Medical Device Risk Management

ISO 14971
Dan OLeary
President
Ombu Enterprises, LLC
Dan@[Link]
[Link]

OMBU
ENTERPRISES, LLC

Risk Management - ISO 14971 Ombu Enterprises, LLC 1

 Speaker Biography
Dan OLeary
Dan OLeary is President of Ombu Enterprises, LLC, an education,
training, and consulting company focusing on Operational Excellence
using analytical skills and a systems approach to operations
management.
Dan has more than 30 years experience in quality, operations, and
program management in regulated industries including aviation,
defense, medical devices, and clinical labs.
He holds a Masters Degree in Mathematics; is an ASQ certified
Biomedical Auditor, Quality Auditor, Quality Engineer, Reliability
Engineer, and Six Sigma Black Belt; and is certified by APICS in
Resource Management.

Ombu Enterprises, LLC

Ombu works with small manufacturing companies, offering training and
execution in Operational Excellence. Focusing on the analytic skills and
systems approach of operations management, Ombu helps companies
achieve efficient, effective process and regulatory compliance.

Risk Management - ISO 14971 Ombu Enterprises, LLC 2

 Outline
Status of ISO 14971:2007

Links to regulatory requirements (QSR & ISO 13485)

Overview of ISO 14971:2007

Q&A session

Summary and Conclusions

Questions
Risk Management - ISO 14971 Ombu Enterprises, LLC 3
 Our Class
Our approach is casual

Write your name on a table tent

Turn off your cell phones during the class

Ask lots of questions

Bring examples from your experience

Participate

Have fun!

Risk Management - ISO 14971 Ombu Enterprises, LLC 4

 Participant Introduction
Your Name

Your company

Your job title

Something about the Risk and Hazard Assessment for

Medical Devices issues you face in your company

Something about Risk and Hazard Assessment for

Medical Devices that you want to know

Risk Management - ISO 14971 Ombu Enterprises, LLC 5

 Dan OLearys Biography
Dan has more than 30 years experience in quality,
operations, and program management in regulated
industries including aviation, defense, medical devices,
and clinical labs.

Dan earned a Masters Degree in Mathematics

Dan is an ASQ certified Biomedical Auditor, Quality

Engineer, Reliability Engineer, and Six Sigma Black
Belt. He is certified by APICS in Resource
Management.
Risk Management - ISO 14971 Ombu Enterprises, LLC 6
 The Current Status of
ISO 14971:2007

Risk Management - ISO 14971 Ombu Enterprises, LLC 7

 ISO 14971:2007 Development
ISO 14971:2007 is the second edition
It replaces the year 2000 edition (ISO 14971:2000)
It also replaces amendment 1 to the 2000 edition
(ISO 14971:2000/Amd 1:2003)

The second edition was published on March 1,

2007

ISO 14971 is managed by ISO TC 210 Quality

management and corresponding general
aspects for medical devices
Risk Management - ISO 14971 Ombu Enterprises, LLC 8
 FDA Recognition Status
The FDA recognized the current version on Sep. 12,
2007.

Their recognition extends to the whole standard

A declaration of conformity means that

(1) a process appropriate for medical devices and their
accessories, including in vitro diagnostic devices, has been used
to identify hazards and hazardous situations, estimate and
evaluate the risks, control those risks including overall residual
risk, and monitor the effectiveness of the controls, and
(2) criteria based upon applicable national or regional
regulations, relevant international Standards, information such
as the generally accepted state of the art, and known
stakeholder concerns was used to determine risk acceptability.
Risk Management - ISO 14971 Ombu Enterprises, LLC 9
 EN ISO 14971 Status
EN ISO 14971:2009
The current version is EN ISO 14971:2009
Medical devices - Application of risk
management to medical devices (ISO
14971:2007, Corrected version 2007-10-01)

Conformity to EN ISO 14971:2007 expired on

March 21, 2010

Risk Management - ISO 14971 Ombu Enterprises, LLC 10

 EN ISO 14971 Versions
Many EN standards start with an ISO version
Various standards bodies may adopt them, add
information, and renumber them.
ISO 14971:2007

EN ISO 14971:2007 EN ISO 14971:2009

CEN doesnt sell standards; purchase them through national standards

bodies. As a result, the standards are renumbered (again).
I.S. EN ISO 14971:2009 BSI EN ISO 14971:2009
DIN EN ISO 14971:2009
Risk Management - ISO 14971 Ombu Enterprises, LLC 11
 Links to Regulatory
Requirements
(QSR & ISO 13485)

Risk Management - ISO 14971 Ombu Enterprises, LLC 12

 QSR Requirements for Risk
Analysis
The FDA requires risk assessment as part of
design validation. (820.30(g))

Design validation means establishing by

objective evidence that device specifications
conform with user needs and intended use(s).
(820.3(z)(2))

Since medical devices need to both safe and

effective, risk management, starting in the
design phase, is a natural approach.

