Is Testing ever a legitimate Risk Mitigation?


Involved In Discussions
In my experience and understanding of risk management techniques and ISO 14971, mitigation of identified risks is achieved by designing the risk out of the device. Testing itself is not something I've ever seen as a mitigation. Let's say biocompatibility. The mitigation is to select materials that are known or expected to be safe for the intended use (in my case, implantation). The ISO 10993 testing is the verification that the mitigation of selecting appropriate materials mitigated the risk.

I've recently started with a new company who use testing as the mitigation itself, which does not click for me at all. Is this inappropriate or just taking me out of my comfort zone?

For consideration, the device is an implantable tissue-based product and has no software and no mechanical elements.

Thanks in advance for a sanity check!

Elsmar Forum Sponsor


Inactive Registered Visitor
Risk control, the ways risks are reduced, is performed by three options:
a) inherent safety by design;
b) protective measures in the medical device itself or in the manufacturing process;
c) information for safety.

Testing is not one of them.

Testing usually is part of the verification of implementation and/or effectiveness of a risk control measure.

In relation to your comment on biocompatibility (which is related to the medical device, not to materials), the risk controls are not only related to selecting materials. In fact, you apply the process of ISO 10993 together with ISO 14971 to deal with biological hazards.

Some of the possible controls are reduction of exposure routes or time, change of materials, or change to production processes to eliminate residues or additives. Sometimes you need to use them all.


Involved In Discussions
Thanks Marcello! Here are a few examples of what I'm dealing with - any thoughts?

B7.1 Patient infection caused by loss of sterility due to packaging failure
B7.1.1 Product labelling states that the product should be discarded if the packaging is breached
B7.1.2 Shelf life testing verifies package integrity throughout the specified shelf life and following simulated transportation

B2.2 Adverse reaction due to high endotoxin concentrations from failure of manufacturing process to reduce endotoxins to concentrations known to be safe
B2.2.1 Endotoxin testing is a batch Release Specification
B2.2.2 Endotoxin testing requirement as part of Design Verification
B2.2.3 Endotoxin testing requirement as part of Process Validation


Inactive Registered Visitor
any thoughts?
Yes, you (or someone in your company responsible for risk management, including biological risk evaluation) should probably try to better understand ISO 14971 and ISO 10993-1 :p

Regarding your examples...

In the first example, I understand that the risk control measure is to have a package which has a specified reliability during the device lifecycle. The testing, as I mentioned in the previous post, would verify the risk control, but it's not the risk control.

The second example makes even less sense, as I mentioned you should follow ISO 10993-1 together with ISO 14971 as detailed in ISO 10993-1 (you can also check ISO TR 15499).


Involved In Discussions
I ran across this comment today and wanted to propose that the "test" mitigations are not quite as out of touch with reality as it might appear. While I agree that the mitigations should identify the control rather than the verification, it is not so unusual to specify a risk control with a known test in mind as the means for establishing the acceptance criteria. Keep in mind that risk controls need to trace to requirements and verification, and verification needs the requirement to provide an objective metric for the verification. So, in the biocompatibility example, it actually might not be considered sufficient if the mitigation just says "Use materials that are known or expected to be safe" because 'safe' is too ambiguous to verify objectively. However, if the mitigation said "Use materials which meet the requirements of ISO 10993-1" then you have something explicit and objectively verifiable and, if you think about it, this really isn't much different from saying "Materials are tested to ISO 10993-1".

Peter Selvey

Staff member
This is one of those cases where it depends on the context or situation.

Many risk controls are state of the art and well established. In such a case it's common to fudge over the details, with good reason.

For example, in an electrical device, I could write a medium sized book about the safety issues associated with just the appliance inlet (fire, thermal, cord retention, corrosion, electrical insulation, electrical conductivity, mechanical rigidity, fixing means; detailing the true risk controls from raw materials, physical characteristics, design tests, production controls, installation and more).

But instead we mumble something about "fire" and "electric shock" and refer to "IEC 60601-1 test" as a risk control.

