Combining risk analysis with 5M Method and how much systematically makes sense

[Vetty007]

Hi,
I am aiming to improve my risk management and I was wondering, if it could be helpful to combine the risk analysis with the 5M to list all causes systematically and not only the ones define.
Also I like to achieve a better assignment of hazards, damage and risk minimization measures, e.g. by having the hazards HZ-C1, HZ-C2 (Hazard-Chemical1-2) for the hazard category "Chemical Risks", to which the resulting damage H- C1 (Harm Chemical 1) and the required risk control measures are assigned RCM-C1-2. I like such a systematic structure, but I am not sure, if this is really an added value or just nice, that somone spend time to make the risk analysis bigger and look more "serious". Its nice for the CER and the risk management file, making it comfortable and easy to refer to the different hazards, harms and RMC. But is it worth?

In view of the fact that there are quite a few causes and that one could spontaneously overlook an aspect here, I had considered, whether the information on causes should also be further systematized here and I wonder, if the 5 M Method could be useful for this, i.e. specifying to what extent man, machine or milieu etc. represents the cause of a hazard or participate in it. One could work through these 5 points systematically and in the end you can make a better statement about the main causes for a dangerous situation from all these points, or you can identify the most and critical causes for it (if you weight the individual Ms against each other) and can then control them accordingly more or less intensively. Unfortunately, I have not found any information as to whether and what experiences there are with such a combination and therefore I would be delighted for a feedback, comments or also experience whit this

 

[Enternationalist]

5M, also referred to as a fishbone diagram or ishikawa diagram, isn't typically a risk management tool. It's more of a root cause analysis tool. It's frequently used in CAPA investigation processes, and you could probably use it like a mind map to identify some hazards, but it isn't really geared towards risk management.

This is partially because you usually get to decide which causes you are looking at - you are defining the sequences of events. In most cases, you will be going the other way - from part failures or "causes" to what harm they could potentially cause to a patient. Identifying every possible cause is not normally helpful unless those causes require a different type of control to prevent harm.

I'm not saying it wouldn't help, just that it doesn't necessarily seem like the most effective approach when there are tools more oriented to risk management. If you want to expand your toolbox, just refer to 24971 - it's a guidance document, and it shows a variety of tools to apply to different aspects of risk management.

As for categorizing, this sounds needlessly complicated and obstructive. Risk management is not usually neatly structured. Most relationships are many-to-many. A single hazardous situation can results in numerous different types of harms, some of which will be shared with other hazardous situations, and risk control measures may apply to multiple different cases. I think you will find trying to categorize them in this way will quickly become unhelpful.

If you want to categorize, we live in the modern world. We have metadata and tags. If you want to be systematic, you could (for example) list out your risk controls and give them unique ids (1,2,3,4), and then simply tag them with multiple categories you want to sort them by. The same goes for hazards, types of harm, etc. There is no need to try and bake this into a super complicated numbering scheme.

 

[Vetty007]

Thank you for your quick response and valuable input again.

Yes, I am aware that the 5M is not a risk management tool - I just had the idea of systematization and, above all, that the causes can then be quantitatively evaluated in terms of the 5M, i.e. the control measures can be better prioritized. I also do the risk analysis as usual, but then will only divide the information under Cause of failure into the 5Ms - you don't have to specify something for every M, but at least you think about/question whether an indication is possible and meaningful. Hmm, lets see about other opinions and if I'll try it partly to see if its works - by the way, it was ISO 24971 that inspired me to structure the risk analysis in this way, due to mentioning the tracking of the aspects given...

Thank goodness we live in a modern world - although we are working on changing that in Germany - but then I find a good numbering system easier than metadata and tags; with wich I don't get familiar like I wanted.

 

[Tidge]

Risk Management of medical devices is predicated on designing a safe and effective medical device; the foundation of safety and effectiveness is NOT what could go wrong with a safe and effective device.

Defects, as studied by by a 5M methodology, have a role to play... but they are a secondary consideration that only enters a mature risk analysis as part of the iterative process of trying to guarantee that the device as designed remains safe and effective when manufactured and used.

In view of the fact that there are quite a few causes and that one could spontaneously overlook an aspect here, I had considered, whether the information on causes should also be further systematized here and I wonder, if the 5 M Method could be useful for this, i.e. specifying to what extent man, machine or milieu etc. represents the cause of a hazard or participate in it. One could work through these 5 points systematically and in the end you can make a better statement about the main causes for a dangerous situation from all these points, or you can identify the most and critical causes for it (if you weight the individual Ms against each other) and can then control them accordingly more or less intensively.

Hazards exist independent of any of the elements of "5M" analysis. Different pieces of a "5M" analysis can allow an given Hazard to manifest in a different way (or with a different likelihood) but it is the Hazards that have to be the foundation of Risk Management for medical devices. Starting from Failure Modes and working "upwards" (as is done in a 5M approach) is prone to leaving risks unaddressed.

