As of now, governments do not have own guidelines for performing risk management. They refer to ISO 14971, the global standard for medical device risk management. The intent of the standard is to identify hazards associated with medical devices at all stages in its life cycle, from product design to procurement to production and post-market use. In all cases, the goal is to analyze, evaluate, manage, and measure the risks associated with each life-cycle stage. There are two versions of this standard in use today - ISO 14971:2007 and ISO 14971:2012. The main body of the ISO 14971 standard consists of 9 clauses.
- Scope
- Terms and conditions
- General requirements for risk management
- Risk analysis
- Risk evaluation
- Risk control
- Evaluation of overall risk acceptability
- Risk management report
- Production and post-production information
Explain in brief role of each clauses.
The risk management plan consists of scope, responsibilities/authority, review reqs and criteria, risk verification, data collection and review (production and post-production).
The first 3 clauses are introductory and requirement clauses.
clause 4: intended use and foreseeable hazards, estimated risk for each hazardous situation
clause 5: evaluation of each hazardous situation as defined in risk management plan against acceptance criteria
clause 6: risk review, reduction, benefit/risk analysis
clause 7: defines risk evaluation criteria for overall risk, implemented and validated if risk is high -> benefit/risk analysis
clause 8: ensures plan is implemented, ensures overall residual risk is acceptable, ensures measures are in place for production/post-production data, reviews results
clause 9: validated processes and controls, installation and servicing reports, customer complaints
public info.
