MDRM 2011 Agenda

Untitled Document


8:00 a.m. – 9:00 a.m.

Registration and Continental Breakfast

9:00 a.m. – 10:15 a.m.

Workshop Introduction and Concepts of Risk Management Overview

  • The fundamentals of medical device risk management
    • Define common risk factors
    • Create a Consequence Diagram and extend it to multiple levels to build a Decision Tree
  • Components of risk and potential problems to consider
    • The neonatal heal warmer example: an illustration of a Risk Analysis Procedure
  • Definitions from ISO 14971:2007
    • Discuss the ISO definition of a hazard and recognize 3 examples the FDA identifies
    • How the FDA categorizes potential harm and when it is time to consider the risks
    • Where is the line drawn — how the FDA measures the severity of a risk and what the different levels of seriousness are
    • Risk defined: Identify the probability or harm and the serenity of negative consequences that affect human life
    • Assess the probability of a risk occurring and the formal definition used along with 4 examples to explain the measurement

10:15 a.m. – 10:30 a.m.


10:30 a.m. – 11:00 a.m.

Importance of Risk Management — This exercise allows for an exchange of ideas among participants. They will discuss why risk is important and provide an example of failed risk management. They will discuss the various approaches their firm takes to recognize the amount of impact and loss by developing three bullet points that describe the approach.

11:00 a.m. – 11:30 a.m.

The Regulatory Structure: The Current Status of ISO 14971:2007 and Beyond

  • ISO 14971:2007 as the current standard
    • Learn about the updates that have been made since the publication of ISO 14971:2003
    • Follow the development of ISO 14971:2007 and understand the new requirements
    • Outline the steps in the 2007 Risk Management Process and learn about the new steps added since the 2000 version was standardized
  • The Risk Management Requirements in FDA’s QSR — Design Validation
    • Determine the 3 important guidances that add to the risk management foundation and are located in the guidance documents
    • Recognized consensus standards — What is a declaration of conformity?
  • The Risk Management requirements in ISO 13485:2003
    • Where to find the harmonized standards to the Medical Device Directive
    • Understand the EN ISO 14971 Status and the EN ISO 13485 Status
  • Global Harmonization Task Force: Two important and monumental documents
    • Implementation of risk management principles and activities within a Quality Management System
    • Explore the purpose of the GHTF and review and identify the four phases of risk
    • Highlight the two most important elements within the document
    • Identify Essential Principles of Safety and Performance of Medical Devices
  • Review FDA warning letters
  • Evaluate examples from companies that failed to address and design a valid risk analysis

11:30 a.m. – 12:00 p.m.

Understanding ISO 14971:2007 (Part 1)

  • Overview of the evolution and structure of ISO 14971:2007
    • Recall the recent changes and additions to the new risk management process
    • Understand the risk management process: Where the two new steps fit into the risk management process
  • Explore the parts of a risk management plan: scope, responsibility, review, risk acceptability, risk verification, production activity, post-production activity
  • How to create and administer a risk management file — think of it as your risk management file cabinet
  • Analysis of clauses 4–9 in ISO 14971
    • Ways to create a risk analysis (Clause 4)
    • Outline a risk evaluation (Clause 5)
    • Determine whether a risk reduction is required (Clause 6)
    • Highlight the importance of a Residual Risk Evaluation (Clause 7)
    • Learn about the report on risk management of a device (Clause 8)
    • Look at production and post-production information (Clause 9)
  • Components of Risk — How to measure risk through hazards that create harm

12:00 p.m. – 1:00 p.m.

Lunch Break

1:00 p.m. – 1:30 p.m.

Understanding ISO 14971:2007 (Part 2)

Conclusion of Understanding ISO 14971:2007

1:30 p.m. – 2:30 p.m.

