What is the typical industry standard for documenting Usability Risk?

ryannh

Starting to get Involved
#1
With the recent release of IEC 62366-1 what is the typical industry standard for documenting usability risk? Are companies starting to turn towards using the FMEA process? Other than the IEC 62366 are there any good resources for ensuring that you are capturing everything?
 
Elsmar Forum Sponsor

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#3
Welcome to the Cove!

The addition of risk management in IEC 62366-1 is also happening in ISO 9001:2015 and similar questions are being asked.

In both standards there is no default format for documenting risk assessment. I often suggest FMEA because there is a great deal of documentation and instruction on that format. If applying the FMEA format I would consider not limiting to three existing factors (severity, occurrence and detection) but would add more factors and change the occurrence and detection to suit your needs. I suggest including a column for regulation and make this a default for Significant status; the Severity factor, which I would keep, could also trigger Significant status.

The most comprehensive and usable examples I have seen added columns to list applicable regulation(s), one for applicable operational control procedure(s), one for monitoring method(s). An additional set of columns could be added to show the effect on risk by actions taken to mitigate through improved operational controls. It is especially important to be able to point to the engineering changes done to lower Severity. I would add a Date column showing when it was done, and/or a reference number/name of a record for the applicable project to lower the risk.

I hope this helps!
 

ryannh

Starting to get Involved
#4
KReid, Thanks for the response. I think I should have been more clear in my question. Do you do a usability risk analysis along with product/process risk analysis or is it built into the product/process risk analysis?
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#5
KReid, Thanks for the response. I think I should have been more clear in my question. Do you do a usability risk analysis along with product/process risk analysis or is it built into the product/process risk analysis?
If using Excel, an additional column could be used to indicate usability/process and sorted when the user wants to only view usability risk analysis.
 

Jen Kirley

Quality and Auditing Expert
Staff member
Admin
#6
I would also add that automotive uses a Design FMEA, in which Severity criteria are specific to usability. Other factors might also be different, as appropriate for usability.
 

Statistical Steven

Statistician
Staff member
Super Moderator
#7
KReid, Thanks for the response. I think I should have been more clear in my question. Do you do a usability risk analysis along with product/process risk analysis or is it built into the product/process risk analysis?
Usability analysis is separate from process and product risk. Both are usually documented in the risk file, but risk assessment based on 14971 alone is not enough. Another document to look at is ANSI/AAMI HE75:2009
 

Marcelo

Inactive Registered Visitor
#8
A table such as the one in the attached document is what ISO 14971 (and IEC 62366) requires (I include the sequence or combination of events which is not formally required but makes sense in including)

If you use any hazard analysis technique such as FMEA, FTA, etc, you need to use the result of those to populate the ISO 14971 summary (as they do not have all the information required by ISO 14971).
 

Attachments

Marcelo

Inactive Registered Visitor
#9
Also, it?s important to note some differences between the ISO 14971 process and the risk management required by IEC 62366 (and IEC 62366-1).

The "full" risk management from ISO 14971 requires the analysis, evaluation and control of risks, and risk needs to be analyzed, as the definition, based on severity and probability.

Another important aspect is use error. Use error is a kind of "failure". Failures are not a problem in itself, they lead to a problem. Speaking in ISO 14971 terms, failures are part of the sequence of events that leads to a hazardous situation (but are never the hazard situation itself). Use errors follow the same principles (although, in the case of use errors, some may be a hazardous situation).

Going back to the differences, there?s no known method to estimate the probability of use errors. So it?s not possible to estimate the probability of the hazardous situation (P1), and thus the usability engineering process do not require that the probability of the risk (which is P1xP2) to be estimated, only the severity. Also, there?s no need to evaluate the risk. The rationale is that, as we cannot predict the probability of use error, it?s better to treat (control) all use errors that led to hazardous situation.

So, the requirement is that, for any safety-related use error, the user interface design has to include requirements related to them.

Which means, in practice, that you only perform part of the full ISO 14971 RM process for user error-related risk management.

This can be seen in the comparison table between ISO 14971 and IEC 62366 that in the annex of the standards
 
Last edited:

kreid

Involved In Discussions
#10
We have a User Risk Assessment that considers the risks that may come from using the product (we also have process and design risk assessments). We then use our usability testing/study to help validate some of the mitigations we arrived at from our risk assessments.
 
