Forum

Notifications
Clear all

Risk Management Mistakes

57 Posts
54 Users
0 Likes
3,995 Views
(@smk45)
Posts: 53
Trusted Member
Topic starter
 

I came across an article online that highlights 4 reasons why a company's risk management approach may be wrong. It was an interesting read and indicates the following as major errors:

1. Risk management and design controls are separate processes - Risk management and design controls both aim to ensure that medical devices are safe and effective. Companies should be able to demonstrate how risk controls lead to an improvement in product design, which results in design verification and validation.

2. Risk management is a "checkbox" activity - Instead of looking as risk management as an errand that can be done later, it should be looked at as an opportunity to improve product design. The ISO 14971 can be used as a guideline to figure out the steps of risk management and what should be documented.

3. FMEA is being used as risk management - Companies are trying to use FMEA to satisfy ISO 14971 Risk Management. While FMEA is about device failures, risk management is a holistic approach that analyzes risks involved with device usage and failures.

4. Risk management is not a lifecycle process - Many companies only perform risk management during product development but do not continue once production begins. Instead, the risk management file should be treated as a living document. Processes should be able to be updated according to complaints, feedback, CAPAs, and other events that occur after the product is out on the market.

What are your thoughts on these major mistakes that medical device companies make and are there others that you would like to add on?

http://blog.greenlight.guru/why-your-risk-management-approach-is-wrong

 
Posted : 19/11/2016 5:20 pm
 la82
(@la82)
Posts: 51
Trusted Member
 

Thank you for sharing this! I agree with you. It is a very interesting read. I was researching more on the topic and found another link that lists possible ways on using risk management efficiently and avoiding problems such as the ones you mentioned.

here is a quick list and the link is listed below for more details:

* Understanding Risk-Related Terminology
* Risk Planning
* Risk Assessment
* Risk Control
* Review/Monitor Risk

http://www.qmed.com/mpmn/medtechpulse/reducing-medical-device-failures-through-risk-management?page=5

- Lamiaa Abdelaziz

 
Posted : 19/11/2016 7:46 pm
(@lg236)
Posts: 51
Trusted Member
 

This is an interesting discussion. The main one that I believe is overlooked is the lifecycle process of risk management. Most companies, as expressed by article, only work with this portion during product development. But is it important to also look at the risk during post market evaluation and see that the product is functioning. And taking into account any complaints or concern and further integrate into the risk management plan. Then it can facilitate in developing a stronger risk mitigation plan that can be implemented throughout the processes and procedures of the product.

 
Posted : 20/11/2016 7:32 am
(@hmp42)
Posts: 15
Active Member
 

Agree with all of you! As I was also going through Harvard Business review, they have listed top 6 mistakes made by executives for risk management. They are,
• Risk is not only determined by predicting extreme events.
• Take recent advice but don’t Only refer to past.
• Relying on historical data.
• Overlooking Concealed risks.
• Not managing in real time.

-Hetal

 
Posted : 20/11/2016 9:03 am
(@sjm39)
Posts: 15
Active Member
 

I believe one of the most important mistakes mentioned was how risk management is not a life cycle process. It should be a living a document and updated accordingly. Complaints and feedback from the users should be heard; the market size is usually much larger than the risk management staff and could see potential risks that the company may have missed. Another factor is as time goes on, new technology could be invented that could either enhance a products risks or be used to decrease certain risks. If the process was ongoing, risk management would be able to enhance their products and minimize risks. To add to the list of mistakes mentioned I found another big one was that many medical device companies are staffed with engineers from non-medical device industries who aren’t aware of, aren’t convinced of, or simply don’t believe that the engineering process for medical devices needs to be well defined, executed, managed, and documented.

http://www.inea.com/PDF/how_to_avoid_the_biggest_mistakes_in_medical_device_development.pdf

 
Posted : 20/11/2016 9:44 am
(@jk299)
Posts: 19
Active Member
 

I agree with the last one in the sense that companies should, if they don't already do, perform risk analysis and risk management on the product all throughout the product lifecycle as a way to ensure the customer and the public that the product is safe, effective and practical. This would increase sales and increase confidence in the product. Risk management is one area where no corners should be cut and that the company is should routinely do to ensure this. And less assumptions should be taken on the companies end and more so on if this is the claim prove it and prove everything, no assumptions for the risk analysis should be made.

 
Posted : 20/11/2016 11:50 am
(@ks282)
Posts: 12
Active Member
 

From personal experience, I know that the most difficulty in risk management is the need to state a reason for the result. Filling out the risk management assessment gives results. These results, however, need to be further analyzed.

