Periodic Visitor

We are a medical device facility under the guidelines of ISO 13485:2003 as well as FDA scrutiny (ISO 14971). With that said, I am also interested in preventing the risk management system from just being used for Quality and Regulatory purposes. Does anyone use / have forms that not only address a risk through QA/RA, but have found a way to incorporate $$ into the risk assessment.

Our systems are segmented here - I am not here to blame but our software package is very restrictive. Recently, I have taken this over. However, realized that once this is complete and the design is released it is not used for a comparative analysis against the development costs, ongoing QA, future development projects other than to create another risk assessment for a new project.

I am referring to the entire Risk Management including questionnaires, FMEA's, etc..

Any thoughts?


Re: Risk Management Portal - Beyond ISO 14971 - Incorporate $$ into the risk assessme

We have taken $$ into account in our process FMEAs. We use an RPN system with a 1-10 scale and have assigned all "injury" a severity 9 (minor injury) or 10 (major injury/death). Lower severities generally involve money - either scrap, rework, lost productivity, etc. For these we generally assign higher severities to harms that will cost the firm more $$ and lower severities that will cost the firm less to fix/remedy. We also have a 2-tiered mitigation requirement. For severities of 9 or 10 we mandate risk mitigation for RPNs above a certain threshold. For lower severities (i.e. lost $$) it is up to the team to decide whether to implement mitigations and what is ALARP.

In contrast, our Design FMEA and System Hazard Analysis only have severities based on harms to the patient/user/environment and do not have severities based on any monetary losses to the company.


Inactive Registered Visitor
Re: Risk Management Portal - Beyond ISO 14971 - Incorporate $$ into the risk assessme

Great question and very helpful answer! Since money is the language of management, I try to get my clients to practice Cost of Quality, especially Cost of Poor Quality with near fanatical fervor. Nothing gets Management "help" better than a big, bad number with a $ prefix.


Starting to get Involved
Re: Risk Management Portal - Beyond ISO 14971 - Incorporate $$ into the risk assessme

:applause: That's the healthiest approach with the QMS. Not only look at the regulations, points and commas, but also at the people and the balance book. This way it is an active part of the whole organisation, which adds to the well-being of all, including the CEO and CFO. And this way it becomes clear that the complete QMS is relevant to all.