risk-management-specialist

Risk Management Specialist

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "risk-management-specialist" with this command: npx skills add alirezarezvani/claude-skills/alirezarezvani-claude-skills-risk-management-specialist

Risk Management Specialist

ISO 14971:2019 risk management implementation throughout the medical device lifecycle.

Table of Contents

  • Risk Management Planning Workflow

  • Risk Analysis Workflow

  • Risk Evaluation Workflow

  • Risk Control Workflow

  • Post-Production Risk Management

  • Risk Assessment Templates

  • Decision Frameworks

  • Tools and References

Risk Management Planning Workflow

Establish risk management process per ISO 14971.

Workflow: Create Risk Management Plan

  • Define scope of risk management activities:

  • Medical device identification

  • Lifecycle stages covered

  • Applicable standards and regulations

  • Establish risk acceptability criteria:

  • Define probability categories (P1-P5)

  • Define severity categories (S1-S5)

  • Create risk matrix with acceptance thresholds

  • Assign responsibilities:

  • Risk management lead

  • Subject matter experts

  • Approval authorities

  • Define verification activities:

  • Methods for control verification

  • Acceptance criteria

  • Plan production and post-production activities:

  • Information sources

  • Review triggers

  • Update procedures

  • Obtain plan approval

  • Establish risk management file

  • Validation: Plan approved; acceptability criteria defined; responsibilities assigned; file established

Risk Management Plan Content

Section Content Evidence

Scope Device and lifecycle coverage Scope statement

Criteria Risk acceptability matrix Risk matrix document

Responsibilities Roles and authorities RACI chart

Verification Methods and acceptance Verification plan

Production/Post-Production Monitoring activities Surveillance plan

Risk Acceptability Matrix (5x5)

Probability \ Severity Negligible Minor Serious Critical Catastrophic

Frequent (P5) Medium High High Unacceptable Unacceptable

Probable (P4) Medium Medium High High Unacceptable

Occasional (P3) Low Medium Medium High High

Remote (P2) Low Low Medium Medium High

Improbable (P1) Low Low Low Medium Medium

Risk Level Actions

Level Acceptable Action Required

Low Yes Document and accept

Medium ALARP Reduce if practicable; document rationale

High ALARP Reduction required; demonstrate ALARP

Unacceptable No Design change mandatory

Risk Analysis Workflow

Identify hazards and estimate risks systematically.

Workflow: Conduct Risk Analysis

  • Define intended use and reasonably foreseeable misuse:

  • Medical indication

  • Patient population

  • User population

  • Use environment

  • Select analysis method(s):

  • FMEA for component/function analysis

  • FTA for system-level analysis

  • HAZOP for process deviations

  • Use Error Analysis for user interaction

  • Identify hazards by category:

  • Energy hazards (electrical, mechanical, thermal)

  • Biological hazards (bioburden, biocompatibility)

  • Chemical hazards (residues, leachables)

  • Operational hazards (software, use errors)

  • Determine hazardous situations:

  • Sequence of events

  • Foreseeable misuse scenarios

  • Single fault conditions

  • Estimate probability of harm (P1-P5)

  • Estimate severity of harm (S1-S5)

  • Document in hazard analysis worksheet

  • Validation: All hazard categories addressed; all hazards documented; probability and severity assigned

Hazard Categories Checklist

Category Examples Analyzed

Electrical Shock, burns, interference ☐

Mechanical Crushing, cutting, entrapment ☐

Thermal Burns, tissue damage ☐

Radiation Ionizing, non-ionizing ☐

Biological Infection, biocompatibility ☐

Chemical Toxicity, irritation ☐

Software Incorrect output, timing ☐

Use Error Misuse, perception, cognition ☐

Environment EMC, mechanical stress ☐

Analysis Method Selection

Situation Recommended Method

Component failures FMEA

System-level failure FTA

Process deviations HAZOP

User interaction Use Error Analysis

Software behavior Software FMEA

Early design phase PHA

Probability Criteria

Level Name Description Frequency

P5 Frequent Expected to occur

10⁻³

P4 Probable Likely to occur 10⁻³ to 10⁻⁴

P3 Occasional May occur 10⁻⁴ to 10⁻⁵

P2 Remote Unlikely 10⁻⁵ to 10⁻⁶

P1 Improbable Very unlikely <10⁻⁶

Severity Criteria

Level Name Description Harm

S5 Catastrophic Death Death

S4 Critical Permanent impairment Irreversible injury

S3 Serious Injury requiring intervention Reversible injury

S2 Minor Temporary discomfort No treatment needed

S1 Negligible Inconvenience No injury

See: references/risk-analysis-methods.md

Risk Evaluation Workflow

Evaluate risks against acceptability criteria.

