EN ISO 14971:2000

SLOVENSKI STANDARD
01-november-2001
1DGRPHãþD
SIST EN 1441:2000
0HGLFLQVNLSULSRPRþNL8SRUDEDREYODGRYDQMDWYHJDQMDSULPHGLFLQVNLK
SULSRPRþNLK,62
Medical devices - Application of risk management to medical devices (ISO 14971:2000)
Medizinprodukte - Anwendung des Risikomanagements auf Medizinprodukte (ISO
14971:2000)
Dispositifs médicaux - Application de la gestion des risques aux dispositifs médicaux
(ISO 14971:2000)
Ta slovenski standard je istoveten z: EN ISO 14971:2000
ICS:
11.040.01 Medicinska oprema na Medical equipment in general
splošno
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN STANDARD
EN ISO 14971
NORME EUROPÉENNE
EUROPÄISCHE NORM
December 2000
ICS 11.040.01 Supersedes EN 1441:1997
English version
Medical devices - Application of risk management to medical
devices (ISO 14971:2000)
Dispositifs médicaux - Application de la gestion des risques Medizinprodukte - Anwendung des Risikomanagements
aux dispositifs médicaux (ISO 14971:2000) auf Medizinprodukte (ISO 14971:2000)
This European Standard was approved by CEN on 3 December 2000, and by CENELEC on 2 May 2001.
CEN/CENELEC members are bound to comply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this
European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such
national standards may be obtained on application to the Management Centre or to any CEN/CENELEC member.
This European Standard exists in three official versions (English, French, German). A version in any other language made by translation
under the responsibility of a CEN/CENELEC member into its own language and notified to the Management Centre has the same status as
the official versions.
CEN/CENELEC members are the national standards bodies and national electrotechnical committees, respectively, of Austria, Belgium,
Czech Republic, Denmark, Finland, France, Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain,
Sweden, Switzerland and United Kingdom.
CEN Management Centre: CENELEC Central Secretariat:
rue de Stassart, 36  B-1050 Brussels rue de Stassart, 35  B-1050 Brussels
© 2000 CEN/CENELEC All rights of exploitation in any form and by any means reserved Ref. No. EN ISO 14971:2000 E
worldwide for CEN national Members and for CENELEC
Members.
Page 2
Foreword
The text of the International Standard ISO 14971:2000 has been prepared by
Technical Committee ISO/TC 210 "Quality management and corresponding general
aspects for medical devices" in collaboration with IEC/SC 62A, CEN Management
Centre (CMC) and CENELEC.
This European Standard supersedes EN 1441:1997, for which the date of withdrawal
is extended. National implementations of EN 1441:1997 shall be withdrawn at the
latest by March 2004.
This European Standard shall be given the status of a national standard, either by
publication of an identical text or by endorsement, at the latest by June 2001, and
conflicting national standards shall be withdrawn at the latest by March 2004.
This European Standard has been prepared under a mandate given to CEN by the
European Commission and the European Free Trade Association, and supports
essential requirements of EU Directive(s).
According to the CEN/CENELEC Internal Regulations, the national standards
organizations of the following countries are bound to implement this European
Standard: Austria, Belgium, Czech Republic, Denmark, Finland, France, Germany,
Greece, Iceland, Ireland, Italy, Luxembourg, Netherlands, Norway, Portugal, Spain,
Sweden, Switzerland and the United Kingdom.
Annexes A to G are informative.
Endorsement notice
The text of the International Standard ISO 14971:2000 was approved by
CEN/CENELEC as a European Standard without any modification.

INTERNATIONAL ISO
STANDARD 14971
First edition
2000-12-15
Medical devices — Application of risk
management to medical devices
Dispositifs médicaux — Application de la gestion des risques aux
dispositifs médicaux
Reference number
ISO 14971:2000(E)
©
ISO 2000
ISO 14971:2000(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not
be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this
file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this
area.
Adobe is a trademark of Adobe Systems Incorporated.
Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters
were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event
that a problem relating to it is found, please inform the Central Secretariat at the address given below.
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic
or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body
in the country of the requester.
ISO copyright office
Case postale 56 � CH-1211 Geneva 20
Tel. + 41 22 749 01 11
Fax + 41 22 749 09 47
E-mail copyright@iso.ch
Web www.iso.ch
Printed in Switzerland
ii © ISO 2000 – All rights reserved

ISO 14971:2000(E)
Contents Page
Foreword.iv
Introduction.v
1 Scope .1
2 Terms and definitions .1
3 General requirements for risk management.4
3.1 National or regional regulatory requirements .4
3.2 Risk management process .4
3.3 Management responsibilities .4
3.4 Qualification of personnel .5
3.5 Risk management plan.5
3.6 Risk management file.6
4 Risk analysis (Steps 1, 2 and 3 of Figure 2) .6
4.1 Risk analysis procedure .6
4.2 Intended use/intended purpose and identification of characteristics related to the safety of the
medical device (Step 1) .6
4.3 Identification of known or foreseeable hazards (Step 2) .8
4.4 Estimation of the risk(s) for each hazard (Step 3) .8
5 Risk evaluation (Step 4).9
6 Risk control (Steps 5 to 10) .9
6.1 Risk reduction.9
6.2 Option analysis (Step 5) .9
6.3 Implementation of risk control measure(s) (Step 6).9
6.4 Residual risk evaluation (Step 7).10
6.5 Risk/benefit analysis (Step 8) .10
6.6 Other generated hazards (Step 9).10
6.7 Completeness of risk evaluation (Step 10).10
7 Overall residual risk evaluation (Step 11).10
8 Risk management report (Step 12).10
9 Post-production information (Step 13) .11
Annex A (informative) Questions that can be used to identify medical device characteristics that could
impact on safety.12
Annex B (informative) Guidance on risk analysis for in vitro diagnostic medical devices.16
Annex C (informative) Guidance on risk analysis procedure for toxicological hazards .17
Annex D (informative) Examples of possible hazards and contributing factors associated with medical
devices.19
Annex E (informative) Risk concepts applied to medical devices .23
Annex F (informative) Information on risk analysis techniques .28
Annex G (informative) Other standards that contain information related to the elements of risk
management described in this International Standard.30
Bibliography.31
ISO 14971:2000(E)
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO
member bodies). The work of preparing International Standards is normally carried out through ISO technical
committees. Each member body interested in a subject for which a technical committee has been established has
the right to be represented on that committee. International organizations, governmental and non-governmental, in
liaison with ISO, also take part in the work. ISO collaborates closely with the International Electrotechnical
Commission (IEC) on all matters of electrotechnical standardization.
International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 3.
Draft International Standards adopted by the technical committees are circulated to the member bodies for voting.
Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote.
Attention is drawn to the possibility that some of the elements of this International Standard may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights.
In the field of risk management for medical devices, Technical Committee ISO/TC 210 and IEC/SC 62A have
established a joint working group, JWG 1, Application of risk management to medical devices.
International Standard ISO 14971 was prepared by ISO/TC 210, Quality management and corresponding general
aspects for medical devices, and Subcommittee IEC/SC 62A, Common aspects of electrical equipment used in
medical practice.
Requirements concerning the risk analysis component of the risk management process were developed first and
published as ISO 14971-1:1998, with the intention that the requirements for risk evaluation, risk control and post-
production information evaluation could be covered in additional part(s), but all the requirements have now been
incorporated into this International Standard.
This first edition of ISO 14971 cancels and replaces ISO 14971-1:1998.
For purposes of future IEC maintenance, Subcommittee 62A has decided that this publication remains valid until
2004. At this date, Subcommittee 62A, in consultation with ISO/TC 210, will decide whether the publication will be
� reconfirmed,
� withdrawn,
� replaced by a revised edition, or
� amended.
