ISO 14971 Risk Management Assessment

Evaluate medical device risk management per ISO 14971:2019, covering risk analysis, risk evaluation, risk control, and post-production risk monitoring throughout device lifecycle

MedtechHealthcareBiotech25 minutes20 questions

1. Risk Management Process

Have you established a risk management process per ISO 14971?*

Clause 4.1: Documented risk management process for all lifecycle phases

Is a risk management plan created for each medical device?*

Clause 4.4: Plan defines scope, assignments, criteria, review, verification, validation

Have you defined risk acceptability criteria based on device classification and use?*

Clause 4.4(c): Criteria for risk acceptance considering benefit-risk ratio

Is a risk management file maintained throughout the device lifecycle?*

Clause 4.5: File contains evidence of all risk management activities

2. Risk Analysis

Have you identified the intended use and reasonably foreseeable misuse?*

Clause 5.3: Characteristics related to safety including normal use and misuse scenarios

Have all hazards and hazardous situations been systematically identified?*

Clause 5.4: Use FMEA, FTA, hazard checklists to identify hazards

Have you estimated the risk for each hazardous situation?*

Clause 5.5: Estimate probability and severity of harm for each hazard

Are risks documented in a risk matrix or similar tool?*

Best practice: Risk matrix visualizes probability vs. severity

3. Risk Evaluation

Have you evaluated all identified risks against acceptability criteria?*

Clause 6: Compare estimated risks to acceptance criteria in risk management plan

Are unacceptable risks identified for mandatory risk control?*

Clause 6: Risks exceeding criteria require risk reduction measures

4. Risk Control

Have you implemented risk control measures in order of priority (inherently safe design first)?*

Clause 7.1: Hierarchy - 1) Inherently safe design, 2) Protective measures, 3) Information for safety

Have you verified that risk control measures effectively reduce risk?*

Clause 7.3: Verification confirms control measures work as intended

Have you analyzed whether risk controls introduce new hazards?*

Clause 7.4: Risk controls may create new risks requiring analysis

Are risk control measures documented in design specifications and IFU?*

Clause 7.1: Controls embedded in design, protective measures, and user information

5. Residual Risk Evaluation

Have you re-evaluated residual risk after implementing controls?*

Clause 7.5: Verify residual risk is acceptable after risk reduction

Is the overall residual risk acceptable considering device benefits?*

Clause 8: Benefit-risk analysis demonstrates benefits outweigh residual risks

Are residual risks disclosed in IFU and labeling?*

Clause 8: Information for safety communicates residual risks to users

6. Production & Post-Production

Do you collect and review production and post-production information for new hazards?*

Clause 9: Monitor complaints, incidents, field data for emerging risks

Are risk management activities updated based on post-market surveillance?*

Clause 9: Update risk analysis with real-world evidence

Is the risk management review completed before commercial release?*

Clause 10: Final review confirms completeness and benefit-risk acceptability

Please answer all required questions to see your results