There are times when this oversimplification is a problem. For example, a manufacturer recognises that water ingress is a potential issue. Instead of designing in features that provide water protection, they actually use testing as a risk control. They do the test, and some water gets in. Then they decide the location is OK, nothing bad happened, and judge the risk is acceptable.

Why is this wrong? In practice, a test is far from comprehensive. It's difficult to cover all the possible permutations, settings, conditions, options, variations in production, ageing and so on. Instead, most tests are more like spot checks. This approach works well when combined with good design and reasonable design margins (i.e. a little overkill). So, a good designer will add waterproof gaskets and position the remaining ventilation holes to places where the water won't be able to get near critical parts. The designer is then confident of a pass result before the test is performed.

That said, an experienced manufacturer might do all that stuff (gaskets, sensible vent holes) without spelling it out in the risk management file. So it could still end up like the first case, where the risk control is referred to as "IPX2 test".

Purists might argue that it's better to spell everything out just in case, to avoid the former try-and-see situation. It means, the literal risk control (gaskets and vent hole positions) should be referred to as the risk control, and IPX2 test is just verification.

But I think that is naive, because it does not take into account the true real volume of risk controls in a typical medical device. I suspect there are >>10,000 risk controls in a medium risk medical device (remember the number of issues handled by a simple appliance inlet, let alone thinking about functional and performance issues). And even referring to a "gasket" is major oversimplification; a gasket designer would be happy to talk for hours about the detail of what goes into reliable gasket design.

The true problem that ISO 14971 does not have a filter function to allow manufacturers to switch between different levels of documentation, ranging from no documentation (if it's already well covered by normal practice, standards and state of the art), through to detailed documentation for example in the case of new solutions, where R&D is required to establish the type and parameters of the risk control, or special cases where conflicting design or other issues force a level of risk to remain.

Instead we end up with a file full of fluff which naive auditors can easily find some meaningless semantics to argue about.

And, the final point (sorry!) is that if designers are so bad that they use a test-first approach instead of good design, semantics isn't going to fix things. This is a real concern with the rise of copy cat manufacturers that see a medical product and say "hey, I could make that at 1/3 the price" only to find they are way out of their depth. We need auditors with the guts to write a non-conformity report citing a lack of qualification and experience, not about the semantics in a risk management file.