Annexes A to G of this International Standard are for information only.
iv © ISO 2000 – All rights reserved

ISO 14971:2000(E)
Introduction
This International Standard should be regarded as a framework for effective management by the manufacturer of
the risks associated with the use of medical devices. The requirements that it contains provide a framework within
which experience, insight and judgement are applied systematically to manage these risks.
As a general concept, activities in which an individual, organization or government is involved can expose those or
other stakeholders to hazards which may cause loss or damage of something they value. Risk management is a
complex subject because each stakeholder places a different value on the probability of harm occurring and on the
detriment that might be suffered on exposure to a hazard.
It is accepted that the concept of risk has two components:
a) the probability of the occurrence of harm, that is, how often the harm may occur;
b) the consequences of that harm, that is, how severe it might be.
The acceptability of a risk to a stakeholder is influenced by these components and by the stakeholder’s perception
of the risk.
These concepts are particularly important in relation to medical devices because of the variety of stakeholders
including medical practitioners, the organizations providing health care, governments, industry, patients and
members of the public.
All stakeholders need to understand that the use of a medical device entails some degree of risk. Factors affecting
each stakeholder’s perception of the risks include the socio-economic and educational background of the society
concerned and the actual and perceived state of health of the patient. The way a risk is perceived also takes into
account, for example, whether exposure to the risk seems to be involuntary, avoidable, from a man-made source,
due to negligence, arising from a poorly understood cause, or directed at a vulnerable group within society. The
decision to embark upon a clinical procedure utilizing a medical device requires the residual risks to be balanced
against the anticipated benefits of the procedure. Such judgements should take into account the intended
use/intended purpose, performance and risks associated with the medical device, as well as the risks and benefits
associated with the clinical procedure or the circumstances of use. Some of these judgements may be made only
by a qualified medical practitioner with knowledge of the state of health of an individual patient or the patient's own
opinion.
As one of the stakeholders, the manufacturer should make judgements relating to the safety of a medical device,
including the acceptability of risks, taking into account the generally accepted state of the art, in order to determine
the probable suitability of a medical device to be placed on the market for its intended use/intended purpose. This
International Standard specifies a procedure by which the manufacturer of a medical device can identify hazards
associated with a medical device and its accessories, estimate and evaluate the risks associated with those
hazards, control those risks and monitor the effectiveness of that control.
For any particular medical device, other International Standards may require the application of specific methods for
controlling risk.
INTERNATIONAL STANDARD ISO 14971:2000(E)
Medical devices — Application of risk management to medical
devices
1 Scope
This International Standard specifies a procedure by which a manufacturer can identify the hazards associated with
medical devices and their accessories, including in vitro diagnostic medical devices, estimate and evaluate the
risks, control these risks and monitor the effectiveness of the control.
The requirements of this International Standard are applicable to all stages of the life cycle of a medical device.
This International Standard does not apply to clinical judgements relating to the use of a medical device.
It does not specify acceptable risk levels.
This International Standard does not require that the manufacturer has a formal quality system in place. However,
risk management can be an integral part of a quality system (see, for example, Table G.1).
2 Terms and definitions
For the purposes of this International Standard, the following terms and definitions apply.
2.1
accompanying document
document accompanying a medical device, or an accessory, and containing important information for the user,
operator, installer or assembler of the medical device particularly regarding safety
NOTE Based on IEC 60601-1:1988, definition 2.1.4.
