Although ISO 14971 has been used for some years now (if you count the first version, it´s more than a decade), it still creates some confusion around users. This can be seen by the identified need of guidance documents, such as ISO 24971, and, in the case of the Elsmar Cove, by the different questions the Covers have been putting over the years.
With this in mind, I would propose that we develop an FAQ regarding the ISO 14971 risk management process, a continuing questions and answers thread where we can discuss and get and obtain discussion and guidance on this important aspect of the regulatory medical device lifecycle.
The idea is that this can be an open FAQ, with discussions providing a great deal of the guidance we have (using the experience of the Cove users of the standard can give us a great feedback to start with).
Update 1 - the idea of this thread is to focus on two aspects, in order:
1 -try to explain some aspects of ISO 14971 as a standard, meaning, what is expected by the standard as written
2 - try to explain some aspects of ISO 14971 as used in regulatory/certification systems.
If a questions does not mention any regulatory or certification system, it was probably written thinking about what the standard requires, so it´s a more generic answer. This does not mean that what is expected by a particular regulatory/certification system regarding risk analysis / risk management (regulatory systems usually have a requirement for risk analysis or risk management, and using ISO 14971 can help in fulfilling those).
An example is Question 1 (DEAD LINK REMOVED.), which is directly related to the standard "roots", but id somewhat different from what a lot of regulatory systems expect of risk management.
With this in mind, I would propose that we develop an FAQ regarding the ISO 14971 risk management process, a continuing questions and answers thread where we can discuss and get and obtain discussion and guidance on this important aspect of the regulatory medical device lifecycle.
The idea is that this can be an open FAQ, with discussions providing a great deal of the guidance we have (using the experience of the Cove users of the standard can give us a great feedback to start with).
Update 1 - the idea of this thread is to focus on two aspects, in order:
1 -try to explain some aspects of ISO 14971 as a standard, meaning, what is expected by the standard as written
2 - try to explain some aspects of ISO 14971 as used in regulatory/certification systems.
If a questions does not mention any regulatory or certification system, it was probably written thinking about what the standard requires, so it´s a more generic answer. This does not mean that what is expected by a particular regulatory/certification system regarding risk analysis / risk management (regulatory systems usually have a requirement for risk analysis or risk management, and using ISO 14971 can help in fulfilling those).
An example is Question 1 (DEAD LINK REMOVED.), which is directly related to the standard "roots", but id somewhat different from what a lot of regulatory systems expect of risk management.
Last edited by a moderator: