Presentation is loading. Please wait.

Presentation is loading. Please wait.

Combining Product Risk Management & Design Controls

Similar presentations

Presentation on theme: "Combining Product Risk Management & Design Controls"— Presentation transcript:

1 Combining Product Risk Management & Design Controls
ISO 14971 ISO 13485, Clause 7.3

2 Design Controls “Waterfall Diagram” 820.30h) – Design Transfer
820.30j) – Design History File (DHF) QSIT Major Subsystem

3 Two Hump Diagram R D Product Launch 510(k) DHF Begins

4 Two Hump Diagram + Typical Stages of Design
Product Launch 510(k) Concept Phase Feasibility Phase Development Phase Pilot Phase Release Phase Design Transfer DHF Begins

5 When to Start a DHF? After the design plan has been developed
Upon approval of the design project It’s not uncommon to start a DHF late and to retroactively assemble the file from documents that were already created in team meetings.

6 Organize Chronologically
DHF Contents Design Plan User Needs Design Inputs Design Outputs – including labeling Verification Protocols & Reports Validation Protocols & Reports Process Validation & work instructions Design Review Meeting Minutes IOVV / Design Requirements Matrix Risk Management File Initial PMS Plan Clinical Data Summary and/or Clinical Evaluation Report Initial DMR/TF Index Regulatory Approval Organize Chronologically

7 Each Gate is a Design Review Meeting
5 or 6 Phase Gates 7.3.1 – Design Plan Approval 7.3.2 – Design Inputs Approval 7.3.3 – Design Outputs Approval 7.3.5 & / 1st in Humans Study Approval Pilot Launch Approval Commercial Launch Approval Each Gate is a Design Review Meeting Clause 7.4 ISO Clauses Referenced

8 Design Reviews ISO 13485, Clause 7.3.4 Reviews shall…
Be systematic and according to design plan Evaluate ability of design & development to meet requirements Identify problems and propose necessary actions Include participants representing various functions of the design team from that stage Results and necessary actions shall be recorded Include a reviewer not involved in that stage (21 CFR e)

9 Design Planning ISO 13485, Clause 7.3.1 The plan shall…
Define stages of design & development Define the review, verification, validation & transfer activities for each stage Define responsibilities & authorities Management shall manage interfaces Document planning output and update as needed Concept Phase

10 Design Inputs

11 Input Output Verification Validation
Also called a Design Requirements Matrix

12 Risk Management / Design Controls
Clause 7.3.2e) of ISO states that Risk management shall be an Input into Design & Development Clause 6.3 of ISO requires verification of effectiveness of risk controls Clause 6.7 of ISO requires verification of completeness of risk controls

13 Risk Management File ISO 14971, Clause 3.5
File for each medical device The risk management file shall provide traceability for each identified hazard to: the risk analysis the risk evaluation the implementation and verification of the risk control measures the assessment of the acceptability of any residual risk(s) The records and other documents that make up the risk management file can form part of other documents and files required. Should contain at least references to all required documentation. The risk management file can be in any form or type of medium.

14 Risk Management Activities Needed
Risk Management Plan Hazard Identification Risk Assessment Risk Control Option Analysis Risk Control Effectiveness Verification Risk / Benefit Analysis Risk Management Report

15 Risk Management Plan ISO 14971, Clause 3.4 (See Annex F for Example)
The plan shall include at least the following: the scope of the planned risk management activities, identifying and describing the medical device and the life-cycle phases for which each element of the plan is applicable assignment of responsibilities and authorities requirements for review of risk management activities criteria for risk acceptability, based on the manufacturer's policy for determining acceptable risk, including criteria for accepting risks when the probability of occurrence of harm cannot be estimated verification activities activities related to collection and review of relevant production and post-production information For each risk management plan the manufacturer should choose appropriate risk acceptability criteria May implement a matrix indicating which combinations of probability of harm and severity of harm are acceptable or unacceptable The risk management plan is part of the risk management file Record of the changes shall be maintained in the risk management file Plan developed in accordance with the risk management process. Refer to Annex F for guidance on developing a risk management plan. Risk acceptability criteria determined according to manufacturer’s policy (based upon applicable regulations and International Standards, accepted state of the art, and known stakeholder concerns)

