Skip to main content

Why ISO 14971 Matters

Every medical device manufacturer must demonstrate a systematic approach to identifying hazards, estimating risks, controlling risks, and monitoring effectiveness. ISO 14971 defines this process. Regulatory bodies (FDA, EU MDR, Health Canada) reference it as the foundational risk management standard. The Medical Device Safety Solution implements ISO 14971 not as a checklist, but as a live, traceable process embedded in the development workflow.

Clause-by-Clause Coverage

diagram

Clause 4 — Risk Analysis

ISO 14971 requires identification of hazards, hazardous situations, and estimation of risk for each.
RequirementSolution FeatureEvidence
Identify intended use and misuseUse Step work items (24 scenarios)useStep type with address links to user needs
Identify hazardsHazard Catalog (68 entries, IEC 60601 taxonomy)4-level cascading hierarchy: Energy > Electrical/Mechanical/Thermal > subtypes
Identify hazardous situationsRisk Record hazardousSituation text fieldFree-text description on each of the 55 risk records
Identify harmsStandard Harms catalog (25 entries with severity)harm type with severity 1-5 (Negligible to Catastrophic)
Estimate riskP1 x P2 probability model + harm severityTwo-factor probability (hazard occurrence x harm probability), bucketed and combined with severity in 5x5 matrix

Clause 5 — Risk Evaluation

Risk evaluation compares estimated risk against acceptability criteria.
RequirementSolution FeatureEvidence
Risk acceptability criteria5x5 risk matrix (probability x severity)Three-level classification: Acceptable (green), Investigation (amber), Unacceptable (red)
Pre-mitigation risk levelpreRisk field on risk recordsAuto-computed from P x S lookup in the risk matrix
Automated risk matrix reportRisk Matrix Report (Velocity)Pre-mitigation 5x5 distribution with color-coded cells

Clause 6 — Risk Control

When risk is not acceptable, controls must be applied following the ISO 14971 priority order.
RequirementSolution FeatureEvidence
Risk control hierarchyriskControlType multi-enumThree tiers: Inherent Safety by Design > Protective Measure > Information for Safety
Risk control measuresRisk Control work items (26 controls)Stored in RiskControlPlan document, linked via mitigates role
Implementation traceabilityimplements link roleSystem/design requirements implement risk controls; test cases verify those requirements
Verification of effectivenessVerification Evidence column in HARA risksheetTwo-hop traversal: Risk Control > Requirement > Test Case

Clause 7 — Evaluation of Overall Residual Risk

Clause 7.1 — Residual Risk Evaluation

RequirementSolution FeatureEvidence
Post-mitigation risk assessmentpostRisk field + post P1/P2 probabilitiesMirrors pre-mitigation structure with separate post-control probability fields
Residual risk classificationPost-mitigation risk matrixAuto-computed from post-P x S lookup
Aggregate risk summaryRisk Matrix Report residual risk sectionConditional alert boxes: danger (unacceptable), warning (investigation), success (all acceptable)

Clause 7.2 — Benefit-Risk Analysis

When residual risk remains unacceptable and no further controls are possible, a benefit-risk analysis determines whether the medical benefit justifies the risk.
RequirementSolution FeatureEvidence
Benefit documentationbenefit text field on risk recordsFree-text description of medical benefit
Benefit-risk determinationriskBenefitResult enumTwo values: benefitAcceptable, benefitNotAcceptable
Final risk classificationfinalRisk computed fieldThree-state decision tree: acceptable, unacceptable, benefitAcceptable
Additional controls assessmentadditionalControlsPossible flagForces explicit evaluation before benefit-risk path

Clause 7.3 — Overall Residual Risk

RequirementSolution FeatureEvidence
Aggregate residual risk reviewRisk Matrix Report aggregate statisticsCount and percentage per risk level with conditional alerts

Clause 7.4 — Risk Management Report

RequirementSolution FeatureEvidence
DHF-ready risk reportISO 14971 HARA Report (Velocity)Automated from live data with chapter numbering, all custom fields, print-ready CSS
Risk matrix documentationRisk Matrix ReportMethodology documentation + two 5x5 matrices
DFMEA summaryDFMEA Summary ReportPer-subsystem failure mode statistics

Clause 10 — Production and Post-Production

RequirementSolution FeatureEvidence
Process risk analysisProcess Step work items + PFMEA templateprocessStep type with inputs, outputs, equipment, verification fields
Process-to-component mappingassociates link roleProcessStep links to SystemElement

Annexes Coverage

AnnexTopicSolution Implementation
Annex CRisk Management PlanRiskControlPlan document (26 controls) with document workflow (draft > review > approved > published)
Annex DHarm Severity5-level harm-severity enum: Negligible, Minor, Serious, Critical, Catastrophic
Annex EHazard ExamplesHazardsCatalog (68 entries) with IEC 60601-aligned 4-level taxonomy
Annex FRisk EstimationP1 x P2 two-factor probability model with 5-level bucketing

ALARP Principle

The three-level risk classification directly implements the ALARP (As Low As Reasonably Practicable) principle:
  • Acceptable: Risk is broadly acceptable. No further action required.
  • Investigation (ALARP region): Risk must be reduced as far as reasonably practicable. Requires documented justification if controls cannot reduce risk further.
  • Unacceptable: Risk must be reduced. Benefit-risk analysis is the only path to acceptance if controls are exhausted.