M
MDR/IVDR Training

Risk Management (ISO 14971)

35 minAdvanced

Learning Objectives

By the end of this module you will be able to:

  • 1Explain the purpose and scope of ISO 14971:2019 and its relationship to MDR/IVDR
  • 2Describe the 7-step risk management process from planning through post-production monitoring
  • 3Apply the risk matrix to evaluate hazards by probability and severity
  • 4Distinguish the 3-tier risk control hierarchy (inherent safety, protective measures, information for safety)
  • 5Understand the benefit-risk analysis required by MDR Annex I and how post-market data feeds risk management
Content reviewed: March 2026

Why Risk Management Matters

Every medical device carries inherent risks. ISO 14971 provides the internationally recognised framework for systematically identifying, evaluating, controlling, and monitoring those risks throughout a device's entire lifecycle โ€” from concept to decommissioning.

#1

Most-cited standard in MDR

Art. 10(2)

MDR requires ISO 14971-based risk management

Lifecycle

From design through post-market

๐Ÿฅ What This Means for Your Hospital

  • Risk management underpins every decision about which devices to procure, use, and monitor
  • You play a vital role in post-market risk monitoring โ€” reporting incidents feeds back into risk controls
  • Understanding risk/benefit helps you explain device choices to patients and colleagues
  • HSE Medical Device Governance requires facilities to maintain risk-based device inventories

1. ISO 14971 at a Glance

ISO 14971:2019 (Medical devices โ€” Application of risk management to medical devices) is the harmonised standard that satisfies MDR Annex I General Safety & Performance Requirements (GSPRs). It was last revised in 2019, aligning with MDR/IVDR requirements.

๐ŸŽฏ

Scope

Applies to ALL medical devices and IVDs โ€” from tongue depressors to MRI scanners.

๐Ÿ”„

Lifecycle approach

Risk management is continuous โ€” not a one-time checkbox. It runs from initial concept through post-market surveillance.

โš–๏ธ

Risk vs. Benefit

Residual risks must be weighed against clinical benefits. Zero risk is never the goal โ€” acceptable risk is.

๐Ÿ”ฌ

State of the Art

Risk acceptability is judged against current knowledge and technology โ€” what was acceptable in 2015 may not be today.

Knowledge Check

According to ISO 14971, how is 'risk' defined?

2. The Risk Management Process

ISO 14971 defines a structured, iterative process. Think of it as a continuous loop โ€” not a linear checklist.

Knowledge Check

What is the FIRST step in the ISO 14971 risk management process?

3. The Risk Matrix & Acceptability Criteria

The risk matrix is the core tool for risk evaluation. It plots severity of harm against probability of occurrence to classify each risk.

Severity โ†’
Probability โ†“		NegligibleMinorSeriousCriticalCatastrophic
FrequentALARPUnacceptableUnacceptableUnacceptableUnacceptable
ProbableAcceptableALARPUnacceptableUnacceptableUnacceptable
OccasionalAcceptableALARPALARPUnacceptableUnacceptable
RemoteNegligibleAcceptableALARPALARPUnacceptable
ImprobableNegligibleAcceptableAcceptableALARPALARP

Unacceptable

Risk MUST be reduced โ€” cannot proceed without mitigation

ALARP

Reduce As Low As Reasonably Practicable โ€” weigh cost/benefit of further controls

Acceptable

Risk is within acceptable limits โ€” still reduce if practicable

Negligible

Risk is minimal โ€” typically no further action needed

Catastrophic
Death or permanent life-changing injury
Critical
Permanent impairment or life-threatening condition
Serious
Injury requiring medical or surgical intervention
Minor
Temporary injury not requiring intervention
Negligible
Inconvenience or temporary discomfort

Knowledge Check

A hazard has 'Remote' probability and 'Critical' severity. Where does it fall on the risk matrix?

4. The Risk Control Hierarchy

ISO 14971 mandates a strict priority order for risk controls. Higher-priority measures are more effective and must always be considered first.

๐Ÿ›ก๏ธ
Priority 1

Inherent Safety by Design

Eliminate the hazard entirely through design choices

Use biocompatible materials to avoid toxicity
Design connectors that physically cannot be misconnected (e.g., NRFit for neuraxial)
Round sharp edges on implants
Software: eliminate single points of failure
๐Ÿ”’
Priority 2

Protective Measures

Add barriers, guards, alarms, or interlocks when the hazard cannot be eliminated

Pressure relief valves on infusion pumps
Alarm systems for out-of-range physiological parameters
Software interlocks preventing dangerous dose combinations
Shielding on radiation therapy equipment
โš ๏ธ
Priority 3

Information for Safety

Provide warnings, labels, and training when residual risk remains

Warning labels on MRI-conditional implants
Instructions for Use (IFU) specifying cleaning procedures
Training requirements for complex devices
Symbols indicating single-use only
โš ๏ธ Critical Rule: Manufacturers must NOT rely solely on Priority 3 (information for safety) if a Priority 1 or 2 measure could reduce the risk. Labelling alone is never an acceptable substitute for safer design.

Knowledge Check

A manufacturer designs a new infusion pump. To prevent accidental free-flow of medication, which risk control approach has the HIGHEST priority under ISO 14971?