16 Hazard Identification
ISO 14971, Clause 4.3 Documentation on known and foreseeable hazards associated with the medical device in both normal and fault conditions Maintained in the risk management file Annex C, Annex E, Previous Risk Analysis & TPLC Database (

17 Risk Assessment Tools ISO 14971, Annex G Preliminary Hazard Analysis
Fault Tree Analysis (FTA) Failure Mode & Effects Analysis (FMEA) Hazard & Operability Study (HAZOP) Hazard Analysis and Critical Control Point (HACCP)

18 dFMEA

19 Problems with dFMEA Bottom-up approach doesn’t facilitate complaint investigations RPN scores encourage prioritization of risk controls that deviates from MDD (EN ISO 14971:2012) No traceability to specific IFU Warnings & Precautions

20 Traceability of Risks

21 Integration of Risk Activities with Design Phases
Risk Control Option Analysis Hazard Identification Risk Control Effectiveness Verification Risk Management Report Risk Assessment Risk Management Plan Risk / Benefit Analysis R D Product Launch 510(k) Concept Phase Feasibility Phase Development Phase Pilot Phase Release Phase Prior to commercial release of products, the best practice is to combine the risk management plan with the design plan. This diagram is called the “two-hump diagram”. The first hump is referred to as “R” for research. The second hump is referred to as “D” for development. To this basic diagram I have added the phases of the design control process and various risk management activities. Sometimes companies are late in initiating a design history file (DHF), but the risk management plan should be initiated prior development as part of the initial design project plan. Design Transfer DHF Begins

22 Starting the Lifecycle Loop
Post-Market Surveillance Initial Risk Analysis Estimates Frequency of Occurrence for Hazards Post-Market Surveillance (PMS) Report Estimates Frequency of Harm Clinical Evaluation Report (CER) Assesses the Clinical Risk/Benefit of the New Product Risk Analysis Clinical Evaluation

23 Combined IOVV & Risk Traceability

24 Initiating Combined Matrix
Perform Hazard Identification Work Backward to User Needs Fill in 1st Two Columns These are the first steps of the design process that often lead up to creating a Regulatory Pathway Summary Document & Design / Risk Management Plan

25 Preparation for Approval of Design Inputs
Identify Applicable Harmonized Standards Identify Performance Testing Predicate Devices 510(k) Summary Special Controls Guidance Documents Search ISO Standards Are their internal specifications?

26 Perform Risk Assessment
Identify Possible Risk Control Methods Severity of Harm Probability of Occurrence (P1) Preliminary Screening against Design Inputs Reiterate Risk Controls & Design Specifications Finalize Design Specifications (Approve Outputs)

27 V&V Verification of Risk Control Effectiveness
Preliminary Estimation of P2 based upon literature (Need to perform literature search…Clinical Evaluation Report) Results of Clinical Evaluation and Risk / Benefit Analysis should determine: if Clinical Study is Needed If Post-Market Clinical Follow-up Study is Needed

28 Draft IFU Identify Residual Risks
Warnings Precautions Contraindications This is critical for Adverse Events, Investigator Brochures and Litigation of Injuries or Death

29 Draft PMS Plan Post-Market Surveillance (PMS) Plan
Needs to collect data for any residual risks Should verify estimated risks Should identify any missing hazards Should identify incorrect severity of harm Should include justification of no PMCF Study or… PMCF Protocol PMCF Report Should include updated Risk Management Plan

30 Risk Management Report
This is a Summary Technical Document (STED) that summarizes all the risk management activities and references the document control numbers for the Risk Management Documents This should also include the dates of activities and personnel involved The frequency of review and update of the risk management documentation should be included

31 Other Training Webinars

32 Q & A What if your customer requires an FMEA?
What does the FDA prefer for risk management documentation? Annex I of the MDD says to reduce risk "As Far As Possible". How do you know you have done that? Who needs training on risk management and design controls? What's the best way to store and maintain a risk management file?

33 Do You Need Help with Design Controls or Risk Management?
Rob Packard rob13485

Download ppt "Combining Product Risk Management & Design Controls"

Similar presentations

Ads by Google