Risk Analysis for moving manufacturing equipment

Marcelo

Inactive Registered Visitor
#11
Well, I agree that the standard was deliberately created with some very specific requirements for some of the records (and this was discussed a lot during JWG meetings), but even as it is, it?s not take black and white, and this is part of the problem - standards such as ISO 1481, IEC 62304, IEC 62366 were really not created to be assessed such as a type testing standard with very detailed testing and records requirements. But now, as people assess them, those details usually creates a lot of problems.

Anyway,

There is no requirement to justify, for example, why a warning was used.
There?s in fact more than one requirement.
The manufacturer shall use one or more of the following risk control options in the priority order listed:
a) inherent safety by design;
b) protective measures in the medical device itself or in the manufacturing process;
c) information for safety.
Then
The risk control measures selected shall be recorded in the risk management file.
The first one does require that the manufacturer use the priority listed. So, if he simply uses a warning, it seems fair to me, if analyzing compliance with the standard, to ask why the last one was out of order. Which would end up in in a justification of why a warning was used, in the end.

Regarding 6.3, the activities themselves should be detailed or referenced in the risk management plan, as explained in F.6 (quoted below).The requirements in 6.3 are really only related to the results, as you mentioned, because of that.

F.6 Verification activities
The risk management plan will specify how the two distinct verification activities required by this International Standard will be carried out (see also A.2.6.3). Verifying the effectiveness of risk control measures can require the collection of clinical data, usability studies, etc. (see also 2.28) The risk management plan can detail the verification activities explicitly or by reference to the plan for other verification activities.
 
Elsmar Forum Sponsor

Marcelo

Inactive Registered Visitor
#12
The second paragraph says effectiveness shall be verified (the same), but only the results need to be recorded, which is a subtle but important difference. The records do not need to include any objective evidence about the effectiveness of risk controls.
So you are saying that

A.2.6.3 Implementation of risk control measures
Two distinct verifications are included. The first verification is required to make sure that the risk control measure has been implemented in the final design. The second verification is required to ensure that the measure as implemented actually reduces the risk. In some instances, a validation study can be used for verifying the effectiveness of the risk control measure.
is wrong? Because if you read the requirement and the rationale, it does seem to require objective evidence about the effectiveness of risk controls (as the rationale mentions that the verification is required to ensure that the measure as implemented actually reduces the risk).
 

Peter Selvey

Staff member
Super Moderator
#13
This is the whole point: we are mixing two areas - clearance for sale, and broader safety. Regulations are only clearance for sale, they are not meant to be perfect, but at least they should be objective, consistent and clear.

In that light, black and white interpretations are appropriate.

Furthermore, using a grey approach tends to hide the flaws in the standard. ISO 14971 is a deeply flawed standard but it survives because the experts always deflect criticism by saying it should not be taken literally.
 

Marcelo

Inactive Registered Visitor
#14
Oh, and just remembered to mention, ISO TR 24971 tired to correct some of those problems, for example, when detailing that, in the case of risk control measured defined in standards, there was not much of what you need to record anyway, and you should even skip some parts of the 14971 RM process.
 

Marcelo

Inactive Registered Visitor
#15
This is the whole point: we are mixing two areas - clearance for sale, and broader safety. Regulations are only clearance for sale, they are not meant to be perfect, but at least they should be objective, consistent and clear.
Yeah, agreed. As I mentioned, I don?t think in principle that process standards should be used when evaluating anything, because they are not objective, consistent and clear by design. However, they are so deep intertwined with regulations right now that any change is viewed as a problem (something that are having on the discussion of the revision of ISO 13485, in which any possible change was viewed in the light of how current regulations are written :-().
 

Ronen E

Problem Solver
Staff member
Moderator
#16
I still think "nothing to do with..." is a bit extreme.

I think that the concept of
"Real world needs" = perfect device and processes
and
"Regulations" = bare minimum
is wrong.

Rather, in my opinion it should be (and is, to a fair extent):
"Real world needs" = "Regulations" = a good balance between quality (including safety) and affordability.

