High-stakes anchors IGR-001 ISO 14971 TGA Class IIb FHIR R4 MHWA s 28

Independent governance
for high-stakes clinical AI,
audit-ready by design.

A governance-first layer for SaMD and clinical decision support. The IGR-001 framework, ISO 14971 alignment, TGA Class IIb pre-submission pathway, FHIR R4 + CDS Hooks integration, and the MHWA s 28 oversight overlay — packaged for hospital governance committees, SaMD developers, and regulatory-track teams.

See engagements About the architect
Register
Independent · not vendor-funded · not hospital-locked
Format
Productised governance · scoped fixed-fee
Buyers
Hospital governance · SaMD developers · TGA-track teams
What this is

A governance layer, not a compliance checklist.

Clinical AI and SaMD are high-stakes by definition — escalation boundaries, audit trails, override semantics, and human-oversight architecture all have to be explicit before deployment. The Fx CDSS framework gives hospital governance committees, SaMD developers, and TGA-track teams a productised oversight layer they can adopt, license, or extend.

01
Independent by design

Not tied to a single hospital, vendor, or deployment pathway. The governance layer functions as a credible oversight architecture rather than product marketing or procurement enablement.

02
Decision-shaped, audit-ready

Escalation boundaries, override semantics, human-oversight thresholds, and audit-trail discipline made explicit before deployment. Built around the G1–G5 admission gates, not generic policy templates.

03
Primary regulation, traced

Every load-bearing requirement sourced to ISO 14971, TGA SaMD guidance, FDA AI/ML transparency criteria, MHWA 2022, and the Charter Act ss 7–8 verbatim. No aggregator interpretations. Disclosure-via-changelog where the regulator updates.

04
Productised governance

Scoped fixed-fee. Named-use framework licences rather than seat licences. Tiers 1–3 self-serve via Stripe; custom memos and quarterly retainers invoiced after a scoping call. Classified as professional services.

What's in the stack

Ten components. One governance framework.

The Fx CDSS framework stack — anchored on IGR-001 (Interim Governance Resolution) — is structured to answer the question hospital governance committees and SaMD developers actually have: which oversight controls, for which clinical risk, under which regulator. Not a policy survey; a deployment-ready architecture with citations.

01
Executive Snapshot
The governance thesis on one page. Why high-stakes clinical AI needs an independent oversight architecture before deployment, not after.
02
The Governance Question
Why “high-stakes use” — not initial accuracy — is the load-bearing claim for clinical AI in 2026. The FDA AI/ML guidance, the TGA SaMD risk-classification rules, and the gap between them.
03
The Three-Pillar Architecture
Risk (ISO 14971) · Audit (FX-GOV-SCORECARD G1–G5) · Oversight (MHWA s 28 + Charter). The structural split that determines which controls fit which clinical risk.
04
IGR-001 — Interim Governance Resolution
The flagship instrument. A deployable interim governance layer for clinical AI that has cleared CE/TGA but precedes mature institutional QMS adoption.
05
ISO 14971 Alignment Matrix
Risk-management lifecycle mapped to the CDSS pipeline — hazard identification, control adequacy, residual-risk acceptance, post-market surveillance. Editable for Tier 2+.
06
G1–G5 Admission Gates
The five gates a CDSS must pass before clinical admission — evidence, alignment, escalation, audit, oversight. From the FX-GOV-SCORECARD-001 workbook.
07
TGA Class IIb Pre-Submission Pathway
SaMD risk-classification logic, software lifecycle expectations, and the pre-submission briefing structure regulators expect. Tied to the v4.1 canonical pre-submission package.
08
FHIR R4 + CDS Hooks Integration
Technical integration patterns for CDSS in modern EMR architectures. Hook taxonomy, latency budgets, fallback semantics, and the audit-event spec.
09
MHWA s 28 + Charter Overlay
Where clinical AI intersects involuntary-treatment statutes and human-rights instruments. The oversight layer that distinguishes Fx CDSS from generic SaMD policy work.
10
References & Changelog
Every load-bearing requirement sourced to ISO, TGA, FDA, MHWA, or Charter text verbatim. Disclosure-via-changelog discipline where the regulator updates.
Companion instrument — included in the SaMD Pre-Submission Package: FX-GOV-SCORECARD-001. The G1–G5 admission-gate workbook, mapped against Remedy 3, FX-CRPD-GOVERNANCE §4, the LPAG manuscript, and IGR-001 v1.3. Lower-tier buyers can add the scorecard through the Pre-Submission tile in pricing.
Read first

IGR-001 Executive Brief — 6-page sample, free.

