What ever happened to Medical Device Risk Management, anyway?

J

Julie O

#1
I pulled these comments from another thread, posted in January 2011:

The FDA wants you to have an effective and comprehensive risk analysis and management process. They don't yet have detailed rules as to exactly how you must proceed.
FDA is probably kicking themselves for saying so little about risk management in Part 820
Six years later, I haven't seen any signs of significant forward movement on this.

- I google fda.gov for "medical devices and "risk management" and come up with nothing much.

- I hear that FDA inspectors expect to see risk management in place, but I wonder...if a company doesn't have risk management in place, what requirement do they cite in their findings?

Has anyone seen FDA do anything official about "requiring" risk management, as opposed to just "expecting" it?
 
Last edited by a moderator:
Elsmar Forum Sponsor
R

randomname

#2
Re: What ever happened to risk management, anyway?

If your firm is FDA regulated it's likely that you may work to ISO 13485, which requires risk management.
 

Ronen E

Problem Solver
Staff member
Moderator
#3
Re: What ever happened to risk management, anyway?

I pulled these comments from another thread, posted in January 2011:
..........

Six years later, I haven't seen any signs of significant forward movement on this.

- I google fda.gov for "medical devices and "risk management" and come up with nothing much.

- I hear that FDA inspectors expect to see risk management in place, but I wonder...if a company doesn't have risk management in place, what requirement do they cite in their findings?

Has anyone seen FDA do anything official about "requiring" risk management, as opposed to just "expecting" it?
Julie, I'm not aware of an official, wide change in the regulations or guidance in that regard. However, one can already see the change seeping through in specific guidances/circumstances. They do put it black on white sometimes but the scope is usually limited.

There's this (pdf), FWIW.

Cheers,
Ronen.
 
J

Julie O

#4
Re: What ever happened to risk management, anyway?

Yes, FDA has issued several guidances on benefit-risk in the last few years, but nothing on risk management. The way the guidance you linked refers to risk management, it sounds like FDA thinks it has a requirement for risk management, but, as far as I know, it doesn't. I think this is rather strange.
 

QA-Man

Involved In Discussions
#5
Re: What ever happened to risk management, anyway?

Yes, FDA has issued several guidances on benefit-risk in the last few years, but nothing on risk management. The way the guidance you linked refers to risk management, it sounds like FDA thinks it has a requirement for risk management, but, as far as I know, it doesn't. I think this is rather strange.
What about 21CFR820.30(g)? Design validation shall include software validation and risk analysis, where appropriate.
 

Marcelo

Inactive Registered Visitor
#6
Part of the "historical" problem is that what we know today as risk management (analysis, evaluation, control and monitoring) was not always called that. Although the term risk management has existed in literature for a long time, a definition for risk management is relatively recent (in particular, in terms of standards for medical devices).

For example, EN 1441:1998, which was created to related to the risk "management" portion of the EU Directives, was in fact called EN 1441:1998 - | Medical devices - Risk analysis, and the process it defined (see attached) is what we today call risk management.

When ISO 14971-1 was first created, the term risk management was defined, but the standard was going to have different parts, each one dealing with a part of the risk management process (the first being risk analysis).

Only after ISO 14971 was created in 2000 that we had one standard that dealt with "risk management"for medical devices.

This is basically the problem with FDA regulations, which preclude the dates mentioned. You can find risk analysis several times in FDA regulations, and also you can find mention to identify, evaluate, control and monitor risks. But this whole process was called risk analysis at the time. In today's terms, they require what Iso 14971 defines as risk management.
 

Attachments

Ronen E

Problem Solver
Staff member
Moderator
#7
Re: What ever happened to risk management, anyway?

What about 21CFR820.30(g)? Design validation shall include software validation and risk analysis, where appropriate.
That is the only reference to risk in part 820, and it is very limited:

1. It speaks of "risk analysis" which is only a subset or risk management.
2. It has the notorious "where appropriate" which doesn't support clarity / transparency (though it is parseable).
3. It only addresses a portion of Design Control (Design Validation) while risk management is more holistic nowadays.
 

Ronen E

Problem Solver
Staff member
Moderator
#8
Marcelo, thanks for your overview, it's definitely an interesting aspect.

Let's please not forget that it's already been ~16 years since the publication of ISO 14971:2000. Part 820 was updated many times during that period and the FDA could have adjusted it to risk management if it was merely a matter of terminology.

You can find risk analysis several times in FDA regulations, and also you can find mention to identify, evaluate, control and monitor risks.
Can you please point out the FDA regulations that mention identification, evaluation, control and monitoring of risks?
 
J

Julie O

#9
Re: What ever happened to risk management, anyway?

What about 21CFR820.30(g)?
Clearly it requires risk analysis, although potentially only software risk analysis. And "where appropriate" is a mystery to me here. Normally when FDA says something like this, it means...if there is risk, you analyze it. But of course there is no such thing as a medical device that has no risk. I'm not sure I even want to know where the authors of the QSR thought it would not be appropriate.

Regardless, risk analysis is not risk management. It is either the first step, or the step before.
 
