Skip to main content
This reference documents all custom fields defined for the Risk Record work item type, including their types, defaults, enumerations, and usage patterns in risksheet configurations and PowerSheet traceability views.
Risk Records implement a fine-grained risk assessment pattern distinct from FMEA: P1 (probability hazard occurs), P2 (probability harm given hazard), and Control (control failure probability). This model enables targeting risk controls at specific failure points in the hazard-to-harm chain.

Pre-Mitigation Risk Assessment

Pre-Mitigation Severity

PropertyValue
NamepreMitigationSeverity
TypeEnum
Default(none)
ReferenceharmSeverity enumeration
DescriptionSeverity rating of potential harm before risk control implementation, based on patient impact or outcome severity. Used in pre-mitigation risk level computation. Examples: Minor Injury, Major Injury, Fatality.
Risksheet UsageDisplayed in pre-mitigation risk assessment column group; may drive row color-coding in risk matrix.

Pre-Mitigation P1 (Hazard Probability)

PropertyValue
NamepreMitigationP1
TypeEnum
Default(none)
ReferenceriskProbability enumeration
DescriptionProbability that the hazardous event will occur in the specified operational context, independent of harm outcome. Captures “hazard occurs” before considering whether it causes patient harm. Part of three-probability decomposition per ISO 14971. Values typically: Remote, Low, Medium, High, Very High.
Risksheet UsageColumn in pre-mitigation assessment phase; used in preRisk formula calculation.

Pre-Mitigation P2 (Harm Probability)

PropertyValue
NamepreMitigationP2
TypeEnum
Default(none)
ReferenceriskProbability enumeration
DescriptionProbability that harm will result given the hazardous event occurs. Captures the conditional probability “hazard → harm” after exposure. Distinct from P1, enabling analysis of scenarios where hazards are common but harm is rare (low detectability, good mitigation).
Risksheet UsageColumn in pre-mitigation risk matrix; combined with P1 and Control probability in risk level formula.

Pre-Mitigation Control Probability

PropertyValue
NamepreMitigationControlProbability
TypeEnum
Default(none)
ReferenceriskProbability enumeration
DescriptionProbability that existing preventive or detective controls will fail to prevent or mitigate the hazardous event. Captures control effectiveness baseline before implementing new risk controls. Values indicate likelihood control is ineffective: Remote (control always works), Low, Medium, High, Very High (control unreliable).
Risksheet UsageThird dimension of pre-mitigation risk assessment; influences whether additional controls are necessary.

Pre Risk (Overall Assessment)

PropertyValue
NamepreRisk
TypeEnum (computed or assessed)
Default(computed from S, P1, P2, Control)
ReferenceriskLevel enumeration
DescriptionOverall pre-mitigation risk level derived from severity, P1, P2, and control probability using risk matrix lookup. Represents unacceptable risk requiring control implementation. Typical values: Unacceptable, Conditional Acceptance, Acceptable.
Risksheet UsageComputed via JavaScript formula combining S×P1×P2×Control values; used to color-code rows and identify high-risk scenarios requiring mitigation.
Pre-Mitigation Risk Formula Pattern:
preRisk = riskMatrix[preMitigationSeverity][preMitigationP1][preMitigationP2][preMitigationControlProbability]
The risk matrix evaluates all 4 dimensions; high severity + any elevated probability = Unacceptable risk.

Post-Mitigation Risk Assessment

Post-Mitigation Severity

PropertyValue
NamepostMitigationSeverity
TypeEnum
Default(none)
ReferenceharmSeverity enumeration
DescriptionSeverity rating of potential harm after risk controls are implemented. In most cases, equals pre-mitigation severity (severity inherent to harm, not reducible by controls). Documented for completeness and audit trail.
Risksheet UsagePost-mitigation risk matrix column; typically mirrors pre-mitigation unless risk control reduces harm severity (rare).

Post-Mitigation P1 (Hazard Probability)

PropertyValue
NamepostMitigationP1
TypeEnum
Default(none)
ReferenceriskProbability enumeration
DescriptionProbability that hazardous event will occur after implementing preventive risk controls. Represents effectiveness of inherent safety or protective measures that reduce hazard frequency. Should be lower than preMitigationP1 if prevention controls are effective.
Risksheet UsageColumn in post-mitigation assessment phase; demonstrates risk reduction from mitigation strategy.

