Skip to main content

Which ISO 14971 clauses does the solution cover?

The solution provides structured support for the core risk management clauses:
ISO 14971 ClauseSolution Implementation
Clause 5 — Risk AnalysisHARA risksheet with hazard identification, hazardous situation description, and initial risk estimation (P1 x P2 probability model)
Clause 6 — Risk Evaluation5x5 risk acceptability matrix classifying risks as Acceptable, Investigation, or Unacceptable based on severity and combined probability
Clause 7.1 — Risk ControlRisk control work items linked via mitigates role, classified by the ISO 14971 three-tier hierarchy
Clause 7.2 — Benefit-Risk AnalysisDedicated benefit text field and riskBenefitResult enum (Benefit > Risk / Benefit < Risk) for residual risks in the Investigation zone
Clause 7.3 — Residual RiskPost-mitigation probability re-evaluation with residual risk classification
Clause 8 — Overall Residual RiskHARA Report Section 10 with manufacturer’s residual risk acceptability statement
Clause 8.3 — Final Risk DeterminationThree-outcome finalRisk field: Acceptable, Unacceptable, or Benefit-Risk Acceptable
The ISO 14971 Risk Management Coverage concept page provides a detailed mapping of clauses to solution features.

How does the three-stage risk evaluation work?

The solution implements a three-stage risk evaluation pipeline that maps directly to the ISO 14971 decision process: diagram
  • Stage 1 (Pre-Mitigation): Initial risk estimated from severity and probability using the preRisk field. Three outcomes: Acceptable, Investigation, or Unacceptable.
  • Stage 2 (Post-Mitigation): Residual risk after risk controls are applied, captured in the postRisk field. Same three-level classification.
  • Stage 3 (Final Risk): Conclusive manufacturer decision in the finalRisk field. The Investigation level is removed — forcing a definitive outcome: Acceptable, Unacceptable, or Benefit-Risk Acceptable.
For details on the risk evaluation methodology, see Risk Matrix and P1xP2 Probability Model.

How does the P1 x P2 probability model work?

ISO 14971 decomposes overall probability into two independent factors:
FactorFieldDescriptionScale
P1preHazardProbability / postHazardProbabilityProbability of the hazardous situation occurring1—5 (pOccurrence enum)
P2preHarmProbability / postHarmProbabilityProbability that the hazardous situation leads to harm1—5 (p2Occurrence enum)
The combined probability P is computed by the risksheet formula: P1 x P2 product is mapped to a 1—5 bucket using a normalization algorithm. This combined probability then intersects with harm severity on the 5x5 risk acceptability matrix to determine the risk classification.
Both P1 and P2 are evaluated twice — once before risk controls (pre-mitigation) and once after (post-mitigation). This produces independent risk classifications at each stage, allowing you to measure the effectiveness of risk controls.

What is the risk acceptability matrix?

The solution uses a 5x5 risk acceptability matrix mapping combined probability (1—5) against harm severity (1—5) to determine risk classification:
Severity 1Severity 2Severity 3Severity 4Severity 5
P = 5InvestigationUnacceptableUnacceptableUnacceptableUnacceptable
P = 4AcceptableInvestigationUnacceptableUnacceptableUnacceptable
P = 3AcceptableAcceptableInvestigationUnacceptableUnacceptable
P = 2AcceptableAcceptableAcceptableInvestigationUnacceptable
P = 1AcceptableAcceptableAcceptableAcceptableInvestigation
The matrix produces three outcomes:
  • Acceptable (green): Risk is tolerable without further action
  • Investigation (amber): Requires further analysis, risk reduction, or benefit-risk justification
  • Unacceptable (red): Mandatory risk reduction required
The risk acceptability criteria are defined in the HARA top panel template, not in an external configuration file. Changing acceptability boundaries requires modifying the Velocity template.
For reference details, see Risk Classification.

How does benefit-risk analysis work (Clause 7.4)?

When residual risk remains in the Investigation zone after all practicable risk controls have been applied, ISO 14971 Clause 7.4 requires a benefit-risk analysis. The solution implements this with two fields on the risk record:
  1. Benefit (benefit) — Rich text field documenting the clinical or functional benefit that justifies accepting the residual risk
  2. Risk-Benefit Result (riskBenefitResult) — Enum with two outcomes:
    • Benefit > Risk — acceptable: Clinical benefits outweigh residual risk
    • Benefit < Risk — NOT acceptable: Residual risk exceeds clinical benefit
When the risk-benefit result is benefitAcceptable and no additional controls are possible, the finalRisk formula automatically sets the final risk to Benefit-Risk Acceptable (displayed in purple in the risksheet). The HARA Report includes a dedicated Benefit-Risk Decision Map (Section 7.4) that lists all risks justified through benefit-risk analysis with full documentation. See Perform Benefit-Risk Analysis for step-by-step instructions.