Cover, governance thesis, the Three-Pillar Architecture, an IGR-001 v1.3 preview, and the full framework stack. Direct download on submit — no follow-up sales sequence, no sharing of your address.

A direct download starts on submit. Your email is captured once to fulfil the request, then archived. No marketing list, no third-party sharing.

Sample is downloading. If the download did not start automatically, click here to download the PDF. Trouble? Write to leon@fxadvisory.com.au and it will be sent manually.
How it runs

Clear, candid, fast.

Tier 1–2 are self-serve through secure checkout — diagnostic in your inbox within five business days. Tier 3–5 follow a scoped, fixed-fee process designed for procurement-track buyers — light on your team's time, heavy on audit-ready written deliverables.

1
Discovery

A 30-minute call (Tier 3+) or a 1-click diagnostic purchase (Tier 1–2) to map the CDSS asset and the governance question.

2
Scoped proposal

Within 48 hours for custom tiers — fixed fee, fixed timeline, named deliverables. No hourly billing.

3
Deep work

Async-first, weekly check-ins on longer engagements. Primary regulatory text traced, every requirement sourced to ISO / TGA / FDA / MHWA verbatim.

4
Hand-off

Audit-ready written deliverable, scorecard, references, framework licence (where applicable). 30-day post-engagement check-in on Tier 3+.

Engagements

Two productised tiers. Three scoped.

Diagnostic tiers are pre-paid, scoped, fixed-fee — purchased directly via secure checkout. Pre-submission, custom, and retainer engagements are scoped on a kickoff call before invoicing. Governance-buyer sales cycles are slower and bigger; the entry rung is deliberately heavier than a productised brief.

Tier 1 · Diagnostic

Governance Diagnostic

$2,500 USD

5-day audit. Single CDSS asset.

  • IGR-001 alignment scoring
  • G1–G5 admission-gate scorecard
  • ISO 14971 risk-control gap summary
  • Written report (typically 8–12 pages)
Begin
Tier 1+ · Licence

Diagnostic + IGR-001 Licence

$4,500 USD

Save $1,500 vs separate purchase.

  • Everything in Tier 1
  • Plus named-use IGR-001 framework licence (v1.x)
  • FX-GOV-SCORECARD workbook — editable
  • One revision round on the diagnostic
Begin
Tier 2 · Team

Team Governance Engagement

$8,500 USD

Up to 10 named users · one organisation.

  • Everything in Tier 1+
  • Up to 10 named users (governance committee + tech leads)
  • Pipeline-specific scorecard build (1–2 CDSS assets)
  • 60-min governance workshop
  • 30-day follow-up check-in
Begin
Tier 3 · Pre-Submission

SaMD Pre-Submission Package

$18,000 USD

3–4 weeks. Scoped before invoicing.

  • TGA Class IIb pre-submission briefing pack — v4.1 canonical structure
  • ISO 14971 risk file + residual-risk register
  • IGR-001 instance for the candidate device
  • Q&A pack for regulator meeting
  • 60-min live readout + 1 revision
Begin

All tiers priced in AUD via Stripe. Tier 1 and Tier 1+ are productised; Tiers 2 and 3 are scoped on a kickoff call before invoicing. Invoices issued in AUD; GST-free (sole trader below registration threshold). Invoices issued under Leon Xu trading as Fx. Independent Advisory · ABN 47 324 504 763 — sole-trader, no Pty Ltd.

Custom engagements

Scoped before invoicing.

These tiers begin with a kickoff call to scope the question, the deliverable, and the timeline. Pricing is fixed before invoicing — no hourly billing.

Tier 4 · Bespoke

Custom Governance Memo

$35,000 USD

3 weeks. One revision round.

  • Single high-stakes governance question your organisation is facing
  • Cross-jurisdictional regulatory positioning · incident-response playbook · board-grade audit memo · procurement-track risk dossier
  • Kickoff call · written memo (typically 15–25 pages) · one revision
  • Single-engagement licensing of derived framework instances
Request scoping call
Tier 5 · Retainer

Quarterly Governance Retainer

$75,000 USD · per quarter

Three months. One organisation.

  • Monthly governance working sessions
  • Ongoing written analysis on regulatory developments relevant to your CDSS portfolio
  • On-demand response to incident escalations and audit queries (within reason)
  • For hospital systems and SaMD developers managing multiple oversight decisions across a quarter
Request scoping call
About

By whom, and why independent.

The framework is written by Dr Leon Xu — a medical doctor and independent clinical-AI governance architect, working at the intersection of regulatory science, software-as-a-medical-device, and clinical-legal oversight.

The work is independent in a specific sense buyers care about: not tied to a single hospital, vendor, or deployment pathway, and not retained by a SaMD developer whose product is part of the analysis. Independence is the discipline that lets the framework state what an oversight architecture must do, separately from what any particular product can deliver.

The corpus this advisory draws from spans IGR-001 (Interim Governance Resolution), FX-CRPD-GOVERNANCE, FX-GOV-SCORECARD-001 (G1–G5 admission gates), ISO 14971 risk-management work, the TGA Class IIb pre-submission briefing v4.1, FDA AI/ML transparency criteria, and the MHWA 2022 + Charter Act oversight overlay. Every requirement is sourced to primary regulatory text before it enters a client deliverable.

Selected publications
  • Xu, L. (2026). Ethical and Human-Rights Constraints on AI-Assisted Decision-Making: The Dignity-and-Autonomy Test. SSRN Working Paper · ssrn.com/abstract=6734564
  • Xu, L. (2026). Dignity as a Legal Constraint. SSRN Working Paper · ssrn.com/abstract=6629061
  • Xu, L. (2026). The Nine Laws of Structural Dignity: A Concise Admissibility Brief Under the Convention on the Rights of Persons with Disabilities. SSRN Working Paper · ssrn.com/abstract=6621819
  • Xu, L. (2026). The Law of Dignity: Convergence, Constraint, and the Conservation of Human Freedom. SSRN Working Paper · ssrn.com/abstract=6621420
  • Xu, L. (2026). From UN Security Council Dignity Constraints to CRPD Articles 12, 14, and 15. SSRN Working Paper · ssrn.com/abstract=6621320
Architect
Dr Leon Xu, MD
BSc (Immunology & Microbiology)
Independent Governance Architect
ORCID 0009-0000-7483-3783
leon@fxadvisory.com.au
FAQ

What buyers ask first.

IGR-001 — Interim Governance Resolution. A deployable interim governance layer for clinical AI and SaMD that has cleared CE / TGA / FDA but precedes mature institutional QMS adoption. It encodes the minimum oversight architecture an organisation needs to operate the device safely, auditably, and within MHWA / Charter / CRPD obligations. The framework is named-use licensable.

An internal QMS or governance committee operates within a single institution and its existing risk appetite. Fx CDSS supplies the independent oversight architecture these bodies adopt or extend — not a replacement for them. The framework is regulator-traceable to ISO, TGA, FDA, MHWA, and Charter text verbatim, which is structurally harder for an internal committee that is also the buyer of the device.

Exempt-class SaMD still operates in a high-stakes clinical environment, and exemption from the device pathway does not exempt the deployer from clinical-governance, audit-trail, or human-oversight obligations under hospital QMS, professional registration, or instruments like the MHWA s 28 escalation provisions. Fx CDSS targets that gap.

Tiers 1–2 are framed around the governance-diagnostic question. Tier 3 (Pre-Submission Package) and Tiers 4–5 are scoped to your specific question on a kickoff call before invoicing — typically a cross-jurisdictional regulatory positioning memo, an incident-response playbook, a board-grade audit memo, or a procurement-track risk dossier.

Professional services / advisory consulting. Each engagement is scoped, fixed-fee, and pre-paid (Tiers 1–3 via Stripe) or invoiced after a scoping call (Tiers 4–5). Invoices are issued under Leon Xu trading as Fx. Independent Advisory · ABN 47 324 504 763 — sole-trader, no Pty Ltd. ATO-compliant tax invoice on request.

Tier 1: full refund within 7 days of delivery if the diagnostic does not meet the description on this page. Tier 1+ and Tier 2: equivalent satisfaction guarantee scoped on engagement start. Tier 3 includes one revision round; further revisions scoped separately. Tier 4 includes one revision; Tier 5 includes ongoing analysis as part of the retainer scope.

Engagement details are confidential by default. NDAs are entertained for all tiers on request, and standard practice from Tier 2 onward. Aggregate insights from past engagements may inform future framework iterations, never specific client material. See the Privacy Policy for how submitted email addresses are handled.

Begin with a Governance Diagnostic.

Tier 1 is the natural entry point. If your organisation needs a deployable framework on a specific CDSS asset, Tier 1+ or Tier 2 is the right call. Pre-submission and custom engagements scoped on call.

Request a Governance Diagnostic — $2,500 AUD
ORCID 0009-0000-7483-3783 ABN 47 324 504 763 MELBOURNE · AU SOLE TRADER · NAMED-USE LICENCE