ISO 14971

ISO 14971:2019 is the internationally recognized standard that specifies a process for manufacturers to identify hazards associated with medical devices, estimate and evaluate the associated risks, control these risks, and monitor the effectiveness of controls.

Key features of ISO 14971:
- Latest version: ISO 14971:2019 (published December 2019)
- Harmonized standard under EU MDR and IVDR
- Recognized by FDA and global regulators
- Lifecycle approach to risk management
- Risk-benefit analysis framework

Risk management process:
1. Risk Analysis
- Identify intended use and reasonably foreseeable misuse
- Identify hazards and hazardous situations
- Estimate risks for each hazardous situation

2. Risk Evaluation
- Compare estimated risks against risk acceptability criteria
- Determine if risk reduction is required
- Risk-benefit analysis for residual risks

3. Risk Control
- Implement risk control measures (inherent safety, protective measures, information)
- Verify effectiveness of risk controls
- Assess any new risks introduced by control measures

4. Production and Post-Production
- Collect and review information from production and post-market
- Update risk management file
- Trend analysis and feedback loop

Integration with FMEA:
- Failure Mode and Effects Analysis (FMEA) commonly used
- Risk Priority Number (RPN) calculation
- Design FMEA (DFMEA) and Process FMEA (PFMEA)
- Complements ISO 14971 systematic approach

Residual risk evaluation:
- All risks cannot be eliminated
- Residual risks must be evaluated for acceptability
- Risk-benefit analysis required
- Must be disclosed in labeling/instructions for use

Relationship to regulations:
- EU MDR/IVDR: Annex I requires compliance with ISO 14971
- FDA: Recognized consensus standard (guidance documents reference it)
- ISO 13485: Risk management integrated throughout QMS
- IEC 62304: Software risk management requirements

Risk management file:
- Living document updated throughout product lifecycle
- Contains risk analysis, evaluation, control, and monitoring
- Required for regulatory submissions (510(k), CE marking)
- Subject to audits and inspections