5. ISO 14971 & MDR/IVDR โ€” How They Connect

MDR explicitly requires manufacturers to establish and maintain a risk management system conforming to ISO 14971. Here are the key linkage points:

MDR ReferenceRequirementISO 14971 Link
Article 10(2)Manufacturer must establish risk management systemEntire ISO 14971 process
Annex I, Ch. I (GSPRs)Devices must be safe; risks reduced AFAPRisk evaluation & control (Clauses 7-8)
Annex I, ยง1Residual risks acceptable when weighed against benefitsBenefit-risk analysis (Clause 9)
Annex I, ยง4Risk controls follow the hierarchyRisk control options (Clause 7.1)
Annex IITechnical documentation must include risk managementRisk Management File (Clause 4.5)
Annex IIIDoC references GSPR complianceRisk Management Report (Clause 10)
Article 83-86Post-market surveillance feeds risk managementProduction/post-production (Clause 10)
Annex XIV Part AClinical evaluation considers risks vs. benefitsBenefit-risk (Clause 9)

โš–๏ธ The Benefit-Risk Balance

MDR Annex I, Section 1 states: "Devices shall achieve the performance intended by their manufacturer, and shall be designed and manufactured in such a way that, during normal conditions of use, they are suitable for their intended purpose. They shall be safe and effective and shall not compromise the clinical condition or the safety of patients [...] any risks [...] shall constitute acceptable risks when weighed against the benefits to the patient."

โœ… Benefits may include

  • โ€ข Clinical: improved diagnosis, treatment, survival
  • โ€ข Patient management: easier monitoring, faster recovery
  • โ€ข Public health: disease prevention, screening

โš ๏ธ Risks may include

  • โ€ข Direct harm: infection, injury, adverse reactions
  • โ€ข Indirect harm: delayed diagnosis, incorrect reading
  • โ€ข User risks: ergonomic strain, exposure to radiation

6. Common Risk Analysis Techniques

ISO 14971 does not mandate a specific analysis method. Manufacturers choose from established techniques depending on the device complexity:

๐Ÿ”

FMEA

Failure Mode & Effects Analysis

Bottom-up: analyses individual component failures and their effects on the system. Most commonly used for medical devices.

IEC 60812
๐ŸŒณ

FTA

Fault Tree Analysis

Top-down: starts with an undesired event and works backward to find root causes using logic gates (AND/OR).

IEC 61025
๐Ÿ”ง

HAZOP

Hazard & Operability Study

Systematic examination using guide words (e.g., 'more', 'less', 'reverse') to identify deviations from intended operation.

IEC 61882
๐Ÿ“‹

PHA

Preliminary Hazard Analysis

High-level early-stage analysis to identify potential hazards before detailed design. Often the first step.

ISO 14971 Annex C

Knowledge Check

Which risk analysis technique works 'top-down', starting from an undesired event and tracing back to root causes?

7. The Risk Management File

All risk management activities must be documented in a Risk Management File (RMF). This is a living document that evolves throughout the device lifecycle and forms part of the Technical Documentation required under MDR Annex II.

๐Ÿ“ Contents of a Risk Management File

Risk Management Plan
Hazard identification results
Risk estimation for each hazard
Risk evaluation decisions
Risk control measure descriptions
Verification of risk control effectiveness
Assessment of new risks from controls
Overall residual risk evaluation
Benefit-risk analysis
Risk Management Report (summary)
Post-production monitoring plan
Records of updates and reviews
๐Ÿฅ Why This Matters for Hospitals: When your clinical engineering team evaluates a device for procurement, they may request access to or a summary of the Risk Management File. Notified Body auditors also review these files during conformity assessment. Understanding what should be in the file helps you ask the right questions of suppliers.

8. Irish & HSE Context

๐Ÿ‡ฎ๐Ÿ‡ช HPRA & Risk-Based Market Surveillance

The HPRA uses a risk-based approach to market surveillance โ€” devices with higher inherent risk (Class III, Class D IVDs) receive more scrutiny. When you report an incident to the HPRA, they evaluate it using risk management principles similar to ISO 14971.

The HPRA's vigilance system directly feeds into the manufacturer's post-market risk management process, potentially triggering Field Safety Corrective Actions (FSCAs).

๐Ÿฅ HSE Medical Device Governance

The HSE Medical Device Governance Policy requires each healthcare facility to maintain risk-based approaches to medical device management, including:

  • Risk-based device inventories and prioritised maintenance schedules
  • Risk assessment before introducing new devices or changing procedures
  • Incident reporting aligned with national vigilance requirements
  • Local Risk Committees reviewing device-related events

๐ŸŽฏ Key Takeaways

ISO 14971:2019 is THE standard for medical device risk management โ€” required by MDR
Risk = Probability ร— Severity โ€” both dimensions must be evaluated
The process is CONTINUOUS โ€” not a one-time exercise
Risk controls follow a strict hierarchy: Design โ†’ Protection โ†’ Information
Benefits must outweigh residual risks for a device to be acceptable
Your incident reports directly feed manufacturers' post-market risk monitoring
The Risk Management File is a living document throughout the device lifecycle
State of the art evolves โ€” yesterday's acceptable risk may not be acceptable today

Knowledge Check

8 questions ยท 80% required to pass

Q1.What international standard defines the risk management process for medical devices?

Q2.According to ISO 14971, how is "risk" defined?

Q3.What is the FIRST step in the ISO 14971 risk management process?

Q4.A risk is classified as "ALARP" on the risk matrix. What does this mean?

Q5.Under the ISO 14971 risk control hierarchy, which measure has the HIGHEST priority?

Q6.Your ward receives a Field Safety Notice (FSN) about a patient monitor. The FSN was triggered because post-market surveillance identified a new hazard. Which step of the ISO 14971 process does this represent?

Q7.Which risk analysis technique works "top-down", starting from an undesired event and tracing back to root causes using logic gates?

Q8.MDR Annex I, Section 1 states that devices shall be safe and effective, and that residual risks shall be acceptable when weighed against what?

0/8 answered

Print-Friendly Summary

One-page PDF for ward reference & quick revision

Was this module useful?