Workflow: Evaluate Identified Risks

  • Calculate initial risk level from probability × severity

  • Compare to risk acceptability criteria

  • For each risk, determine:

  • Acceptable: Document and accept

  • ALARP: Proceed to risk control

  • Unacceptable: Mandatory risk control

  • Document evaluation rationale

  • Identify risks requiring benefit-risk analysis

  • Complete benefit-risk analysis if applicable

  • Compile risk evaluation summary

  • Validation: All risks evaluated; acceptability determined; rationale documented

Risk Evaluation Decision Tree

Risk Estimated │ ▼ Apply Acceptability Criteria │ ├── Low Risk ──────────► Accept and document │ ├── Medium Risk ───────► Consider risk reduction │ │ Document ALARP if not reduced │ ▼ │ Practicable to reduce? │ │ │ Yes──► Implement control │ No───► Document ALARP rationale │ ├── High Risk ─────────► Risk reduction required │ │ Must demonstrate ALARP │ ▼ │ Implement control │ Verify residual risk │ └── Unacceptable ──────► Design change mandatory Cannot proceed without control

ALARP Demonstration Requirements

Criterion Evidence Required

Technical feasibility Analysis of alternative controls

Proportionality Cost-benefit of further reduction

State of the art Comparison to similar devices

Stakeholder input Clinical/user perspectives

Benefit-Risk Analysis Triggers

Situation Benefit-Risk Required

Residual risk remains high Yes

No feasible risk reduction Yes

Novel device Yes

Unacceptable risk with clinical benefit Yes

All risks low No

Risk Control Workflow

Implement and verify risk control measures.

Workflow: Implement Risk Controls

  • Identify risk control options:

  • Inherent safety by design (Priority 1)

  • Protective measures in device (Priority 2)

  • Information for safety (Priority 3)

  • Select optimal control following hierarchy

  • Analyze control for new hazards introduced

  • Document control in design requirements

  • Implement control in design

  • Develop verification protocol

  • Execute verification and document results

  • Evaluate residual risk with control in place

  • Validation: Control implemented; verification passed; residual risk acceptable; no unaddressed new hazards

Risk Control Hierarchy

Priority Control Type Examples Effectiveness

1 Inherent Safety Eliminate hazard, fail-safe design Highest

2 Protective Measures Guards, alarms, automatic shutdown High

3 Information Warnings, training, IFU Lower

Risk Control Option Analysis Template

RISK CONTROL OPTION ANALYSIS

Hazard ID: H-[XXX] Hazard: [Description] Initial Risk: P[X] × S[X] = [Level]

OPTIONS CONSIDERED:

OptionControl TypeNew HazardsFeasibilitySelected
1[Type][Yes/No][H/M/L][Yes/No]
2[Type][Yes/No][H/M/L][Yes/No]

SELECTED CONTROL: Option [X] Rationale: [Justification for selection]

IMPLEMENTATION:

  • Requirement: [REQ-XXX]
  • Design Document: [Reference]

VERIFICATION:

  • Method: [Test/Analysis/Review]
  • Protocol: [Reference]
  • Acceptance Criteria: [Criteria]

Risk Control Verification Methods

Method When to Use Evidence

Test Quantifiable performance Test report

Inspection Physical presence Inspection record

Analysis Design calculation Analysis report

Review Documentation check Review record

Residual Risk Evaluation

After Control Action

Acceptable Document, proceed

ALARP achieved Document rationale, proceed

Still unacceptable Additional control or design change

New hazard introduced Analyze and control new hazard

Post-Production Risk Management

Monitor and update risk management throughout product lifecycle.

Workflow: Post-Production Risk Monitoring

  • Identify information sources:

  • Customer complaints

  • Service reports

  • Vigilance/adverse events

  • Literature monitoring

  • Clinical studies

  • Establish collection procedures

  • Define review triggers:

  • New hazard identified

  • Increased frequency of known hazard

  • Serious incident

  • Regulatory feedback

  • Analyze incoming information for risk relevance

  • Update risk management file as needed

  • Communicate significant findings

  • Conduct periodic risk management review

  • Validation: Information sources monitored; file current; reviews completed per schedule

Information Sources

Source Information Type Review Frequency

Complaints Use issues, failures Continuous

Service Field failures, repairs Monthly

Vigilance Serious incidents Immediate

Literature Similar device issues Quarterly

Regulatory Authority feedback As received

Clinical PMCF data Per plan

Risk Management File Update Triggers

Trigger Response Time Action

Serious incident Immediate Full risk review

New hazard identified 30 days Risk analysis update

Trend increase 60 days Trend analysis

Design change Before implementation Impact assessment

Standards update Per transition period Gap analysis

Periodic Review Requirements

Review Element Frequency

Risk management file completeness Annual

Risk control effectiveness Annual

Post-market information analysis Quarterly

Risk-benefit conclusions Annual or on new data

Risk Assessment Templates

Hazard Analysis Worksheet

HAZARD ANALYSIS WORKSHEET

Product: [Device Name] Document: HA-[Product]-[Rev] Analyst: [Name] Date: [Date]

