliable regulatory artefact. It records outcomes without preserving the logic that made those outcomes defensible.

Why this matters now

Regulatory expectations increasingly extend beyond documenting decisions to demonstrating how and why they were made. Under MDR and IVDR, applicability must remain explainable throughout the product lifecycle, even as interpretations evolve and organisations change.

ISO 13485 reinforces this by requiring organisations to maintain control over regulatory requirements, including the reasoning behind applicability decisions. In practice, rationales that rely on memory or informal agreement quickly fall short when decisions need to be defended across audits or over time.

As more teams encounter this gap, the challenge shifts from recognising the problem to sustaining traceability of reasoning without adding workload or risk. As part of exploring how this can be addressed in practice, we are preparing early access to Hoodin Compliance Studio — a new workspace focused on maintaining defensible applicability reasoning over time — for organisations already experiencing pressure around applicability and audit defensibility.

Early Access may be relevant if this situation feels familiar and you want early insight into how the product takes shape, or the opportunity to contribute perspectives grounded in real RA/QA workflows.