Risk Management Specialist | Skills Pool
Risk Management Specialist Medical device risk management specialist implementing ISO 14971 throughout product lifecycle. Provides risk analysis, risk evaluation, risk control, and post-production information analysis. Use when user mentions risk management, ISO 14971, risk analysis, FMEA, fault tree analysis, hazard identification, risk control, risk matrix, benefit-risk analysis, residual risk, risk acceptability, or post-market risk.
prefrontalsys 0 星標 2026年4月16日
ISO 14971:2019 risk management implementation throughout the medical device lifecycle.
Table of Contents
快速安裝
Risk Management Specialist npx skillvault add prefrontalsys/prefrontalsys-ccplugins-plugins-skill-ecosystem-ra-qm-team-risk-management-specialist-skill-md
作者 prefrontalsys
星標 0
更新時間 2026年4月16日
職業
Risk Management Planning Workflow Establish risk management process per ISO 14971.
Workflow: Create Risk Management Plan
Define scope of risk management activities:
Medical device identification
Lifecycle stages covered
Applicable standards and regulations
Establish risk acceptability criteria:
Define probability categories (P1-P5)
Define severity categories (S1-S5)
Create risk matrix with acceptance thresholds
Assign responsibilities:
Risk management lead
Subject matter experts
Approval authorities
Define verification activities:
Methods for control verification
Acceptance criteria
Plan production and post-production activities:
Information sources
Review triggers
Update procedures
Obtain plan approval
Establish risk management file
Validation: Plan approved; acceptability criteria defined; responsibilities assigned; file established
Risk Management Plan Content Section Content Evidence Scope Device and lifecycle coverage Scope statement Criteria Risk acceptability matrix Risk matrix document Responsibilities Roles and authorities RACI chart Verification Methods and acceptance Verification plan Production/Post-Production Monitoring activities Surveillance plan
Risk Acceptability Matrix (5x5) Probability \ Severity Negligible Minor Serious Critical Catastrophic Frequent (P5) Medium High High Unacceptable Unacceptable Probable (P4) Medium Medium High High Unacceptable Occasional (P3) Low Medium Medium High High Remote (P2) Low Low Medium Medium High Improbable (P1) Low Low Low Medium Medium
Risk Level Actions Level Acceptable Action Required Low Yes Document and accept Medium ALARP Reduce if practicable; document rationale High ALARP Reduction required; demonstrate ALARP Unacceptable No Design change mandatory
Risk Analysis Workflow Identify hazards and estimate risks systematically.
Workflow: Conduct Risk Analysis
Define intended use and reasonably foreseeable misuse:
Medical indication
Patient population
User population
Use environment
Select analysis method(s):
FMEA for component/function analysis
FTA for system-level analysis
HAZOP for process deviations
Use Error Analysis for user interaction
Identify hazards by category:
Energy hazards (electrical, mechanical, thermal)
Biological hazards (bioburden, biocompatibility)
Chemical hazards (residues, leachables)
Operational hazards (software, use errors)
Determine hazardous situations:
Sequence of events
Foreseeable misuse scenarios
Single fault conditions
Estimate probability of harm (P1-P5)
Estimate severity of harm (S1-S5)
Document in hazard analysis worksheet
Validation: All hazard categories addressed; all hazards documented; probability and severity assigned
Hazard Categories Checklist Category Examples Analyzed Electrical Shock, burns, interference ☐ Mechanical Crushing, cutting, entrapment ☐ Thermal Burns, tissue damage ☐ Radiation Ionizing, non-ionizing ☐ Biological Infection, biocompatibility ☐ Chemical Toxicity, irritation ☐ Software Incorrect output, timing ☐ Use Error Misuse, perception, cognition ☐ Environment EMC, mechanical stress ☐
Analysis Method Selection Situation Recommended Method Component failures FMEA System-level failure FTA Process deviations HAZOP User interaction Use Error Analysis Software behavior Software FMEA Early design phase PHA
Probability Criteria Level Name Description Frequency P5 Frequent Expected to occur >10⁻³ P4 Probable Likely to occur 10⁻³ to 10⁻⁴ P3 Occasional May occur 10⁻⁴ to 10⁻⁵ P2 Remote Unlikely 10⁻⁵ to 10⁻⁶ P1 Improbable Very unlikely <10⁻⁶
Severity Criteria Level Name Description Harm S5 Catastrophic Death Death S4 Critical Permanent impairment Irreversible injury S3 Serious Injury requiring intervention Reversible injury S2 Minor Temporary discomfort No treatment needed S1 Negligible Inconvenience No injury
Risk Evaluation Workflow Evaluate risks against acceptability criteria.
