W
Hello all,
This is my first thread, I've looked to see if there are any similar ones regarding ISO14971 and haven't found anything.
I work for a large med device company and we were audited more than once last year for various reasons. One common area that came up was regarding compliance to ISO14971. The ISO auditors mentioned that we don't have a comprehensive review of risks for our products. They mentioned that we should have some type of regular review of product risks. The problem is that we have thousands of products that belong to fifty or so product families, a 'regular' review of risks would not be an easy task. We also have several ways of reviewing risks (e.g. FMEAs, Risk Mgmt Reports, mgmt review, complaints, health hazard analyses, to name a few) but most are performed independent of each other.
So my question is how do we get a reasonable handle on regular reviews of risks without backing ourselves into a corner? I don't want to go overboard and commit to something that will be very difficult to comply.
Has this been pushed by anyone else's ISO auditors? I hear that it may be asked more of from auditors.
This is my first thread, I've looked to see if there are any similar ones regarding ISO14971 and haven't found anything.
I work for a large med device company and we were audited more than once last year for various reasons. One common area that came up was regarding compliance to ISO14971. The ISO auditors mentioned that we don't have a comprehensive review of risks for our products. They mentioned that we should have some type of regular review of product risks. The problem is that we have thousands of products that belong to fifty or so product families, a 'regular' review of risks would not be an easy task. We also have several ways of reviewing risks (e.g. FMEAs, Risk Mgmt Reports, mgmt review, complaints, health hazard analyses, to name a few) but most are performed independent of each other.
So my question is how do we get a reasonable handle on regular reviews of risks without backing ourselves into a corner? I don't want to go overboard and commit to something that will be very difficult to comply.
Has this been pushed by anyone else's ISO auditors? I hear that it may be asked more of from auditors.