Risk Management Flashcards
What is ISO 14971 and what does it cover?
ISO 14971 is an international standard for risk management for medical devices. It outlines a process to identify hazards, estimate and evaluate risks, control these risks, and monitor the effectiveness of the controls throughout the product lifecycle.
Describe the key elements of a risk management process according to ISO 14971
Key elements include: risk management planning, risk analysis (hazard identification and risk estimation), risk evaluation, risk control measures implementation, evaluation of overall residual risk, risk management review, and post-production activities (monitoring and feedback).
What is the difference between hazard
harm
Describe the ALARP (As Low As Reasonably Practicable) principle
The ALARP principle holds that risks should be reduced to a level that is as low as reasonably practicable, considering the state of the art, benefits of the device, and feasibility of further reduction. It recognizes that beyond a certain point, further risk reduction may be impractical compared to the benefits gained.
What is a Failure Mode and Effects Analysis (FMEA)?
FMEA is a systematic method for evaluating a process or product to identify where and how it might fail, and assessing the relative impact of different failures. It typically involves ranking potential failure modes by severity, occurrence, and detectability to prioritize risk mitigation efforts.
How does risk management relate to design controls?
Risk management integrates with design controls by informing design inputs, verification, and validation activities. Identified risks lead to design requirements, risk control measures are verified, and the overall risk-benefit profile is validated. Risk management documentation becomes part of the design history file.
What is the difference between risk mitigation and risk acceptance?
Risk mitigation involves implementing measures to reduce risk severity or probability. Risk acceptance is the decision to accept certain residual risks after applying risk control measures, based on the determination that benefits outweigh the remaining risks.
What are the three primary strategies for risk control according to ISO 14971?
- Inherent safety by design: Eliminating hazards or reducing risks through design features
- Protective measures: Safeguards in the device itself or manufacturing process
- Information for safety: Warnings, contraindications, and instructions in labeling
How should user error be addressed in risk management?
User error should be treated as foreseeable and addressed through design (making errors less likely or consequences less severe), protective measures, and clear instructions. Human factors engineering and usability testing help identify and mitigate use-related risks.
What is the relationship between benefit-risk determination and risk management?
Benefit-risk determination weighs a device’s benefits against its risks to determine if the benefits justify the risks. Risk management focuses on identifying, assessing, and controlling risks. The benefit-risk profile provides context for determining acceptable residual risk levels in the risk management process.
