Effectiveness of Risk Control Measures

alimary15

Involved In Discussions
Hello everyone,

Section 6.3 of ISO 14971 requires that two types of activities are conducted:
1) Verify that risk control measures are implemented
2) Verify that risk control measures are effective to reduce the risk

Regarding the first requirement classical verification activities can be carried out. However I am having difficulties regarding the second point.

To assess whether a measure is effective It is my opinion one should perform validation. For example for measures that are addressing usability risks, then we can perform a validation to assess if these measures are actually working when the user is involved.

But what about safety-related measures, like software alghoritms or for example electrical specs?

How can someone really assess whether those measures are effective to reduce risk?

Your comments and experiences are much appreciated!

Thanks
 

John Broomfield

Leader
Super Moderator
alimary15,

To assess the effectiveness of a risk control measure you need an objective for it. Then, if your organization controls the risk as specified and fulfills the objective it is considered effective.

So, when agreeing this risk control measure also agree the way it is to be done and what is to be achieved.

Yes, this also validates the design of the control measure provided you have input stakeholder requirements.

When you have effective risk control you may then focus on making it more efficient.

John
 

alimary15

Involved In Discussions
Hello John,
thanks for your reply.

What do you mean by objective? Could you please provide me with an example?

I will make you a software related example to clarify my doubt:

****************************************************
Hazardous Situation: Dose imported from wrong plan or from wrong patient

Probability/Severity before measure: Remote/Critical

Measure: The software shall indicate which plan the dose belongs to.

Probability/Severity after measure: Improbable/Critical

Test:

Is for each dose plan the
- plan name
- treatment planning system
- date and time
information shown?
*****************************************************

So in the above example I have defined a measure and a test for it.

With the test I am basically verfying that the measure is correctly implemented. So for me this means a verification step.

However, how can I make sure that, with this measure in place the risk is actually going down to a rating of Imbropable/Critical?


How can i assure that such measure is therefore effective?

I am having big troubles in understanding this

Thanks!
 

John Broomfield

Leader
Super Moderator
alimary15,

Exactly how do you ensure "the software shall indicate which plan the dose belongs to"?

Commanding the software to do something is not a control measure.

The control measure is what is done to prevent the software from associating the dose with the wrong person.

Prevention is the key.

Also, the control measure may be low tech such as the patient marking which of their limbs is to be removed. Here the effectiveness of the control measure is determined by an absence of healthy cut limbs.

John
 

alimary15

Involved In Discussions
Thanks John,

I do see your point!

:thanx:

I will try to think more about a way to improve our approach and how to make more clear which objectives to use to assess the effectivess of the control measures.

I will post back If I will have more doubts about this
 
Top Bottom