Risk Management - ISO 14971 Ombu Enterprises, LLC 13

 ISO 13485:2003 & Risk
Management
Clause 7.1 requires, . . . risk management
throughout product realization.
In addition, Records arising from risk management
shall be maintained
The standard recommends ISO 14971 for guidance
related to risk management.

Clause 7.3.2 says that design and development

inputs include risk management outputs.

Risk Management - ISO 14971 Ombu Enterprises, LLC 14

 An Overview of
ISO 14971:2007

Risk Management - ISO 14971 Ombu Enterprises, LLC 15

 The Risk Management Flow

Risk
Risk Production
Production & &
Residual
Residual Risk
Risk
Risk
Risk Analysis
Analysis Risk
Risk Evaluation
Evaluation Risk
Risk Control
Control Management
Management Post-production
Post-production
Evaluation
Evaluation
Clause
Clause 44 Clause
Clause 55 Clause
Clause 66 Report
Report Information
Information
Clause
Clause 77 Clause
Clause 88 Clause
Clause 99

Risk assessment

Risk management

Adapted from ISO 14971:2007 Figure 1

Risk Management - ISO 14971 Ombu Enterprises, LLC 16

 Risk Management Plan
Risk management activities need an overall
plan
The risk management plan has standard
elements:
Scope (including the life-cycle)
Responsibilities and authority
Review requirements for risk management
Risk acceptability criteria
Risk verification
Production activity data collection and review
Post-production activity data collection and review

Risk Management - ISO 14971 Ombu Enterprises, LLC 17

 Risk Management File
The documents and quality
records are maintained in the
Risk Management File.
Think of this as a filing cabinet
containing information about
the risk management program
In practice, it is usually a variety of
documents, often in different
formats (text files, spreadsheets,
etc.)
You must be able to readily
retrieve documents and
records of the Risk
Management File.

Risk Management - ISO 14971 Ombu Enterprises, LLC 18

 Risk Analysis (Clause 4)
Document both the intended use and
foreseeable misuse of the device
Identify known and foreseeable hazards
associated with the device
Estimate the risk for each hazardous
situation
Hazard + Sequence of events Hazardous Situation

Severity Probability Risk

Risk Management - ISO 14971 Ombu Enterprises, LLC 19

 Risk Evaluation (Clause 5)
The Risk Management Plan defines risk evaluation
criteria for each hazardous situation
Evaluate each hazardous situation, individually, against
the criteria in the Risk Management Plan

If risk reduction is required, If risk reduction is not

follow clauses 6.2 to 6.6 required, go to clause 6.7
Example
A Risk Management Plan defines five risk levels, 1 to 5, and shows how to
calculate them using severity and probability.
Any risk of level 4 or 5 must be reduced to level 1, 2, or 3.

Risk Management - ISO 14971 Ombu Enterprises, LLC 20

 Risk Control (Clause 6)
Hazardous
Hazardous
Situation
Situation
Identified
Identified

Risk
Risk Estimated
Estimated

Risk Option
Option Implementation
Implementation Residual
Residual Risk
Risk New
New
reduction Analysis
Analysis (6.3)
(6.3) Risk
Risk Benefit
Benefit Risks
Risks
required? Yes (6.2)
(6.2) (6.4)
(6.4) (6.5)
(6.5) (6.6)
(6.6)

No

Completeness
Completeness
Check
Check
(6.7)
(6.7)

Overall
Overall
Risk
Risk
(7)
(7)

Risk Management - ISO 14971 Ombu Enterprises, LLC 21

 Residual Risk Evaluation
(Clause 7)
The Risk Management Plan defines risk
evaluation criteria for overall risk
After the risk control measures are
implemented and validated, review the
overall risk
If the overall risk is unacceptable,
determine if the medical benefits outweigh
the overall residual risk

Risk Management - ISO 14971 Ombu Enterprises, LLC 22

 Risk Management Report
(Clause 8)
Prior to release of the device, you need to review the risk
management process.