Workflow: Evaluate Identified Risks
Calculate initial risk level from probability × severity
Compare to risk acceptability criteria
For each risk, determine:
Acceptable: Document and accept
ALARP: Proceed to risk control
Unacceptable: Mandatory risk control
Document evaluation rationale
Identify risks requiring benefit-risk analysis
Complete benefit-risk analysis if applicable
Compile risk evaluation summary
Validation: All risks evaluated; acceptability determined; rationale documented
Risk Evaluation Decision Tree Risk Estimated
│
▼
Apply Acceptability Criteria
│
├── Low Risk ──────────► Accept and document
│
├── Medium Risk ───────► Consider risk reduction
│ │ Document ALARP if not reduced
│ ▼
│ Practicable to reduce?
│ │
│ Yes──► Implement control
│ No───► Document ALARP rationale
│
├── High Risk ─────────► Risk reduction required
│ │ Must demonstrate ALARP
│ ▼
│ Implement control
│ Verify residual risk
│
└── Unacceptable ──────► Design change mandatory
Cannot proceed without control
ALARP Demonstration Requirements Criterion Evidence Required Technical feasibility Analysis of alternative controls Proportionality Cost-benefit of further reduction State of the art Comparison to similar devices Stakeholder input Clinical/user perspectives
Benefit-Risk Analysis Triggers Situation Benefit-Risk Required Residual risk remains high Yes No feasible risk reduction Yes Novel device Yes Unacceptable risk with clinical benefit Yes All risks low No
Risk Control Workflow Implement and verify risk control measures.
Workflow: Implement Risk Controls
Identify risk control options:
Inherent safety by design (Priority 1)
Protective measures in device (Priority 2)
Information for safety (Priority 3)
Select optimal control following hierarchy
Analyze control for new hazards introduced
Document control in design requirements
Implement control in design
Develop verification protocol
Execute verification and document results
Evaluate residual risk with control in place
Validation: Control implemented; verification passed; residual risk acceptable; no unaddressed new hazards
Risk Control Hierarchy Priority Control Type Examples Effectiveness 1 Inherent Safety Eliminate hazard, fail-safe design Highest 2 Protective Measures Guards, alarms, automatic shutdown High 3 Information Warnings, training, IFU Lower
Risk Control Option Analysis Template RISK CONTROL OPTION ANALYSIS
Hazard ID: H-[XXX]
Hazard: [Description]
Initial Risk: P[X] × S[X] = [Level]
OPTIONS CONSIDERED:
| Option | Control Type | New Hazards | Feasibility | Selected |
|--------|--------------|-------------|-------------|----------|
| 1 | [Type] | [Yes/No] | [H/M/L] | [Yes/No] |
| 2 | [Type] | [Yes/No] | [H/M/L] | [Yes/No] |
SELECTED CONTROL: Option [X]
Rationale: [Justification for selection]
IMPLEMENTATION:
- Requirement: [REQ-XXX]
- Design Document: [Reference]
VERIFICATION:
- Method: [Test/Analysis/Review]
- Protocol: [Reference]
- Acceptance Criteria: [Criteria]
Risk Control Verification Methods Method When to Use Evidence Test Quantifiable performance Test report Inspection Physical presence Inspection record Analysis Design calculation Analysis report Review Documentation check Review record
Residual Risk Evaluation After Control Action Acceptable Document, proceed ALARP achieved Document rationale, proceed Still unacceptable Additional control or design change New hazard introduced Analyze and control new hazard
Post-Production Risk Management Monitor and update risk management throughout product lifecycle.
