The Sequence of ISO 14971 Risk Analysis Activities

medical_eng

Involved In Discussions
#1
All,
I have been looking deeper into ISO14971 and other risk analysis/management techniques. Everywhere I look, the recommendation is to 1) analyse the risk (hazards leading to harm), 2) evaluate the risk (acceptable or not), and 3) control the risk if not acceptable, in that specific order. I understand the logic of this sequence but it doesn?t make practical sense.
As I fill out my risk chart and contemplate harms, with very rare exception, I am always able to find ways of controlling the risk to either minimize the occurrence or the severity. It makes more sense to me, after analyzing the risk, to directly propose a risk control method and THEN evaluate the risk (severity/occurrence). If a control method is absolutely not available at all for whatever reason then the risk is evaluated with this knowledge directly.
Stated another way, I would be surprised to read a risk analysis document for a medical device (of any practical use) and see the majority of uncontrolled risks being deemed as acceptable.
From what I see right now, to follow 14971, one has to always rate risk twice: once before a control and again after. What?s the point of that? I hope that there are forum members that can explain why it ended up the way that it is.
Thanks!
 
Elsmar Forum Sponsor

Ronen E

Problem Solver
Staff member
Moderator
#2
Hi,

I don't share this view:

I would be surprised to read a risk analysis document for a medical device (of any practical use) and see the majority of uncontrolled risks being deemed as acceptable.
I've seen more than 1 case where this is exactly what happened. The activity then followed to focus and mitigate a relatively small number of unacceptable risks, until they became acceptable or were eliminated altogether. For such risks, yes, the process requires at least 2 evaluation cycles.

Cheers,
Ronen.
 

Pads38

Trusted Information Resource
#3
From what I see right now, to follow 14971, one has to always rate risk twice: once before a control and again after. What?s the point of that?
We create a table of hazard / risk before / risk reduction method / risk after / verification of risk reduction method as a means of tracking the hazard to it's risk reduction method to it's verification. It's a very useful method and is something that regulators like to see as well.
 

Peter Selvey

Staff member
Moderator
#4
Pre / post assessment is unfortunately required by the standard, and expected by regulators.

But you are right, it does not make sense.

Rather, when dealing with a complex subject (something not obvious from first glace), good risk management requires establishing the characteristics of the particular situation without risk control(s) in place, in order to understand if the risk control(s) are effective, and for future reference in case of design changes.

For example: an electronic thermometer could read wrong if the battery is low. As a first step we need to understand at what battery voltage things start to loose accuracy (Vbatt_FAIL), which could require tests or analysis from spec sheets of individual parts. Then you design a protection (risk control) which operates with a margin before this point (Vbatt_MIN = Vbatt_FAIL + 0.2V); then you finally validate that the protection works (blanks the display at Vbatt_MIN or lower), and also that the thermometer is accurate at that point (disable the protection, confirm accuracy at Vbatt_MIN).

It's much more important to keep a record of these kind of details than to worry about pre/post risk assessment. But currently ISO 14971 does not require these records ... only the useless numbers in the table :)
 

sagai

Quite Involved in Discussions
#5
I do not see the point to debate whether or not the regulation itself is sensible to your situation. ISO14971 is a voluntary standard, it is up to you if you declare conformance to it or if you set your own way and later shelter it for legislators.
I do not like paying tax for example, but when I am in the country, I voluntarily choose that I am subject to all of its regulations and jurisdiction.
Simple is that I think.

The whole medical device is in the hazard continuum. Every feature of your device is hazardous. Basically anything can go wrong and could result in patient related event. And our lifetime is obviously not enough to minimize the risk of things possible could go wrong as regard to the medical device.
I think, it is not possible to have a safe medical device, the only thing we can have is a level of confidence about its safety maturity when we think, well ... it worthwhile to use it rather than not.

So ... the initial hazard analysis is actually helps you not to spend your lifetime on chasing all the hazardous situations and also give you a reference point to see your progress, the point that can be used to compare if you managed to increase your confidence about the safety of your device.

Many thanks, Cheers
 

Pads38

Trusted Information Resource
#6
I do not see the point to debate whether or not the regulation itself is sensible to your situation.
The discussions can seem a little theoretical, rather than practical but, perhaps, we can develop alternative approaches or improvements that could be used to improve the standards. There are people in the Cove who are actively involved in standards work.

As you say standards are voluntary, but the fact is, "sticking to the book" is generally much easier than having to prove the acceptability of an alternative approach.
 

sagai

Quite Involved in Discussions
#7
:topic:
I think there is a whole industry that was lined up for this business due to the fact that people in this industry found more palatable and relaxing to rely on standards rather than their own common sense and understanding. :cool:
 

medical_eng

Involved In Discussions
#8
Thanks everyone for the feedback and counterpoints.

