Hi all. I am working in a company in the medical field. The company is located on two continents. The one I am working for is the contract manufacturer, the other is the distributor. Some time ago our colleagues from abroad were audited. No critical remarks were found during the audit but the auditing team stated that we (both companies) are not assessing the risk correctly due to the fact that we haven't updated a particular document in a while. They also suggested that the Detectability value in the PFMEA should be removed. I think this was not something that should have been changed at all. Anyhow... Due to the fact that we are two companies with unique quality management systems they decided to change the numbering convention for the RPN without informing us. That triggered a number of actions and now we have to change our numbering convention. Which as you know will take some time. So my questions are: Can a RPN be a RPN without the detectability value when we are addressing the PFMEA? The other company is still treating the new risk value as a RPN. Shouldn't be a critical number now without the detectability value? And also should the detectability value be even removed from the PFMEA in the first place when there are already established controls in place that are justifying the control of the risk? Should we update an already established PFMEA and treat it as if it is a new one? Because removing the detectability means exactly that. Can the auditing company be wrong? I am a bit confused and if someone can explain this to me that will be great. Thanks.