What is the ISO 14971 risk control hierarchy?

The solution enforces the ISO 14971 three-tier risk control hierarchy through the riskControlType enum on risk control work items:
PriorityTypeEnum ValueDescription
1 (highest)Inherent Safety by DesignInherentSafetyDesignEliminate or reduce the hazard through design changes
2Protective MeasuresProtectiveMeasurePhysical barriers, guards, interlocks, or alarms
3 (lowest)Information for SafetyInformationForSafetyLabels, warnings, instructions, or training materials
Risk controls are managed in the Risk Control Plan document and linked to risk records via the mitigates role. A single risk control can be tagged with multiple control types simultaneously using the multi-valued riskControlType field. For more details, see ISO 14971 Risk Control Hierarchy and Risk Control Plan Risksheet Configuration.

How does the document approval workflow support compliance?

Risk assessment documents (riskSpecification type) follow a four-state lifecycle with electronic signature gates:
StateDescription
DraftInitial state; document is being authored
In ReviewSubmitted for review; default signers (users with project_approver role) are automatically assigned
ApprovedAt least one electronic signature from a project_approver role user has been collected
PublishedReleased for use in the Design History File (DHF)
Key compliance features of this workflow:
  • Automatic signer assignment — The sendForReview action automatically adds users with the project_approver role as Approvers
  • Signature-based approval gate — The approve action requires at least one electronic signature (configurable policy)
  • Rework invalidation — The rework action from any state returns the document to Draft and invalidates all existing signatures, ensuring complete re-review
See Review and Approve a Risk Document and Risk Specification Document Workflow for details.

What does the HARA Report contain?

The ISO 14971 HARA Report is a comprehensive, DHF-ready document generated automatically from risk data. It contains 12 sections:
  1. Scope and Purpose — Intended use, foreseeable misuse, operating environment
  2. Methodology — P1 x P2 probability model, severity scale, risk acceptability matrix
  3. Definitions — ISO 14971:2019 terminology (hazard, harm, risk, residual risk, etc.)
  4. Executive Summary — Three-stage risk cards with counts and percentages
  5. Pre-Mitigation Risk Matrix — 5x5 distribution of initial risks
  6. Post-Mitigation Risk Matrix — 5x5 distribution of residual risks
  7. Final Risk Matrix — Includes benefit-risk analysis outcomes and action items
  8. Risk Acceptability Summary — Compliance statement (pass/fail based on unacceptable final risk count)
  9. Risk Control Measures Overview — ISO 14971 control hierarchy documentation
  10. Residual Risk Evaluation — Clause 8.3 overall residual risk statement
  11. Traceability — Full chain: hazards to harms to controls to requirements to test cases
  12. Report metadata — Project ID, generation date, revision
The report concludes with an automatic compliance statement: a success indicator if no unacceptable final risks remain, or a danger indicator with regulatory action items if unacceptable risks persist.
See Generate the ISO 14971 HARA Report and the ISO 14971 HARA Report Reference.

How is traceability maintained for ISO 14971?

The solution maintains end-to-end traceability through Polarion link roles: diagram This chain ensures that every hazard can be traced from its use context through risk evaluation, risk controls, design requirements, and verification evidence. The HARA risksheet includes server-rendered columns that automatically resolve these multi-hop traversals, showing requirements and verification evidence directly in the risk analysis view. For the complete link role reference, see Link Roles and Traceability Relationships. For the data model behind this chain, see V-Model Traceability Chain.
ISO 14971 HARA Report (iso-14971-hara-report/page.xml), risk record custom fields (riskRecord-custom-fields.xml), risk acceptability enum (riskRecord-risk-enum.xml), final risk enum (finalRisk-enum.xml), risk-benefit result enum (riskBenefitResult-enum.xml), risk control type enum (riskControlType-enum.xml), risk specification workflow (riskSpecification-workflow.xml), HARA risksheet configuration (HARATemplate/risksheet.json).