Here's my example case to illustrate the point which forum members can weigh in on.

You're designing an electrically powered medical device. As such, compliance to 60601 is required and you know that up front. So you're now starting your risk analysis and you are contemplating the electric shock hazard. 60601 goes into a lot of detail how to design and verify to prevent this. Where is the value in contemplating all the sequence of events, hazardous situations, and harms from an electric shock when in the end (and there may be quite a few), compliance to a recognized standard is your method of risk control, reduces the risk to an acceptable level, and covers it all? Why not zero in on it right away?

Remember that a risk analysis is not a document created by one person and then filed away never to see the light of day. It?s also a communication tool for others to read and understand (and approve, if appropriate). Eliminate detail that in the end would be basically irrelevant is my suggestion.

Now, if your device has a new application of technology not contemplated by the standard, or is used in a particularly severe environment, or no direct standard exists, etc., one has to recognize this and then I see the value in the two step process. You still need to have your thinking cap on at all times on these matters.

What does ISO31010 have to say on all of this?

I?ve read 14971 and 60601 several times (!) and it is quite evident that the authors of the one were aware of the other document and vice versa, and likely fully aware of 31010 as well. So getting back to the original question, why is ISO14971 strict on the two step process for every hazard? What?s the practical point? Why did it end up that way?

Cheers!
 

sagai

Quite Involved in Discussions
#9
You can do a workaround saying all your initial risk evaluations deem the risk unacceptable due to your manufacturer policy and you immediately continue with the mitigation/control measure, simple is that.

There is a danger actually spending more time on looking into and chasing standards rather than carry out the work on a sensible manner.

Another angle ...
If I understand correctly that you are doing this analysis and control identification work.
I am wondering how do you involve medical science domain knowledge into such analysis in order to see the medical extent of those discretion?

Cheers!
 
Last edited:

Ronen E

Problem Solver
Staff member
Moderator
#10
Thanks everyone for the feedback and counterpoints.

Here's my example case to illustrate the point which forum members can weigh in on.

You're designing an electrically powered medical device. As such, compliance to 60601 is required and you know that up front. So you're now starting your risk analysis and you are contemplating the electric shock hazard. 60601 goes into a lot of detail how to design and verify to prevent this. Where is the value in contemplating all the sequence of events, hazardous situations, and harms from an electric shock when in the end (and there may be quite a few), compliance to a recognized standard is your method of risk control, reduces the risk to an acceptable level, and covers it all? Why not zero in on it right away?

Remember that a risk analysis is not a document created by one person and then filed away never to see the light of day. It’s also a communication tool for others to read and understand (and approve, if appropriate). Eliminate detail that in the end would be basically irrelevant is my suggestion.

Now, if your device has a new application of technology not contemplated by the standard, or is used in a particularly severe environment, or no direct standard exists, etc., one has to recognize this and then I see the value in the two step process. You still need to have your thinking cap on at all times on these matters.

What does ISO31010 have to say on all of this?

I’ve read 14971 and 60601 several times (!) and it is quite evident that the authors of the one were aware of the other document and vice versa, and likely fully aware of 31010 as well. So getting back to the original question, why is ISO14971 strict on the two step process for every hazard? What’s the practical point? Why did it end up that way?

Cheers!
Mind you, there are a lot of medical device types which do not have the equivalent(s) of 60601. People involved in electrical medical equipment tend to forget it sometimes (no offence).

I'm not a 60601 expert, but in my opinion you could add a clause at the beginning of your RMF excluding all generic hazards addressed by 60601 (applicable parts) on the grounds that your device is properly tested and certified. Then go on to analyse those "special" risks that are unique.

Cheers,
Ronen.
 