After doing some perusing online, I found that another mistake in risk management is not creating an avoidance plan. Others include professionals attempting to reinvent the process of security risk management. There exists well-established methods for risk-analysis tasks already. CSO mentions that there is also the problem of focusing too heavily on listing and ranking all things that can go wrong. The article states that the problem with this approach is that companies may end up, "piling on risks, even the most obscure, from cyber attackers with every conceivable motivation to the possibility of a jet engine falling through the roof of the data center."

http://www.csoonline.com/article/2132291/strategic-planning-erm/7-common-risk-management-mistakes.html

 
Posted : 20/11/2016 11:59 am
(@cp259)
Posts: 15
Active Member
 

The main issue with the product development is the prototype system being abused since it does not overlook necessary risk aspects. I learned about this risk management mistake in company I work, here I am focusing on the issue with prototype. The product is being developed to learn about the rising issues with the outcome and come up with actual solutions. The purpose of the prototyping is not to make iterations of the prototypes, try them out to refine it; the purpose of prototyping is to define the consumer requirements the risk analysis should be to stage the development process to highlight frail components to have set limits. In the development Process, company knows what is good in this development, risk managements highlights what can be bad for the development. In the process control development mode to control risks product should meet upper and lower limit. Upper limit is when consumer is satisfied with the outcome but the lower limit is undetermined. The lower limit varies depending on the different viewpoints of the developers and the consumers. The risk should highlight all the possibilities, examine the issue then assess the raised risk in an accurate manner.

 
Posted : 20/11/2016 12:09 pm
 nda4
(@nda4)
Posts: 19
Active Member
 

Very interesting article, Khemraj. I agree with you. Just to add it is very easy for risk managers to become occupationally tunnel-visioned. However, the job is to manage risk, not to avoid it unnecessarily. Every business action involves risk. Even standing still and clinging to the status quo entails risk. Risk is inherent in business as in life. The risk manager can always find a risk-related reason to avoid undertaking some proposed organizational action, whether it is a possible merger or acquisition, introduction of a new product line, or revision of an employee handbook. The risk manager should identify the risks of any proposed course of action and-this is critical-develop an action plan to reduce or finance the chance of loss.

 
Posted : 20/11/2016 1:28 pm
(@alm8)
Posts: 14
Active Member
 

I definitely agree that having multiple risk assessments along the development process is essential. Along with this, however, I think it is also very important that that risk analysis meetings are more than just one meeting. By this I mean, one can't expect to think of all of the possible risks in a single meeting; even if a group of people are providing their input. I personally don't have experience with how actually companies do their risk assessment, but I feel the most effective way to get a majority of the risks from the start would be to have a couple meetings a couple days apart. This gives the brain time to come up with more ideas that may have not been thought of earlier. In general, however, coming up with risks should never be limited to designated meetings.

 
Posted : 20/11/2016 4:01 pm
 fo3
(@fo3)
Posts: 15
Active Member
 

In my opinion, I think a major mistake would be to assume that one is only looking for extreme and catastrophic risks and therefore overlooking risks that are also important. For example, there are risks due to safety that one may overlook and cause issues in the long run. There are business related risks that can be overlooked because one may be only determining risks due to device safety. It is important as a team to analyze the project from all angles and determine all impacts that device has on every area (business, production, etc).

 
Posted : 20/11/2016 4:37 pm
(@alm8)
Posts: 14
Active Member
 

This is very true. A group discussing the possible risks should not solely consist of safety employees or solely any other department. While conducting a risk analysis, there should be a wide variety of people that can input ideas from various viewpoints. It is also important that one looks at when a possible risk may occur. Some people may get stuck in the mindset of what risks may occur right away, but there is a book of new risks that may open up in the long run.

 
Posted : 20/11/2016 5:35 pm
(@pdp47)
Posts: 54
Trusted Member
 

It is kind of shocking that many companies basically do not follow through after the production of a product. In a business standpoint, customers would want a product that will not have any flaws. To ensure a product is safe and with no flaws it is best for a company to make sure the product goes through a full cycle of analysis, especially smaller companies who depend and target a small demographic. For example let's say customers starts finding some flaws in a product, there is a high chance customer will their business else where. At the end of the day it is all about how well your product is selling.

 
Posted : 20/11/2016 5:40 pm
(@pdp47)
Posts: 54
Trusted Member
 

I agree with you, analyzing the device as team at all angles is really important. There are times when other may catch mistakes that you have missed. This goes for all departments or areas. As a company, employees need to work as a team to make sure it is succeeding. This is why I think having full cycle evaluation will only benefit the company. I understand it means more work, but it is worth it for both the customer and the company. As a team it will be more efficient process.

 
Posted : 20/11/2016 5:42 pm
(@jej7)
Posts: 15
Active Member
 

This is a great discussion topic! I believe many of the failures in risk assessment can come from a lack of resources within the company. By resources I mean information and or the personnel required to adequately provide an honest assessment to the medical device. An example would be a poorly managed complaints department at a medical device company. If you are doing a risk assessment and the complaints department is a year behind (I've personally seen this), how can you make an adequate risk assessment of your product? How would you know how your current manufacturing process and external factors are affecting the risk level? Maybe your product has already crossed a risk threshold requiring a CAPA but you would only know about in the next review process.

 
Posted : 20/11/2016 6:09 pm
Page 1 / 4
Share: