Risk Management - Probability vs. Frequency

Roland chung

Trusted Information Resource
#1
Hello Peter,

I think it is better to start a new thread to discuss the interesting topic which shown as the caption.

Using the frequency as the basis of the risk is quite new for me. Please allow me simply summarize your point of view: if the events are relatively high frequency (>1 events/device/year), it is correct to use the frequency to estimate the risk. That said, use of the probability in that case is wrong.

It seems to make sense for external events (e.g. misuse). Could you explain it in detail? Please give some examples, if possible.

Thanks in advance.
 
Elsmar Forum Sponsor
R

RogerG

#2
Rather than frequency or probability we tend to use likelihood and define it in terms of common cause events and special cause events, each modified as to likely to occur for most users or for a smaller group of users. Are twice as many events twice as important? I don't think that this type of question can be easily answered, so numerically based methods of assessing occurrence seem inappropriate to me (although they are obviously used almost everywhere).
 

Peter Selvey

Staff member
Super Moderator
#3
Accurately estimating probability (or frequency) can be difficult so in most cases this is purely a "theoretical" discussion.

ISO 14971 specifically states that risk is based on the probability of harm.

The correct parameter is frequency (average events per period), to account for events that occur at a frequency > 1. Since probability cannot exceed 1, under ISO 14971, all events with a frequency exceeding one are treated as having the same "risk". So for example a minor burn that occurs 100 times a year has the same "risk" of a minor burn that occurs 1-2 times a year.

Obviously, in this extreme example no-one would consider the risk the same. But I have seen cases where risks that are different by factors of 10 are considered treated the same.

Also, this can also cause errors if there is a sequence of events, and overall probability of harm is based on product of each probability. Again if one of the intermediate events occurs a frequency greater than 1, the result may underestimate the risk.

The potential for "error" increases as the unit for time increases. Calculations based on per use or per day are usually OK, but calculations on a per year or per lifetime might have problems.

Obviously, risk should be risk no matter what units are used. Units are just for convenience. The ratio of risk for event A vs event B should be constant no matter what units are used. If frequency is used, the ratio never changes. But if probability is used, it can change ...
 

Roland chung

Trusted Information Resource
#4
My thoughts a bit messy now. I am wondering if the overall probability will be overestimated when using frequency.

I would think the frequency (adverse events) is highly relevant to the number of use of device during a defined period. For example, device A is used 1000 times per year and 1 adverse events occurred (1 in 1000). If a similar device B is used 100 times per year but without adverse events, can we say the risk of device B is lower than the device A? Frequency based method may tell us that the risk of device A is higher. I think it is not true. There is not enough evidence to judge which device has higher risk.
 