Post-Mitigation P2 (Harm Probability)

PropertyValue
NamepostMitigationP2
TypeEnum
Default(none)
ReferenceriskProbability enumeration
DescriptionProbability that harm will result given the hazardous event occurs, after implementing detective or mitigating controls. Represents effectiveness of protective measures that reduce harm consequences. Combined with post-mitigation P1 to compute residual risk.
Risksheet UsagePost-mitigation risk matrix dimension; reflects control effectiveness at harm reduction phase.

Post-Mitigation Control Probability

PropertyValue
NamepostMitigationControlProbability
TypeEnum
Default(none)
ReferenceriskProbability enumeration
DescriptionProbability that post-mitigation controls will fail, capturing residual control unreliability after adding new safeguards. Should be lower than pre-mitigation if new controls improve overall system reliability. Documents control redundancy and diagnostic coverage.
Risksheet UsageThird dimension of post-mitigation assessment; combined with P1 and P2 in residual risk formula.

Post Risk (Residual Risk)

PropertyValue
NamepostRisk
TypeEnum (computed)
Default(computed from post-mitigation S, P1, P2, Control)
ReferenceriskLevel enumeration
DescriptionOverall residual risk level after all mitigation controls are implemented. Determines whether risk is acceptable or requires additional controls per ALARP principle. Typical values: Unacceptable (requires more controls), Conditional Acceptance (risk/benefit analysis needed), Acceptable (controls sufficient).
Risksheet UsageKey input to Final Risk decision logic; drives workflow escalation for unacceptable residual risks.

Risk Context and Mitigation Linkage

Hazardous Situation

PropertyValue
NamehazardousSituation
TypeText (1000+ characters)
Default(empty)
DescriptionDescription of the specific scenario where hazard and operational context combine to create potential for harm. Bridges hazard identification and risk analysis. Should include: what triggered hazard, operational context, when/where, who/what affected. Example: “During parking in bright sunlight, camera sensor becomes saturated due to glare, preventing obstacle detection within 1 meter stopping distance.”
Risksheet UsageDisplayed in hazardous situation column; provides context for risk reviewers and auditors. Mandatory for traceability to upstream hazard analysis.

Linked Hazard (Reference)

PropertyValue
NamelinkedHazard
TypeWork Item Link
Link RoleassessesRisk
Target TypeHazard, HazardousEvent
DescriptionReference to the Hazard work item that identifies the hazardous event being assessed. Establishes traceability from risk record back to formal hazard analysis. Used in reports and RTM views to demonstrate coverage.
Risksheet UsageItemLink column at Level 1 or 2 grouping; supports drill-down from hazard to all associated risk records.

Linked Harm (Reference)

PropertyValue
NamelinkedHarm
TypeWork Item Link
Link RoleresultsInHarm
Target TypeHarm
DescriptionReference to the Harm work item describing potential patient injury or adverse outcome. Captures severity classification from formal harm analysis. Optional but recommended for medical device projects requiring harm traceability.
Risksheet UsageItemLink column; enables cross-linking to harm severity ratings and clinical endpoints.

Risk Control and Acceptance

Risk Control Type

PropertyValue
NameriskControlType
TypeEnum
Default(none)
ReferencecontrolType enumeration
Valuesinherent-safety-design, protective-measure, information-for-safety
DescriptionClassification of risk control strategy according to ISO 26262 control hierarchy. Inherent safety (preferred) eliminates hazard source. Protective measure detects/mitigates consequences. Information-for-safety (weakest) relies on warnings/procedures. Selection drives mitigation effectiveness and ASIL allocation.
Risksheet UsageEnum dropdown; controls column cell decoration (green for inherent, yellow for protective, orange for informative). Used in control effectiveness scoring and design review.
Control Hierarchy Visual: diagram

Additional Controls Possible

PropertyValue
NameadditionalControlsPossible
TypeEnum Boolean
Default(none)
ValuesYes, No
DescriptionALARP (As Low As Reasonably Practicable) determination: indicates whether further risk reduction measures are technically feasible or economically justifiable. “Yes” = additional controls exist but not yet implemented. “No” = at state of art limit or cost disproportionate. Required for risk acceptance justification.
Workflow ContextTriggers escalation in risk acceptance: if postRisk is Unacceptable AND additionalControlsPossible is No, requires executive approval and documented justification.
Risksheet UsageBoolean column in acceptance decision phase; combined with postRisk to drive Final Risk logic.