Involved In Discussions
Hi Peter! This is Tina O'Brien from New Zealand - formerly with FPH Regulatory Affairs. Thank you so much for your response - it's very helpful in forming my argument for modifying the practice at my new company.
Thread starter Similar threads Forum Replies Date
K When is Bioburden Testing Required? Other Medical Device Related Standards 3
K IEC 62304 - Testing Independance IEC 62304 - Medical Device Software Life Cycle Processes 5
A ANSI/AAMI versions of 60601-1-2 and related testing requirements Other Medical Device Related Standards 0
C Surgical mask stability testing (CE mark) EU Medical Device Regulations 1
Beliz Biocompatibility Testing for Laser Epilation Device EU Medical Device Regulations 2
C One Time Service Supplier - Temperature and Humidity Testing Service ISO 13485:2016 - Medical Device Quality Management Systems 5
D IEC 60601-1 - Service life testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 8
P Flammability Testing of Aircraft Interior Materials Federal Aviation Administration (FAA) Standards and Requirements 0
N Usability testing required for FDA IDE (investigational device exemption)? Human Factors and Ergonomics in Engineering 3
E ASTM F2118 - Fatigue testing of bone cement - Changes between the 2003 and the 2014? Other Medical Device Related Standards 1
K Biocompatibility Testing - Multile products of different sizes and shapes US Food and Drug Administration (FDA) 2
S Requirement to Conduct New Shelf-life Testing? (re-do testing for design change) EU Medical Device Regulations 3
JoCam Mobile Patient Hoists and Electrical Testing Other Medical Device Related Standards 0
T Interlaboratory comparison or proficiency testing in destructive testing of welded joints ISO 17025 related Discussions 2
B ASTM E18-2020 - Rockwell testing standard changes? General Measurement Device and Calibration Topics 2
U Medical Device Design finalization testing ISO 13485:2016 - Medical Device Quality Management Systems 2
Jane's Like-for-like critical raw material change qualification - type of testing/ number of lots required ISO 13485:2016 - Medical Device Quality Management Systems 4
J Conflict of Interest Registrar/Notified Body/Testing House Quality Manager and Management Related Issues 4
M Inter-operator Variability Testing - Requirements for EU Medical Device Regulations 5
S High voltage testing - ISO 17025 - 7.2.2 Validation of methods and 7.3 Sampling ISO 17025 related Discussions 3
M Production approval testing - Alternative ideas for Validation Reliability Analysis - Predictions, Testing and Standards 4
JoCam MDL in Canada without Canadian Electrical Testing Canada Medical Device Regulations 0
T HF testing / Summative evaluation for MDDS class I necessary? Human Factors and Ergonomics in Engineering 2
Kuldeep Singh Diagnostic X-ray devices - Applicability of Biocompatibility Testing per ISO 10993-1 Manufacturing and Related Processes 7
K Proper document of SMPS used in infant warmer for IEC 60601-1 testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 1
K Sequence of testing in IEC 60601-1 IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
M Workplace Drug Testing in 2020 Misc. Quality Assurance and Business Systems Related Topics 9
W ASTM F1929 dye penetration test - Validation for in-house testing ISO 13485:2016 - Medical Device Quality Management Systems 13
J FDA wants electrical safety testing on battery powered medical device US Food and Drug Administration (FDA) 11
S Internal calibrations - Part of an ISO 17025 accredited testing laboratory (Automotive) ISO 17025 related Discussions 3
T Qualification testing of Lead acid batteries Reliability Analysis - Predictions, Testing and Standards 0
D Sterility and BioBurden Testing for Plastics ISO 13485:2016 - Medical Device Quality Management Systems 5
DitchDigger IEC 60601-1 subclause 5.1 - Adequate evaluation in lieu of testing IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
E Correct way to certify hydrostatic testing when it is not 100% (and Sample Size) Various Other Specifications, Standards, and related Requirements 6
MrTetris Are GLP required for testing cytotoxicity and soil remaining after sterilization of MD? Other Medical Device Related Standards 8
D Design Verification - Is testing required? Design and Development of Products and Processes 5
M Specific Absorption Rate (SAR) Testing - What Standard to Use? Other ISO and International Standards and European Regulations 1
N IATF 16949:2016 External Laboratory - How to approve the Testing Laboratory without accreditation scope IATF 16949 - Automotive Quality Systems Standard 2
T Spirometer - Pulmonary Function Testing - ATS/ERS:2005 EU Medical Device Regulations 5
M 510(k) 10993 Biocompability Testing Other US Medical Device Regulations 15
C Sterility and Bioburden Testing - LAL passed under 0.5EU/mL Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 3
A ISO 17025 Requirement 6.2 - Department Manager Testing Qualifications ISO 17025 related Discussions 1
P IEC 62304 - evaluation of integration and system testing IEC 62304 - Medical Device Software Life Cycle Processes 4
H EO Sterilization Validation - Sterility Testing and Load Configuration Other Medical Device Related Standards 1
M What to do in SOP Phase of Head unit testing? IATF 16949 - Automotive Quality Systems Standard 0
W SOP examples wanted - Soil, Concrete and Asphalt testing ISO 17025 related Discussions 3
M Informational TGA Consultation: Review of the regulation of certain self-testing IVDs in Australia Medical Device and FDA Regulations and Standards News 0
F Proficiency Testing for ISO 17025: AC Current Ranges ISO 17025 related Discussions 1
Kuldeep Singh Mammography Machine Bench Testing - FDA 510(K) US Food and Drug Administration (FDA) 5
D Is Human Factors testing mandatory for a 510(k) submission? Human Factors and Ergonomics in Engineering 16

Similar threads

Top Bottom