IDHazardHazardous SituationHarmPSInitial RiskControlResidual PResidual SFinal Risk
H-001[Hazard][Situation][Harm][1-5][1-5][Level][Control ref][1-5][1-5][Level]

FMEA Worksheet

FMEA WORKSHEET

Product: [Device Name] Subsystem: [Subsystem] Analyst: [Name] Date: [Date]

IDItemFunctionFailure ModeEffectSCauseOControlDRPNAction
FM-001[Item][Function][Mode][Effect][1-10][Cause][1-10][Detection][1-10][S×O×D][Action]

RPN Action Thresholds:

200: Critical - Immediate action 100-200: High - Action plan required 50-100: Medium - Consider action <50: Low - Monitor

Risk Management Report Summary

RISK MANAGEMENT REPORT

Product: [Device Name] Date: [Date] Revision: [X.X]

SUMMARY:

  • Total hazards identified: [N]
  • Risk controls implemented: [N]
  • Residual risks: [N] Low, [N] Medium, [N] High
  • Overall conclusion: [Acceptable / Not Acceptable]

RISK DISTRIBUTION:

Risk LevelBefore ControlAfter Control
Unacceptable[N]0
High[N][N]
Medium[N][N]
Low[N][N]

CONTROLS IMPLEMENTED:

  • Inherent safety: [N]
  • Protective measures: [N]
  • Information for safety: [N]

OVERALL RESIDUAL RISK: [Acceptable / ALARP Demonstrated] BENEFIT-RISK CONCLUSION: [If applicable]

APPROVAL: Risk Management Lead: _____________ Date: _______ Quality Assurance: _____________ Date: _______

Decision Frameworks

Risk Control Selection

What is the risk level? │ ├── Unacceptable ──► Can hazard be eliminated? │ │ │ Yes─┴─No │ │ │ │ ▼ ▼ │ Eliminate Can protective │ hazard measure reduce? │ │ │ Yes─┴─No │ │ │ │ ▼ ▼ │ Add Add warning │ protection + training │ └── High/Medium ──► Apply hierarchy starting at Level 1

New Hazard Analysis

Question If Yes If No

Does control introduce new hazard? Analyze new hazard Proceed

Is new risk higher than original? Reject control option Acceptable trade-off

Can new hazard be controlled? Add control Reject control option

Risk Acceptability Decision

Condition Decision

All risks Low Acceptable

Medium risks with ALARP Acceptable

High risks with ALARP documented Acceptable if benefits outweigh

Any Unacceptable residual Not acceptable - redesign

Tools and References

Scripts

Tool Purpose Usage

risk_matrix_calculator.py Calculate risk levels and FMEA RPN python risk_matrix_calculator.py --help

Risk Matrix Calculator Features:

  • ISO 14971 5x5 risk matrix calculation

  • FMEA RPN (Risk Priority Number) calculation

  • Interactive mode for guided assessment

  • Display risk criteria definitions

  • JSON output for integration

References

Document Content

iso14971-implementation-guide.md Complete ISO 14971:2019 implementation with templates

risk-analysis-methods.md FMEA, FTA, HAZOP, Use Error Analysis methods

Quick Reference: ISO 14971 Process

Stage Key Activities Output

Planning Define scope, criteria, responsibilities Risk Management Plan

Analysis Identify hazards, estimate risk Hazard Analysis

Evaluation Compare to criteria, ALARP assessment Risk Evaluation

Control Implement hierarchy, verify Risk Control Records

Residual Overall assessment, benefit-risk Risk Management Report

Production Monitor, review, update Updated RM File

Related Skills

Skill Integration Point

quality-manager-qms-iso13485 QMS integration

capa-officer Risk-based CAPA

regulatory-affairs-head Regulatory submissions

quality-documentation-manager Risk file management

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

aws-solution-architect

No summary provided by upstream source.

Repository SourceNeeds Review
685-alirezarezvani
General

social-media-analyzer

No summary provided by upstream source.

Repository SourceNeeds Review
398-alirezarezvani
General

senior-frontend

No summary provided by upstream source.

Repository SourceNeeds Review
327-alirezarezvani
General

senior-backend

No summary provided by upstream source.

Repository SourceNeeds Review
296-alirezarezvani