Risk Benefit Analysis - ISO 14971:2012 Requirements

W

Willgray888

#1
Hi All

I'm looking for some advice on risk benefit analysis (RBA). In particular the 14971:2012 requirements.

Currently we only perform RBAs for individual risks that have the highest severity, regardless of final RPN. This is a severity of 10 in our 1-10 scoring where harm to the user starts at 6. Currently no one really knows what a best practice method of writing an RBA looks like. They usually end up being a few paragraphs explaining the risk and why its no problem.

I'm aware that within the 2012 version there is a requirement for RBA's for individual risks and an overall RBA.

I've been doing lots of background reading where it is suggested the overall RBA and individual RBA be linked to the clinical evaluation. Would this take the form of a bridging document referencing the risks from the RMF and where they are assessed in the clinical evaluation. With the overall risk benefit analysis being performed which is reviewed by a clinician.

Any advice, guidance or personal experience would be more than welcome.
Thanks
Will.
 
Elsmar Forum Sponsor

Mark Meer

Trusted Information Resource
#2
...
I'm aware that within the 2012 version there is a requirement for RBA's for individual risks and an overall RBA.
...
Welcome! :bigwave:

Thanks for the question! I've also been curious about the same thing. RBA's for individual risks seems like it could be very onerous documentation wise, but add very little in terms of risk analysis.

Be very interested in what approaches others are taking so that meeting this requirement isn't a huge documentation burden.

(sorry I couldn't be more helpful :eek: )
MM
 

Marcelo

Inactive Registered Visitor
#3
Please note that there's no requirement in ISO 14971 for that.

What does exist is that the annexes to the EN 2012 version mention this as one of the usually crazy deviations.

In fact, it does not make sense to perform a risk/benefit analysis for individual risks (which is the reason no one knows what do to - no one has ever done this before for any implementation of risk management that I know).

What it does make sense is to always perform a risk/benefit analysis for the aggregate risks (overall). In fact, this is one of the proposed changes in the new revision of ISO 14971.

Anyway, any risk/benefit analysis would obviously need to be linked to the clinical evaluation. You can have some thoughts reading the following FDA document: Factors to Consider Regarding Benefit-Risk in Medical Device Product Availability, Compliance, and Enforcement Decisions
 
Last edited:

Ronen E

Problem Solver
Moderator
#4
Hello Will and welcome to the Cove :bigwave:

The way I understand things, no bridging document is required because the Clinical Evaluation needs to address residual risks anyway. The Clnical Evaluation and Risk Management processes are supposed to feed each other, on a continuous basis (ie, if one's output changes, the other needs to be updated).
 

yodon

Leader
Super Moderator
#5
What does exist is that the annexes to the EN 2012 version mention this as one of the usually crazy deviations.

In fact, it does not make sense to perform a risk/benefit analysis for individual risks (which is the reason no one knows what do to - no one has ever done this before for any implementation of risk management that I know).
Yet we STILL have to do it to provide a risk file that will be acceptable to the technical file reviewer!

What I have done (and I'm hoping this opens the discussion more) is, for each risk in my table, make the assertion that the company has reviewed the (individual) residual risk against the benefits and concluded that the benefits outweigh the risks. I realize that's mostly hand-waving but it's been acceptable so far.

Further, though, I *do* essentially bridge the assessment with clinical evaluation / actual use info in the risk management report. I state (in the report) that ongoing field use has demonstrated that the benefits are confirmed to outweigh the residual risk, both individually and in aggregate.

Again, I don't know if there's a better way but I had to do something and this has been working so far. I'd welcome a discussion of other approaches, flaws with this approach, etc.
 

Remus

Involved In Discussions
#6
Risk/benefit analysis is introduced to risk analysis by ISO/TR 24971:2013. Since there isn't any statistical data best way to close each individual residual risk is risk/benefit analysis. Since most of medical device manufacturers don't care anything they are reducing all risks to acceptable level, people are insisting risk/benefit analysis to each residual risk.
 
W

Willgray888

#7
HI All

Thanks for the welcome and the input. Lots of great stuff to think about.

The way I currently see/understand the requirements surrounding RBAs is similar to how Ronen E. describes. The clinical evaluation covers all the residual risks in making an overall risk benefit analysis decision.

The clinical evaluation references the risks in the RMF and the RMF references where the RBA decision is made for each risk. Essentially both documents will contain a section pointing at the other. I believe in this way both requirements (individual and overall RBA) can be met.

Just so we're on the same page, when I say risk I mean failure effect rather than failure mode.

Let me know what you think
Will.
 

Marcelo

Inactive Registered Visitor
#9
Hello Will and welcome to the Cove :bigwave:

The way I understand things, no bridging document is required because the Clinical Evaluation needs to address residual risks anyway. The Clnical Evaluation and Risk Management processes are supposed to feed each other, on a continuous basis (ie, if one's output changes, the other needs to be updated).
That's right, however, why should it address only residual risks? It really needs to address all risks. Clinical residual risks are usually addressed in PMS/PMCF.
 