Last edited:
Thread starter Similar threads Forum Replies Date
R ISO 13485 QMS sequence of implementation ISO 13485:2016 - Medical Device Quality Management Systems 4
R Sequence and Interaction - Combined for both ISO 9001:2015 and EMS 14001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Q ISO 9001:2008 4.1 b Clarification - Sequence and Interaction of Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 5
Q ISO 9001 2000 Drafts - What is the approval sequence and meeting places? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
K Sequence of testing in IEC 60601-1 IEC 60601 - Medical Electrical Equipment Safety Standards Series 2
P NDT Process sequence Manufacturing and Related Processes 9
V Sequence of performing risk assessment: User_FMEA (User Errors) vs Design Inputs FMEA and Control Plans 1
C Sequence of Process Steps not Respected FMEA and Control Plans 3
B AS9100 Rev D Sequence and Interactions of Processes - How in depth do I need to go? AS9100, IAQG 9100, Nadcap and related Aerospace Standards and Requirements 9
M Work Instruction Content or Sequence Changes and Operation Numbering Document Control Systems, Procedures, Forms and Templates 3
G Sequence and Frequency of Calibration for Thread Gauges General Measurement Device and Calibration Topics 2
A Sequence and Interaction of the Processes - Please review my Process Map ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
R "Control" as used in 4.1 c) - Process Flow Charts (Process Sequence Chart) ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
G What is the right sequence for a Gage R&R study? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 7
E Sequence of Operations - Non-Destructive Testing vs. Trim & Drill Manufacturing and Related Processes 2
V MOST (Maynard Operation Sequence Technique) Technique - Information/Help wanted Manufacturing and Related Processes 2
I Validation of a MOST (Maynard Operation Sequence Technique) Time Study Human Factors and Ergonomics in Engineering 2
S Do insulation layers in double insulation have sequence requirement? IEC 60601 - Medical Electrical Equipment Safety Standards Series 5
S Requirements for Sequence Diagrams & Process Flow Chart for each Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
Q IQ, OQ, PQ and Process Validation Sequence Qualification and Validation (including 21 CFR Part 11) 5
R Process Qualification, Equipment Qualification, Operator Qualification - Sequence? Manufacturing and Related Processes 10
C MOST (Maynard Operation Sequence Technique) study for assembly of cockpit Lean in Manufacturing and Service Industries 6
A What is the Sequence of PPAP? APQP and PPAP 4
S Sequence and Interaction Figure ISO 13485:2016 - Medical Device Quality Management Systems 3
C GMP question - New pharma/drug manufacturing facility certification timeline/sequence Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 8
P 5S Deployment Sequence Quality Tools, Improvement and Analysis 3
D Workflow showing Sequence and Interaction of Processes in a Recruitment Scenario ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 3
M Explanation of Sequence and Interaction of Processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
R How does the assessor analyse the sequence and interactions processes? Document Control Systems, Procedures, Forms and Templates 1
S Clarify on sequence & interaction of processes - Manufacturer of wiring harness IATF 16949 - Automotive Quality Systems Standard 10
Y Control chart - Sequence of sampling is not in accordance with production sequence Inspection, Prints (Drawings), Testing, Sampling and Related Topics 1
L Quality Plan or Sequence and interaction of the processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
J Determine the sequence and interaction of processes - ISO9001 Clause 4.1 and 4.1 b ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 15
S Process Required - NC for not including HR and Maintenance in our Processes Sequence IATF 16949 - Automotive Quality Systems Standard 2
apestate How do I satisfy 4.1 - Identify and determine the sequence and interaction processes ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 6
W QMS Manual for TS 16949 - Sequence for Writing the QMS Manual Quality Management System (QMS) Manuals 14
Marc Run Charts - Plots of process characteristics against time or sequence Statistical Analysis Tools, Techniques and SPC 3
S Has anyone ever heard of an International Standard for date sequence? Other ISO and International Standards and European Regulations 2
O ISO 13485 - Is management review required before stage 1? ISO 13485:2016 - Medical Device Quality Management Systems 2
BeaBea ISO 9001 Customer Feedback Methods - What has worked for your company? Service Industry Specific Topics 15
O In addition to the standard, what other ISO 13485 sources do people recommend? ISO 13485:2016 - Medical Device Quality Management Systems 5
Watchcat ISO 13485 for IVD (In-vitro Diagnostic Device) Manufacturers? ISO 13485:2016 - Medical Device Quality Management Systems 8
G New to ISO 9001 - Where to begin? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 17
BeaBea Interesting Discussion Where Does Marketing/ Advertisement of Products fit in to ISO 9001? Process Maps, Process Mapping and Turtle Diagrams 35
G ISO 17025-2017 Management Review reporting items - Inputs ISO 17025 related Discussions 1
F Logistics and IT clauses in ISO 9001:2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 12
Q Automation in manufacturing - Print Shop ISO 9001 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 13
B ISO 14971 Applied to Software ISO 14971 - Medical Device Risk Management 2
K Contamination Control - Class Is medical devices (Clause 6.4.2 ISO 13485:2016 (E)) ISO 13485:2016 - Medical Device Quality Management Systems 10
V Quality Objectives - ISO 9001 2015 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 26
Similar threads


















































Top Bottom