2.2
harm
physical injury or damage to the health of people, or damage to property or the environment
[ISO/IEC Guide 51:1999, definition 3.1]
2.3
hazard
potential source of harm
[ISO/IEC Guide 51:1999, definition 3.5]
2.4
hazardous situation
circumstance in which people, property or the environment are exposed to one or more hazard(s)
[ISO/IEC Guide 51:1999, definition 3.6]
ISO 14971:2000(E)
2.5
intended use/intended purpose
use of a product, process or service in accordance with the specifications, instructions and information provided by
the manufacturer
2.6
manufacturer
natural or legal person with responsibility for the design, manufacture, packaging or labelling of a medical device,
assembling a system, or adapting a medical device before it is placed on the market and/or put into service,
regardless of whether these operations are carried out by that person himself or on his behalf by a third party
2.7
medical device
any instrument, apparatus, appliance, material or other article, whether used alone or in combination, including the
software necessary for its proper application, intended by the manufacturer to be used for human beings for the
purpose of
� diagnosis, prevention, monitoring, treatment or alleviation of disease,
� diagnosis, monitoring, treatment, alleviation of, or compensation for, an injury or handicap,
� investigation, replacement or modification of the anatomy or of a physiological process,
� control of conception,
and which does not achieve its principal intended action in or on the human body by pharmacological,
immunological or metabolic means, but which may be assisted in its function by such means
[ISO 13485:1996, definition 3.1]
2.8
objective evidence
information which can be proven true, based on facts obtained through observation, measurement, test or other
means
[ISO 8402:1994, definition 2.19]
2.9
procedure
specific way to perform an activity
[ISO 8402:1994, definition 1.3]
2.10
process
set of inter-related resources and activities which transform inputs into outputs
[ISO 8402:1994, definition 1.2]
2.11
record
document which furnishes objective evidence of activities performed or results achieved
[ISO 8402:1994, definition 3.15]
2.12
residual risk
risk remaining after protective measures have been taken
2 © ISO 2000 – All rights reserved

ISO 14971:2000(E)
[ISO/IEC Guide 51:1999, definition 3.9]
2.13
risk
combination of the probability of occurrence of harm and the severity of that harm
[ISO/IEC Guide 51:1999, definition 3.2]
2.14
risk analysis
systematic use of available information to identify hazards and to estimate the risk
[ISO/IEC Guide 51:1999, definition 3.10]
2.15
risk assessment
overall process comprising a risk analysis and a risk evaluation
[ISO/IEC Guide 51:1999, definition 3.12]
2.16
risk control
process through which decisions are reached and protective measures are implemented for reducing risks to, or
maintaining risks within, specified levels
2.17
risk evaluation
judgement, on the basis of risk analysis, of whether a risk which is acceptable has been achieved in a given context
based on the current values of society
NOTE Based on ISO/IEC Guide 51: 1999, definitions 3.11 and 3.7.
2.18
risk management
systematic application of management policies, procedures and practices to the tasks of analyzing, evaluating and
controlling risk
2.19
risk management file
set of records and other documents, not necessarily contiguous, that are produced by a risk management process
2.20
safety
freedom from unacceptable risk
[ISO/IEC Guide 51:1999, definition 3.1]
2.21
severity
measure of the possible consequences of a hazard
2.22
verification
confirmation by examination and provision of objective evidence that specified requirements have been fulfilled
NOTE In design and development, verification concerns the process of examining the result of a given activity to determine
conformity with the stated requirement for that activity.
[ISO 8402:1994, definition 2.17]
ISO 14971:2000(E)
3 General requirements for risk management
3.1 National or regional regulatory requirements
Because of the wide variety of medical devices covered by this International Standard and the different national or
regional regulatory requirements covering those devices, the requirements given in 3.3 and 3.4 apply as
appropriate.
3.2 Risk management process
The manufacturer shall establish and maintain a process for identifying hazards associated with a medical device,
estimating and evaluating the associated risks, controlling these risks and monitoring the effectiveness of the
control. This process shall be documented and shall include the following elements:
� risk analysis;
� risk evaluation;
� risk control; and
� post-production information.
Where a documented product design/development process exists, it shall incorporate the appropriate parts of the
risk management process.
NOTE 1 A documented product design/development process can be used to deal with safety in a systematic manner, in
particular to enable the early identification of hazards in complex systems and environments.
NOTE 2 A schematic representation of the risk management process is shown in Figure 1.
NOTE 3 See the bibliography.
