Top 5 Common Pitfalls to Avoid During Risk Assessment

Kamiya Crabtree
A man carefully steps across a cliff-face. An analogy for assessing risk.

A medical device-specific risk assessment uses the ISO 14971 standard, which provides guidance for producing and maintaining a risk management file.

A risk assessment is a process used to identify, analyse, and mitigate risk in the design and development process to enable the sale of safe and successful medical devices. Risk assessment ensures that all potential hazards are identified and mitigated to protect patient safety. However, manufacturers often encounter mistakes along the way that can compromise the effectiveness of the assessment and delay product launch. To help you navigate the risk management process smoothly, here are the Top 5 Pitfalls to avoid during the risk assessment of your medical devices.

Diagram highlighting the 5 pitfalls for risk assessment.

1. Failing to Identify All Potential Hazards

To begin a risk assessment, a comprehensive identification of potential hazards that could arise at any stage of the device’s lifecycle should be conducted. This involves documenting known and foreseeable hazards related to the medical device, considering its intended use, foreseeable misuse, and safety characteristics. A significant pitfall occurs here when manufacturers underestimate these hazards, in turn leading to an incomplete risk assessment.

How to avoid this:

Ensure cross-disciplinary teams are engaged (e.g., engineering, clinical, regulatory experts). This will ensure a thorough hazard analysis. Consider all potential risks, including those related to device malfunction, misuse, environmental factors, and human error.

2. Insufficient Documentation and Traceability

Clear documentation of the risk management process is required for regulatory authorities, e.g., Notified Bodies, to review. Article 10 of the EU MDR requires all manufacturers to establish, document, implement, and maintain a system for Risk Management. A frequent pitfall here is failing to maintain proper documentation of hazard identification, risk analysis, and control measures. This, in turn, will lead to non-compliance and delays.

How to avoid this:

Confirm that every step of the risk management process is documented in detail. Alongside this, you can use risk management tools, e.g., FMEA or risk matrices, to track the rationale behind each decision. This will allow for full traceability throughout the device lifecycle.

Maintaining and updating a Risk Management strategy requires scheduled review and appraisal sessions to analyse system suitability. The clinical evaluation cycle offers an opportunity to assimilate Risk Management data collected and to re-perform a benefit-risk analysis of the device. Any updates or changes to the process must be reflected in documentation and disseminated across the organisation to ensure the changes are implemented.

3. Underestimating Risk Acceptability Criteria

Determining whether a risk is acceptable or not is crucial in risk assessment. During risk evaluation, the manufacturer must assess estimated risks for each hazardous situation and check if they meet the criteria in the risk management plan.

Setting inappropriate risk acceptance thresholds can directly impact both patient safety and product timelines. If the acceptable risk is set too high, the device may pose a significant threat to users, leading to potential harm or regulatory non-compliance. On the other hand, being too cautious and lowering the threshold could result in unnecessary design changes or delays in the approval process, even for risks that are statistically insignificant.

How to avoid this:

Risk acceptance should be based on both regulatory requirements and real-world clinical needs. The criteria should be proportional to the severity and likelihood of the identified risks. A low-risk device may have higher acceptable risk levels, while a high-risk device, such as a life-supporting medical device, must have stringent limits. Tools like risk matrices can help categorise and prioritise risks by their severity and probability, ensuring a rational and evidence-based approach to setting acceptability levels.

4. Ignoring Post-Market Risks

Many manufacturers place a significant emphasis on pre-market risks, neglecting the post-market risks that may arise once the device is in use by patients or healthcare professionals. The manufacturer must review all collected post-market information, focusing on safety relevance. This aims to identify unrecognised hazards not initially identified, hazardous situations with now-unacceptable estimated risks, and cases where the overall residual risk is no longer acceptable relative to intended use benefits.

How to avoid:

Ensure you incorporate a robust post-market surveillance plan into your risk management strategy. As well as this, make sure you set up systems to monitor and track device performance, adverse events, and potential hazards once the product is on the market.

