We will begin the web conference shortly. When you arrive, please type the phone number from which you are calling into the chat field.

Similar documents
Risk Assessment for Drug Products with Device Components

Planning the Risk Management File Audit

Risk Analysis and Management. May 2011 ISO 14971

ISO INTERNATIONAL STANDARD. Medical devices Application of risk management to medical devices

Case for Quality Company D. Risk Management

RISK MANAGEMENT: WHAT HAVE WE LEARNED? AFDO 2009 CAPT JOSEPH L. SALYER, RS, MPH FDA, CDRH, OC

AAMI Risk Management Summit Risk Terminology and Expectations: A Regulatory Perspective

Basics of Quality Risk Management. CBE Pty Ltd

Master Class: Construction Health and Safety: ISO 31000, Risk and Hazard Management - Standards

Common Safety Methods CSM

RISK ASSESSMENT APPROACH AND ITS APPLICATION IN PHARMACEUTICAL INDUSTRY FOR PRODUCT QUALITY MANAGEMENT

Streamlining Risk Management Evaluations for New Manufacturing Processes

European Railway Agency Recommendation on the 1 st set of Common Safety Methods (ERA-REC SAF)

To err is human. Pete Davis VP of Research & Development Neomend a subsidiary of Bard Davol

Classification Based on Performance Criteria Determined from Risk Assessment Methodology

ISO INTERNATIONAL STANDARD. Medical devices Application of risk management to medical devices

A Streamlined Approach for Full Compliance with SIF Implementation Standards


Quality Risk Management from Concept to Practical Strategies*

8 th Annual FDA Inspections Summit

Kidsafe NSW Risk Management Plan. August 2014

The Definitive Guide to ISO Risk Management for Medical Devices

Best Practices in Applying Medical Device Risk. Management Terminology

ALARP v AFAP. Figure 1 illustrates this approach. Note that the manufacturer determines the location of each of the three regions.

Best Practices in Applying Medical Device Risk Management Terminology

Comparison of Risk Analysis Methods: Mehari, Magerit, NIST and Microsoft s Security Management Guide

YY/T / ISO 14971:2007 corrected version

Risk Management Plan for the <Project Name> Prepared by: Title: Address: Phone: Last revised:

ISO INTERNATIONAL STANDARD. Safety of machinery Risk assessment Part 1: Principles

Concepts in Risk-based Assessment Risk in Medical Imaging Ehsan Samei, PhD. Outline. Outline 8/3/2016

Table of Contents Advantages Disadvantages/Limitations Sources of additional information. Standards, textbooks & web-sites.

Crowe, Dana, et al "EvaluatingProduct Risks" Design For Reliability Edited by Crowe, Dana et al Boca Raton: CRC Press LLC,2001

Post Market Surveillance & Vigilance - the way towards harmonisation-

Risk Management Relevance to PAS 55 (ISO 55000) Deciding on processes to implement risk management

RISK MANAGEMENT MANUAL

Scouting Ireland Risk Management Framework

Zurich Hazard Analysis (ZHA) Introducing ZHA

RISK EVALUATIONS FOR THE CLASSIFICATION OF MARINE-RELATED FACILITIES

This is a preview - click here to buy the full publication

Risk and Compliance management in Technical Projects 2017 Global Risk Engineering Conference

Risk Assessment Workshop Pam Walaski, CSP, CHMM Director, Health and Safety GAI Consultants, Inc. Pittsburgh, PA

IAASB CAG REFERENCE PAPER IAASB CAG Agenda (December 2005) Agenda Item I.2 Accounting Estimates October 2005 IAASB Agenda Item 2-B

Use of QRM to Quantify Particulate Contamination Risks

RISKTOPICS DISCUSSION. Product Design January 2013

Risk Management & FMEAs. By Jay P. Patel, ASQ Fellow CEO & President QPS Institute