Thread starter Similar threads Forum Replies Date
S What are typical Acceptable Quality Levels (AQL) adopted in Food industry? Food Safety - ISO 22000, HACCP (21 CFR 120) 1
A Feedback of typical maintenance problems with LMI digital probes Inspection, Prints (Drawings), Testing, Sampling and Related Topics 0
T Reasons to change certification body and typical costs Registrars and Notified Bodies 16
I AS9100 5.4.1 - Typical objectives of different functions and levels AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 2
S OHSAS 18001 Typical Input and Output Examples Occupational Health & Safety Management Standards 4
optomist1 Typical Wire Harness Testing and Validation Testing for Automotive Applications Reliability Analysis - Predictions, Testing and Standards 8
M Example of a typical First Piece Inspection Procedure Inspection, Prints (Drawings), Testing, Sampling and Related Topics 4
T Is there a typical personality type in Quality? Coffee Break and Water Cooler Discussions 38
P Typical Number of NCRs for a Small Manufacturing Company ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 4
T How many complaints, defects and non-conformances are typical? Customer Complaints 5
W What are "typical software risks"? Is IEC/TR 80002-1 a good place to look for a list IEC 62304 - Medical Device Software Life Cycle Processes 3
A The typical organizational set-up for Housing Services - ISO 9001:2008 ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 2
M Typical values of MTBF for Optical Avionic Networks Reliability Analysis - Predictions, Testing and Standards 1
J What are some typical Customer Service Interview Questions Career and Occupation Discussions 5
S Typical Tools for Particular Tolerances Table? Gage R&R (GR&R) and MSA (Measurement Systems Analysis) 15
L What typical items do auditors bring to Opening Meetings Internal Auditing 4
M What are typical Roles & Responsibilities of DHF (Design History File) Librarian? US Food and Drug Administration (FDA) 6
X Typical Auditor Questions on ISO 9001 General Auditing Discussions 6
N What are typical Software Life Cycle Metrics Software Quality Assurance 5
M Typical requirements for Internal Audit Lead Auditors Internal Auditing 5
L Typical defect ppm level for barrel surface coating process? Supplier Quality Assurance and other Supplier Issues 1
R What is a typical ppm performance level for casting suppliers? Supplier Quality Assurance and other Supplier Issues 7
J Typical Control Chart Guidance and Hypothesis Statistical Analysis Tools, Techniques and SPC 12
R MTBF to DPPM Calculation Based on the Unit's Typical Working Hours Reliability Analysis - Predictions, Testing and Standards 9
C Calibration Standards and Typical Accuracy Requirements for Force Gauges General Measurement Device and Calibration Topics 3
T Is this typical customer service? World News 12
T EMS (ISO 14001) Audit / Interview Typical List of Questions for Review and Additions ISO 14001:2015 Specific Discussions 15
R DCX PSO book 5th Edition - Does anyone have a typical index or check list? APQP and PPAP 6
O What are typical records of different documents required by ISO9001? Records and Data - Quality, Legal and Other Evidence 2
H Exponent in Excel .xls - How can I make the result typical scientific notation? Excel .xls Spreadsheet Templates and Tools 27
P What is Milliohms Typical? Cable assemblies for vehicles Manufacturing and Related Processes 6
Govind What is your typical attendance of ASQ program meetings? ASQ - American Society for Quality 33
L Seeking example of a typical Work instruction for purchasing Document Control Systems, Procedures, Forms and Templates 3
T Standard Causes of Registration Audit Nonconformances and Typical Failure Modes IATF 16949 - Automotive Quality Systems Standard 5
D What does RTYP on a Print Stand For? Radius Typical? Misc. Quality Assurance and Business Systems Related Topics 7
Marc What are the Contents of a Typical Characteristics Matrix? FMEA and Control Plans 1
R Typical Document / Record Transaction and Archive Volumes Document Control Systems, Procedures, Forms and Templates 4
B Quality manual for automotive industry wanted Quality Management System (QMS) Manuals 2
E Non-GMP examples in Pharmaceutical industry Pharmaceuticals (21 CFR Part 210, 21 CFR Part 211 and related Regulations) 2
DuncanGibbons Are the IQ OQ & PQ procedures applicable to the aerospace industry? AS9100, IAQG, NADCAP and Aerospace related Standards and Requirements 6
N Program or application for standard time measurement in industry from video surveillance? Human Factors and Ergonomics in Engineering 1
Marc Security in Health Industry Software - February 2020 IEC 27001 - Information Security Management Systems (ISMS) 0
A Complaint alert levels - Industry standards pertaining to alert levels for complaints Customer Complaints 5
S Industry Labelling Standards - non medical Manufacturing and Related Processes 0
C Looking for APQP Training recommendations preferably in the aerospace industry APQP and PPAP 2
R Bill of Materials for a complex product - Industry best practice ISO 13485:2016 - Medical Device Quality Management Systems 2
C ISO 9001:2015 Monitoring and measuring resources. Application a service industry ISO 9000, ISO 9001, and ISO 9004 Quality Management Systems Standards 7
R Risk Management in the Medical Device Industry ISO 14971 - Medical Device Risk Management 4
E Translating from Automotive to Medical Device industry - [email protected] Other Medical Device Related Standards 2
R Explain what "design change" is to people new to the industry ISO 13485:2016 - Medical Device Quality Management Systems 9

Similar threads

Top Bottom