SBS - The best value in QMS software

Is Testing ever a legitimate Risk Mitigation?


Involved In Discussions
In my experience and understanding of risk management techniques and ISO 14971, mitigation of identified risks is achieved by designing the risk out of the device. Testing itself is not something I've ever seen as a mitigation. Let's say biocompatibility. The mitigation is to select materials that are known or expected to be safe for the intended use (in my case, implantation). The ISO 10993 testing is the verification that the mitigation of selecting appropriate materials mitigated the risk.

I've recently started with a new company who use testing as the mitigation itself, which does not click for me at all. Is this inappropriate or just taking me out of my comfort zone?

For consideration, the device is an implantable tissue-based product and has no software and no mechanical elements.

Thanks in advance for a sanity check!

Elsmar Forum Sponsor


Inactive Registered Visitor
Risk control, the ways risks are reduced, is performed by three options:
a) inherent safety by design;
b) protective measures in the medical device itself or in the manufacturing process;
c) information for safety.

Testing is not one of them.

Testing usually is part of the verification of implementation and/or effectiveness of a risk control measure.

In relation to your comment on biocompatibility (which is related to the medical device, not to materials), the risk controls are not only related to selecting materials. In fact, you apply the process of ISO 10993 together with ISO 14971 to deal with biological hazards.

Some of the possible controls are reduction of exposure routes or time, change of materials, or change to production processes to eliminate residues or additives. Sometimes you need to use them all.


Involved In Discussions
Thanks Marcello! Here are a few examples of what I'm dealing with - any thoughts?

B7.1 Patient infection caused by loss of sterility due to packaging failure
B7.1.1 Product labelling states that the product should be discarded if the packaging is breached
B7.1.2 Shelf life testing verifies package integrity throughout the specified shelf life and following simulated transportation

B2.2 Adverse reaction due to high endotoxin concentrations from failure of manufacturing process to reduce endotoxins to concentrations known to be safe
B2.2.1 Endotoxin testing is a batch Release Specification
B2.2.2 Endotoxin testing requirement as part of Design Verification
B2.2.3 Endotoxin testing requirement as part of Process Validation


Inactive Registered Visitor
any thoughts?
Yes, you (or someone in your company responsible for risk management, including biological risk evaluation) should probably try to better understand ISO 14971 and ISO 10993-1 :p

Regarding your examples...

In the first example, I understand that the risk control measure is to have a package which has a specified reliability during the device lifecycle. The testing, as I mentioned in the previous post, would verify the risk control, but it's not the risk control.

The second example makes even less sense, as I mentioned you should follow ISO 10993-1 together with ISO 14971 as detailed in ISO 10993-1 (you can also check ISO TR 15499).


Involved In Discussions
I ran across this comment today and wanted to propose that the "test" mitigations are not quite as out of touch with reality as it might appear. While I agree that the mitigations should identify the control rather than the verification, it is not so unusual to specify a risk control with a known test in mind as the means for establishing the acceptance criteria. Keep in mind that risk controls need to trace to requirements and verification, and verification needs the requirement to provide an objective metric for the verification. So, in the biocompatibility example, it actually might not be considered sufficient if the mitigation just says "Use materials that are known or expected to be safe" because 'safe' is too ambiguous to verify objectively. However, if the mitigation said "Use materials which meet the requirements of ISO 10993-1" then you have something explicit and objectively verifiable and, if you think about it, this really isn't much different from saying "Materials are tested to ISO 10993-1".

Peter Selvey

Staff member
Super Moderator
This is one of those cases where it depends on the context or situation.

Many risk controls are state of the art and well established. In such a case it's common to fudge over the details, with good reason.

For example, in an electrical device, I could write a medium sized book about the safety issues associated with just the appliance inlet (fire, thermal, cord retention, corrosion, electrical insulation, electrical conductivity, mechanical rigidity, fixing means; detailing the true risk controls from raw materials, physical characteristics, design tests, production controls, installation and more).

But instead we mumble something about "fire" and "electric shock" and refer to "IEC 60601-1 test" as a risk control.

There are times when this oversimplification is a problem. For example, a manufacturer recognises that water ingress is a potential issue. Instead of designing in features that provide water protection, they actually use testing as a risk control. They do the test, and some water gets in. Then they decide the location is OK, nothing bad happened, and judge the risk is acceptable.

Why is this wrong? In practice, a test is far from comprehensive. It's difficult to cover all the possible permutations, settings, conditions, options, variations in production, ageing and so on. Instead, most tests are more like spot checks. This approach works well when combined with good design and reasonable design margins (i.e. a little overkill). So, a good designer will add waterproof gaskets and position the remaining ventilation holes to places where the water won't be able to get near critical parts. The designer is then confident of a pass result before the test is performed.

That said, an experienced manufacturer might do all that stuff (gaskets, sensible vent holes) without spelling it out in the risk management file. So it could still end up like the first case, where the risk control is referred to as "IPX2 test".

Purists might argue that it's better to spell everything out just in case, to avoid the former try-and-see situation. It means, the literal risk control (gaskets and vent hole positions) should be referred to as the risk control, and IPX2 test is just verification.

But I think that is naive, because it does not take into account the true real volume of risk controls in a typical medical device. I suspect there are >>10,000 risk controls in a medium risk medical device (remember the number of issues handled by a simple appliance inlet, let alone thinking about functional and performance issues). And even referring to a "gasket" is major oversimplification; a gasket designer would be happy to talk for hours about the detail of what goes into reliable gasket design.

The true problem that ISO 14971 does not have a filter function to allow manufacturers to switch between different levels of documentation, ranging from no documentation (if it's already well covered by normal practice, standards and state of the art), through to detailed documentation for example in the case of new solutions, where R&D is required to establish the type and parameters of the risk control, or special cases where conflicting design or other issues force a level of risk to remain.