If you look at risk management alone the regulations and their implementation may seem deficient, but QA (or regulations) don't stop at risk management. The original question related to validation, which is broader.

ISO 14971 & ISO 13485 are useful illustrations but they don't encompass the topic.

Cheers,
Ronen.
 

Peter Selvey

Staff member
Super Moderator
#17
Agreed, it sounds a bit extreme, but there is method to my madness. You may of heard of "Freakanomics", a book that uses statistics to expose unexpected outcomes. For example, the kindergarten that introduced a fine to encourage parents to pick up their kids on time found that it only made the situation worse.

It sounds counterintuitive, but if we took regulations as the "bare minimum" and purely at face value (black and white), ultimately it would result in safer medical devices: we would get more consistency, less uncertainty, clear boundaries and most importantly the weak points in the regulation would be more apparent and quickly fixed.
 

Ronen E

Problem Solver
Staff member
Moderator
#18
Agreed, it sounds a bit extreme, but there is method to my madness. You may of heard of "Freakanomics", a book that uses statistics to expose unexpected outcomes. For example, the kindergarten that introduced a fine to encourage parents to pick up their kids on time found that it only made the situation worse.

It sounds counterintuitive, but if we took regulations as the "bare minimum" and purely at face value (black and white), ultimately it would result in safer medical devices: we would get more consistency, less uncertainty, clear boundaries and most importantly the weak points in the regulation would be more apparent and quickly fixed.
I think it's a slippery slope. There's almost no end to the amount of wordsmithing possible if the goal is "the bare minimum". The result would not be clarity, but a situation where everyone would need a lawyer for interpreting the regulations (including the regulators).

I think there's no way around *some* level of auditors' subjectivity, and that's a reality we have to accept as professionals in a regulated industry. IMO our role should be making sure that ~80% of the assessment is fact based and as quantitative as possible, and ~20% is left to the auditor's judgement; not the other way around.

I think that even under that approach the regulations' shortcomings can fairly easily be exposed, and we should promote change where necessary. It's not easy but also not impossible (at least in some areas). It's not that everybody is thinking that ISO 14971 is prefect; it's just that if you throw it away you have no common ground. Actually, I think that even as-is it's a pretty good tool. The real question is whether companies actually try to make the best out of it or just use it as @$%-covering.

Cheers,
Ronen.
 