Workflow: Post-Production Risk Monitoring
Identify information sources:
Customer complaints
Service reports
Vigilance/adverse events
Literature monitoring
Clinical studies
Establish collection procedures
Define review triggers:
New hazard identified
Increased frequency of known hazard
Serious incident
Regulatory feedback
Analyze incoming information for risk relevance
Update risk management file as needed
Communicate significant findings
Conduct periodic risk management review
Validation: Information sources monitored; file current; reviews completed per schedule
Source Information Type Review Frequency Complaints Use issues, failures Continuous Service Field failures, repairs Monthly Vigilance Serious incidents Immediate Literature Similar device issues Quarterly Regulatory Authority feedback As received Clinical PMCF data Per plan
Risk Management File Update Triggers Trigger Response Time Action Serious incident Immediate Full risk review New hazard identified 30 days Risk analysis update Trend increase 60 days Trend analysis Design change Before implementation Impact assessment Standards update Per transition period Gap analysis
Periodic Review Requirements Review Element Frequency Risk management file completeness Annual Risk control effectiveness Annual Post-market information analysis Quarterly Risk-benefit conclusions Annual or on new data
Risk Assessment Templates → See references/risk-assessment-templates.md for details
Decision Frameworks
Risk Control Selection What is the risk level?
│
├── Unacceptable ──► Can hazard be eliminated?
│ │
│ Yes─┴─No
│ │ │
│ ▼ ▼
│ Eliminate Can protective
│ hazard measure reduce?
│ │
│ Yes─┴─No
│ │ │
│ ▼ ▼
│ Add Add warning
│ protection + training
│
└── High/Medium ──► Apply hierarchy
starting at Level 1
New Hazard Analysis Question If Yes If No Does control introduce new hazard? Analyze new hazard Proceed Is new risk higher than original? Reject control option Acceptable trade-off Can new hazard be controlled? Add control Reject control option
Risk Acceptability Decision Condition Decision All risks Low Acceptable Medium risks with ALARP Acceptable High risks with ALARP documented Acceptable if benefits outweigh Any Unacceptable residual Not acceptable - redesign
Scripts Risk Matrix Calculator Features:
ISO 14971 5x5 risk matrix calculation
FMEA RPN (Risk Priority Number) calculation
Interactive mode for guided assessment
Display risk criteria definitions
JSON output for integration
References
Quick Reference: ISO 14971 Process Stage Key Activities Output Planning Define scope, criteria, responsibilities Risk Management Plan Analysis Identify hazards, estimate risk Hazard Analysis Evaluation Compare to criteria, ALARP assessment Risk Evaluation Control Implement hierarchy, verify Risk Control Records Residual Overall assessment, benefit-risk Risk Management Report Production Monitor, review, update Updated RM File
02
Risk Management Planning Workflow
金融同投資
Energy Procurement Codified expertise for electricity and gas procurement, tariff optimization, demand charge management, renewable PPA evaluation, and multi-facility energy cost management. Informed by energy procurement managers with 15+ years experience at large commercial and industrial consumers. Includes market structure analysis, hedging strategies, load profiling, and sustainability reporting frameworks. Use when procuring energy, optimizing tariffs, managing demand charges, evaluating PPAs, or developing energy strategies.
金融同投資
Carrier Relationship Management Codified expertise for managing carrier portfolios, negotiating freight rates, tracking carrier performance, allocating freight, and maintaining strategic carrier relationships. Informed by transportation managers with 15+ years experience. Includes scorecarding frameworks, RFP processes, market intelligence, and compliance vetting. Use when managing carriers, negotiating rates, evaluating carrier performance, or building freight strategies.