The review ensures:

The Risk Management Plan is implemented
Overall residual risk is acceptable
Measures are in place to obtain production and post-production
information

The reviews results become the Risk Management

Report, and is included in the risk management file

Risk Management - ISO 14971 Ombu Enterprises, LLC 23

 Production & Post-production
Information (Clause 9)
Collect information about your device in the
production phase.
Review acceptance data
Look closely at validated processes and their controls

In the post-production phase review:

Installation and servicing reports
Customer complaints
New or revised standards
Public information, including similar medical devices

Risk Management - ISO 14971 Ombu Enterprises, LLC 24

 An Example to Keep in Mind

The Neonatal Heel Stick

Risk Management - ISO 14971 Ombu Enterprises, LLC 25

The example helps illustrate the
concepts
Neonates (babies under 1 month of age) are
routinely tested for metabolic diseases.

A nurse draws a sample of blood from the

babys heel, places it on filter paper, and allows
it to dry.

The dried blood spot is sent to a laboratory for

testing.
Risk Management - ISO 14971 Ombu Enterprises, LLC 26
 The Heel Stick
The nurse uses a lancet to draw the blood in a
process called a heel stick.

In this application, the chemical pack is a medical

device in the US.

To make the heel stick easier,

the nurse warms the babys heel,
often using a chemical pack.

The technology is a familiar

heat generating chemical pack,
activated by squeezing or mixing.

Risk Management - ISO 14971 Ombu Enterprises, LLC 27

 Product Description
Early in 2009, the FDA published a note describing problems with
the heel warmer.

The Infant Heel Warmer:

Is an instant chemical heat pack. It increases capillary circulation in an
infants heel to facilitate blood collection by heel stick.
[It is a] nonsterile, single-use, disposable device contain[ing] a nontoxic
material.
Device activation results in an exothermic reaction with a maximum
temperature of around 104F (40C) within the first few minutes before it
gradually diminishes.

In the US it is
A Class I device
For infant use, it requires a 510(k)

Risk Management - ISO 14971 Ombu Enterprises, LLC 28

 Potential Product Problems

Based on Medical Device Reports (MDRs), the FDA

cited four cases.
Case 1:An infant suffered second to third-degree burns to the
heel requiring treatment.
Case 2:Twins with hyperbilirubinemia were being prepared for a
heel-stick procedure. The heel warmer ruptured, its contents
covered the infants, and they suffered first and second-degree
burns.
Case 3:An infant received a second degree burn when the
device was reused and reheated contrary to labeling
instructions.
Case 4:When the nurse activated the infant heel warmer, it burst
open and splashed her in her eyes. The infant wasnt hurt, but
the nurse required emergency eye wash and ophthalmic
antibiotics.
Risk Management - ISO 14971 Ombu Enterprises, LLC 29
 Definitions

Clause 2

Risk Management - ISO 14971 Ombu Enterprises, LLC 30

 The Components of Risk
Hazards, set off by a sequence of events, create Harm.
Severity & Probability combine to measure Risk.

Hazard
Hazard

Hazardous
Hazardous Severity
Severity of
of
Harm
Harm
Situation
Situation the
the Harm
Harm

Risk
Risk

Probability
Probability of
of
Sequence
Sequence Occurrence
Occurrence
of
of Events
Events of
of the
the Harm
Harm

Adapted from ISO 14971:2007, Annex E

Risk Management - ISO 14971 Ombu Enterprises, LLC 31

 Definitions Hazard
Hazard - potential source of harm

Discussion
The manufacturer identifies device hazards. The standard creates a potential
22 classification for hazards they could be known or foreseeable; they
could arise in normal or fault condition.

Example
The FDA advice identifies 3 hazards:
Excessive heat Known Foreseeable
Rupture
Normal
Improper reuse
Condition
Fault
Condition

Risk Management - ISO 14971 Ombu Enterprises, LLC 32

 Definitions Hazardous Situation
Hazardous situation circumstance in which people, property, or the
environment are exposed to one or more hazard(s)

Discussion
A hazard is potential, and doesnt arise until set off by a sequence of events.
It then becomes a hazardous situation allowing exposure to the hazard. A
hazardous situation can occur in normal operation or in a fault condition.