The Basics of Risk Management

CONSTRUCTION SAFETY MANAGEMENT USING FMEA TECHNIQUE: FOCUSING ON THE CASES OF STEEL FRAME WORK

TOOL #15. RISK ASSESSMENT AND MANAGEMENT

Risk Assessment Policy

Risk and safety Part 2: Risk analysis and safety measures

TABLE OF CONTENTS. Annexes: I. Notification form II. Methodological framework for facilitating consistent risk estimation and evaluation

HAZARD MANAGEMENT POLICY Page 1 of 7 Reviewed: October 2018

Functional Safety of Railway Systems

LCS International, Inc. PMP Review. Chapter 6 Risk Planning. Presented by David J. Lanners, MBA, PMP

APPLICATION OF FORMAL SAFETY ASSESSMENT IN THE LEGAL ACTIVITY OF INTERNATIONAL MARITIME

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Information security risk management

RISK REGISTER POLICY AND PROCEDURE

CEN GUIDE 414. Safety of machinery Rules for the drafting and presentation of safety standards. Edition 3,

RISK MANAGEMENT and ISO 17025:2017

Risk Management Framework. Metallica Minerals Ltd

1. Define risk. Which are the various types of risk?

Risk Management Strategy

AN INTRODUCTION TO RISK CONSIDERATION

Functional Safety Demystified

RISK ASSESSMENT. A Practical Guide to Assessing. Operational Risks. Edited by GEORGI POPOV BRUCE K. LYON BRUCE HOLLCROFT. WlLEY

Chapter 7: Risk. Incorporating risk management. What is risk and risk management?

Challenges of implementation. a regulatory perspective

Steps to join the Managing Operational Risk Webinar for computers and laptops

Risk Management Policy and Framework

Supersedes: 9/01/11 (Rev.5) Preparer: Owner: Approver: Team Member, North America Process Safety Center of Expertise

Project Risk Management. Prof. Dr. Daning Hu Department of Informatics University of Zurich

NATIONAL RISK MANAGEMENT SYSTEM

Risk Management Framework

CONSTRUCTION ENGINEERING & TECHNOLOGY: EMV APPROACH AS AN EFFECTIVE TOOL

GOV : Enterprise Risk Management Policy

SIL and Functional Safety some lessons we still have to learn.

Project Selection Risk

client user GUIDE 2011

Fundamentals of Risk Management

Tuesday Sept 11th, 2018 AGENDA: 1. Pre-Meeting Clinic: Q&A on Risk and a Company s Risk Culture. 2. Risk Management

RISKS. Diane Van Hoy and Jacob Kloos

Section Defining Risk Management. 11. Principles of Risk Management

Presented to: Eastern Idaho Chapter Project Management Institute. Presented by: Carl Lovell, PMP Contract and Technical Integration.

Job Safety Analysis Preparation And Risk Assessment

Hazard Prevention Program. Regulation 19

Nagement. Revenue Scotland. Risk Management Framework. Revised [ ]February Table of Contents Nagement... 0

Risk Management Plan for the Ocean Observatories Initiative

How to Compile and Maintain a Risk Register

Fraud Risk Management

Risk Management at the Deutsche Bundesbank March 2011

Note: This policy incorporates key elements of the former Risk Taking and Assessment Policy (SO-0080).

RISK MANAGEMENT POLICY

Project Theft Management,

Business Auditing - Enterprise Risk Management. October, 2018

OVERVIEW OF RISK ANALYSIS. APEC workshop: Hot Issues in Risk Analysis August 1, Singapore

ISO/DIS 9001:2015 Risk-Based Thinking

ACTUAL METHODS ON TECHNOLOGICAL RISK ASSESSMENT

Qualitative Tree Risk Assessment

Risk Management Policy

MEMORANDUM. To: From: Metrolinx Board of Directors Robert Siddall Chief Financial Officer Date: September 14, 2017 ERM Policy and Framework

Transcription:

Welcome We will begin the web conference shortly. When you arrive, please type the phone number from which you are calling into the chat field. To login to the audio portion of the web conference, dial 1-866-740-1260 on your phone and use the access code provided to you when prompted. If you are calling from Mexico, dial 0018005148716 Issue 4: 062007-BSI Overview of ISO 14971:2007 Application of Risk Management to Medical Devices Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 1

Learning Objectives 3 Understand the importance of top management involvement with ISO 14971:2007 Understand the impact of ISO 14971:2007 implementation on medical device organizations Discuss recent changes in definitions and the impact of new areas of emphasis Consider the life-cycle concept as it impacts medical device design, manufacturing, and postproduction information Risk Management Introduction Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 2

Why Perform Risk Analysis? 5 All regulatory agencies require it: the FDA views 14971 as improvement the EU, Canada and Japan require risk management Risk analysis allows for matching of regulatory controls to level of risk of the device, i.e. higher classification implies more controls ALL devices must be judged safe by the manufacturer and risk management ensures that manufacturer documents safety before going to market Cost of an Unacceptable Risk 6 Before design $5,000 After design $50,000 After production $500,000 After vigilance $3,000,000 After litigation $20,000,000 More importantly, the cost to the PATIENT! Issue 4: 06/20/07 2007 BSI Management Systems 3

ISO 14971:2007 Risk Management 7 Increasingly, the importance of a safety review is being recognized as an important risk management tool Failure to identify risks to safety, and the inability to address or control these risks, can result in massive costs, both human and economic Risk management defined in ISO 14971:2007 is a tool to help the manufacturer control the risks to humans ISO 14971:2007 Requirements Top Management Support 8 Demonstrate commitment by: Defining policy for determining acceptable risk Providing adequate resources Ensuring trained/qualified personnel (medical device and risk management techniques) Reviewing results of risk management to ensure continuing suitability and effectiveness Note: See 3.2, ISO 14971:2007 Issue 4: 06/20/07 2007 BSI Management Systems 4

ISO 14971:2007 Requirements Risk Management Process 9 Risk Analysis Risk Evaluation Risk Control Note: See Figure 1, ISO 14971:2007 Acceptable Residual Risk? Final Report Production and Postproduction information ISO 14971:2007 Requirements Risk Management Plan 10 Risk management plan for each medical device or accessory: The scope of the plan Verification plan Allocation of responsibilities Requirements for the review of risk management activities Criteria for risk acceptability Plan for production and postproduction information gathering Note: See 3.4, ISO 14971:2007 Issue 4: 06/20/07 2007 BSI Management Systems 5

Product Safety 11 Control measures can reduce the risk to a level which is acceptable to the current values of society If all the residual risks have been reduced to an acceptable level, the product can be considered safe (in other words, there is freedom from unacceptable risk) The manufacturer makes.and documents this decision ISO 14971:2007 Requirements Risk Management File 12 Risk management file includes: Risk management plan Results of all risk management activities Maintained records Traceability for each identified hazard Note: See 3.5, ISO 14971:2007 Issue 4: 06/20/07 2007 BSI Management Systems 6

Statements of Applicability Issue 4: 062007-BSI Applicability of ISO 14971:2007 14 The standard can be used to develop a process: To identify the hazards associated with medical devices To estimate and evaluate the risks To control these risks To monitor the effectiveness of the control Which can be applied to all stages of the life cycle of a medical device Which can be an integral part of a quality system Issue 4: 06/20/07 2007 BSI Management Systems 7

Meeting ISO 14971:2007 Requirements The risk management process can be a subset of another process, but must be defined, documented, and maintained The risk management file can be a subset of the design history file (DHF), but must provide traceability to identified hazards Post-market risk management reviews can be an update tab to the DHF or part of the complaint file Use cross-functional teams from existing organization to identify hazards 15 Applicability of ISO 14971:2007 16 ISO 14971:2007 will: Provide a model for a risk management plan Give guidance for safety and information about residual risk Ensure that the options for risk management tools are understood, including: PHA [preliminary hazard analysis] FTA [Fault tree analysis] FMEA [failure mode effects analysis] HAZOP [hazard and operability studies] HACCP [hazard analysis and critical control point] Issue 4: 06/20/07 2007 BSI Management Systems 8

