ISO 31000 vs. ISO 14971 - Differences and similarities

P

Paul22

#1
Does anyone know if there is any similarity between ISO 31000 and ISO 14971? Are these standards able to co-exist within a medical device industry? Will ISO 31000 be applicable for all MD manufacturers, next to ISO 14971?
 
Elsmar Forum Sponsor

Marc

Fully vaccinated are you?
Staff member
Admin
#2
FYI Summary:

ISO 31000:2009 provides principles and generic guidelines on risk management.

ISO 31000:2009 can be used by any public, private or community enterprise, association, group or individual. Therefore, ISO 31000:2009 is not specific to any industry or sector.

ISO 31000:2009 can be applied throughout the life of an organization, and to a wide range of activities, including strategies and decisions, operations, processes, functions, projects, products, services and assets.

ISO 31000:2009 can be applied to any type of risk, whatever its nature, whether having positive or negative consequences.

Although ISO 31000:2009 provides generic guidelines, it is not intended to promote uniformity of risk management across organizations. The design and implementation of risk management plans and frameworks will need to take into account the varying needs of a specific organization, its particular objectives, context, structure, operations, processes, functions, projects, products, services, or assets and specific practices employed.

It is intended that ISO 31000:2009 be utilized to harmonize risk management processes in existing and future standards. It provides a common approach in support of standards dealing with specific risks and/or sectors, and does not replace those standards.

ISO 31000:2009 is not intended for the purpose of certification.

ISO 14971:2007 specifies a process for a manufacturer to identify the hazards associated with medical devices, including in vitro diagnostic (IVD) medical devices, to estimate and evaluate the associated risks, to control these risks, and to monitor the effectiveness of the controls.

The requirements of ISO 14971:2007 are applicable to all stages of the life-cycle of a medical device.
 

Marc

Fully vaccinated are you?
Staff member
Admin
#3
Does anyone know if there is any similarity between ISO 31000 and ISO 14971? Are these standards able to co-exist within a medical device industry? Will ISO 31000 be applicable for all MD manufacturers, next to ISO 14971?
If anyone has anything to share with respect to this post, Please give a hand. My appreciation in advance!
 

Marcelo

Inactive Registered Visitor
#4
I have some info, sorry for not answering before, just a little busy here :)

Does anyone know if there is any similarity between ISO 31000 and ISO 14971? Are these standards able to co-exist within a medical device industry? Will ISO 31000 be applicable for all MD manufacturers, next to ISO 14971?
ISO 31000 is being developed as THE standard on risk management in ISO (following an strategy of ISO on having general management systems standards).

The problem here is that ISO 31000 is for business risk (it details a general enterprise risk management process applicable to all enterprises). ISO 14971, on the contrary, is for product risks. Their similarities, then, are only a few.

Tehy might be able to co-exist because they deal with different things, but the main concern is that, as 31000 is being published to be the general risk management standard on ISO, it will be "forced" into other risk manbagement standards. ISO TC 210, JWG 1, which is the originator of ISO 14971, has been aware of this for some time and is studying possible situations around this scenario.
 

Marcelo

Inactive Registered Visitor
#6
ISO has just released ISO 31010:2009. Risk management -- Risk assessment techniques
Yep...in fact there´s planning to develop more standards in the ISO 31000 series...just like what happens to other management standards such as ISO 9000.
 

Mandy

Involved In Discussions
#7
I have some info, sorry for not answering before, just a little busy here :)



ISO 31000 is being developed as THE standard on risk management in ISO (following an strategy of ISO on having general management systems standards).

The problem here is that ISO 31000 is for business risk (it details a general enterprise risk management process applicable to all enterprises). ISO 14971, on the contrary, is for product risks. Their similarities, then, are only a few.

Tehy might be able to co-exist because they deal with different things, but the main concern is that, as 31000 is being published to be the general risk management standard on ISO, it will be "forced" into other risk manbagement standards. ISO TC 210, JWG 1, which is the originator of ISO 14971, has been aware of this for some time and is studying possible situations around this scenario.
Hi

We are ISO 13485 certified, and aligned ourselves to the 14971 standard.

Now our CEO wants us to become ISO 27001 and ISO 27799 certified. Both these standards talk about the 31000 risk management standard.

The question is whether we can keep using ISO 14971 to manage the risk of ISO 27001 and ISO 27799 (with adaptations of course).

Would appreiciate any advice.
Thanks

Mandy
 

Marcelo

Inactive Registered Visitor
#8
Hi

We are ISO 13485 certified, and aligned ourselves to the 14971 standard.

Now our CEO wants us to become ISO 27001 and ISO 27799 certified. Both these standards talk about the 31000 risk management standard.

The question is whether we can keep using ISO 14971 to manage the risk of ISO 27001 and ISO 27799 (with adaptations of course).

Would appreiciate any advice.
Thanks

Mandy
ISO 24971 was created to deal with the risk posed by medical devices to the patient/user/etc, so it was not created to any other end. To prevent problems, my suggestion would be to keep ISO 14971 only for that end.

Then you can use ISO 31000 or any other risk management process to deal with other risks.
 
#9
We are aligned to 14971 for product risk management. However, post SOC2 audit are planning to leverage 31000 for enterprise risk management. As @Marc stated (years ago at this point!) it seems broad enough to cover across industries with varying scope.
 