Example
Postulated sequences allowing a hazardous situation:
Excessive heat
Chemical mix is incorrect
Use of a blanket, contrary to manufacturers instructions
Rupture
Incorrect seal strength
Improper reuse
Reuse of a single use device, contrary to manufacturers instructions
Risk Management - ISO 14971 Ombu Enterprises, LLC 33
 Definitions Harm
Harm physical injury or damage to the health of people, or damage to
property or the environment

Discussion
Harm is the actual injury or damage that occurs from a hazardous situation.
Harm arises from a hazardous situation.
Example
Excessive heat
Thermal burn of the skin
Rupture
Thermal burn of the skin
Chemical burn of the skin, eyes, etc.
Improper reuse
See excessive heat
See rupture

Risk Management - ISO 14971 Ombu Enterprises, LLC 34

 Definitions Severity
Severity measure of the possible consequences of a hazard

Discussion
When harm occurs, it can have different levels of seriousness. Severity is the
measure of seriousness of the harm.

Example
Thermal Burn Example
First degree These instance must be
Second degree converted to the manufacturers
Third degree description of severity. This is
Chemical Burn often a qualitative approach.
Skin
Eyes

Risk Management - ISO 14971 Ombu Enterprises, LLC 35

 Definitions Probability of Occurrence
Probability of occurrence the likelihood that the harm occurs with the stated
severity

Discussion
Some harms are less likely to occur than others. In addition, harms with
different severity usually have different likelihood of happening.
Example
Thermal burn resulting from incorrect chemical mix Very Low
Thermal burn resulting from use of a blanket Low
Thermal burn resulting from a burst package Very Low
Chemical burn resulting from a burst package Very Low

Risk Management - ISO 14971 Ombu Enterprises, LLC 36

 Definitions Risk
Risk combination of the probability of occurrence of harm and the severity of
that harm

Discussion
Risk combines two factors, usually in a qualitative approach. Risk increases
with the severity of the harm. It also increases with the probability of
occurrence of the harm. Risk is often expressed as a specialized
multiplication table.

Example
Burst package results in 3rd Severity of Harm

degree (thermal) burn of a nurse. Negligible Moderate Significant

Severity: Significant Probability High Medium Medium High

Probability: Low of Medium Low Medium Medium
Occurrence
Risk: Medium Low Low Low Medium

Risk Management - ISO 14971 Ombu Enterprises, LLC 37

 Developing the Risk
Management Plan
Clause 3.4
Annex F

Risk Management - ISO 14971 Ombu Enterprises, LLC 38

 Role of the Risk Management Plan

The Risk Management Plan provides the

overarching approach to the managing risk.

It can take a variety of forms

Stand alone document
Integrated into QMS documents
Refer to other documents

The structure and detail should relate to the

medical device risk.
Risk Management - ISO 14971 Ombu Enterprises, LLC 39
 Scope of the Plan
Design
Design &
&
Development
Development Risk
Assessment
The scope needs to Process
Process & control

identify Validation
Validation

the medical device (or Production

Production
family) Life Cycle of the Pick,
Pick, Pack
Pack &
&
Production
information
Heel Warmer
and the life cycle Example
Ship
Ship

Warehouse
Warehouse

The risk management Activate

Activate
Post - production
activities are mapped Apply
Apply to
to information
Neonate
Neonate
to the life cycle
Dispose
Dispose

Risk Management - ISO 14971 Ombu Enterprises, LLC 40

Assign Responsibility and Authority
Risk Mgmt. Plan

Assign roles and their responsibilities

Examples include:
Reviewer
Approval authority
Expert
Verification specialist

Follow the roles and responsibilities in the design project to avoid

confusion

The RASI Matrix is a useful tool for tasks

Responsible Authority
Support Inform

Risk Management - ISO 14971 Ombu Enterprises, LLC 41

 Criteria for Risk Acceptability
Risk Mgmt. Plan

The Risk Management Plan needs two

sets of criteria
One arises from the risk assigned to each
hazardous situation
The other arises from the overall risk

Risk Management - ISO 14971 Ombu Enterprises, LLC 42

 Concept of Risk Risk Mgmt. Plan

The concept of risk starts with continuous Probability and Severity dividing the
Risk area into regions.
Increasing Probability

Unacceptable

As low as
reasonably
practicable

Acceptable

Increasing Severity

Risk Management - ISO 14971 Ombu Enterprises, LLC 43

But more often becomes a table
Risk Mgmt. Plan
...
Severity Levels Probability Levels

Term Description Term Description

Catastrophic Results in death Frequent Happens often
Critical Results in permanent impairment to Probable Likely to happen
life-threatening injury
Serious Results in injury or impairment Occasional Can happen, but not likely
requiring medical intervention
Minor Results in injury or impairment not Remote Unlikely to happen
requiring medical intervention
Negligible Inconvenience or temporary Improbable Highly unlikely to happen
discomfort

Risk Management - ISO 14971 Ombu Enterprises, LLC 44

 . . . that represents risk
Risk Mgmt. Plan

Severity Levels
Negligible Minor Serious Critical Catastrophic
Frequent R2 R2 R3 R3 R3
Probable R2 R2 R2 R2 R3
Probability
Occasional R2 R2 R2 R2 R3
Levels
Remote R1 R1 R2 R2 R3
Improbable R1 R1 R2 R2 R3

Each company must develop its own

R1 Acceptable risk risk analysis system.
R2 As Low As Reasonably Practicable
R3 Unacceptable The risk matrix may differ by product.
For example, a risk matrix for a heel
warmer may not be adequate for an
automatic defibrillator.
Risk Management - ISO 14971 Ombu Enterprises, LLC 45
 Overall Residual Risk Evaluation
Risk Mgmt. Plan

If each risk is low, then the residual risks should be low.

When residual risk remains, it should be evaluated by

specialists with knowledge of the device.

If the residual risk is too high, it may be offset by the

medical benefit.
X-rays cause damage to tissue, but the diagnostic benefit
outweighs the risk.

Risk Management - ISO 14971 Ombu Enterprises, LLC 46

 Verification Activities
Risk Mgmt. Plan

The standard says there are two distinct

verification activities
Ensure the risk control measures are implemented in
the final design.
Ensure the implemented risk control measures
actually reduce the risk.

The Risk Management Plan explains how to

conduct these verifications.
Risk Management - ISO 14971 Ombu Enterprises, LLC 47
 Production Activity
Data Collection and Review
Risk Mgmt. Plan

The Plan describes how Our example

you will collect and review The chemical mix
data from production determines the
activities temperature of the heal
warmer. Monitor mix
Some production activities,
parameters.
if performed incorrectly
could increase risk One would expect
destructive testing for seal
Identify them and monitor
strength and temperature
process results
profile. Monitor the results
Pay particular attention to of these tests.
processes that must be
validated
Risk Management - ISO 14971 Ombu Enterprises, LLC 48
 Post-production Activity
Data Collection And Review
Risk Mgmt. Plan
The plan describes how you will collect and review post-production
activity

Include the following areas in data collection:

Customer complaints
Installation reports
Servicing reports
FDAs Adverse Event reports
Professional literature

For each item collected, review the hazard, hazardous situation,

and risk
The new information may lead you to update the previous analysis and
conclusion

Risk Management - ISO 14971 Ombu Enterprises, LLC 49

 Performing Risk Analysis

Clause 4

Risk Management - ISO 14971 Ombu Enterprises, LLC 50

 Risk Analysis Methodology
This is a systematic approach to determine risk
List every hazard (know or foreseeable)
List the associated hazardous situations
List the chain of events that creates each hazardous
situation
Identify the potential harm(s)
Estimate the severity and probability
Calculate the risk, using the Risk Management Plan

Risk Management - ISO 14971 Ombu Enterprises, LLC 51

 This approach lends itself to a
spreadsheet
Chain of Hazardous Potential
Hazard events Situation Harms Severity Probability Risk
* Operator error setting up
sealing machine
* Weak seal
* Nurse agressively mixes Pouch spills Second degree
Pouch bursts the pouch hot contents thermal burn Serious Occasional R2

* Nurse reheats the pouch

* Aggressive mixing breaks Pouch spills Second degree
seal hot contents thermal burn Serious Remote R2

The spreadsheet could contain many rows.

Notice that a hazard could have more than one chain of events.

