You don’t consciously recognize it, but we are constantly managing risk.

We look both ways before crossing a street, we wear seatbelts (hopefully), we thoroughly cook chicken, and so on.

Unconsciously Accept Residual Risk

And we also unconsciously accept residual risk: we eat sushi (some of us), we exceed the speed limit when driving, and so on.

Risk management in medical devices is just a conscious (and well-documented) application of what we already do in our daily lives.

The first section on scope in the standard sets the stage.

In Scope

It defines what is in scope (medical devices) and what is not in scope (business risk management) and it’s for the life of the device.

In the author’s note in the standard, it declares it can be used without a Quality Management System but that’s pretty unlikely in this day and age.

But scope is probably inadequate to really set the stage.

As alluded to previously, Risk Management may well be the most scrutinized process within the lifecycle of a medical device product.

FMEA

Gone are the days that you give an FMEA to a reviewer / inspector and they “check the box” for covering risk management.

It’s not unheard of for reviewers / inspectors to search for specific risk scenarios or controls and, if not found, ask why they are not addressed.

It’s critical that a company has a solid risk management team with a variety of disciplines participating.

Online course
8 modules
ISO 14971:2019 – The Scope of the Standard


Find out more about this course