Risk/Benefit Analysis (Medical Device Context)

Benefit (Risk/Benefit Justification)

PropertyValue
Namebenefit
TypeText (1000+ characters)
Default(empty)
DescriptionDocumentation of clinical, operational, or societal benefits of the product/function when risk cannot be further reduced. Required for medical device risk/benefit analysis per ISO 14971 Annex C. Should quantify benefits (lives saved, function preserved, cost reduction) and demonstrate benefits outweigh risks. Optional for automotive applications unless safety/performance trade-off exists.
Example”AEB system reduces collision frequency by 35% in real-world testing, preventing ~5,000 injuries annually at cost of <0.1% residual false-positive braking events. Clinical benefit outweighs sensor saturation risk.”
Risksheet UsageText cell in benefit analysis section; referenced in risk acceptance reports and audits.

Risk Benefit Result (Decision Outcome)

PropertyValue
NameriskBenefitResult
TypeEnum
Default(none)
ValuesBenefitsOutweighRisks, RisksOutweighBenefits, InsufficientData, NotApplicable
DescriptionFormal outcome of risk/benefit analysis comparing documented benefits against residual risk. Determines whether unacceptable residual risk is acceptable based on clinical/operational value. “NotApplicable” for low-risk scenarios not requiring benefit justification.
Workflow ImpactIf postRisk=Unacceptable AND riskBenefitResult=BenefitsOutweighRisks, risk can be accepted with executive sign-off.
Risksheet UsageEnum dropdown; combined with additionalControlsPossible in Final Risk decision matrix.

Risk Acceptance Decision

Final Risk (Acceptance Decision)

PropertyValue
NamefinalRisk
TypeEnum
Default(computed from decision logic)
ValuesAcceptable, ConditionalAcceptance, Unacceptable
DescriptionUltimate risk acceptance decision after considering residual risk (postRisk), ALARP assessment (additionalControlsPossible), and risk/benefit analysis (riskBenefitResult). Represents formal approval by risk management authority. Drives project progression: Unacceptable risk blocks release unless escalated.
Workflow ContextOutput of risk acceptance gate. Changes to Acceptable only after sign-off by authorized reviewer (project lead, safety officer, executive).
Risksheet UsageEnum column; color-coded (green=Acceptable, yellow=Conditional, red=Unacceptable). Used in dashboards to highlight unresolved risks.
Final Risk Decision Matrix:
postRiskadditionalControlsriskBenefitResultRecommended finalRiskEscalation Required
AcceptableAcceptableNo
ConditionalAcceptanceYesConditionalAcceptanceYes (implement additional controls)
ConditionalAcceptanceNoBenefitsOutweighRisksAcceptableYes (executive approval)
ConditionalAcceptanceNoRisksOutweighBenefitsUnacceptableYes (design change required)
UnacceptableYesUnacceptableYes (must implement controls)
UnacceptableNoUnacceptableYes (design review required)
Risk Records participate in the following link relationships enabling traceability across the V-model:
Link RoleTarget TypePurpose
assessesRiskHazardConnects risk record to hazard identified in HARA analysis
resultsInHarmHarmReferences harm that may result from the hazardous event
mitigatedByRiskControlLinks to safety controls implementing risk mitigation
verifiedByTestCaseLinks to test cases that verify control effectiveness
tracesFromSafetyGoalTraces risk back to safety goal derived from hazard
Source TypeLink RolePurpose
RiskControlmitigatesRisk control documents how it addresses this risk record
TestCaseverifiesTest case demonstrates control implementation
SafetyGoalrelatesToSafety goal provides mitigation strategy

Usage in Risksheet Configurations

Risk Records appear in the Risk Control Plan Risksheet, which implements ISO 14971 risk acceptance workflow. Column groups organize fields chronologically: Pre-Mitigation Assessment:
  • System Element (itemLink, Level 1 grouping)
  • Hazardous Situation (text)
  • Linked Hazard (itemLink)
  • Severity, P1, P2, Control Probability (enums)
  • Pre Risk (computed, color-coded)
Mitigation Strategy:
  • Risk Control Type (enum with cell decoration)
  • Controls (taskLink to RiskControl items)
Post-Mitigation Assessment:
  • Post-Mitigation P1, P2, Control Probability (enums)
  • Post Risk (computed, color-coded)
  • Additional Controls Possible (boolean)
Acceptance Decision:
  • Benefit (text, conditional visibility if medical device)
  • Risk Benefit Result (enum)
  • Final Risk (enum, color-coded)
All of the following must have values before risk can transition to Acceptable or Unacceptable (not ConditionalAcceptance):
  • preMitigationSeverity, preMitigationP1, preMitigationP2, preMitigationControlProbability
  • postMitigationP1, postMitigationP2, postMitigationControlProbability
  • additionalControlsPossible
  • finalRisk (must be set explicitly by authorized reviewer)