Risk Management - ISO 14971 Ombu Enterprises, LLC 52

 Identifying hazards can be difficult
The standard has a number of helpful aids
Annex C helps identify device characteristics that may
impact safety
Table E.1 provides a list of potential hazards
Table E.2 offers a list of potential initiating events
Table E.3 shows examples of hazards, chain of
events, hazardous situations, and harm
Annex H provides additional information for in vitro
diagnostic devices

Risk Management - ISO 14971 Ombu Enterprises, LLC 53

 Risk Evaluation

Clause 5

Risk Management - ISO 14971 Ombu Enterprises, LLC 54

 The Prior Work Simplifies Risk
Evaluation
The Risk Management Plan contains the criteria
for acceptable risk

Risk Analysis determined the risk for each

hazardous situation

Application of the criteria to each hazardous

situation determines the need for risk reduction

Risk Management - ISO 14971 Ombu Enterprises, LLC 55

 Recall Our Previous Flow Chart
Hazardous
Hazardous
Situation
Situation
Identified
Identified

Risk
Risk Estimated
Estimated

Risk Option
Option Implementation
Implementation Residual
Residual Risk
Risk New
New
reduction Analysis
Analysis (6.3)
(6.3) Risk
Risk Benefit
Benefit Risks
Risks
required? Yes (6.2)
(6.2) (6.4)
(6.4) (6.5)
(6.5) (6.6)
(6.6)

No

Completeness
Completeness
Check
Check
(6.7)
(6.7)

Overall
Overall
Risk evaluation (Clause 5) Risk
Risk
for each identified hazardous (7)
(7)
situation

Risk Management - ISO 14971 Ombu Enterprises, LLC 56

 Risk Control

Clause 6

Risk Management - ISO 14971 Ombu Enterprises, LLC 57

 Risk Reduction (when required) Clause 6
Select risk control measures in the specified order:
Option Analysis
inherent safety by design protective measures
(6.2)
safety information

Implement the selected risk control measures

Implementation Verify implementation of each risk control measure
(6.3) Record the results in the risk management file

After implementation of risk control measures

Residual Risk Evaluate residual risk by the risk management plan
(6.4) If necessary, apply further risk control measures

Decide if medical benefits outweigh the risk when:

Risk Benefit
Residual risk is not acceptable
(6.5)
Further risk control is not practicable

New Risks Determine if risk control introduced any new risks

(6.6) Check if previously estimated risks are affected

Risk Management - ISO 14971 Ombu Enterprises, LLC 58

 Risk Control Completeness Check
Clause 6

Completeness Ensure the risks from all identified hazardous

Check (6.7) situations are considered.

Risk Management - ISO 14971 Ombu Enterprises, LLC 59

 Evaluation of Overall Residual
Risk Acceptability
Clause 7

Risk Management - ISO 14971 Ombu Enterprises, LLC 60

 This is a Broad View of Risk
Previously we evaluated the risk of each
hazardous situation
If it didnt meet the criteria we reduced the risk
We also cycled through all the hazardous
situations to evaluate impacts

Now we take a broader view to evaluate

the whole device

Risk Management - ISO 14971 Ombu Enterprises, LLC 61

 Use Expert Opinion to Review
and Decide
Overall residual Yes
risk acceptable?

No

Medical benefits Yes

outweigh risk?

No

STOP THE PROJECT Disclose overall risk

Risk Management - ISO 14971 Ombu Enterprises, LLC 62

 Disclosing Overall Risk
Annex J offers guidance on communicating risk

Information for safety is the least preferred method

Recall the priority order: inherent safety by design protective
measures safety information

Identify who receives the information and how

Explain the risk, the consequences of exposure, and

how to prevent the harm

Risk Management - ISO 14971 Ombu Enterprises, LLC 63

 The GHTF Guidance

Implementation of risk management

principles and activities within a Quality
Management System

Risk Management - ISO 14971 Ombu Enterprises, LLC 64

 Purpose and Overview
The GHTF Guidance focuses on integrating Risk
Management into the Quality Management
System (QMS).

The scope of ISO 14971 says

This International Standard does not require that the
manufacturer have a quality management system in
place. However, risk management can be an integral
part of a quality management system.