Compliance is checked by inspection of the risk management file.
3.3 Management responsibilities
The manufacturer shall
a) define the policy for determining acceptable risk, taking into account relevant International Standards, and
national or regional regulations,
b) ensure the provision of adequate resources,
c) ensure the assignment of trained personnel (see 3.4) for management, performance of work and assessment
activities, and
d) review the results of risk management activities at defined intervals to ensure continuing suitability and the
effectiveness of the risk management process.
The above shall be documented in the risk management file.
Compliance is checked by inspection of the risk management file.
4 © ISO 2000 – All rights reserved

ISO 14971:2000(E)
Figure 1 — Schematic representation of the risk management process
3.4 Qualification of personnel
The manufacturer shall ensure that those performing risk management tasks include persons with knowledge and
experience appropriate to the tasks assigned to them. This shall include, where appropriate, knowledge and
experience of the medical device and its use and risk management techniques. Records of the appropriate
qualifications shall be maintained.
Compliance is checked by inspection of the appropriate records.
3.5 Risk management plan
For the particular medical device or accessory being considered, the manufacturer shall prepare a risk
management plan in accordance with the risk management process. The risk management plan shall be part of the
risk management file.
This plan shall include the following:
a) the scope of the plan, identifying and describing the medical device and the life cycle phases for which the plan
is applicable;
b) a verification plan;
c) allocation of responsibilities;
ISO 14971:2000(E)
d) requirements for review of risk management activities; and
e) criteria for risk acceptability.
NOTE The criteria for risk acceptability will do much to determine the ultimate effectiveness of the risk management
process. Refer to annex E for guidance on establishing such criteria.
If the plan changes during the life cycle of the medical device, a record of the changes shall be maintained in the
risk management file.
Compliance is checked by inspection of the risk management file.
3.6 Risk management file
For the particular medical device or accessory being considered, the results of all risk management activities shall
be recorded and maintained in the risk management file.
NOTE 1 The records and other documents that make up the risk management file can form part of other documents and files
required, for example, by a manufacturer’s quality management system.
NOTE 2 The risk management file need not physically contain all the documents relating to this International Standard.
However, it should contain at least references or pointers to all required documentation. The manufacturer should be able to
assemble the information referenced in the risk management file in a timely fashion.
4Riskanalysis (Steps 1, 2 and 3 of Figure 2)
4.1 Risk analysis procedure
Risk analysis, as described in 4.2 to 4.4, shall be performed and the conduct and results of the risk analysis shall
be recorded in the risk management file.
NOTE If a risk analysis is available for a similar medical device, it may be used as a reference provided it can be
demonstrated that the processes are similar or that the changes that have been made will not introduce significant differences in
results. This should be based on a systematic evaluation of the changes and the ways they can influence the various hazards
present.
In addition to the records required in 4.2 to 4.4, the documentation of the conduct and results of the risk analysis
shall include at least the following:
a) a description and identification of the medical device or accessory that was analysed;
b) identification of the person(s) and organization which carried out the risk analysis;
c) date of the analysis.
Compliance is checked by inspection of the risk management file.
4.2 Intended use/intended purpose and identification of characteristics related to the safety of
the medical device (Step 1)
For the particular medical device or accessory being considered, the manufacturer shall describe the intended
use/intended purpose and any reasonably foreseeable misuse. The manufacturer shall list all those qualitative and
quantitative characteristics that could affect the safety of the medical device and, where appropriate, their defined
limits (see Note 1). These records shall be maintained in the risk management file.
NOTE 1 Annex A contains questions that can serve as a useful guide in drawing up such a list.
NOTE 2 Additional guidance on risk analysis techniques for in vitro diagnostic medical devices is given in annex B.
NOTE 3 Additional guidance on risk analysis techniques for toxicological hazards is given in annex C.
Compliance is checked by inspection of the risk management file.
