Prerequisites
- A HARA document with completed initial risk evaluation
- A Risk Control Plan document (typically
Risks/RiskControlPlan) — see Configure the Risk Control Plan - At least one risk record rated Unacceptable or Investigation
Understanding the Risk Control Hierarchy
ISO 14971 requires risk controls to be considered in a specific priority order:
| Control Type | Enum ID | Examples |
|---|---|---|
| Inherent Safety by Design | InherentSafetyDesign | Material change, geometry redesign, eliminating sharp edges |
| Protective Measure | ProtectiveMeasure | Physical guards, software interlocks, pressure relief valves |
| Information for Safety | InformationForSafety | Warning labels, IFU instructions, training materials |
Step 1: Open the Measures View
- Open your HARA document in risksheet mode
- Switch to the Measures view — this shows all columns except detailed probability values, giving you a clear view of risk controls alongside risk records
Step 2: Create or Select a Risk Control
In the Risk Control column (task link), you can either link an existing risk control or create a new one: To link an existing control:- Click the risk control cell for the target risk record
- Use the picker to search the Risk Control Plan document (
Risks/RiskControlPlan) - Select the appropriate risk control
- Click the risk control cell
- Select Create new — a new
riskControlwork item will be created in the Risk Control Plan document - Enter the risk control title and save
Risk controls live in the Risk Control Plan document (
Risks/RiskControlPlan), not in the HARA document. The risksheet uses the mitigates link role to connect risk controls to risk records across documents.Step 3: Set the Risk Control Type
After linking the risk control, set its type in the Risk Control Type column (riskControlType):
- Click the Risk Control Type cell
- Select one or more types from the ISO 14971 hierarchy:
- Inherent Safety by Design — the most effective type
- Protective Measure — physical or software barriers
- Information for Safety — least effective, used when design controls are exhausted
Step 4: Verify Traceability Columns
The risksheet automatically populates two server-rendered traceability columns:| Column | Shows | Traversal Path |
|---|---|---|
| Requirements | System and design requirements implementing the control | Risk Control —> sysReq / desReq (back-links) |
| Verification Evidence | Test cases verifying the requirements | Risk Control —> Requirements —> testCase (two-hop) |
Step 5: Assign Multiple Controls (If Needed)
A single risk record can have multiple risk controls. To add additional controls:- Click the risk control cell on the same risk record row
- Link or create another risk control
- Each control appears as a separate entry in the task column
Review whether higher-priority controls are feasible before relying on information-for-safety measures. ISO 14971 Clause 7.1 requires demonstrating that the control hierarchy was followed.
What Happens Next
After assigning risk controls:- Evaluate residual risk — re-assess probability with controls in place. See Evaluate Residual Risk (Post-Mitigation).
- Review the Risk Control Plan — verify all controls are documented in the Risk Control Plan with proper type classifications.
- Check requirements traceability — ensure controls are traced to design requirements and verification tests via the PowerSheet RTM views.
Sources
Sources
HARA risksheet configuration (
HARATemplate/risksheet.json), Risk Control Plan configuration (RiskControlPlanTemplate/risksheet.json), risk control custom fields (riskControl-custom-fields.xml), risk control type enumeration (riskControlType-enum.xml), UI walkthrough (risksheet-views.md).