Risk Management - ISO 14971 Ombu Enterprises, LLC 65

 Phases of Risk
Acceptable levels of risk
1st Phase A policy or procedure determines risk acceptability criteria
It is derived from experience and research on currently
accepted risk levels

Risk analysis
2nd Phase Identify hazards in normal use or foreseeable misuse
Estimate the for each identified hazard

Compare risks to acceptability criteria

3rd Phase Determine the need for risk reduction, if necessary
Determines the appropriate level of required risk reduction

Risk control and monitoring activities

Activities can begin as early as design input, and continues
4th Phase
through manufacturing, distribution, installation, and
servicing. Activities cover the device life cycle.

Risk Management - ISO 14971 Ombu Enterprises, LLC 66

 The Guidance Covers Areas of the QMS

Management Responsibilities
Outsourcing
Planning
Design and Development
Traceability
Purchasing Control and Acceptance Activities
Production and Process Controls
Servicing
Analysis of Data
Corrective and Preventive Actions (CAPA)

Risk Management - ISO 14971 Ombu Enterprises, LLC 67

 Two Areas are Worthy of Note
Design and CAPA
Development The guidance contains a
The guidance covers detailed flowchart integrating
each area of design and risk management into the
development. CAPA process.
Annex B contains a The flowchart identifies key
detailed flowchart placing quality data points:
risk management Service Reports
activities in the design Product Complaints
and development
process Manufacturing
Nonconformities/Defects
Engineering
Nonconformities/Defects
Quality System
Nonconformities/Defects
Risk Management - ISO 14971 Ombu Enterprises, LLC 68
 Tools for Risk Management

Failure Modes and Effects Analysis

Fault Tree Analysis
Hazard Analysis and Critical Control Point

Risk Management - ISO 14971 Ombu Enterprises, LLC 69

 Failure Modes and Effects
Analysis (FMEA)

This is a standard reliability technique adapted

to risk analysis.

In risk analysis, there is a very important

consideration. Hazards and Harms do not
require failure!

Evaluate risk management in normal, single

fault, and multiple fault conditions.

Risk Management - ISO 14971 Ombu Enterprises, LLC 70

 The Standard Method
A large spreadsheet where each row relates to a hazard.
Typical column entries include:
Function
Hazard
Harm
Mode (Normal, single fault, or multiple fault)
Severity
Occurrence
Detection
Risk Priority Number (Determine by severity, occurrence, &
detection as defined in the Risk Management Plan)
Mitigation
Responsibility
Verification
Risk Management - ISO 14971 Ombu Enterprises, LLC 71
 Fault Tree Analysis (FTA)

A Fault Tree is a logic diagram showing

the paths to an event

The event under study is called the Top

Event

The causes of the Top Event are

diagramed using standard logic gate
symbols
Risk Management - ISO 14971 Ombu Enterprises, LLC 72
 Logic Symbols
AND
The output event occurs when all input
events occur at the same time

OR
The output event occurs when at least one
of the input events occur

Risk Management - ISO 14971 Ombu Enterprises, LLC 73

 A Fault Tree
Pump Failure

Bearing Failure Motor Failure Seal Failure Valve Failure

A coupling failure causes a motor failure
A motor failure causes a pump failure

Coupling Failure Electrical Failure

A power failure AND battery

exhausted cause an electrical failure

Power Failure Battery Exhausted

Ombu Enterprises, LLC
Risk Management - ISO 14971 74
Fault Tree Analysis (FTA) Steps
Fault Tree Analysis usually involves five steps:
1. Define the undesired event to study, the Top Event
State the undesired event that can cause risk

2. Understand the system

Describe the events that could allow the Top Event to happen. For each event determine the
what would cause it. Continue to analyze the system.

3. Construct the fault tree

After selecting the undesired event and analyzed the system to identify the causal events,
construct the Fault Tree. Describe the events and their relationships using AND and OR
gates. More complex gates are also possible.

4. Evaluate the fault tree

Evaluate the Fault Tree. Look for possible improvements that can mitigate, reduce, or
eliminate the events. Identify all possible hazards affecting in a direct or indirect way the
system.

5. Control the hazards identified

After identifying the events and hazards, determine methods to decrease the probability of
occurrence.

Risk Management - ISO 14971 Ombu Enterprises, LLC 75

 Hazard Analysis and Critical Control
Point (HACCP)
HACCP is a system to prevent problems, rather
than finding them by inspection at the end of the
production process.

