Risk Benefit Analysis - ISO 14971:2012 Requirements

W

Willgray888

#1
Hi All

I'm looking for some advice on risk benefit analysis (RBA). In particular the 14971:2012 requirements.

Currently we only perform RBAs for individual risks that have the highest severity, regardless of final RPN. This is a severity of 10 in our 1-10 scoring where harm to the user starts at 6. Currently no one really knows what a best practice method of writing an RBA looks like. They usually end up being a few paragraphs explaining the risk and why its no problem.

I'm aware that within the 2012 version there is a requirement for RBA's for individual risks and an overall RBA.

I've been doing lots of background reading where it is suggested the overall RBA and individual RBA be linked to the clinical evaluation. Would this take the form of a bridging document referencing the risks from the RMF and where they are assessed in the clinical evaluation. With the overall risk benefit analysis being performed which is reviewed by a clinician.

Any advice, guidance or personal experience would be more than welcome.
Thanks
Will.
 
Elsmar Forum Sponsor

Mark Meer

Trusted Information Resource
#2
...
I'm aware that within the 2012 version there is a requirement for RBA's for individual risks and an overall RBA.
...
Welcome! :bigwave:

Thanks for the question! I've also been curious about the same thing. RBA's for individual risks seems like it could be very onerous documentation wise, but add very little in terms of risk analysis.

Be very interested in what approaches others are taking so that meeting this requirement isn't a huge documentation burden.

(sorry I couldn't be more helpful :eek: )
MM
 

Marcelo

Inactive Registered Visitor
#3
Please note that there's no requirement in ISO 14971 for that.

What does exist is that the annexes to the EN 2012 version mention this as one of the usually crazy deviations.

In fact, it does not make sense to perform a risk/benefit analysis for individual risks (which is the reason no one knows what do to - no one has ever done this before for any implementation of risk management that I know).

What it does make sense is to always perform a risk/benefit analysis for the aggregate risks (overall). In fact, this is one of the proposed changes in the new revision of ISO 14971.

Anyway, any risk/benefit analysis would obviously need to be linked to the clinical evaluation. You can have some thoughts reading the following FDA document: Factors to Consider Regarding Benefit-Risk in Medical Device Product Availability, Compliance, and Enforcement Decisions
 
Last edited:

Ronen E

Problem Solver
Staff member
Moderator
#4
Hello Will and welcome to the Cove :bigwave:

The way I understand things, no bridging document is required because the Clinical Evaluation needs to address residual risks anyway. The Clnical Evaluation and Risk Management processes are supposed to feed each other, on a continuous basis (ie, if one's output changes, the other needs to be updated).
 

yodon

Staff member
Super Moderator
#5
What does exist is that the annexes to the EN 2012 version mention this as one of the usually crazy deviations.

In fact, it does not make sense to perform a risk/benefit analysis for individual risks (which is the reason no one knows what do to - no one has ever done this before for any implementation of risk management that I know).
Yet we STILL have to do it to provide a risk file that will be acceptable to the technical file reviewer!

What I have done (and I'm hoping this opens the discussion more) is, for each risk in my table, make the assertion that the company has reviewed the (individual) residual risk against the benefits and concluded that the benefits outweigh the risks. I realize that's mostly hand-waving but it's been acceptable so far.

Further, though, I *do* essentially bridge the assessment with clinical evaluation / actual use info in the risk management report. I state (in the report) that ongoing field use has demonstrated that the benefits are confirmed to outweigh the residual risk, both individually and in aggregate.

Again, I don't know if there's a better way but I had to do something and this has been working so far. I'd welcome a discussion of other approaches, flaws with this approach, etc.
 

Remus

Involved In Discussions
#6
Risk/benefit analysis is introduced to risk analysis by ISO/TR 24971:2013. Since there isn't any statistical data best way to close each individual residual risk is risk/benefit analysis. Since most of medical device manufacturers don't care anything they are reducing all risks to acceptable level, people are insisting risk/benefit analysis to each residual risk.
 
W

Willgray888

#7
HI All

Thanks for the welcome and the input. Lots of great stuff to think about.

The way I currently see/understand the requirements surrounding RBAs is similar to how Ronen E. describes. The clinical evaluation covers all the residual risks in making an overall risk benefit analysis decision.

The clinical evaluation references the risks in the RMF and the RMF references where the RBA decision is made for each risk. Essentially both documents will contain a section pointing at the other. I believe in this way both requirements (individual and overall RBA) can be met.

Just so we're on the same page, when I say risk I mean failure effect rather than failure mode.

Let me know what you think
Will.
 

Ronen E

Problem Solver
Staff member
Moderator
#8
when I say risk I mean failure effect rather than failure mode.
Risk is the failure effect (severity of harm) factored together with its probability of occurrence. It's a little tricky for our intuition to grasp because it's a state rather than an object.
 

Marcelo

Inactive Registered Visitor
#9
Hello Will and welcome to the Cove :bigwave:

The way I understand things, no bridging document is required because the Clinical Evaluation needs to address residual risks anyway. The Clnical Evaluation and Risk Management processes are supposed to feed each other, on a continuous basis (ie, if one's output changes, the other needs to be updated).
That's right, however, why should it address only residual risks? It really needs to address all risks. Clinical residual risks are usually addressed in PMS/PMCF.
 