Applicability of ISO 14971:2007 17 The standard does not: Apply to clinical judgments relating to the use of a medical device Specify acceptable risk levels Require that the manufacturer have a formal quality system in place Applicability of ISO 14971:2007 18 International Standards related to risk management: IEC 60601-1:2005 ISO TS 20993 ISO 14155 IEC TS 80002 IEC 62304 TEC TS 80001 IEC 62366 ISO 13485 IEC 60812 ISO 14969 IEC 61025 ISO 9000-3 IEC 60300-3-9 IEC/TR 60513 EN 12442-1 In 2003, there were about 8 technical or QS standards which had incorporated risk analysis into the process. Issue 4: 06/20/07 2007 BSI Management Systems 9

Application of ISO 14971:2007 to ISO 13485:2003 Issue 4: 062007-BSI ISO 14971:2007 and ISO 13485:2003 20 The organization shall establish documented requirements for risk management throughout product realization. Records arising from risk management shall be maintained. (ISO 13485:2003, 7.1) Note the concept of life-cycle, e.g. throughout product realization [all phases from initial concept to final decommissioning] Product realization = planning, customer-related processes, design control, purchasing, production, traceability, control of monitoring and measuring equipment Issue 4: 06/20/07 2007 BSI Management Systems 10

ISO 14971:2007 and ISO 13485:2003 21 Inputs relating to product requirements shall be determined and record maintained. These inputs shall include output(s) of risk management. (ISO 13485:2003, 7.3.2) There is a Reference to ISO 14971 in note 3 under clause 7.1 Consider risk related to installation and servicing Definitions and Terms Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 11

ISO 14971:2007 Definitions 23 Medical devices are products intended for: Diagnosis, prevention, monitoring, treatment, or alleviation of disease Diagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or handicap Investigation, replacement, or modification of the anatomy or of a physiological process Control of conception ISO 14971 is a standard a manufacturer may use to identify hazards associated with medical devices, and to estimate, evaluate, control, and monitor the effectiveness of the process ISO 14971:2007 Keywords 24 Hazardous situation Risk Risk analysis Risk evaluation Risk assessment Risk control Residual risk Risk management Risk Estimation (new) Life Cycle (new) Issue 4: 06/20/07 2007 BSI Management Systems 12

ISO 14971:2007 Definitions 25 Hazard Hazardous Situation (new area of focus) Risk Risk Analysis Risk Evaluation Risk Assessment Potential source of harm Circumstance in which people, property, or the environment are exposed to one or more hazard(s) Probability of the occurrence of harm and the severity of that harm Systematic use of available information to identify hazards and estimate risk Process of comparing the estimated risk against given risk criteria to determine the acceptability of risk Overall process comprising a risk analysis and a risk evaluation ISO 14971:2007 Definitions 26 Risk Control Residual Risk Risk Management Process in which decisions are made and measures implemented by which risk are reduced to, or maintained within specified levels Risk remaining after protective measures have been taken Systematic application of management policies, procedures, and practices toward analyzing, evaluating, controlling and monitoring risk Issue 4: 06/20/07 2007 BSI Management Systems 13

ISO 14971:2007 Definitions 27 New Definitions Risk Estimation Life Cycle Risk Management File (modified) Definitions in 14971:2007 are also now in alphabetical order Process used to assign values to the probability of occurrence of harm and the severity of that harm All phases in the life of a medical device, from the initial conception to final decommissioning and disposal Risk Management file must include outputs from the steps of the risk management process. In addition, it shall provide traceability for each identified hazard to the solutions adopted (2.23 and 3.5) The Risk Management Process Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 14