HACCP is used by US regulatory agencies (FDA

and USDA) to help protect the food supply

HACCP is based on seven principles described in

the FDAs Hazard Analysis and Critical Control
Point Principles and Application Guidelines

Risk Management - ISO 14971 Ombu Enterprises, LLC 76

 HACCP Principles
Principle 1: Conduct a hazard analysis
The hazard analysis develops a list of significant hazards that they are
reasonably likely to cause injury or illness if not effectively controlled.

Principle 2: Determine the critical control points (CCPs)

A critical control point is a step at which control can be applied to
prevent or eliminate a hazard or reduce it to an acceptable level.

Principle 3: Establish critical limits

A critical limit is a maximum and/or minimum value to which a
parameter must be controlled at a CCP to prevent, eliminate or reduce
to an acceptable level the occurrence of a hazard. A critical limit is used
to distinguish between safe and unsafe operating conditions at a CCP.

Risk Management - ISO 14971 Ombu Enterprises, LLC 77

 HACCP Principles (cont.)
Principle 4: Establish monitoring procedures
Monitoring is a planned sequence of observations or
measurements to assess whether a CCP is under control and to
produce an accurate record for future use in verification.

Monitoring serves three main purposes.

Monitoring facilitates tracking of the operation. If monitoring
indicates that there is a trend towards loss of control, then action
can be taken to bring the process back into control before a
deviation from a critical limit occurs.
Monitoring is used to determine when there is loss of control and a
deviation occurs at a CCP, i.e., exceeding or not meeting a critical
limit. When a deviation occurs, an appropriate corrective action
must be taken.
Monitoring provides written documentation for use in verification.

Risk Management - ISO 14971 Ombu Enterprises, LLC 78

 HACCP Principles (cont.)
Principle 5: Establish corrective actions
The HACCP system identifies hazards and establishes
strategies to prevent, eliminate, or reduce their occurrence.
Deviations from established processes may occur, so if there is
a deviation from established critical limits, corrective actions are
necessary. Specific corrective actions should be developed in
advance for each CCP and included in the HACCP plan
Corrective actions should include the following elements:
(a) determine and correct the cause of non-compliance;
(b) determine the disposition of non-compliant product and
(c) record the corrective actions that have been taken.

Risk Management - ISO 14971 Ombu Enterprises, LLC 79

 HACCP Principles (cont.)
Principle 6: Establish verification procedures
Verification is defined as those activities, other than monitoring,
that determine the validity of the HACCP plan and that the
system is operating according to the plan.

Principle 7: Establish record-keeping and documentation

procedures
Generally, the records maintained for the HACCP System should
include the following:
A summary of the hazard analysis, including the rationale for
determining hazards and control measures
The HACCP Plan
Support documentation such as validation records
Records that are generated during the operation of the plan
Risk Management - ISO 14971 Ombu Enterprises, LLC 80
 Summary & Conclusions

Risk Management - ISO 14971 Ombu Enterprises, LLC 81

 Summary
The standard method for medical device
risk management is ISO 14971:2007
The FDA recognizes it as a consensus
standard

The EU lists it as a harmonized standard to

the MDD, IVD, and AIMD

ISO 13485:2003 recommends ISO 14971 for

risk management
Risk Management - ISO 14971 Ombu Enterprises, LLC 82
 Summary
ISO 14971 implementation starts with a Risk
Management Plan

The implementation flows through a series of steps

defined in the respective clauses:
4: Risk Analysis
5: Risk Evaluation
6: Risk Control
7: Residual Risk Evaluation
8: Risk Management Report
9: Production & Post-production Information

Maintain of the information in the Risk Management File

Risk Management - ISO 14971 Ombu Enterprises, LLC 83

 Summary
The Risk Management File is not a static
document

It should include production information

Monitor production processes that contribute to risk
factors
Validated processes are particularly significant
contributors

It include post-production information

Integrate the complaint and post-market surveillance
processes
Risk Management - ISO 14971 Ombu Enterprises, LLC 84
 Conclusions
ISO 14971:2007 is the de facto standard
for medical device risk management

Regardless of the marketing region (US,

EU, Canada, etc.) ISO 14971 is a valuable
addition to a medical device QMS

ISO 14971 is most effective when it is

integrated into a companys QMS.
Risk Management - ISO 14971 Ombu Enterprises, LLC 85
 QUESTIONS
Risk Management - ISO 14971 Ombu Enterprises, LLC 86