Instead we end up with a file full of fluff which naive auditors can easily find some meaningless semantics to argue about.

And, the final point (sorry!) is that if designers are so bad that they use a test-first approach instead of good design, semantics isn't going to fix things. This is a real concern with the rise of copy cat manufacturers that see a medical product and say "hey, I could make that at 1/3 the price" only to find they are way out of their depth. We need auditors with the guts to write a non-conformity report citing a lack of qualification and experience, not about the semantics in a risk management file.



Involved In Discussions
Hi Peter! This is Tina O'Brien from New Zealand - formerly with FPH Regulatory Affairs. Thank you so much for your response - it's very helpful in forming my argument for modifying the practice at my new company.
Thread starter Similar threads Forum Replies Date
H Independence between the development and testing IEC 62304 - Medical Device Software Life Cycle Processes 3
M Issues with leakage current testing for a CLASS II device since no PE and FE is present IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
M Testing criteria - where to place Design and Development of Products and Processes 2
E 60601-1 - Tilt testing - Tensile safety factor IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
V Setup for testing against ISO14708 clause 16 (protection of the patient from herms caused by heat) Other Medical Device Related Standards 0
gramps What do you think about automated QA testing For software app industry? Misc. Quality Assurance and Business Systems Related Topics 5
B In house NIOSH pre Testing accepted by NIOSH? US Food and Drug Administration (FDA) 1
M Bacteriostasis/Fungistasis Testing Other Medical Device and Orthopedic Related Topics 6
P Sample Size for Distribution Simulation Testing Inspection, Prints (Drawings), Testing, Sampling and Related Topics 11
N EN 813, EN 12277, EN 1497 - Testing some harness prototypes to an EN standard Various Other Specifications, Standards, and related Requirements 0
S What should i choose for "testing procedure" characteristics? (N95) General Information Resources 0
D Essential performance and EMC immunity testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 4
J Biocompatbility testing on Class 1 device requirements Other US Medical Device Regulations 12
Q Summative Usability Evaluation Testing: prior or during Clinical Investigation? Human Factors and Ergonomics in Engineering 6
B NIOSH Approval for Surgical N95 Respirators - Required testing US Food and Drug Administration (FDA) 2
M ECG lead leakage currents - How to specify ECG leads during electrical safety testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
C Stress / Challenge Conditions for Design Verification Testing to Reduce Sample Size 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 11
D CFR Title 14: Aeronautics and Space PART 120—DRUG AND ALCOHOL TESTING PROGRAM Federal Aviation Administration (FAA) Standards and Requirements 3
lanley liao Purchase Acceptance Criteria - Tensile testing Oil and Gas Industry Standards and Regulations 2
M Device mounted at IV pole - what about mechanical stability testing? IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
A Outsourcing IEC 60601-1 Ed 3.2 Testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 0
J Cochlear Implant Testing 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 2
A Class I (exempt) testing requirements Other Medical Device Related Standards 0
JoCam Electrical Testing for Japan, PSE or CB Scheme Other Medical Device Regulations World-Wide 0
M Who are the go to companies for non-destructive hardness testing? General Measurement Device and Calibration Topics 3
M Determining if an Insulin Pen Testing Machine is a Medical Device? EU Medical Device Regulations 4
P Testing cloud-based backups IT (Information Technology) Service Management 7
I IATF Lab Scope Testing Qualification and Competency Documentation IATF 16949 - Automotive Quality Systems Standard 3
N Chemical Testing on Medical Devices - Solutions in a container closure system (bag) EU Medical Device Regulations 1
M Comparing data from destructive testing Inspection, Prints (Drawings), Testing, Sampling and Related Topics 7
T Flammability testing Reliability Analysis - Predictions, Testing and Standards 0
E Manufacturers should develop a testing device for covid19 Service Industry Specific Topics 0
K When is Bioburden Testing Required? Other Medical Device Related Standards 4
K IEC 62304 - Testing Independance IEC 62304 - Medical Device Software Life Cycle Processes 5
A ANSI/AAMI versions of 60601-1-2 and related testing requirements Other Medical Device Related Standards 3
C Surgical mask stability testing (CE mark) EU Medical Device Regulations 2
Beliz Biocompatibility Testing for Laser Epilation Device EU Medical Device Regulations 2
C One Time Service Supplier - Temperature and Humidity Testing Service ISO 13485:2016 - Medical Device Quality Management Systems 5
D IEC 60601-1 - Service life testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 8
P Flammability Testing of Aircraft Interior Materials Federal Aviation Administration (FAA) Standards and Requirements 0
N Usability testing required for FDA IDE (investigational device exemption)? Human Factors and Ergonomics in Engineering 8
E ASTM F2118 - Fatigue testing of bone cement - Changes between the 2003 and the 2014? Other Medical Device Related Standards 1
K Biocompatibility Testing - Multile products of different sizes and shapes US Food and Drug Administration (FDA) 2
S Requirement to Conduct New Shelf-life Testing? (re-do testing for design change) EU Medical Device Regulations 3
JoCam Mobile Patient Hoists and Electrical Testing Other Medical Device Related Standards 0
T Interlaboratory comparison or proficiency testing in destructive testing of welded joints ISO 17025 related Discussions 3
B ASTM E18-2020 - Rockwell testing standard changes? General Measurement Device and Calibration Topics 2
U Medical Device Design finalization testing ISO 13485:2016 - Medical Device Quality Management Systems 2
Jane's Like-for-like critical raw material change qualification - type of testing/ number of lots required ISO 13485:2016 - Medical Device Quality Management Systems 4
J Conflict of Interest Registrar/Notified Body/Testing House Quality Manager and Management Related Issues 4

Similar threads

Top Bottom