Thread starter Similar threads Forum Replies Date
R Mix Multi-Site/Individual Certification - Has this ever happened to anyone? Miscellaneous Environmental Standards and EMS Related Discussions 14
Q What ever happened to the "Process is not systemic" finding ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 11
Jim Wynne Virus Hoaxes or, What Ever Happened to Fact-Checking? After Work and Weekend Discussion Topics 5
G What ever happened to ISO 9000-1,-2 etc ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
T What ever happened to MIL-STD-45662A and MIL-HANDBOOK-52 General Measurement Device and Calibration Topics 0
M SemaTech SSQA Standardized Supplier Quality Assessment - my favorite tool ever Manufacturing and Related Processes 0
E Interesting Discussion Was this the fastest ever stage 2 ISO9001:2015 audit? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 76
Q Have you ever "excluded" certain job descriptions from the QMS? ISO 13485:2016 - Medical Device Quality Management Systems 10
Sam Lazzara Notified Body CE Project Manager - Worst job ever? EU Medical Device Regulations 6
Claes Gefvenberg Worst measuring equipment ever? Coffee Break and Water Cooler Discussions 6
F Is Testing ever a legitimate Risk Mitigation? ISO 14971 - Medical Device Risk Management 7
Marc Lake Mead Plunges To Lowest Level Ever - 2016 World News 10
P Has anyone ever heard of the Eastern Weighing and Inspection Bureau? Calibration and Metrology Software and Hardware 1
Hershal First ever college football playoff? 2014 Coffee Break and Water Cooler Discussions 7
Q REACH due dilligence and meeting the ever moving SVHC target RoHS, REACH, ELV, IMDS and Restricted Substances 5
H Most Poorly Written FDA Warning Letter Ever? 21 CFR Part 820 - US FDA Quality System Regulations (QSR) 5
D ?Pa? Capability Index - Has anyone ever heard of this? Capability, Accuracy and Stability - Processes, Machines, etc. 5
drgnrider How to control documents that most likely won't change ever ? Document Control Systems, Procedures, Forms and Templates 5
M What is the best question you have ever been asked? Coffee Break and Water Cooler Discussions 11
C Have you Ever Wished You Could Audit Your CB Registrars and Notified Bodies 24
P Has anyone ever heard of "Quality Gates" (Volkswagen term?) - APQP and PPAP APQP and PPAP 11
I Has anyone ever heard of Registrar QSRD-International? Registrars and Notified Bodies 36
K Have you ever behaved differently because you were being watched? Coffee Break and Water Cooler Discussions 7
S Have you ever "used" an auditor to achieve a goal? Quality Manager and Management Related Issues 18
J Ever heard of having a Controlled SOP template? Document Control Systems, Procedures, Forms and Templates 12
L Dry Lube Application (Ever lube 620) - Manual Application vs. Automated Spray Process Manufacturing and Related Processes 1
J Ever gone "Dry-Dock fishing?" Funny Stuff - Jokes and Humour 0
M Best Problem Statement Ever - (Caution - Childish Scatalogical Humor Ahead!) Funny Stuff - Jokes and Humour 0
S As a Customer, have you ever been Surveyed? Quality Manager and Management Related Issues 12
D Using Regrind - Anyone ever used a deduster to improve quality of material? Manufacturing and Related Processes 3
apestate FAA Regulations: Is it ever OK to sign off on nonconforming type certified parts? Federal Aviation Administration (FAA) Standards and Requirements 8
R MSDS Sheets for Products - How much is too much - Or is there ever too much? Occupational Health & Safety Management Standards 12
S Cappsnt Software - Has anyone ever used Cappsnt software for a CMM? General Measurement Device and Calibration Topics 1
Jim Wynne The Lamest Nigerian Scam Email Ever Coffee Break and Water Cooler Discussions 12
Manix The Toughest Decision I have ever had to make! Director or Quality Engineer Career and Occupation Discussions 16
R CMMI (Capability Maturity Model Integration) - Ever heard CMMI? Software Quality Assurance 5
0 Anyone ever worked with the program Rapidminer to datamine databases Reliability Analysis - Predictions, Testing and Standards 4
B Help with Submitting Part Layout Dimensionals - My first ever PPAP (to GM) APQP and PPAP 5
T Resolution Analysis - Has anyone ever performed a Resolution Analysis? General Measurement Device and Calibration Topics 1
C Has anyone ever heard of Informance software? Monitors machine uptime/downtime (OEE) Preventive Action and Continuous Improvement 11
N Ever heard of GJB 9001A-2001 Standard? Other ISO and International Standards and European Regulations 3
J Has anyone ever been harmed by a CMM (coordinate measuring machine)? Coffee Break and Water Cooler Discussions 11
I Have you ever heard about TOSI (polymer)? IATF 16949 - Automotive Quality Systems Standard 6
GStough Microsoft InfoPath - Anyone Ever Used This? Document Control Systems, Procedures, Forms and Templates 7
A Has anyone ever written a Quoting Process? Various Other Specifications, Standards, and related Requirements 3
Marc How fast is the fastest you have ever driven a land vehicle? Coffee Break and Water Cooler Discussions 105
J As a consultant, have you ever fired a client? If so, when? Consultants and Consulting 54
C Ever come across an ISO 9001 certificate with more than 3 years validity period? ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 35
GStough Anyone Here Ever Move from ISO 9001 / ISO 13485 into AS9100? Career and Occupation Discussions 3
J Ever see/do a presentation in an interview? Career and Occupation Discussions 19

Similar threads

Top Bottom