Risk management terminology and characteristics

Rami.Azulay August 30th, 2012 Posted by Rami Azulay( ) IEC 62304, IEC60601, ISO 14971, Risk Management, Standards and Regulations
Basic terms
  • Hazard: Potential  source  of  harm (what can go wrong)
  • Failure cause: what causes the hazard
  • Harm: Physical injury or damage to  the of people or property
  • Risk: the calculation (RPN) of the Probability of occurrence of Harm and its Severity
  • Risk control/ Risk mitigation: the means taken to reduce the risk
  • Residual risk: Remaining risk after risk control measures have been implemented

So, Hazard creates the risk that can cause harm: what can go wrong, what is the likelihood for this to happen, what would be the consequences and is the risk level tolerable or not?

Example 1 : Risk analysis to mobile phone: The radiation (hazard) that caused because of crack in mobile phone body (failure cause) causes severe headaches (harm) solved by using materials according to relevant standards (risk control)

Type of optional hazards – hazard category (partial list)

  • Energy
  • Biological
  • Chemical
  • Environmental
  • Hazards Related to the Use of the Device
  • Functional Failure
  • Maintenance
  • Aging
  • more…

Risk probability/frequency values (the probability for the harm to occur)

  • Improbable (So unlikely, it can be assumed occurrence may not be experienced)
  • Remote (Unlikely, but possible to occur in life of an item)
  • Occasional (Likely to occur sometime in life of an item)
  • Probable (Will occur several times in life of an item)
  • Frequent (Likely to occur frequently)

Risk severity values (the severity of the harm!!)

  • Negligible
  • Minor
  • Moderate
  • Major
  • Catastrophic

Risk control types

  • Safety by design
  • Protective measures – in the medical devices itself or in the manufacturing process – alarms, production line tests
  • Information for safety – marking, user manual
  • Operational – Workshops, training courses…

Risk properties

  • Hazard – what can go wrong
  • Category – see list above
  • Failure cause – what cause the hazard
  • Condition – Normal use, single fault, incorrect use
  • Affected – Patient, operator, service personal, bystanders, environment
  • Probability1 (also known as occurance/likelyhood/Frequency) – probability of the harm before risk control
  • Severity1 – severity of the harm before mitigation
  • RPN1 (risk level1) – the risk estimation result (Severity and probability) before mitigation
  • Control type – see above
  • Reduction necessary? – yes/no for hazards that are in ALARP zone
  • Probability 2 – after mitigation (risk control)
  • Severity 2 (not always in use, usually equal to Severity1)
  • RPN 2 – after mitigation
  • New hazard created – yes/no. Indicates if new risks arises from risk control
  • Related artifacts (for control) – relations to SRS, HRS, user manual…
  • Status – risk status, see in our blog some examples (hazard identification->risk estimation risk control identification->risk control implementation->verified)
  • Verification type – external labs, test management, training (you can use a descriptive field as well)
  • Verification description
  • Applicable component


About the author, Rami Azulay

Rami has over 24 years of experience in various software development and QA roles. Using his extensive knowledge of operations and quality, Rami was a main architect of the Orcanos software back in 2005 and later became Orcanos VP sales & marketing. Rami holds an MSC degree in Computer Sciences.

Orcanos

Contact

8 Tozeret Ha'aretz Street
Tel Aviv, Israel
+972-3-5372561
info@orcanos.com

Copyright © Orcanos, All rights reserved. | Privacy policy | Terms of use