The two most common approaches are 1) to use Risk Priority Numbers (RPNs), and 2) to develop a risk evaluation matrix. Using the criteria for estimating Severity and the Probability of Occurrence of Harm established previously, the risk acceptability criteria can take several forms. Once the plan is approved, the risk analysis team may begin its work with a clear understanding of the level of risk that management considers to be acceptable. For example, the policy should: identify that intent of the criteria is to ensure a high level of safety consistent with customer expectations (purpose) apply to all medical devices manufactured by your company (scope) take regulations, technical state-of-the-art, and customer concerns into account (considerations) work to reduce risks as far as possible (approach) and identify authorities for approving the policy (approval). The guidance document (TIR 24971) provides examples of each of these elements. By “policy,” the standard means that your company needs to document the purpose, scope, considerations for determining acceptable risk, approaches to risk control, and requirements for approval and review of the risk acceptability criteria. Your company’s Risk Management Procedure needs to include your company’s policy for establishing risk acceptability criteria. These criteria must be established in the Risk Management Plan (either directly or by reference) and that plan must be reviewed and approved by company management. The standard calls for the risk analysis team to establish the risk acceptability criteria well before the actual risk analysis activities begin. Two tools described in the standard to complete this work are “risk acceptability criteria” and the “risk evaluation matrix.” ĭetermining Risk Acceptability – The Standard Approachīefore we jump into the challenges of determining risk acceptability, it’s important to first make sure that we have a common understanding of the key elements of the standard approach as described in ISO 14971:2019, Medical Devices – Application of Risk Management to Medical Devices (we’ll just refer to it as “the standard”).Īs a first step, it’s important to be clear on two terms: “risk evaluation” and “risk acceptability.” The standard defines risk evaluation as the “process of comparing the estimated risk against given risk criteria to determine the acceptability of the risk.” So, the process involves taking the “estimated risks” (i.e., typically the results of FMEA-style analysis where you estimate the risk of a Hazardous Situation based on Severity and the Probability of Occurrence of Harm) and evaluating those risks to determine whether they are acceptable or if risk reduction is required. If you have missed any of our previous articles in this series, you can find them on our website at.
A second article (Part B) will provide our thoughts on the challenges. This article takes the next step to address the question: “Are we, as a company, willing to accept the risks associated with our device given the benefits that a patient is likely to receive?” This article (Part A) provides a review of the standard approach. In our last two articles, Part 5: Assigning Harms and Severity and Part 6: Estimating Probability of Occurrence, we discussed approaches to develop values for these two elements of risk and the challenge of completing these assessments/estimates.
0 kommentar(er)
