The process FMEA (pFMEA) is a method for the systematic analysis of risks resulting from failure modes in processes, such as device production and cleaning.
Like the dFMEA, the process FMEA (pFMEA) is a variant of the FMEA (failure mode and effect analysis). Therefore, it is a bottom-up processthat analyzes the unknown effects of failure modes.
Process failure (example)
Negative effect on the process outcome (example)
Temperature is not high enough
Object is not sterile
Printed circuit board assembly
Wrong electronic component tape inserted
Printed circuit board is incorrectly assembled, electronics do not function as intended
Person responsible for regulatory compliance or bot does not find information source
Report, e.g., PSUR is incomplete
Static code analysis
Analysis tool configuration file is overwritten
Test report does not warn that the cyclomatic complexity of the code is too high
Table 1: Examples of processes, failure modes in these processes and the resulting negative effects
In the context of medical devices, the unknown and mostly undesirable effects of these failure modes are hazards, hazardous situations and harm.
So, if you also know the probability and severity of the resulting harm, you also know the risks.
That's why the FMEA is also generally understood as a method for risk analysis. However, this perception is not entirely accurate, as the method is only partially suitable for determining the severity of harm and its probability.
Furthermore, the effects are not harms as defined by ISO 14971 (e.g., physical injury to patients). Rather, they are elements in a causal chain that only later results in harm.
For example (see Table 1), a non-sterile device is not a case of harm in itself, but rather a potential source of harm and, therefore, by definition a hazard and not a risk.
As the acronyms themselves suggest, the pFMEA looks at the effects of deficient processes. In contrast, the dFMEA focuses on the effects of deficient products. The “d” in dFMEA stands for “design” in the sense of designing and assembling products, rather than in the sense of graphic design.
The result of a pFMEA is an estimate of the impact of a process failure on the outcome of the process. This (undesirable) process outcome could, for example, be a component that does not meet the specifications. This out-of-specification component would be the starting point of a dFMEA, as the dFMEA investigates the effects of out-of-specification components on the product as a whole and ultimately on patients.
This means the pFMEA can act as the input for the dFMEA by providing essential information:
Not just for core processes
Organizations should always perform a pFMEA when they are establishing new processes. This doesn’t just apply to core processes, such as the development, production and maintenance of medical devices, but often to support processes as well, such as:
If necessary, more than one pFMEA per process
Even for core processes, organizations shouldn’t limit themselves to one single pFMEA. Core processes can often involve several sub-processes or procedures that should be analyzed individually, as the following examples show:
pFMEA for process design
The pFMEA aims to analyze the undesirable and unknown effects of deficient processes. Therefore, it can also help you to work out any necessary countermeasures, for example additional test steps. And these, in turn, can lead to changes in the processes, meaning that the process design, pFMEA and process change are iterative.
There are a lot of occasions when processes have to be changed:
All these changes have to be evaluated by the organizations to see if they could result in:
This is exactly what the pFMEA is intended for.
The pFMEA is more than just a necessary consequence of a process change. It can also be the trigger for a change. This is because an organization can use the pFMEA to identify weak points in their processes and how to improve them, even if there are no negative effects on patients, users and third parties.
Improvements could relate to, for example:
The regulatory requirements (see section 4 of this article) require manufacturers validate their processes. This validation often means high costs for manufacturers. And complete testing of all process parameters or the complete testing of process software is generally impossible in reality.
But legal requirements and standards allow for a risk-based approach. In other words, the manufacturers are allowed to adjust the time and cost required for the validation of the process in line with the risks generated by the process.
The pFMEA helps to quantify these risks, even if it is not a risk analysis method as defined by ISO 14971.
In this article process validation is explained in detail as well as which regulatory requirements have to be met.
When planning the pFMEA, the organization has to define the following:
To prepare for the pFMEA, the team first has to review and update the process description. If this description hasn’t been created, the team has to create this documentation.
The process description should include:
Diagrams in, for example, business process modeling notation (BPMN) are a good way of clearly documenting these processes.
The actual pFMEA involves looking at each process step and working out which failure modes can occur and what consequences they would have for the process outcome. The following questions can be used to guide the process:
The Ishikawa method will help you identify possible sources of failure modes in each process step. The HAZOP method (IEC 61882) is very useful for describing the different forms of deficient inputs and outputs.
The team must document the results of the pFMEA. This can be done in a table:
Process step failure mode
Cause of failure, if applicable
Probability of failure
1 - Probability of failure being detected
Effect of the failure
Table 2: Example of how to document a pFMEA
The three following variables are quantified in the pFMEA (values between 0 and 10):
The risk priority number (RPN) is the product of the three quantitative variables and therefore has a value between 0 and 1000.
The RPN provides guidance on the extent of the failure mode’s impact. However, it is not considered a measure of risk, but rather a tool for prioritizing tasks (especially actions).
The final assessment of the risk in the sense of ISO 14971 is no longer (solely) the responsibility of the “pFMEA team.” Instead, the consequences of the deficient process outputs must be extrapolated to the patient, users and third parties.
The main outcome of the pFMEA is the table shown above. However, the actions are no longer considered part of this analysis. The “Action” column is nevertheless useful for ensuring that the actions for the risks identified have actually been implemented.
The team should have a clear and shared understanding of the goals, including:
The team should include the following roles, at least some of the time:
The pFMEA should be used:
The pFMEA alone will not generate the information needed to identify and quantify risks from medical devices. To do this, the pFMEA has to look at:
This often requires several process owners to coordinate, even if only one process is changed.
The RPN is not a measure of risk according to ISO 14971. The “effect” factor should not be confused with the severity of harm according to ISO 14971.
The multiplication of three numerical values often creates a false illusion of accuracy. But, generally, each of the factors is based on a rough estimate.
Manufacturers must identify and manage the risks generated by their medical devices in line with the state of the art. The pFMEA is a state-of-the-art method.
These requirements are found in, for example:
Read more on computerized software validations, which can and should also be risk-based and for which a pFMEA is a valuable method.
The pFMEA is used to systematically analyze the potential effects of a failure mode in a process.
Auditors consider the pFMEA to be state of the art, which is why pretty much every ISO 13485 certified organization should use the method.
pFMEAs don’t just help organizations ensure conformity, they also help them design tasks, e.g., for product testing, and avoid unnecessary costs.
The Johner Institute helps medical device manufacturers and their service providers set up their QM systems and with the risk analysis for their devices and processes.
The Johner Institute provides several videos and accompanying templates that manufacturers can use to perform legally compliant dFMEAs and pFMEAs in Auditgarant.