Learn how to safely pass the medical device approval process

Sie befinden sich hier:
Risk Management: Intro
Prof. Dr. Christian Johner
Developers, Usability Engineers, Regulatory Affairs Managers, Risk Managers, Project Managers
Nicht verfügbar
veröffentlicht am 13.05.16
In this short training you will learn about the regulations related to risk management and why risk management is so crucial. We also give you an overview on the following training units.
Es sind keine Kapitel verfügbar


In this short training you will learn about the regulations related to risk management and why risk management is so crucial. We also give you an overview on the following training units.


The core regulations in Europa are the directives, most important the medical device directive MDD. MDD defines the essential requirements any medical device has to fulfill. Among these the most important and first mentioned is risk management. Furthermore the MDD requires software life-cycle processes inclusively state of the art software verification and validation as well as the demand to address usability.

Most manufactures, in particular those developing products which are more critical or which are or contain software use the conformity assessment procedure according to Annex II. This requires additionally a Quality Management System.

To prove that these requirements are met, manufacturers may use harmonized standards. If the products are compliant with these standards one may to assume that also the products are compliant with the requirements laid out in the directives.

For risk management the standard ISO 14971 is harmonized, for the software life-cycle processes the standard IEC 62304, for the usability engineering the standard IEC 62366 and for quality management systems ISO 13485. The standards themselves refer to each other. For example IEC 62366 requires a risk management compliant with ISO 14971. Also IEC 62304 requires a risk management compliant with ISO 14971. And even the standard ISO 13485 requires risk management and recommends one according to ISO 14971.

It becomes obvious that without risk management the compliance even with the other standards collapses. In other words: Risk management is not everything. But without risk management everything is nothing.


Risk management is absolutely crucial: If I’m auditing companies and have limited time, I start with risk management. First I check the date of the documents. If the last documented change of the risk management file dates back to a year or even more, I immediately know that risk management is not really lived. Next I check the risk assessment matrix and the risk policy. If the argumentation why risks are defined as acceptable is rather vague and not based on concrete quantitative considerations it is obvious, that this manufacturer considers risk management to be just a formal act but does not balance risks and benefits.

The problems we observe during audits are frequently fundamental: For example the challenge to use well defined terms appropriately. If a manufacturer considers software bug to be a risk, if hazards and hazardous situations are confused, then the entire risk management file becomes faulty.

Very frequently I observe risk management being delegated to the development team. A developer might contribute; but a developer neither is a risk manager, nor a context or medical expert.

I have to admit, that risk management is everything but trivial. The assessment of probabilities and severities of harms is difficult, the interaction between risk management and clinical evaluation, too. However, it is worth to dedicate time, thoughts and education. Not only to prevent problems in audits, but also to allocate resources and set priorities appropriately.

Eventually manufacturers should want to make the world a little better with their products. And risk management is a precondition to make the assumption that they are successfully doing so.


Look forward to a comprehensive set of trainings which guides you step by step through the entire risk management process starting with the risk policy and definition of the risk assessment matrix. You’ll learn how to identify hazards and assess risks, and how to mitigate these risk. We explicitly will cover the software specifics as software safety classes, the interaction between IEC 62304 and ISO 14971 or how the software architecture has to be used for risk analysis.

You get all the details how to document your activities and to use tools in order to avoid problems in audits.

As risk management is a continuous effort, we will talk about post-production, about corrective and preventive actions and about how to establish a surveillance system.

The risk management process is not an isolated process. Quite the opposite: It strongly correlates and interacts with other processes as the development process or the usability process. Therefore we will give you concrete help how to define these processes in a way that they interact smoothly and without causing an unnecessary overhead.

Look forward to the next training units!

Vorausgesetzte Videos
Weiterführende Videos
Ergänzende Videos

E-Learning Library: Become a member

A safe bet - not just in audits

The E-Learning Library will help you 

  • minimize embarrassing difficulties in the audit,
  • avoid wasting time and money on rectification (a re-audit will cost about 1,000 EUR, in addition to internal resources)
  • accelerate the process to the market for your product because you will avoid unnecessary project delays, e.g due to unnecessary rectification or elaborative (retrospective) development of your technical documentation. You would be surprised to know how much a project delay would cost you, try to divide your product revenue in a year into twelve, then you can see how much it already affects your monthly cost.
  • avoid expensive consultants and save your budget up to five-figures sum.

Your investment

Compared to how much all of these will cost you, auditgarant is an absolute bargain: just 990 EUR per year. We are convinced that it is almost impossible that this investment will not benefit you straight away. Convince yourself and order now!

What our customers say

PicclientAt one point, the offers are the most comprehensive informations for this topic-
and are very well prepared and useful for everyday work.

Klaus Müller, CEO xmachina &GmbH

Picclient"I'm really surprised how you succeed to express your motivation and passion, and the fact that you did this with the not-so-easy topics. It was fun to watch the web training and answer the mindmailer. Thank you very much for putting your heart into this and so generously pass this knowledge. This way, a complex and really dry topic becomes a highly interesting topic that you can’t get enough of. Really great! "

Nicole Haas