Risk managment report of Surgical Mask Example

[Marco83]

Good morning,
I just finished my first risk managment report of a surgical mask. I don't know if the approach is correct or not.
Could you take a look to my report and tell me if I'm on a wrong or right way?

I wrote the report in Italian but I quikly translated some part of it in english.
The chapter 2 I translate in english only the requirement 4 just to let you understeand the logic that I applied.
The chapter 3 is in italian but is only a copy of the annex 1 of the Directive 93/42/EEC

I still don't understeand the logic behind the assigment of probabilty and risk values.
Thank you very much

 

[Benjamin Weber]

I still don't understeand the logic behind the assigment of probabilty and risk values.

The goal is, to have an objective procedure for the evaluation of the single risks.

1. At first you define certain probability and severity levels. It is up to you to define these, but ISO 14971 give some help in Annex D.3.2 and D.3.3.
2. After that you start to identifiy possible hazards (see Annex E), e.g. bacterial contamination of the user.
3. Then you have to think of possible events and circumstances, that could lead to this hazard, e.g. "procuction process not according to specification -> wrong force/tempearture/humidity/... applied during production -> bad filtering performance -> contamination of the user with external pathogens"
4. Then you think of the possibility of these events to occur according to you intial probabilities. This gives you the probability P1.
5. Then you think of the possible harm (e.g. death due to bacterail contamination) and the probalitiy, that this series of events really leads to the expected harm, here: Not every bad filter mask leads automatically to death of the user. It depends on the type of pathogens the user might be exposed to, of the health status of the user ..... This gives ouy probability P2.
6. The product of P1 x P2 gives you P. Very often the steps of determining P1 and P2 are combined in one single step.
7. According to your risk evaluation matrix, you will end up with an acceptable or unaccaptable risk.
8. (here come risk mitigation, risk-benefig-analysis....)
9. Repeat steps 2 to 8 for all harzards.

The logic behind this is, that for example the the acceptance ot the harm "death" always depends on the probability, this can occur. You can not rule out, that there will never be a user, woh dies due to bacterial contamination: He or she might have immunological disease or co-morbidities, that he or she is the one of a million people who dies, because your mask was not OK. Is this acceptable for you or not? You organize risk-mitigation methods to reduce the risk even further, let's say to one out of a billion. Is this acceptable to you or not? And on and on...

There might be sequences of actions, that could lead to death which are much more likely, than others. Depending on your objective risk evaluation, you identify the critical ones and reduce the probablity.

I hope this helps a little bit, to understand the "logic" ;-)

 

[Marco83]

Thank you very much.
Yes you gave me an help to undrsteand the logic. But If you ask me why I assigned as probability index : 10^-2 (infrequent) for the requrment 4 danger 1 "Degradation of materials" I cannot justified you. I admit I gave 10^-2 just because I think that if infrequent but i don't have anything that can support it. This is the point that worries me. I pulled randomly every single requirments that I adopted in this RM.
I don't think is the correct way to built a RM.
Exept for that, how do you find my RM?
Thanks a lot

 

[Benjamin Weber]

That is a problem everybody struggles, when doing his first risk analysis. If you don't have any experience with the materials, processes etc., you can try to search other sources (material property databases, scientific literature...) to get more profound information. If that is not feasable, your last chance is to make an educated guess. Just applying different indices randomly is of cource not a very good idea. Your guesses should not be absolutely unreasonable. That's also a good reason, why there should be people from different departments with different background in your RM team. You will have to discuss your decisions with the other members and come to a good agreement. And you will have to review and update your RM frequently, where the experiences over time will lead to an adjustment of your initial assumptions.

 

[Marco83]

what do you mean for educated guess? I was thinking to switch from a semiquantitative analisys to a qualitative analisys (points D3.4.1 - 3.4.2) Could be a good idea?

 

[Benjamin Weber]

Switching to a qualitative analysis might be a good idea. Nevertheless, you also have to justifiy your qualitative decisions in some way.

 

[Marco83]

Good morning,
first I want to thank you for your help.
I wrote again a RM based on qualitative analisys.
Could you give me a feedback?
Thank you very much

 

[Benjamin Weber]

Basically it is OK, as far as I can judge after a short check.

What I noticed:

• You identify six risks/hazard only. Is that all or just en extract? ISO 14971 gives you a lot of questions to aks yourself, in order to identify possible risks/hazards. Did you go through these? This hepls you, to think about aspects on more objective basis. Eventually the most of these questions may be answered as not applicable (e.g. electrical risks). But then you can be sure to have not missed anything crucial.
• In chapter 1 you basically describe the RM process with all relevant compliance documents. OK. But I am not sure, if you cover everything correctly. E.g.: 14971 cl. 6.6 requires you to identify possible new hazard arising from the risk control measures. You refer to the list of hazards and the risk details. But there I cannot find anything about possible new hazards arising from the risk control measures. Maybe this is also just, because it is not the whole RM file?

 

[Marco83]

Good morning,
thank you for your check.
No itsn't an extrac. That's all. it's too little?
To identify the risks I tried to follow the annex 1 of the Directive 93/42/EEC and try to answer to the clauses (applicable of course).
I also use all the clauses of the annex to write the STED.
In my first RM, as you can see at chapter 3, I insert all the clauses of the annex I, in this RM I didn't. I change the format and the guide to follow.
Do I should increase the examples of the risks?
I will check again the ISO 14971 anyway.
Thank you.

 

[Marco83]

The clause 6.6 it's an error actually. But if I must be sincere I don't know how fll that clause, because the MD is not still on the market.
Anyway I'm rectifing the RM following yours reccomandations.
thanks