Building a Risk Management File That Meets ISO Requirements (Part 1)

  • Understanding the purpose and contents of a risk management file
    • Assuring the file contains pointers to all relevant documents
    • Organizing documents by hazard and cause
    • Auditing the risk management file
  • Risk Management Planning
    • Explore the role of the Risk Management Plan and learn the scope of the plan
    • Designating someone to be responsible for the plan: qualifications for performing risk management tasks, RASI Matrix and example
    • 2 most important sets of criteria for risk acceptability
    • Accessing risk severity and probability
    • Monitoring residual risk evaluations
    • 2 significant verification activities provided in the standard
    • Post-production activity: how to collect data and review
  • Risk Assessment
    • 2 parts of risk assessment: risk analysis and risk evaluation
    • Tips to develop a systematic approach to determine risk
    • Different components of risk
    • How to identify hazards – 5 standard methods to conduct risk analysis (PHA, FTA, FMEA, HAZOP, HACCP)
    • Understand how to score risks — how to use severity and probability

2:30 p.m. – 2:45 p.m.


2:45 p.m. – 3:45 p.m.

The Risk Management Plan — Participants will develop various sections of the plan based on the contents of a file as defined in ISO 14971. They will first develop a risk matrix. They will then define the structure of their matrix and include a description of each part. Finally they will devise a plan for data collection, analysis and use of production and post-production and discuss how to incorporate it into the risk management file.

3:45 p.m. – 4:30 p.m.

Building a Risk Management File That Meets ISO Requirements (Part 2)

  • Risk Control
    • Conducting a risk control completeness check
    • Implementing risk controls: strategies for verification and how to apply the RASI matrix
  • Residual Risk Evaluation
    • Determining medical benefit versus risk
    • 7 tips for disclosing overall risk
  • Risk Management Report
    • Strategies for reviewing the risk management process to ensure complete reports
    • 9 checklist items all reports should have
  • Production and Post–production Information
    • Review the production phase and the post–production phase
    • Evaluating final hazards and corrective processes to put in place

4:30 p.m.

Session Wrap-up, End of Day One


8:30 a.m. – 9:00 a.m.

Continental Breakfast

9:00 a.m. – 10:00 a.m.

The Risk Management Report — This is a set of exercises designed to illustrate the sections of the report. Participants will develop various sections of the report based on the contents defined in ISO 14971. They will begin with deciding on someone to prepare the report. Then they will compose a checklist that acts as a guideline in reviewing the risk management plan. Finally, they will explore more about the residual risk evaluation.

10:00 a.m. – 10:30 a.m.

Team Management and the Risk Management Tools

  • Learn how to organize a team
    • Tips for determining the most effective team leader
    • How to appoint a facilitator, scribe and presenter
    • Team member roles and dynamics

10:30 a.m. – 10:45 a.m.


10:45 a.m. – 12:00 p.m.

Digging Deep Into the Risk Management Tool Kit

  • Preliminary Hazard Analysis (PHA)
    • What is PHA and how can it be best used
    • Developing a PHA worksheet
    • Sources of hazards using PHAs
    • Applying Annex C and the GHTF guidance to PHAs
  • Hazard and Operability Studies (HAZOP)
    • Procedures for HAZOP
    • Developing a worksheet for HAZOP
    • Significant parameters for HAZOP
  • Hazard Analysis and Critical Control Points (HACCP)
    • Using HACCP to conduct risk assessments on processes that identify hazards, establishes and monitors controls
  • Failure Modes, Effects and Criticality Analysis (FMECA)
    • Applications to discover known and probable failures in products and the failure impact
  • Fault Tree Analysis (FTA)
    • Best practices for using this qualitative and structured deductive tool used to define a particular event and its causes
  • Event Tree Analysis (ETA)
    • Best practices for using this qualitative and structured inductive tool that examines the impact and interactions of an incident

12:00 p.m. – 1:00 p.m.

Lunch Break

1:00 p.m. – 2:30 p.m.

Applying Risk Management Tools in Real World Situations — Attendees will work together and with the presenter to use risk management tools in a collaborative setting. Participants will choose one tool most applicable to their business setting.

2:30 p.m. – 2:45 p.m.


2:45 p.m. – 4:15 p.m.

Applying Risk Management Tools in Real-World Situations — Attendees will work together and with the presenter to use risk management tools in a collaborative setting. Participants will choose a different tool and apply it to their business setting.

4:15 p.m. – 4:30 p.m.

Summary, Conclusions and Lessons Learned

4:30 p.m.

Adjourn Workshop