6 © ISO 2000 – All rights reserved

ISO 14971:2000(E)
Figure 2 — Overview of risk management activities as applied to medical devices
ISO 14971:2000(E)
4.3 Identification of known or foreseeable hazards (Step 2)
The manufacturer shall compile a list of known or foreseeable hazards associated with the medical device in both
normal and fault conditions. Previously recognized hazards shall be identified. This list shall be maintained in the
risk management file.
Foreseeable sequences of events that may result in a hazardous situation shall be considered and recorded.
NOTE 1 The examples of possible hazards listed in annex D, and in clause B.2 for in vitro diagnostic medical devices, can
be used as an aide-memoire.
NOTE 2 To identify hazards not previously recognized, systematic methods covering the specific situation can be used (see
annex F).
Compliance is checked by inspection of the risk management file.
4.4 Estimation of the risk(s) for each hazard (Step 3)
For each identified hazard, the risk(s) in both normal and fault conditions shall be estimated using available
information or data. For hazards for which the probability of the occurrence of harm cannot be estimated, a listing of
the possible consequences of the hazard shall be prepared. The estimate of the risk(s) shall be recorded in the risk
management file.
Any system used for qualitative or quantitative categorization of probability estimates or severity levels shall be
recorded in the risk management file.
NOTE 1 Risk estimation incorporates an analysis of the probability of occurrence and the consequences. Depending on the
area of application, only certain elements of the risk estimation process may need to be considered. For example, in some
instances it will not be necessary to go beyond an initial hazard and consequence analysis.
NOTE 2 Risk estimation can be quantitative or qualitative. Methods of risk estimation including those resulting from
systematic faults, are described in annex E. Clause B.3 gives information useful for estimating risks for in vitro diagnostic
medical devices.
NOTE 3 Some techniques that can be used for analysis of risks are described in annex F.
NOTE 4 Information or data for estimating risks can be obtained, for example, from
� published standards,
� scientific technical data,
� field data from similar medical devices already in use including published reported incidents,
� usability tests employing typical users,
� clinical evidence,
� results of appropriate investigations,
� expert opinion,
� external quality assessment schemes.
Compliance is checked by inspection of the risk management file.
8 © ISO 2000 – All rights reserved

ISO 14971:2000(E)
5 Risk evaluation (Step 4)
For each identified hazard, the manufacturer shall decide, using the criteria defined in the risk management plan,
whether the estimated risk(s) is so low that risk reduction need not be pursued. In this case, the requirements given
in 6.2 to 6.6 do not apply for this hazard (i.e. proceed to 6.7). The results of this risk evaluation shall be recorded in
the risk management file.
NOTE 1 Guidance for deciding on risk acceptability is given in clause E.3.
NOTE 2 Application of relevant standards as part of the medical device design criteria might constitute risk control activities,
thus necessitating application of the requirements given in 6.3 to 6.6.
Compliance is checked by inspection of the risk management file.
6 Risk control (Steps 5 to 10)
6.1 Risk reduction
When risk reduction is required, the manufacturer shall follow the process specified in 6.2 to 6.7 to control the
risk(s) so that the residual risk(s) associated with each hazard is judged acceptable.
6.2 Option analysis (Step 5)
The manufacturer shall identify risk control measure(s) that are appropriate for reducing the risk(s) to an acceptable
level. Risk control shall consist of an integrated approach in which the manufacturer shall use one or more of the
following in the priority order listed:
a) inherent safety by design;
b) protective measures in the medical device itself or in the manufacturing process;
c) information for safety.
NOTE 1 Measures of risk control can reduce the severity of the potential harm or reduce the probability of occurrence of the
harm, or both.
NOTE 2 Technical standards address inherent, protective and descriptive safety for many medical devices. These should be
consulted as part of the risk management process. See also annex G.
The risk control measures selected shall be recorded in the risk management file.
If, during option analysis, the manufacturer determines that further risk reduction is impractical, the manufacturer
shall conduct a risk/benefit analysis of the residual risk (see 6.5); otherwise, the manufacturer shall proceed to
implement the selected risk control measures.