ISO 14971:2007 Risk Management Process 29 Risk Analysis Intended use/purpose Hazard identification Risk estimation each hazardous situation Risk Evaluation Risk Assessment Risk Control Option analysis Implementation Residual risk evaluation Risk/benefit analysis Consequential risks Completeness of control Risk Management Evaluation of overall risk acceptability Risk management report Production and post-production Planning is Essential Before Conducting Risk Management 30 Risk Management Process Define Process (3.1) Evidence of of Top Management Commitment Demonstrated (3.2) Process must be established documented, maintained, consider life-cycle, analysis, evaluation, control, production and post-production Risk Management Records Qualification of of personnel (3.3) The Plan (3.4) The File (3.5) Assignment of qualified personnel Define acceptability policy Periodically review the process Measure effectiveness Issue 4: 06/20/07 2007 BSI Management Systems 15

Risk Management Process (4.1) 31 Start Risk Analysis Identified use/intended purpose Identify characteristics (4.2) Identify known and/or foreseeable hazards (4.3) Estimate risk(s) for for each hazardous situation (4.4) Risk Evaluation Is Is risk reduction necessary? (5) (5) If If no, no, proceed to to 6.7 6.7 If If yes, apply control (6.1) Risk Management Process Control 32 Identify appropriate risk control measure(s), record risk control requirements (6.2) Risk Control Is Is the the risk reducible? If If Yes Implement, record and verify appropriate measures (6.3) If If not not practicable, perform risk/benefit analysis(6.5) Is Is the the residual risk acceptable? (6.4) Issue 4: 06/20/07 2007 BSI Management Systems 16

Risk Management Process Control 33 Risk/Benefit analysis (6.5) Risk Control Are Are other hazards generated? (6.6) Completeness of of risk control (6.7) Risk Management Process Evaluate, Report, Produce, Monitor 34 Overall residual risk evaluation Is Is overall residual risk acceptable? (clause 7) 7) Complete risk management report (clause 8) 8) If If unacceptable, further data may be be relevant. For For overall residual, decide which to to disclose Begin Production (clause 9) 9) Postproduction information Review post-production information (clause 9) 9) Is Is reassessment of of risk necessary? (clause 9) 9) Issue 4: 06/20/07 2007 BSI Management Systems 17

Risk Management Application of Risk Management to Medical Devices Issue 4: 062007-BSI Risk Analysis ISO 14971:2007, Clauses 4.1-4.4 Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 18

4.1-4.2 Risk Analysis 37 Determine which tools the team will use to fulfill the requirements Describe intended use/intended purpose and any reasonably foreseeable misuse List all qualitative and quantitative characteristics that could affect safety and determine limits Maintain records Check compliance 4.1-4.2 Risk Analysis 38 Annex C Annex G Questions to help identify medical device characteristics that could impact safety Information on Risk Management Techniques Issue 4: 06/20/07 2007 BSI Management Systems 19

4.3 Risk Analysis Hazard Identification 39 List known or foreseeable hazards in both normal and fault conditions Identify previously recognized hazards Consider and record foreseeable sequences of events that may result in a hazardous situation 4.3 Risk Analysis Hazard identification 40 Table E.1 Table E.2 Annex H.2.4 Examples of hazards Examples of initiating events and circumstances Identification of known and foreseeable hazards Issue 4: 06/20/07 2007 BSI Management Systems 20

4.3 Risk Analysis Hazard Identification 41 Hazards not previously recognized can be identified by systematic methods: Failure Mode Effect Analysis (FMEA) Failure Mode Effect and Criticality Analysis (FMECA) Fault Tree Analysis (FTA) Hazard and Operability Study (HAZOP) Hazard Analysis and Critical Control Point (HACCP) Maintain records Check compliance Note: See Annex G for information on risk analysis techniques/tools to consider 4.3 Risk Analysis Hazard Identification 42 The importance of choosing tools: Brainstorming can only take the team so far Component level failures, system level failures, impact of sequences of events are sometimes best analyzed with different tools Different tools can be put to best use at different periods on the life-cycle Some tools are better adapted to hardware and some to software Issue 4: 06/20/07 2007 BSI Management Systems 21

