Forum

Notifications
Clear all

Risk Identification

44 Posts
44 Users
0 Reactions
5,763 Views
(@vnd4)
Posts: 54
Trusted Member
Topic starter
 

Risk management is the process of analyzing, identifying and responding to risk factors. Managing risks early is the best way to avoid issues later on. Throughout the R&D stage, applying the right risk management tools early on and all the way through the life of the project will ensure that risks are aggressively managed. Risk identification determines which risks are likely to affect the project, which includes reviewing the lists of possible risk sources against a team’s experiences and knowledge. Then risks are categorized and prioritized based on their impact and how much financially it would affect the product/company. If you have experience, how are risks identified and prioritized in your company?

 
Posted : 16/11/2016 5:31 am
 cef3
(@cef3)
Posts: 18
Active Member
 

The way it was done in my previous job was to use a quality by design matrix. Critical quality attributes (CQAs) were determined based on the design input and then critical development parameters were selected. A risk ranking was then assigned to each parameter based on the theoretical knowledge of how the parameter could affect each of the CQAs. Based on these risks, a development plan was designed to investigate and mitigate the risks.

 
Posted : 16/11/2016 9:53 am
(@kbs27)
Posts: 10
Active Member
 

Hi Viraj,

A good point to discuss. Here i am sharing my views after a research on the topic. According to that research there are few steps as below,
1- Documentation Reviews
2- Information Gathering Techniques like Brainstorming, Delphi Technique, Interviewing, Root cause analysis
3- Checklist analysis - previous similar project, lowest level RBS
4- SWOT Analysis
5- Expert Judgment.

In past lectures and from forum discussion i would suggest the SWOT analysis is one of the easy and result oriented method for risk management.

 
Posted : 16/11/2016 10:23 am
(@rgp29)
Posts: 53
Trusted Member
 

In personal experience, the design matrix is the most important part of the risk management analysis. The way it was done in a job I had, was by how much money the owner of the company was going to make. He always put pressure on the workers to get things done on time and just have enough quality to pass the tests required by the FDA. It was a small company so everyone knew each other and there was a more close relation with all the workers.

 
Posted : 16/11/2016 10:27 am
(@asn9)
Posts: 53
Trusted Member
 

Hi All,

At my company we have a similar setup as was mentioned previously:
1- Documentation Reviews
2- Information Gathering Techniques like Brainstorming, Delphi Technique, Interviewing, Root cause analysis
3- Checklist analysis – previous similar project, lowest level RBS
4- SWOT Analysis
5- Expert Judgment.

However after a SWOT analysis is done, we setup SMART (Specific, Measurable, Achievable, Realistic and Timely) goals. Basically, these are specific goals that we setup to analyze risk and who will evaluate each section of the risk. I have found that this really helps to create realistic goals and responsiblites for each person on the team.

-Andrew Nashed

 
Posted : 16/11/2016 10:51 am
(@fgk4)
Posts: 51
Trusted Member
 

I believe that all the responses here are very valuable and they offer very good methodologies on how risks are identified. From my experience, Risk identification starts from the intended use, intended users and use environment. Once all these have been defined for a certain device, risk identification process can start. The process starts with identification of potential hazards related to use, user and use environment. A good starting point to that is utilizing Annex C of ISO 14971. Answering the questions available in Annex C will provide you with preliminary hazards that could occur when your device is in use.

The identified hazards are then associated with certain harms that result from that hazard. The harms are then assigned severity. In each FMECA build for this project, the harms, and hazards will be tied to a hazardous situation which should be mitigated.

 
Posted : 16/11/2016 3:23 pm
(@jtl27)
Posts: 15
Active Member
 

Yes I was going to mention the SWOT analysis. Preliminary risk assessments are hard to quantify sometimes, so there are many times when the best way to assess each risk is to go back and evaluate what the company has done previously and analyze the risks associated with that project. In a SWOT analysis, the company sits down and reviews something about the company from an overhead vantage. One of the categories is threats, a description of the possible reasons why a project is not or would not work to the best of its potential. This is similar but not identical to risk management. In fact, the risk falls under the category of threats and needs to be considered during the SWOT analysis. Obviously, what makes a risk a risk is that it threatens the company in a way. A lot of risk is negligible, but in certain circumstances the risk will have a severe impact on the company, prompting a thorough analysis of the threat.