 

[DanMann]

Risk Management of medical devices is predicated on designing a safe and effective medical device; the foundation of safety and effectiveness is NOT what could go wrong with a safe and effective device.

Defects, as studied by by a 5M methodology, have a role to play... but they are a secondary consideration that only enters a mature risk analysis as part of the iterative process of trying to guarantee that the device as designed remains safe and effective when manufactured and used.



Hazards exist independent of any of the elements of "5M" analysis. Different pieces of a "5M" analysis can allow an given Hazard to manifest in a different way (or with a different likelihood) but it is the Hazards that have to be the foundation of Risk Management for medical devices. Starting from Failure Modes and working "upwards" (as is done in a 5M approach) is prone to leaving risks unaddressed.

Agree with Tidge and this is also why FMEAs are not an appropriate tool (on their own) to fulfil the requirements of ISO 14971.

 

[Vetty007]

Thank you very much for the very detailed and well-founded answers, which I can only agree with - I probably don't get my intention shown correctly here, which may be due to the fact that I have hardly had anything to do with the 5M method so far. My goal is to better address the risks and thus be able to control them.
Maybe an example would be helpful: I would assume "unsuitable design" as a characteristic in the risk analysis, then the hazard would be e.g. a medical device too big/small/unsuitable formulation, and now one could simply state one cause as the reason, e.g. a missing specification. But this way it is quite easy to forget/overlook relevant aspects and I would like to prevent this by systematically questioning the reason, in order to really identify all causes. Here I came up with the idea of questioning for each cause, whether the 5M are involved, i.e. whether it is due to people (e.g. lack of knowledge), the machine (e.g. can only produce an unsuitable design), methode (e.g. choosing a wrong benchmark) etc. - this way, it really requires to think about all possiblities related to these 5M and I expect, that there will be more pot. reasons found.
Afterwards, I can then evaluate across all causes, how often the causeses are potentially related to people or the machine, and then this can help to priorize the control measures. If the majority of the potential sources of error for obtaining a medical device, that is not safe or effective, are related to machines, I should first check/optimize them before training the employees. Of course there are individual measures to control risks, which should be realized, but my aim here is not to overlook any cause of danger and to be able to prioritize the control measures more globally (e.g. controlling the machines and the individual measures, while at the same time having an overview about all potential failures identified for the machine to be relevant, allowing me to check if I have taken all of them into account for my controlle measures....).

I hope that was a clearer explanation

 

[Tidge]

Thank you very much for the very detailed and well-founded answers, which I can only agree with - I probably don't get my intention shown correctly here, which may be due to the fact that I have hardly had anything to do with the 5M method so far. My goal is to better address the risks and thus be able to control them.
Maybe an example would be helpful: I would assume "unsuitable design" as a characteristic in the risk analysis, then the hazard would be e.g. a medical device too big/small/unsuitable formulation, and now one could simply state one cause as the reason, e.g. a missing specification.

I have a hard disagree with considering "unsuitable design" as a consideration in a medical device risk analysis. If this was a legitimate element, the fundamental risk control would be to "inherently by design" choice to not make the medical device. This is clearly absurd, and the absurdity originates from the "risk" as stated.

Medical device manufacturers are obligated to make suitable (safe, effective) medical devices. If a device's design is not suitable, then it is not a legitimate medical device for its intended use.

Similarly, missing specifications are not risks, those are direct causes of unsafe/ineffective medical device designs. There is literally no mitigation for a missing/forgotten specification.

 

[Vetty007]

Thanks again for your valuable answer - I guess it wasn't a good example, but one I frequently see, asking myself, how this could pass NB. Esp. if there are several missing informations in the risk analysis, mitigated by training and accepted by NB..... But, this was just a general example to explain my idea. If "Unsuitable Design" is really unsuitable in terms of not making a MD could be up-to discussion, a mobil x-ray could be rated as too heavy and big as mobile version, but could be safe and effective as long as you have a proper equipment to handle it.....

 

[Tidge]

If "Unsuitable Design" is really unsuitable in terms of not making a MD could be up-to discussion, a mobil x-ray could be rated as too heavy and big as mobile version, but could be safe and effective as long as you have a proper equipment to handle it.....

Medical Devices require both design verification ("is the device designed right?" i.e. "were the designer's specifications met?") and design validation ("is this the right medical device?" i.e. "does this meet the users' needs?").

Putting a medical device on the market that doesn't meet the users' needs would imply that design validation was skipped; this would be verbotten.

 

[Vetty007]

Haha, yes, that's correct, but it's also always a matter of interpretation - with regard to the X-ray, the only comment was that if the device is too heavy, you're too weak ;-) Big horses also need large devices and anyway the veterinarian should therefore be male, who is then strong enough.... For the male user, the design was right and other users should better change the specialty