Complying with ISO 14971:2019

FMEA (Failure Mode and Effects Analysis) is utilized to identify potential failure modes in the design or manufacturing of a product. But risks associated with medical devices are not created by failures alone. A product may never fail, but there are still potentially many other risks.

Some product teams still believe that FMEA “checks the box” for risk management. However, since the widespread adoption of ISO 14971, most companies treat FMEA correctly as a component of a larger risk management system, but they are often still performed in the same tool/process. The challenge is how to separate these functions to create the most effective risk management system possible.

ISO 14971:2019, FMEA, and Risk Management 

The separation of FMEA from the risk management process is important because the goals of each of these activities are fundamentally different. For example:

Ultimately, FMEA should feed into a risk analysis process for failures that have the possibility of resulting in harm. The risks of combining FMEA and risk analysis into one process/tool are:

While it is becoming more accepted that combining these tools is not the correct approach, how they are split and what the connections are between them are still open for debate.

To begin with, let’s look at the different components of FMEA as defined in IEC 60812:2018 and Risk Analysis as defined in ISO/TR 24971:2020 (guidance on the application of ISO 14971).

In an FMEA, there are three main components:

In a Risk Analysis, there are four main components:

Two Approaches to Integrating FMEA with Risk Management

1. Equating ‘FMEA’ with a ‘Risk Analysis’

One approach is to equate the components of an FMEA with the components of a risk analysis (i.e., a ‘Local/System Effect’ is the same as a ‘Harm’).

While convenient from a tool perspective, this approach does not align with ISO 14971. Medical devices can only result in Harm if a sequence of events occurs that results in a Hazardous Situation exposing one or more Hazards. The guidance text in ISO/TR 24971:2020 Section 5.4.3 states:

“In cases where a Hazardous Situation only occurs due to a fault, the probability of a fault occurring is not the same as the probability of the occurrence of Harm. A fault can initiate a sequence of events but does not necessarily result in a Hazardous Situation.”

Equating an Effect with a Harm over-simplifies the risk analysis process by making the assumption that all Failures ultimately lead to Harm.

2. Connecting ‘FMEA with ‘Risk Analysis’

Our extensive research, starting from zero, concluded that the connection between FMEA and Risk Analysis is through the ‘Sequence of Events’ component.

FMEA can be conducted and Causes (with associated likelihoods), Failure Modes, and Effects identified. Effects can then be assessed as to whether they have the potential to result in a Hazardous Situation.

Doing this allows us to maintain the work done in FMEA—the analysis of likelihood feeds into (but does not define) the likelihood assessment in the Risk Analysis (the P1 term described in Annex C.1 of ISO 14971:2019 and Figure 1 of ISO/TR 24971:2020, “P1 is the probability of a hazardous situation occurring”). Control measures identified in the FMEA can also be reused in the Risk Analysis assessment should they effectively contribute to lowering the risk. This helps to avoid work being done twice or competing risk control strategies being developed.

Risk management is complex with many considerations. Constant, consistent dialogue, and challenging different methods can help us all improve medical device development. We love talking about risk management, so please join the discussion here—which approach do you like?