Compliance is checked by inspection of the risk management file.
6.3 Implementation of risk control measure(s) (Step 6)
The manufacturer shall implement the risk control measure(s) selected in 6.2. The measure(s) used to control the
risks shall be recorded in the risk management file.
The effectiveness of the risk control measures shall be verified and the results of the verification shall be recorded
in the risk management file.
Implementation of the risk control measures shall be verified. This verification shall also be recorded in the risk
management file.
ISO 14971:2000(E)
Compliance is checked by inspection of the risk management file.
6.4 Residual risk evaluation (Step 7)
Any residual risk that remains after the risk control measure(s) are applied shall be evaluated using the criteria
defined in the risk management plan. The results of this evaluation shall be recorded in the risk management file.
If the residual risk does not meet these criteria, further risk control measures shall be applied (see 6.2).
If the residual risk is judged acceptable, then all relevant information necessary to explain the residual risk(s) shall
be placed in the appropriate accompanying documents supplied by the manufacturer.
Compliance is checked by inspection of the risk management file and the accompanying documents.
6.5 Risk/benefit analysis (Step 8)
If the residual risk is judged unacceptable using the criteria established in the risk management plan and further
risk control is impractical, the manufacturer shall gather and review data and literature on the medical benefits of
the intended use/intended purpose to determine if they outweigh the residual risk. If this evidence does not support
the conclusion that the medical benefits outweigh the residual risk, then the risk remains unacceptable. If the
medical benefits outweigh the residual risk, then proceed to 6.6. Relevant information necessary to explain the
residual risk shall be placed in the appropriate accompanying documents supplied by the manufacturer. The results
of this evaluation shall be recorded in the risk management file.
Compliance is checked by inspection of the risk management file and the accompanying documents.
6.6 Other generated hazards (Step 9)
The risk control measures shall be reviewed to identify if other hazards are introduced. If any new hazards are
introduced by any risk control measures, the associated risk(s) shall be assessed (see 4.4). The results of this
review shall be recorded in the risk management file.
Compliance is checked by inspection of the risk management file.
6.7 Completeness of risk evaluation (Step 10)
The manufacturer shall assure that the risk(s) from all identified hazards have been evaluated. The results of this
assessment shall be recorded in the risk management file.
Compliance is checked by inspection of the risk management file.
7 Overall residual risk evaluation (Step 11)
After all risk control measures have been implemented and verified, the manufacturer shall decide if the overall
residual risk posed by the medical device is acceptable using the criteria defined in the risk management plan. If
the overall residual risk is judged unacceptable using the criteria established in the risk management plan, the
manufacturer shall gather and review data and literature on the medical benefits of the intended use/intended
purpose to determine if they outweigh the overall residual risk. If this evidence does not support the conclusion that
the medical benefits outweigh the overall residual risk, then the risk remains unacceptable. The results of the
overall residual risk evaluation shall be recorded in the risk management file.
Compliance is checked by inspection of the risk management file.
8 Risk management report (Step 12)
The results of the risk management process shall be recorded in a risk management report. The risk management
report shall provide traceability for each hazard to the risk analysis, the risk evaluation, the implementation and
10 © ISO 2000 – All rights reserved

ISO 14971:2000(E)
verification of the risk control measures, and the assessment that the residual risk(s) is acceptable. The risk
management report shall form part of the risk management file.
NOTE This report may be held on paper or on electronic media.
Compliance is checked by inspection of the risk management report.
9 Post-production information (Step 13)
The manufacturer shall establish and maintain a systematic procedure to review information gained about the
medical device or similar devices in the post-production phase. The information shall be evaluated for possible
relevance to safety, especially the following:
a) if previously unrecognized hazards are present;
b) if the estimated risk(s) arising from a hazard is no longer acceptable;
c) if the original assessment is otherwise invalidated.