Thread starter Similar threads Forum Replies Date
F Linking an ISO 31000 Risk management SOP to ISO 17025 ISO 17025 related Discussions 2
Jimmy123 ISO 31000 vs FMEA FMEA and Control Plans 1
Richard Regalado ISO 31000:2018 is now published! Risk Management Principles and Generic Guidelines 0
Q Is it worth the effort to implement ISO 31000 Risk based on ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
S Integrating ISO 20000 and ISO 31000 with ISO 9001 IT (Information Technology) Service Management 2
Marc Are you looking for ISO 31000 - Risk Management Principles and Generic Guidelines? ISO 14971 - Medical Device Risk Management 1
L Needed ISO 31000 And ISO 22301 Checklist Risk Management Principles and Generic Guidelines 2
Jen Kirley Does ISO plan to sponsor certification to ISO 31000 soon? Risk Management Principles and Generic Guidelines 5
R Comparison Chart of ISO 9001 vs. ISO 31000 Risk Management Principles and Generic Guidelines 4
C ISO14001, ISO 31000 & ASNZS4801 (OSHAS18001) Certification - HELP! Risk Management Principles and Generic Guidelines 9
K Risk Management (ISO 31000) and AS9100C - Gap Analysis Template Needed Risk Management Principles and Generic Guidelines 2
K ISO 31000 - Implementing Risk Management in the Construction Industry? Risk Management Principles and Generic Guidelines 5
Antonio Vieira ISO 31000 Guidelines for Principles and Implementation of Risk Management information Risk Management Principles and Generic Guidelines 3
Sidney Vianna ISO 31000 - Enterprise Risk Management Standard Risk Management Principles and Generic Guidelines 19
R What are the new changes in EN ISO 11137-1:2015+A2:2019? Other Medical Device Related Standards 2
Y ISO 10993-14:2001 - Gel implants stored in glass syringes Other Medical Device Related Standards 1
eldercare Multi-Site ISO/AS Certification Requirement for some sites ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 21
Sidney Vianna ISO 14001 News ISO 14001 Continual Improvement Survey ISO 14001:2015 Specific Discussions 0
Casana ISO 17025 - Contractor certification? IATF 16949 - Automotive Quality Systems Standard 5
B Sanctioned interpretation #10 - ISO 17025 IATF 16949 - Automotive Quality Systems Standard 2
H Contract Manufacturer as Design Owner ISO 13485 ISO 13485:2016 - Medical Device Quality Management Systems 6
G Compliance with ISO 9001-2015 for ISO 17025 Accredited Labs? ISO 17025 related Discussions 3
blackholequasar ISO 13485 certification prior to Medical Device Manufacturing... worth it? ISO 13485:2016 - Medical Device Quality Management Systems 4
C ISO 14001 Internal Audit - Opportunity for Improvement ISO 14001:2015 Specific Discussions 2
P ISO 11607-2 Process Specification Other Medical Device Related Standards 1
S Which ISO Standards to Purchase - EN ISO and/or ISO Other Medical Device Related Standards 1
A ISO Clause 4.1/4.2 & 6.1 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
S Electronic Signatures - Non-Conformance - ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 29
E ISO 13485 software validation ISO 13485:2016 - Medical Device Quality Management Systems 7
B ISO 11197, Venting of Medical Supply Units - cl. 201.11.2.2.101 Other Medical Device Related Standards 2
D Management reviews ISO 17025 ISO 17025 related Discussions 3
L Change Log in (controlled) Forms? (ISO 9001:2015) Document Control Systems, Procedures, Forms and Templates 6
K ISO 9001 Clause 8.3 & 8.6 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
I ISO 17025:2017 / ANAB 3125 - Articulating / Communicating Risks vis-a-vis Audit Findings ISO 17025 related Discussions 2
A Management of change procedure for ISO 45001 Occupational Health & Safety Management Standards 5
S Transition training for Internal Auditor from ISO 9001: 2008 to the ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
D Notified Bodies - ISO 13485 & MDR Technical Files ISO 13485:2016 - Medical Device Quality Management Systems 3
E Comparison of Personal Protective Equipment Standards EN 14605 vs GB24539 and ISO 13982 vs GB 24539 Occupational Health & Safety Management Standards 0
H R&D Lab ISO 9001 certification ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
C Biologic Evaluation based on ISO 10993-1 EU Medical Device Regulations 2
D Deviations - Where in ISO 13485 deviations are covered? ISO 13485:2016 - Medical Device Quality Management Systems 7
B ISO 13485 Certification ISO 13485:2016 - Medical Device Quality Management Systems 2
J ISO 9001:2015 Clause 8.5.1 Control of Production and service provision - Help with Work Instruction Access ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
Y ISO 13485:2015 Software Validation IQ/OQ/PQ ISO 13485:2016 - Medical Device Quality Management Systems 13
Ajit Basrur Any ISO standard or guidance documents on barcode and scanning? Other Medical Device Related Standards 1
J ISO 13485 for Metal Finishing Medical Device and FDA Regulations and Standards News 5
S How to calculate Effective Number of People for ISO 13485 Certification? General Auditing Discussions 2
C ISO Question - Do you say "I-S-O" or "I-Soh"? Misc. Quality Assurance and Business Systems Related Topics 14
D Question regarding where "validations" fit according to ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1
H Asset Inventory - documents and people (ISO 27001) IEC 27001 - Information Security Management Systems (ISMS) 1

Similar threads

Top Bottom