Hazard 43 There is a risk that a patient may come to some harm if they are exposed to a hazard The 2007 version of the standard emphasizes hazardous situation leading to the questions: For the hazards we have identified, what circumstances would lead to exposure to one or more of these hazards? How could the hazard impact the patient, care giver or environment? Risk is a combination of the probability of occurrence and the severity of the harm which would occur, so hazards lead to hazardous situations which lead to risks ISO 14971:2007 Requirements Risk Management Concept 44 Intended Use Hazard Hazardous Situation Risks Note: See Figure 1, ISO 14971:2007 Issue 4: 06/20/07 2007 BSI Management Systems 22

4.4 Risk Analysis Estimation of the Risk 45 Estimate the risks in both normal and fault conditions Consider sequences of events that can lead to a hazardous situation List possible consequences (severity) for hazards even when the probability of the occurrence of harm cannot be estimated Maintain records Check compliance 4.4 Risk Analysis Estimation of the Risk 46 Examine initiating events or circumstances Consider any mitigating features already designed-in, or proven in the market Issue 4: 06/20/07 2007 BSI Management Systems 23

4.4 Risk Analysis Estimation of the Risk 47 Information for estimating risks can be obtained from: Published standards Scientific technical data Field data from similar medical devices Usability tests with typical users Clinical evidence Results of relevant investigations Expert opinions External quality assessment schemes 4.4 Risk Analysis Estimation of the Risk 48 Annex D Table E.3 Risk Concepts applied to medical devices. Guidance on hazards, risk estimation, risk acceptability, risk control, risk/benefit analysis (with examples), and overall risk evaluation Relationship between hazards, foreseeable sequences of events, hazardous situations and harm that can occur Issue 4: 06/20/07 2007 BSI Management Systems 24

4.4 Risk Analysis Estimation of the Risk 49 Effect Catastrophic Critical Serious Minor Negligible Criteria: Severity of Effect Results in patient death Permanent impairment or lifethreatening injury Injury or impairment requiring professional medical intervention Temporary injury or impairment not requiring professional medical intervention Inconvenience or temporary discomfort Ranking S4 S3 S2 S1 S0 4.4 Risk Analysis Estimation of the Risk 50 Probability 1:1 1:10 1:100 1:1,000 1:10,000 Criteria: Probability of Effect Certain to occur Frequently occurs Occasionally occurs Remote chance of occurring Very unlikely to occur Ranking P4 P3 P2 P1 P0 Issue 4: 06/20/07 2007 BSI Management Systems 25

Risk Analysis-FMEA FMEA is one of the tools for risk analysis Issue 4: 062007-BSI FMEA, FTA, HAZOP, PHA and HACCP Informative Annex G in the risk management standard provides excellent guidance on choice of tool options: 52 For this course, we will study and perform FMEA on the design of a medical device, sometimes known as a design FMEA or DFMEA A process FMEA can also be conducted using the same tool Note: BS EN 60812 FMEA Procedure Issue 4: 06/20/07 2007 BSI Management Systems 26

FMEA in Design Control 53 Perform early in design cycle so that removal or mitigation of failure mode is most cost effective FMEA should be an iterative process, particularly when considering other generated hazards FMEA results in a team composed of individuals qualified to recognize consequence and magnitude of hazards FMEA in Design Control 54 Design FMEA: assumes the product will be manufactured to meet the design does not rely on process controls to overcome potential design weaknesses examines technical and physical limits of a manufacturing or assembly and test process if successful, involves representatives from all areas of the organization Issue 4: 06/20/07 2007 BSI Management Systems 27

FMEA Activities 55 Assign a rating for severity and probability for each hazard Calculate risk Determine the most appropriate corrective/ preventive actions based on the risk acceptability policy Carry out the recommended action Recalculate risk Document any other generated hazards FMEA - Risk 56 A general relation regarding a measure of a potential risk, R, in a FMEA can be expressed as: R = S x P Where S = Severity and P = Probability Issue 4: 06/20/07 2007 BSI Management Systems 28