If any of the above conditions is satisfied, the results of the evaluation shall be fed back as an input to the risk
management process (see 4.4).
In the light of this safety relevant information, a review of the appropriate steps of risk management process for the
medical device shall be considered. If there is a potential that the residual risk(s) or its acceptability has changed,
the impact on previously implemented risk control measures shall be evaluated.
The results of this evaluation shall be recorded in the risk management file.
NOTE 1 Some aspects of post-production monitoring are the subject of national or regional regulations. In some cases,
additional measures, e.g. prospective post-production evaluations, might be required.
NOTE 2 See also 4.14 of ISO 13485:1996.
NOTE 3 Information may be found at any stage of the medical device life cycle from inception to post-production phases.
Compliance is checked by inspection of the risk management process documentation and the risk management
file.
ISO 14971:2000(E)
Annex A
(informative)
Questions that can be used to identify medical device characteristics that
could impact on safety
A.1 General
The first step in identifying hazards is to analyse the medical device for characteristics that could affect safety. One
way of doing this is to ask a series of questions concerning the manufacture, use and ultimate disposal of the
medical device. If one asks these questions from the point of view of all the individuals involved (e.g. users,
maintainers, patients, etc.), a more complete picture may emerge of where the potential hazards can be found. The
following questions can aid the reader in identifying all the potential hazards of the medical device being analysed.
The list is not exhaustive, and the reader is cautioned to add questions that may have applicability to the particular
medical device.
A.2 Questions
A.2.1 What is the intended use/intended purpose and how is the medical device to be used?
Factors that should be considered include the intended user, the mental and physical abilities, skill and training of
the user, ergonomic aspects, the environment in which it is to be used, by whom it will be installed and whether the
patient can control or influence the use of the medical device. Special attention should be paid to intended users
with special needs such as handicapped persons, the elderly and children. Their special needs might include
assistance by another person to enable the use of a medical device. Is the medical device intended to be used by
individuals with various skill levels and cultural backgrounds?
What role is the medical device intended to play in the diagnosis, prevention, monitoring, treatment or alleviation of
disease, compensation for injury or handicap, replacement or modification of anatomy, or control of conception? Is
the medical device life sustaining or life supporting? Is special intervention necessary in the case of failure of the
medical device? Are there special concerns about interface design features that could contribute to inadvertent use
error (see A.27)?
A.2.2 Is the medical device intended to contact the patient or other persons?
Factors that should be considered include the nature of the intended contact, i.e. surface contact, invasive contact,
and/or implantation and, for each, the period and frequency of contact.
A.2.3 What materials and/or components are incorporated in the medical device or are used with,
or are in contact with, the medical device?
Factors that should be considered include whether characteristics relevant to safety are known.
A.2.4 Is energy delivered to and/or extracted from the patient?
Factors that should be considered include the type of energy transferred and its control, quality, quantity and
duration.
12 © ISO 2000 – All rights reserved

ISO 14971:2000(E)
A.2.5 Are substances delivered to and/or extracted from the patient?
Factors that should be considered include whether the substance is delivered or extracted, whether it is a single
substance or range of substances, the maximum and minimum transfer rates and control thereof.
A.2.6 Are biological materials processed by the medical device for subsequent re-use?
Factors that should be considered include the type of process and substance(s) processed (e.g. auto-transfusion,
dialysis).
A.2.7 Is the medical device supplied sterile or intended to be sterilized by the user, or are other
microbiological controls applicable?
Factors that should be considered include whether the medical device is intended for single-use or to be re-usable,
and also any packaging, the shelf-life and any limitation on the number of re-use cycles or type of sterilization
process to be used.
A.2.8 Is the medical device intended to be routinely cleaned and disinfected by the user?
Factors that should be considered include the types of cleaning or disinfecting agents to be used and any
limitations on the number of cleaning cycles. In addition, the design of the medical device can influence the
effectiveness of routine cleaning and disinfection.
A.2.9 Is the medical device intended to modify the patient
...