 
Posted : 18/11/2016 5:28 am
(@abhitrivedi1211)
Posts: 12
Active Member
 

My company uses FMEA (Failure Modes Effects Analysis) for risk assessment. An FMEA is a step by step approach to identify all possible failures in a design, a manufacturing or assembly process, or a product or service. Failure modes are the ways, or modes, in which something might fail. Failures are any errors or defects, especially ones that affect the customer, and can be potential or actual. “Effects analysis” refers to studying the consequences of those failures.

Failures are prioritized according to how serious their consequences are, how frequently they occur and how easily they can be detected. The purpose of the FMEA is to take actions to eliminate or reduce failures, starting with the highest-priority ones. Failure modes and effects analysis also documents current knowledge and actions about the risks of failures, for use in continuous improvement. FMEA is used during design to prevent failures. Later it’s used for control, before and during ongoing operation of the process. Ideally, FMEA begins during the earliest conceptual stages of design and continues throughout the life of the product or service.

 
Posted : 18/11/2016 5:58 am
(@yiming-cheng)
Posts: 11
Active Member
 

There could be multiple ways to identify risks. To my understanding, following lists can be considered:

Identify the hazards that could possibly affect the safety of your medical device.

Document the known and foreseeable hazards that could affect the safety of your medical device.

Use your risk management file to maintain the documents that identify and describe the hazards that could affect the safety of your medical device.

 
Posted : 18/11/2016 12:23 pm
(@grzegorzgalka)
Posts: 15
Active Member
 

Currently I work in the company which supplies US Army with mechanical equipment. Some portion of my job is to look for the solicitation. By looking on the solicitation and doing the basic estimation you can figure out how risky the future contract can be. So risks are prioritized based on the possibility of not being able to complete the contract and by possibility of underestimating the solicitations. Also in order to eliminate the risks of receiving defective materials from vendors corrective actions are taken. Corrective action helps to eliminate the risk that the same vendor will sell defected material again.

Thanks

 
Posted : 20/11/2016 4:04 pm
(@jej7)
Posts: 15
Active Member
 

As already discussed by others, the best ways are a quality system supported DFMEA matrix, collecting information from various sources such as the complaints department and the past quarter's CAPAs and NCRs, SWOT analysis and others. I believe the best way on handling the risk identification is to periodically update the assessments every other quarter with as many sources of information as you can possibly obtain. Not only does it force people to look critically at what has been done before but it also triggers internal action (such as CAPAs and the like) when risk is approaching a pre-established threshold.

 
Posted : 20/11/2016 4:57 pm
(@nk229)
Posts: 15
Active Member
 

I would like to expand on the above mentioned checklist and previous similar projects. As a researcher that is my primary method of risk assessment. To me a new project means working with a new drug, thus the first thing that I do is research the molecule, all the chemical properties, any patents that need to be noted when doing the research, and any similar drugs that were used in other projects. The chemical properties as well as previous experiments tell me what problems I may need to solve and how I might be able to solve them. For the most part, many problems can be expected by simply looking at these two things.

 
Posted : 20/11/2016 4:57 pm
(@dparekh)
Posts: 11
Active Member
 

I have had the opportunity to work on risk analysis at the company that I worked for in past. The risks were given numerical values based on three categories and the total risk was the product of these categories. It really depends on how the company sets up their risk analysis structure and “risk value.” It also comes back to the decision of the engineers and being confident in ensuring that you’re creating safe product and putting it on market.

 
Posted : 20/11/2016 6:38 pm
(@julienneviuya)
Posts: 68
Trusted Member
 

Our company uses FMEA, which only differs from the acronym for FMECA by the one word "criticality". In an FMEA, the Failure Mode Effects Analysis addresses potential risks of the product, whether in production or distribution. There is an extensive amount of documentation that covers every part of the production process that may carry risks, and when there is a revision of any document in the database, there is always a question if this revision will require updates to the FMEA.

 
Posted : 18/11/2017 12:35 pm
(@srg36)
Posts: 117
Estimable Member
 

My company uses many of the tools mentioned above to identify and manage risk. As the professor also mentioned, risk can be associated with the design as well as the manufacturing of the device. Risk can also just be associated with the way that the device will be used. From a functional standpoint, the QA department conducts a functional analysis where they look at each individual step in the surgical procedure and identify any risks that exist. A risk table is then generated as an output of the functional analysis. From a design standpoint, QA reviews the engineering drawings with R&D to identify any critical quality attributes (CQA) related to the design. We also perform dFMEAs to identify failure modes and their effects related to the design and we work with our suppliers to conduct pFMEAs where we identify failure modes and effects of all process (manufacturing) related activities. So I would say we approach and identify risks at many different angles in my company.

 
Posted : 18/11/2017 4:06 pm
Page 1 / 3
Share: