ISO 14971 Risk Management Process

medical device risk managment

According to the new edition of the risk management standard, ISO 14971 the following are six steps in risk management. For the CE marking of the medical devices, risk management is an essential requirement as per the EU Medical Device Regulation.

Request ISO Certification Quote

ISO 14971 Risk Management Process

Planned ISO 14971 activities with the identification of the risk acceptability. Review the execution of the risk management plan during the design and development validation and before the product release to market.

ISO 14971 Risk Assessment:

This contain the two steps – Risk analysis and Risk Evaluation. Risk Analysis includes the identification of use and misuse of the device during the Normal and Abnormal use of the device, identification of risks related to the operating characteristics of the device, identifying the hazards, the reasonably foreseeable sequence of events and hence the hazardous situation and finally the estimation of risk in terms of probability and severity.

ISO 14971 Risk Evaluation

This contains the assessment of the estimated risks using the risk acceptability criteria, and the residual risks are identified.

ISO 14971 Risk Control

Apply the risk control measures on the identified unacceptable risks to reduce the risks As Low As Possible. The first option is to make changes in the design of the medical device, second option to provide the protective measures to reduce the occurrence of a hazardous situation; the third option is to provide the information to the user about the risks in the form of the warnings, contraindications, etc.

The verification and validation of the implementation of the risk control measures is also part of this step. Still, the reevaluation results in the residual risks for which the risk-benefit analysis to be performed. If the benefits overweigh the risks considering all the alternative methods too, then those risks will be acceptable.

Overall Residual ISO 14971 Risk Evaluation:

Instead of the individual residual risk, the impact of overall residual risk has to be evaluated. After the application of all the control measures, benefit-risk analysis to apply and provide the user with the information.

Risk Management Review

Review of the ISO 14971 risk management activities to verify the implementation of the risk management plan. The risk management report is the output of this stage.

Production and Post

Production activities- Develop a system to collect and review the relevant production and post-production information, collect that information from the users, similar device information. Review the relevancy of that information to the safety of the device. If any new risk exists, it has to be assessed, or any old risk has to be reassessed. Again, the risk control measures to apply and review the suitability of the iso 14971 risk management process.

How can we estimate the overall residual risk? Is the information on the residual risk passed to the customer will reduce the estimated risk?

Quick Contact