Risk Management Has to Begin Prior to Design Input, But...

GStough

Staff member
Super Moderator
#1
Ok, here's the scenario...

We received a minor nonconformance in our re-cert audit in Dec. 08 because risk management was not begun before design input phase of a new product, since results of risk management have to be included in design input.

Ok, this new product has since gone through 510K approval and we are currently trying to get the CE mark testing completed. Product is being produced for inventory, though.

My question is this: Since the product design and development phase is essentially complete, is it acceptable to go back and do risk management activities for this product retrospectively and include the results in the design input portion of the Design History File? Or, do we write an explanation of what happened and why results of risk management are absent from this particular Design History File? With the understanding, of course, that going forward this won't happen again.

Thoughts, ideas, or suggestions are welcome...

Thanks...:bigwave:
 
Elsmar Forum Sponsor
#2
I am kinda out of my comfort zone, on this, Gidget, but....

I see risk management as being just that managing risks. That means that it should be living. Not just stopping at pre-design, but being perodically reviewed as the design evolves.

With that stated, I think going back and performing risk analysis could be beneficial, even after the design is complete. I might annotate it to show it was performed late in the process.
 
M

MIREGMGR

#3
Agree...better to do it late than to not do it at all.

Interesting that you were able to get the 510(k) through without incorporating a risk analysis report. We've been hearing for a while that that's now essential.
 

Ajit Basrur

Staff member
Admin
#4
Refer the FDA Guidance - If you see section 2, it states - "The risk reduction approach has resulted in European and International standards on risk analysis EN 1441 and ISO 14971-1. The scope has been enlarged to cover risk management over the life cycle of the device."

It says risk management over the life cycle of the device; so I agree with MIREGMGR - Better Late than Never :D
 

Marcelo

Inactive Registered Visitor
#5
It has to be done, even if not in the design phase anymore. Remember that medical devices have to be "always"" safe, and the only way of demonstrating this is thru risk management.

This is a little worse if you have to claim conformance to ISO 14971, beucase, really, risk management begins reallllly before design input - it has to begin in the design and development planning, because ISo 14971 requires a risk management plan (in fact, how much before depends on your design and development model, but is before anyway - for example, if your design and development process has a "conceptual" phase in which you choose between some concepts, and then a detailed design in which you design the chose concept, then the regulated "design input" is the input of this detailed design phase - because prior to that, you do not have a "product").
 
S

Stantheman

#6
Hi there Mate.
Sorry that i didnt see it sooner, nut yes is that answer to your question speaking purely as a UK guy who deals with CE technical files Risk assessment is a major part of the CE critera unlike UL who will assess your product CE marking is based upon you fufilling the EGSR / FMEA and thus risk assessments. if you need more help most of my engineering desgin also goes through HAZOPs to sorry but its a requirement here in the UK
 
S

Stantheman

#7
Sorry about all the abbreviations (and my spelling)
ESHR essential safety and health requirements
FMEA failure mode effects anaylasis
HAZOP hazard oeparability studies
 
I

iansawyer

#8
I received the same minor nonconformance due to the exact same scenario. My proposed corrective action was to perform a retrospective risk analysis in accordance with ISO 14971:2008. Our ISO 13485 auditor accepted this CA and issued our ISO cert.
 

GStough

Staff member
Super Moderator
#9
I received the same minor nonconformance due to the exact same scenario. My proposed corrective action was to perform a retrospective risk analysis in accordance with ISO 14971:2008. Our ISO 13485 auditor accepted this CA and issued our ISO cert.
Hi Ian,

Sorry for the delay in replying.

I believe this is what we did, as well.

Thanks! :bigwave:
 
A

alexfeile318 - 2010

#10
Ok, here's the scenario...

We received a minor nonconformance in our re-cert audit in Dec. 08 because risk management was not begun before design input phase of a new product, since results of risk management have to be included in design input.

Ok, this new product has since gone through 510K approval and we are currently trying to get the CE mark testing completed. Product is being produced for inventory, though.

My question is this: Since the product design and development phase is essentially complete, is it acceptable to go back and do risk management activities for this product retrospectively and include the results in the design input portion of the Design History File? Or, do we write an explanation of what happened and why results of risk management are absent from this particular Design History File? With the understanding, of course, that going forward this won't happen again.

Thoughts, ideas, or suggestions are welcome...

Thanks...:bigwave:
I have the same more or less the same problem as you do.
What is worse, risk management has never been implemented in my company. So I want to knwo how to start a risk management and what are included in the who risk management process. Finally what are the deliverables from the risk managemnt process that I can show them to auditors, be it from FDA or Notified body.

Alex
 
Thread starter Similar threads Forum Replies Date
V PIC/S Committee has adopted an Aide-Memoire on Assessment of Quality Risk Management ISO 14971 - Medical Device Risk Management 2
B ISO 17025:2017 risk management Risk Management Principles and Generic Guidelines 0
S Risk Management Review ISO 14971 - Medical Device Risk Management 4
S Risk Management and other Files ISO 14971 - Medical Device Risk Management 8
silentmonkey Overall Benefit/Risk Analysis - Risk Management VS Clinical Evaluation ISO 14971 - Medical Device Risk Management 3
Aymaneh Medical Device Cybersecurity Risk Management IEC 27001 - Information Security Management Systems (ISMS) 2
A 21 CFR 820 - Risk Management - Looking for some guidance US Food and Drug Administration (FDA) 3
Sravan Manchikanti Software Risk Management & probability of occurrence as per IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 8
R Identify Medical Device characterstics as Annex C of ISO 14971 Risk Management ISO 14971 - Medical Device Risk Management 5
N Device Labeling - Medtronic Ventilator Files (Risk Management documents) Coffee Break and Water Cooler Discussions 2
T How do you define your Hazards? <a Risk Management discussion> ISO 14971 - Medical Device Risk Management 16
adir88 MDR requirement: Risk Management Plan for "each device" ISO 14971 - Medical Device Risk Management 5
D Risk Analysis & Technical File - What detail goes in the Risk Management Report ISO 14971 - Medical Device Risk Management 5
C AS9100 Rev D 8.1.1 & APQP - Operational risk management process AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
B ATP 5-19 "Risk Management" Misc. Quality Assurance and Business Systems Related Topics 2
N Risk Management besides mandated FDA requirements 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
M Identifying Hazards - Risk management process ISO 14971 - Medical Device Risk Management 6
R Risk Management in the Medical Device Industry ISO 14971 - Medical Device Risk Management 4
F Linking an ISO 31000 Risk management SOP to ISO 17025 ISO 17025 related Discussions 2
Ronen E The unbearable insensitivity of risk management language Other Medical Device and Orthopedic Related Topics 1
S ISO 14971 Risk Management - Questions for Hazard identification ISO 14971 - Medical Device Risk Management 2
M Risk/Benefit vs. benefit-risk - Revising an SOP covering Risk Management with the MDR in mind EU Medical Device Regulations 10
A Defining Expected Service Life in Risk Management File Reliability Analysis - Predictions, Testing and Standards 5
R Linking the Processes of Continual Improvement, Change Management, Risk Management, Action Planning, etc? Preventive Action and Continuous Improvement 5
D Risk management according to ISO 14971 - When to document risk controls? ISO 14971 - Medical Device Risk Management 10
J Software for Techfiles and Risk management ISO 14971 - Medical Device Risk Management 1
M Informational ISO TC 210 IEC SC 62A JWG 1 Medical device risk management – São Paulo meeting 2019 Medical Device and FDA Regulations and Standards News 6
M Medical Device News ISO TC 210 IEC SC 62A JWG 1 Medical device risk management – São Paulo meeting 2019 Medical Device and FDA Regulations and Standards News 0
D Where does FMEA fit in your ISO 14971 Risk Management process? ISO 14971 - Medical Device Risk Management 13
M Informational ISO TC 210 JWG 1 meeting in São Paulo – Revision of ISO 14971 and ISO TR 24971 – Medical Device Risk Management Medical Device and FDA Regulations and Standards News 0
T Risk Management Report as per MDR Requirements EU Medical Device Regulations 4
S Medical Device Cybersecurity Risk Management File ISO 14971 - Medical Device Risk Management 2
M Medical Device News Health Canada Notice of intent: Strengthening the post-market surveillance and risk management Canada Medical Device Regulations 1
Q Evidence of precautions (clinical evaluation report, risk management report) EU Medical Device Regulations 6
Q Risk / benefit Analysis in Risk Management Report CE Marking (Conformité Européene) / CB Scheme 12
A How to view supplier APQP timeline and do risk management APQP and PPAP 4
O Medical Device EMC Risk Management CE Marking (Conformité Européene) / CB Scheme 4
S ISO 13485:2016 - How I can integrate a risk management approach in our SOPs ISO 13485:2016 - Medical Device Quality Management Systems 1
B Time necessary for all Risk Management activities ISO 14971 - Medical Device Risk Management 2
W Virtual Manufacturer and Risk Management ISO 14971 - Medical Device Risk Management 3
O CQE Handbook - Missing Section VII - Risk Management Misc. Quality Assurance and Business Systems Related Topics 1
F Medical Device HACCP (Hazard Analysis and Critical Control Point) Risk Management ISO 14971 - Medical Device Risk Management 2
J Differences between a Risk Management Plan vs. Production Part Approval Process AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
M Free Risk Management Webinar - Design for Quality - May 2017 Risk Management Principles and Generic Guidelines 1
J Will this fulfill the AS9100D Risk Management Requirement AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
A Including all Processes in Risk Management - ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 8
F Risk Management vs. FMEA ISO 14971 - Medical Device Risk Management 11
T Using Risk Management in ISO 10993 - Medical Device Accessory 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
Q Risk Management - Additional Process in ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
alonFAI How to define a Risk Based Approach for Supplier Management per ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1

Similar threads

Top Bottom