What FMEA Can Do 57 Identify failure modes Determine their probability Help prioritize actions to be taken Allow for mitigation of failure modes Provide mitigation status Help increase system/item reliability Complement FTA What FMEA Cannot Do 58 Model interaction of failure modes (each failure mode is considered independent; especially an issue in software/hardware interactions) Predict/assess system/item reliability over the life-cycle Monitor and evaluate reliability improvements and final product reliability Issue 4: 06/20/07 2007 BSI Management Systems 29

FMEA: Follow-Up Actions 59 FMEAs are living documents FMEAs should always reflect latest design levels Focus should always be on improving safety of medical device before placing it on the market Risk Evaluation ISO 14971:2007, Clause 5 Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 30

5 Risk Evaluation 61 For each identified hazard: Q: When is risk reduction NOT required? A: Factors to consider: If risks are identified as acceptable If estimated risk is so low that risk controls are not necessary Criteria defined in the risk management plan and requirements in relevant technical standards Maintain records Check compliance Note: If no further risk control is necessary, proceed to 6.7 5 Risk Evaluation 62 Identify hazard Estimate risk Is risk high enough to warrant risk reduction? YES Reduce Risk NO Does benefit outweigh risk after reduction? YES NO ACCEPT DESIGN DENY DESIGN Issue 4: 06/20/07 2007 BSI Management Systems 31

Risk Control ISO 14971:2007 Clauses 6.1-6.7 Issue 4: 062007-BSI 6 Risk Control 64 When risk reduction is indicated, the organization must follow the processes as noted: Option analysis Implementation of risk control measures Residual risk evaluation Risk/benefit analysis Review of other generated hazards Evaluation of completeness of risk control Issue 4: 06/20/07 2007 BSI Management Systems 32

6.1-6.2 Risk Control Option Analysis 65 Identify measures to reduce risk to an acceptable level by priority: Inherently safe design Protective measures Information on safety Select risk control measures based on relevant product standards Maintain records Check compliance 6.1-6.2 Risk Control Option Analysis 66 Annex D.3.2.3 Annex J Guidance on situations where the probability of harm cannot be estimated Information for safety and residual risk information and disclosure Issue 4: 06/20/07 2007 BSI Management Systems 33

6.3 Risk Control Implement Measures 67 Implement and verify risk control measures by priority Verify implementation of control measures Verify effectiveness of control measures Maintain records Check compliance 6.4 Risk Control Residual Risk Evaluation 68 Evaluate residual risks using criteria defined in the risk management plan For any residual risk that doesn t meet plan criteria, implement further risk control measures Decide on which information to disclose to explain residual risk in the appropriate accompanying documents supplied by the manufacturer Maintain records Check compliance Issue 4: 06/20/07 2007 BSI Management Systems 34

6.5 Risk Control Risk/Benefit Analysis 69 Further risk control is not practicable Determine if benefits outweigh the residual risk NO If If benefits DO NOT outweigh risk YES If If benefits DO outweigh risk Risk is UNACCEPTABLE Proceed to 6.6 6.5 Risk Control Risk/Benefit Analysis 70 The manufacturer will decide which residual risks are relevant to explain in accompanying documents Maintain records Check compliance Note: See Annex D.6.1-D6.5 Issue 4: 06/20/07 2007 BSI Management Systems 35

6.6 Risk Control Other Generated Hazards 71 Review risk control measures to identify if other hazards or hazardous situations are introduced by risk control measures Assess estimated risks for impact on hazards previously identified Maintain records Check compliance 6.7 Risk Control Completeness of Risk Evaluation Ensure that risks from all identified hazards have been evaluated Maintain records Check compliance 72 Traceability is not required in the final report, but it now is required in the risk management file to ensure that all identified hazards have been addressed Issue 4: 06/20/07 2007 BSI Management Systems 36