Thread starter Similar threads Forum Replies Date
P Benefit risk analysis on pFMEA ISO 14971 - Medical Device Risk Management 9
silentmonkey Overall Benefit/Risk Analysis - Risk Management VS Clinical Evaluation ISO 14971 - Medical Device Risk Management 3
R The term "Benefit Risk Ratio" in EU MDR, do I need to present benefit risk analysis as a RATIO Risk Management Principles and Generic Guidelines 4
A Risk-benefit Analysis - Hazard Analysis (HA) and FMEAs ISO 14971 - Medical Device Risk Management 18
Q Risk / benefit Analysis in Risk Management Report CE Marking (Conformité Européene) / CB Scheme 12
C Help with Risk/Benefit Analysis Self-help Device for Diabetics ISO 14971 - Medical Device Risk Management 3
J Does anyone have an example of Risk-Benefit Analysis per ISO 14971? Other ISO and International Standards and European Regulations 2
M Estimating the benefit-risk ration under MDR EU Medical Device Regulations 2
M Informational Final guidance – GUIDELINES on the benefit-risk assessment of the presence of phthalates in certain medical devices covering phthalates which are carc Medical Device and FDA Regulations and Standards News 0
M Informational FDA discussion paper – Consideration of Benefit-Risk Approaches for Weight-Loss Devices Medical Device and FDA Regulations and Standards News 0
M Informational US FDA Final Guidance – Consideration of Uncertainty in Making Benefit-Risk Determinations in Medical Device Premarket Approvals, De Novo Classificati Medical Device and FDA Regulations and Standards News 0
M Risk/Benefit vs. benefit-risk - Revising an SOP covering Risk Management with the MDR in mind EU Medical Device Regulations 10
M Informational EU – 12th Meeting of the Working Group on Guidelines on benefit – risk assessment of Phthalates in Medical Devices Medical Device and FDA Regulations and Standards News 0
M Informational EU – SCHEER – Minutes of the Working Group meeting on guidelines on the benefit-risk assessment of the presence of phthalates in certain medical devic Medical Device and FDA Regulations and Standards News 1
M Medical Device News FDA News - 14-09-18 - Benefit-Risk Factors to Consider for Substantial Equivalence Other US Medical Device Regulations 0
M Medical Device News FDA news - 05-09-18 - Draft - Uncertainty in Benefit-Risk Determinations Other US Medical Device Regulations 0
A MDSAP benefit for manufacturer of low-risk devices Canada Medical Device Regulations 3
AnaMariaVR2 Structured Approach to Benefit-Risk Assessment in Drug Regulatory Decision-Making Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 0
sagai New Draft Guidance from FDA - Factors considered for Risk/Benefit Determination Other US Medical Device Regulations 4
J HELP NEEDED ! Risk Management Exercise ISO 14971 - Medical Device Risk Management 12
O Should a Covid vaccine and testing policy be included as part of ISO9001 or AS9100 risk management? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
M Does 4.5 - Alternative RISK CONTROL apply to the Particular Standards? IEC 60601 - Medical Electrical Equipment Safety Standards Series 3
Q Measurement Equipment Revocation - Looking for a Disposal Form with Risk Assessment IATF 16949 - Automotive Quality Systems Standard 10
B ISO13485 Risk managment implementation for suppliers ISO 14971 - Medical Device Risk Management 2
Moncia Chemical risk assessment / COSHH Manufacturing and Related Processes 5
E Supply chain main policies ,scope, risk assessments & relavant KPI Supply Chain Security Management Systems 2
D Use Error Risk Controls and Control Verification ISO 14971 - Medical Device Risk Management 6
J Risk Assessment of Lithium Ion Batteries FMEA and Control Plans 3
Melissa Risk Management Process, How far do I need to go? ISO 14971 - Medical Device Risk Management 10
D Does Risk Management apply to re-labeler (MDR) EU Medical Device Regulations 1
H Risk Management Plan in agile process ISO 14971 - Medical Device Risk Management 14
H Risk Analysis and Probability of Occurrence ISO 14971 - Medical Device Risk Management 3
B Risk analysis for defective measuring or measuring equipment out of calibration General Measurement Device and Calibration Topics 2
B AS9102 - 3D printing a special tool required for assembly (counterfeit risk?) AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 12
K Defining risk control measures IEC 62304 - Medical Device Software Life Cycle Processes 14
U Supply risk management Manufacturing and Related Processes 4
T Biological Evaluation (10993) & Risk Management ISO 14971 - Medical Device Risk Management 9
D Cybersecurity and Risk Management: Loss of confidentiality IEC 62304 - Medical Device Software Life Cycle Processes 5
Q FMEA and Risk assessment in Microsoft Access FMEA and Control Plans 6
I Realization processes input into overall risk ISO 14971 - Medical Device Risk Management 2
M Need Help With Information Security Asset Risk Register IEC 27001 - Information Security Management Systems (ISMS) 2
thisby_ Post Market/Production Risk Assessment ISO 14971 - Medical Device Risk Management 0
S Risk Management Review ISO 14971 - Medical Device Risk Management 4
D Low risk IVD study in the UK, do I need MHRA approval? UK Medical Device Regulations 1
S Risk Management and other Files ISO 14971 - Medical Device Risk Management 8
N ISO 27001 for Jumb Burger - Risk Assessment sheet IEC 27001 - Information Security Management Systems (ISMS) 11
C Risk Assessment Tools ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
qualprod Examples to mitigate risk from Covid ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
G Risk of stopping your customer's line IATF 16949 - Automotive Quality Systems Standard 4
C Risk Matrix vs FMEAs ISO 14971 - Medical Device Risk Management 12

Similar threads

Top Bottom