Thread starter Similar threads Forum Replies Date
P Benefit risk analysis on pFMEA ISO 14971 - Medical Device Risk Management 10
silentmonkey Overall Benefit/Risk Analysis - Risk Management VS Clinical Evaluation ISO 14971 - Medical Device Risk Management 3
R The term "Benefit Risk Ratio" in EU MDR, do I need to present benefit risk analysis as a RATIO Risk Management Principles and Generic Guidelines 4
A Risk-benefit Analysis - Hazard Analysis (HA) and FMEAs ISO 14971 - Medical Device Risk Management 18
Q Risk / benefit Analysis in Risk Management Report CE Marking (Conformité Européene) / CB Scheme 12
C Help with Risk/Benefit Analysis Self-help Device for Diabetics ISO 14971 - Medical Device Risk Management 3
J Does anyone have an example of Risk-Benefit Analysis per ISO 14971? Other ISO and International Standards and European Regulations 2
M Estimating the benefit-risk ration under MDR EU Medical Device Regulations 2
M Informational Final guidance – GUIDELINES on the benefit-risk assessment of the presence of phthalates in certain medical devices covering phthalates which are carc Medical Device and FDA Regulations and Standards News 0
M Informational FDA discussion paper – Consideration of Benefit-Risk Approaches for Weight-Loss Devices Medical Device and FDA Regulations and Standards News 0
M Informational US FDA Final Guidance – Consideration of Uncertainty in Making Benefit-Risk Determinations in Medical Device Premarket Approvals, De Novo Classificati Medical Device and FDA Regulations and Standards News 0
M Risk/Benefit vs. benefit-risk - Revising an SOP covering Risk Management with the MDR in mind EU Medical Device Regulations 10
M Informational EU – 12th Meeting of the Working Group on Guidelines on benefit – risk assessment of Phthalates in Medical Devices Medical Device and FDA Regulations and Standards News 0
M Informational EU – SCHEER – Minutes of the Working Group meeting on guidelines on the benefit-risk assessment of the presence of phthalates in certain medical devic Medical Device and FDA Regulations and Standards News 1
M Medical Device News FDA News - 14-09-18 - Benefit-Risk Factors to Consider for Substantial Equivalence Other US Medical Device Regulations 0
M Medical Device News FDA news - 05-09-18 - Draft - Uncertainty in Benefit-Risk Determinations Other US Medical Device Regulations 0
A MDSAP benefit for manufacturer of low-risk devices Canada Medical Device Regulations 3
AnaMariaVR2 Structured Approach to Benefit-Risk Assessment in Drug Regulatory Decision-Making Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 0
sagai New Draft Guidance from FDA - Factors considered for Risk/Benefit Determination Other US Medical Device Regulations 4
E How to risk assess tooling? For a medical device and is it needed??? Manufacturing and Related Processes 2
M Clinical evaluation interface with the risk management process EU Medical Device Regulations 9
L Risk analysis Manufacturing and Related Processes 4
J Risk Analysis for Proficiency Testing Reliability Analysis - Predictions, Testing and Standards 1
J ISO 10993-1:2018 Format to Perform Risk Management Process US Food and Drug Administration (FDA) 1
B Risk Management Procedure updates needed for 14971:2019 ISO 14971 - Medical Device Risk Management 11
M What is the Risk of Using Obsolete Versions of C=0 & ANSI/ ASQ Z1.4 Sampling Plans? ISO 13485:2016 - Medical Device Quality Management Systems 8
D AS9100D 8.4.2 Note 2 Significant Operational Risk AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
A Calculating Risk Estimation ISO 14971 - Medical Device Risk Management 28
M Intended Use vs Actual Use and Scope of Risk Management EU Medical Device Regulations 8
S IDCB 0129/0160 Clinical Risk Management ISO 14971 - Medical Device Risk Management 2
H At what level (harm, hazardous situation, seq. of events, etc) is "risk" estimated? ISO 14971 - Medical Device Risk Management 12
A Risk Management Team IEC 60601 - Medical Electrical Equipment Safety Standards Series 11
S Risk Management File - Procedure Packs ISO 14971 - Medical Device Risk Management 3
B ISO 14001 Risk assesment ISO 14001:2015 Specific Discussions 4
J What risk to cover when NOT using ISO 17025 accredited/certified labs for calibration ISO 17025 related Discussions 3
G Risk Management for IEC 60601-1 and IEC 60601-1-2 IEC 60601 - Medical Electrical Equipment Safety Standards Series 15
S What is your favorite Usability Risk Analysis tool? IEC 62366 - Medical Device Usability Engineering 5
T Assessing risk where harm is indirect - Generic devices / accessories / intermediates ISO 14971 - Medical Device Risk Management 8
K Do you have separate clinical risk management group or experts in your manufactures? EU Medical Device Regulations 4
W IATF 9.2.2.1 Internal Audit how to determine risk IATF 16949 - Automotive Quality Systems Standard 12
S Risk control through Information for safety ISO 14971 - Medical Device Risk Management 8
A Derive Risk Acceptance Matrix from Risk Policy ISO 14971 - Medical Device Risk Management 8
B ERP software validation - risk assessment vs validation scope ISO 13485:2016 - Medical Device Quality Management Systems 11
I Estimation of overall residual risk. How to? EU Medical Device Regulations 11
Sidney Vianna ISO Practical Guide on ISO 31000:2018 - Risk Management Other ISO and International Standards and European Regulations 0
T IEC 62304 : Risk control for SaMD IEC 62304 - Medical Device Software Life Cycle Processes 8
T Risk Assessment and Management Misc. Quality Assurance and Business Systems Related Topics 0
P Scenario based risk assessment IEC 27001 - Information Security Management Systems (ISMS) 1
Q KPI risk assessment - Criteria for the given score IATF 16949 - Automotive Quality Systems Standard 3
S Foreign Risk Notification Canada Medical Device Regulations 2

Similar threads

Top Bottom