Thread starter Similar threads Forum Replies Date
silentmonkey Overall Benefit/Risk Analysis - Risk Management VS Clinical Evaluation ISO 14971 - Medical Device Risk Management 3
R The term "Benefit Risk Ratio" in EU MDR, do I need to present benefit risk analysis as a RATIO Risk Management Principles and Generic Guidelines 4
D Risk Analysis using Monte Carlo Simulation instead of Scoring and Heat Map Risk Management Principles and Generic Guidelines 2
E Normal Condition Hazards in Risk Analysis ISO 14971 - Medical Device Risk Management 3
M Risk Analysis Flow - Confusion between ISO 14971 and IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 8
R ECG Risk Analysis Standards ISO 14971 - Medical Device Risk Management 2
adir88 Documenting Risk Control Option Analysis ISO 14971 - Medical Device Risk Management 8
MrTetris Should potential bugs be considered in software risk analysis? ISO 14971 - Medical Device Risk Management 5
M IATF 16949 (6.1.1 - Planning and Risk Analysis for a remote site) Process Maps, Process Mapping and Turtle Diagrams 5
D Risk Analysis & Technical File - What detail goes in the Risk Management Report ISO 14971 - Medical Device Risk Management 5
M An example of risk analysis of class I MD ISO 14971 - Medical Device Risk Management 36
T Risk analysis of QMS software - Validating software we use for QMS ISO 13485:2016 - Medical Device Quality Management Systems 5
B Grouping of Products for Risk Analysis ISO 14971 - Medical Device Risk Management 9
A Risk-benefit Analysis - Hazard Analysis (HA) and FMEAs ISO 14971 - Medical Device Risk Management 18
R The difference b/w FMEA & Risk analysis as per iso 14971 ISO 14971 - Medical Device Risk Management 8
K Risk Analysis Updates due to complaints ISO 14971 - Medical Device Risk Management 10
S The Severity of a Medical Device Hazard - Risk Analysis Clarification ISO 14971 - Medical Device Risk Management 6
Ed Panek Transition to IEC 60601 4th Edition - Risk Analysis and test submissions CE Marking (Conformité Européene) / CB Scheme 2
S In a risk analysis, how can we tie mobile app security breach to ISO 14971? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
Q Risk / benefit Analysis in Risk Management Report CE Marking (Conformité Européene) / CB Scheme 12
R IATF 16949 Clause 6.1.2.1 - Lessons Learned and Risk Analysis IATF 16949 - Automotive Quality Systems Standard 6
S Risk analysis 6.1 and contingency plans 6.1.2.3, are they related? IATF 16949 - Automotive Quality Systems Standard 26
B Software Class A - Lengthy further risk analysis IEC 62304 - Medical Device Software Life Cycle Processes 9
W Biocompatibility Risk Analysis for Clinical Practitioner 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
F Risk Analysis of a Medical Device Accessory ISO 14971 - Medical Device Risk Management 4
S How we can use risk analysis for suppliers IATF 16949 - Automotive Quality Systems Standard 6
I Medical Device Software Risk Analysis ISO 14971 - Medical Device Risk Management 4
Q Risk Analysis - Same Risk Treatment for Context and Interested Parties ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
C Risk Analysis for COTS/OTS Risk Management Principles and Generic Guidelines 4
M IATF 16949 Cl. 8.7.1.4 - Risk analysis for decision making about rework IATF 16949 - Automotive Quality Systems Standard 2
E Risk Analysis - Events which may cause to Data Loss ISO 14971 - Medical Device Risk Management 12
W Risk Benefit Analysis - ISO 14971:2012 Requirements ISO 14971 - Medical Device Risk Management 27
F Medical Device HACCP (Hazard Analysis and Critical Control Point) Risk Management ISO 14971 - Medical Device Risk Management 2
Q Risk Tools in ISO 31010 - Root Cause Analysis vs. Cause-and-effect Analysis ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 1
S Organizing Risk Analysis and Controls for a New Medical Device (ISO 14971) ISO 14971 - Medical Device Risk Management 4
S Please review my Risk Analysis Table ISO 14971 - Medical Device Risk Management 13
K Risk Analysis and "Information for Safety" / Labeling ISO 14971 - Medical Device Risk Management 10
M Risk analysis - ISO/TS 16949 clause 7.2.2.2 IATF 16949 - Automotive Quality Systems Standard 2
C Help with Risk/Benefit Analysis Self-help Device for Diabetics ISO 14971 - Medical Device Risk Management 3
A FTA-Top/Down approach to Risk Analysis ISO 14971 - Medical Device Risk Management 2
A Industry best practice about Post-Market Surveillance and Risk Analysis ISO 14971 - Medical Device Risk Management 6
T Risk Analysis help for CE Marking Class I Medical Device ISO 14971 - Medical Device Risk Management 10
D Different kinds of Risk Analysis for various Hazards ISO 14971 - Medical Device Risk Management 3
L GHTF/SG3/N15R8 - Process Validation and Risk Analysis ISO 13485:2016 - Medical Device Quality Management Systems 4
R Risk Analysis of Class IIb Disinfectant ISO 14971 - Medical Device Risk Management 6
J Does anyone have an example of Risk-Benefit Analysis per ISO 14971? Other ISO and International Standards and European Regulations 2
P FMEA Risk Analysis Recommended Action Priority FMEA and Control Plans 2
N ISO 14971 Risk Analysis - Sections 4.2 and 4.3 ISO 14971 - Medical Device Risk Management 2
D ISO 14971 - Risk Analysis Best Practices ISO 14971 - Medical Device Risk Management 5
S Internal Audit Plan per Risk Analysis Internal Auditing 5

Similar threads

Top Bottom