Thread starter Similar threads Forum Replies Date
Sravan Manchikanti Software Risk Management & probability of occurrence as per IEC 62304 IEC 62304 - Medical Device Software Life Cycle Processes 8
E Risk Management selection Probability of Occurrence and Severity ISO 14971 - Medical Device Risk Management 24
B ISO 17025:2017 risk management Risk Management Principles and Generic Guidelines 0
S Risk Management Review ISO 14971 - Medical Device Risk Management 4
S Risk Management and other Files ISO 14971 - Medical Device Risk Management 8
silentmonkey Overall Benefit/Risk Analysis - Risk Management VS Clinical Evaluation ISO 14971 - Medical Device Risk Management 3
Aymaneh Medical Device Cybersecurity Risk Management IEC 27001 - Information Security Management Systems (ISMS) 2
A 21 CFR 820 - Risk Management - Looking for some guidance US Food and Drug Administration (FDA) 3
R Identify Medical Device characterstics as Annex C of ISO 14971 Risk Management ISO 14971 - Medical Device Risk Management 5
N Device Labeling - Medtronic Ventilator Files (Risk Management documents) Coffee Break and Water Cooler Discussions 2
T How do you define your Hazards? <a Risk Management discussion> ISO 14971 - Medical Device Risk Management 16
adir88 MDR requirement: Risk Management Plan for "each device" ISO 14971 - Medical Device Risk Management 5
D Risk Analysis & Technical File - What detail goes in the Risk Management Report ISO 14971 - Medical Device Risk Management 5
C AS9100 Rev D 8.1.1 & APQP - Operational risk management process AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 1
B ATP 5-19 "Risk Management" Misc. Quality Assurance and Business Systems Related Topics 2
N Risk Management besides mandated FDA requirements 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 1
M Identifying Hazards - Risk management process ISO 14971 - Medical Device Risk Management 6
R Risk Management in the Medical Device Industry ISO 14971 - Medical Device Risk Management 4
F Linking an ISO 31000 Risk management SOP to ISO 17025 ISO 17025 related Discussions 2
Ronen E The unbearable insensitivity of risk management language Other Medical Device and Orthopedic Related Topics 1
S ISO 14971 Risk Management - Questions for Hazard identification ISO 14971 - Medical Device Risk Management 2
M Risk/Benefit vs. benefit-risk - Revising an SOP covering Risk Management with the MDR in mind EU Medical Device Regulations 10
A Defining Expected Service Life in Risk Management File Reliability Analysis - Predictions, Testing and Standards 5
R Linking the Processes of Continual Improvement, Change Management, Risk Management, Action Planning, etc? Preventive Action and Continuous Improvement 5
D Risk management according to ISO 14971 - When to document risk controls? ISO 14971 - Medical Device Risk Management 10
J Software for Techfiles and Risk management ISO 14971 - Medical Device Risk Management 1
M Informational ISO TC 210 IEC SC 62A JWG 1 Medical device risk management – São Paulo meeting 2019 Medical Device and FDA Regulations and Standards News 6
M Medical Device News ISO TC 210 IEC SC 62A JWG 1 Medical device risk management – São Paulo meeting 2019 Medical Device and FDA Regulations and Standards News 0
D Where does FMEA fit in your ISO 14971 Risk Management process? ISO 14971 - Medical Device Risk Management 13
M Informational ISO TC 210 JWG 1 meeting in São Paulo – Revision of ISO 14971 and ISO TR 24971 – Medical Device Risk Management Medical Device and FDA Regulations and Standards News 0
T Risk Management Report as per MDR Requirements EU Medical Device Regulations 4
S Medical Device Cybersecurity Risk Management File ISO 14971 - Medical Device Risk Management 2
M Medical Device News Health Canada Notice of intent: Strengthening the post-market surveillance and risk management Canada Medical Device Regulations 1
Q Evidence of precautions (clinical evaluation report, risk management report) EU Medical Device Regulations 6
Q Risk / benefit Analysis in Risk Management Report CE Marking (Conformité Européene) / CB Scheme 12
A How to view supplier APQP timeline and do risk management APQP and PPAP 4
O Medical Device EMC Risk Management CE Marking (Conformité Européene) / CB Scheme 4
S ISO 13485:2016 - How I can integrate a risk management approach in our SOPs ISO 13485:2016 - Medical Device Quality Management Systems 1
B Time necessary for all Risk Management activities ISO 14971 - Medical Device Risk Management 2
W Virtual Manufacturer and Risk Management ISO 14971 - Medical Device Risk Management 3
O CQE Handbook - Missing Section VII - Risk Management Misc. Quality Assurance and Business Systems Related Topics 1
F Medical Device HACCP (Hazard Analysis and Critical Control Point) Risk Management ISO 14971 - Medical Device Risk Management 2
J Differences between a Risk Management Plan vs. Production Part Approval Process AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 3
M Free Risk Management Webinar - Design for Quality - May 2017 Risk Management Principles and Generic Guidelines 1
J Will this fulfill the AS9100D Risk Management Requirement AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 7
A Including all Processes in Risk Management - ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 8
F Risk Management vs. FMEA ISO 14971 - Medical Device Risk Management 11
T Using Risk Management in ISO 10993 - Medical Device Accessory 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 4
Q Risk Management - Additional Process in ISO 9001:2015? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
alonFAI How to define a Risk Based Approach for Supplier Management per ISO 13485:2016 ISO 13485:2016 - Medical Device Quality Management Systems 1

Similar threads

Top Bottom