Evaluation of Overall Risk Acceptability ISO 14971:2007, Clause 7 Issue 4: 062007-BSI 7 Overall Risk Evaluation 74 Determine if the overall residual risk of the device is acceptable after all measures have been implemented and verified If judged unacceptable, determine if additional proof supporting medical benefits supports a conclusion in favor of the product Final conclusion after the study must support benefits outweighing any residual risk or product cannot be taken to market Risk Medical Benefits Issue 4: 06/20/07 2007 BSI Management Systems 37

7 Overall Risk Evaluation 75 Annex D.7.1-D.7.8 Annex J Guidance on overall residual risk evaluation Guidance on how residual risks can be disclosed Risk Management Report ISO 14971:2007, Clause 8 Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 38

8 Risk Management Report 77 Prior to commercial distribution, the report must be reviewed to ensure that: Risk management plan has been appropriately implemented Overall residual risk is acceptable Methods in place for production and surveillance Check compliance Review conducted in accordance with plan and properly authorized in accordance with the plan 8 Risk Management Report 78 The risk management report should address all hazards known or reasonably foreseeable for the particular product types and technologies involved The report must address likelihood and consequences of occurrence of harm and measures taken to reduce the residual risks to acceptable levels Issue 4: 06/20/07 2007 BSI Management Systems 39

Production and Post- Production Information ISO 14971:2007, Clause 9 Issue 4: 062007-BSI 9 Production 80 The manufacturer shall gather and review information during production processes: Consider production, operators, and users Consider installation and maintenance Consider impact of new or revised standards Production considerations were not clearly addressed in the previous version of the standard as it went from the report to post-production information. The requirement now makes it clear that the expectation is that the report and conclusions are fully completed before production begins Issue 4: 06/20/07 2007 BSI Management Systems 40

9 Post-Production Information 81 Establish, document, and maintain a system to review information gained about the medical device or similar devices in the post-production phase Evaluate the information for possible relevance to safety, especially the following: If previously unrecognized hazards are present If the estimated risk arising from a hazard is no longer acceptable If the original assessment is otherwise invalidated (by post-market data) Evaluate the effectiveness of the risk management process 9 Post-Production Information 82 Post-production information will come from complaints, but should not be limited to complaints For ease of analysis, data should be coded Consider coding by hazards generated, including user error from misuse (whether accidental, or intentional if the information implies misuse on other products) Review data at defined intervals Ensure management is informed of the post-production review (e.g., as an agenda item to management review) Issue 4: 06/20/07 2007 BSI Management Systems 41

Variables Driving the Cost and Duration of Implementation Issue 4: 062007-BSI Implementation: Cost and Time 84 Start with top management support for the process, policy, and training [in tools and in expertise for MD usage] Develop a good risk management plan with defined criteria for acceptability Get management acceptance of the plan and determine when their approval is needed or not needed Involve risk management team in plan so they understand the criteria Issue 4: 06/20/07 2007 BSI Management Systems 42

Implementation: Cost and Time 85 Invest more time in determining intended use and foreseeable misuses Decide which tools are most appropriate at which stages of the life-cycle Invest a lot more time in listing hazards early on in the program. It is much better to identify 900 hazards and mitigate 100, than to identify 100 hazards and mitigate 50 Implementation: Cost and Time 86 Train personnel on risk management techniques ahead of time Train personnel on intended use of the device as well as intended environment of use and consider hands-on activities Utilize relevant standards Leverage existing systems Issue 4: 06/20/07 2007 BSI Management Systems 43

Next Steps 87 For further guidance on medical devices go to: www.bsiamericas.com or call 1-800-862-4977 (USA) 1-800-862-6752 (Canada) Questions/Final Thoughts 88 If you have any further questions, comments, or suggestions, please email us: inquiry@bsiamericas.com Issue 4: 06/20/07 2007 BSI Management Systems 44

Thank You for Participating! Issue 4: 062007-BSI Issue 4: 06/20/07 2007 BSI Management Systems 45

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback