Risk Management in an IVD, ISO 13485 certified company

L

LeoSobrinho

I work for an IVD, ISO 13485 certified company. Our QMS is relatively new. We are trying and struggling with our Risk Management process.

Can you please advise on how to go about it? is a Risk Assessment only acceptable? Is it a must for the company to take into consideration the Severity of the risk?

Any guidance will be appreciated

Regards
 
S

SteveK

Re: Risk Management

Have a look at my attachment - this may help (noting we are now on the 2012 version)

Steve

LINK TO POST WITH FILE REMOVED. I COULD NOT FIND IT TO FIX IT. SORRY...
 
Last edited by a moderator:
O

OleOvergaard

Risk management is not something that can be applied as an add on to your QMS after development or manufacturing. Risk Management must be integrated in your QMS during both development, manufacturing and post market.

And risk assessment alone is certainly not enough. You must follow all the steps in ISO 14971, including risk management planning, assessment, evaluation, control, verification, reporting and post market surveillance. The extent of each of these steps depends of course of the classification of your IVD device. But they must all be performed and documented.

In EU, EN ISO 14971:2012 is harmonized against the IVD Directive, and thus, if you comply with 14971 your notified body has to presume compliance with the essential requirements of the IVD Directive. In USA, ISO 14971:2012 is a recognized consensus standard.

In other words: ISO 14971 is the way to go. You have to read it and understand it, including the informative appendices that gives examples and advice. In EU you should also pay attention to annex ZB.

If this seems too complex, you should either take some relevant training, hire some experienced consultants, or both.
 
Top Bottom