5. Neglecting Risk Control and Mitigation Strategies

The identification of hazards is just one part of the risk management process. The next critical phase is the implementation of effective risk controls, which is necessary to reduce identified risks to acceptable levels. Failing to implement effective controls or using controls that are impractical or inadequate is a common trap. This can lead to unresolved risks that may jeopardise patient safety, compromise device effectiveness, and increase the likelihood of regulatory non-compliance.

How to avoid:

To avoid neglecting risk control strategies, it’s essential to follow a structured approach that aligns with recognised best practices and regulatory standards. Here are some practical steps:

  • Start by prioritising the risks that need mitigation based on their severity and probability of occurrence.
  • Evaluate the effectiveness of controls. This can include pre-market validation through clinical trials, in-vitro testing, and failure testing, as well as post-market monitoring to ensure that controls remain effective over time.
  • For each identified risk, provide a rationale for the selected control, how it works to mitigate the hazard, and how its effectiveness will be measured.

Final Thoughts: Mastering Risk Assessment

By carefully identifying all potential hazards, setting realistic risk acceptability criteria, and implementing robust mitigation strategies, you can significantly reduce the likelihood of regulatory setbacks and safety issues. A proactive and comprehensive approach to risk management not only protects patients but also streamlines the path to market, helping your device succeed in a competitive landscape. Remember, risk assessment is an ongoing process that requires constant vigilance and adaptation, so stay committed to continuous improvement. Please contact us if you need any help with risk assessment or any medical device regulation issue.

Back to top

Related articles

  1. A label maker printing bar-code labels.

    Labelling 101: A Comprehensive Overview for Medical Device Manufacturers

    Labelling and packaging are critical elements to ensuring safety, compliance, and ease of use.

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer
  2. An illustration of a brain-shaped object on an abstract background.

    European Commission Guidelines on Prohibited Artificial Intelligence Practices

    Summary of the 8 AI practices prohibited by the EU 2024/1689 artificial intelligence (AI) Act.

    Dr Clare Dixon Dr Clare Dixon Regulatory Specialist
  3. A compass being used to navigate across mountainous countryside.

    Navigating Non-Conformities in Technical Documentation

    We explore how to manage non-conformities effectively and implement Corrective and Preventive Actions (CAPAs).

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer
  4. A photograph of a literal maze that we're using as a clever metaphor.

    Mastering the EU MDR: Essential Steps for Compliance-Ready Docs

    If you're uncertain about the readiness of your EU MDR documentation, this article provides an overview of the essential steps to ensure you’re on track.

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer
  5. An illustration showing scientists at work.

    A Guide to Electronic Instructions for Use (eIFU)

    Electronic Instructions for Use (eIFUs) are set to revolutionise how medical device instructions are delivered. We explore what this means for you.

    Dr Will Brambley Dr Will Brambley Lead Medical Writer
  6. Two helicopters look as if they are about to collide: An analogy for risk.

    Navigating Risk Management Requirements under the EU MDR

    This is a cornerstone of EU MDR 2017/745, requiring a continuous, well-documented approach. We unpack key requirements and provide actionable strategies.

    Peter Boxall Peter Boxall Lead Medical Writer
  7. A doctor operates a tablet computer.

    Beyond the Acronyms: Understanding SaMD and SiMD

    As software advancements continue, the line between traditional hardware-centric medical devices and software-driven solutions becomes increasingly blurred.

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer
  8. A team of profesional-looking people sit around a table, congratulating themselves.

    Extending the Validity of your IVDD Certificates – Key Dates

    The EU and the MHRA have extended the validity of IVDD certificates, allowing you more time to transition to the IVDR. We explain what this means for manufacturers.

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer
  9. A team of profesional-looking people sit around a table, congratulating themselves.

    GSPR 1: A New Era of Performance with Safety at the Core

    This regulation emphasizes risk management, durable design & biocompatibility to ensure medical devices are safe and effective. GSPR 1 protects users while driving innovation in medical technology.

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer

  10. Cybersecurity Vulnerabilities in Medical Devices: FDA Alerts on Contec and Epsimed Monitors

    Patients can be exposed to risks when devices are online. We explore implications for EU MDR/IVDR cybersecurity requirements, including MDCG guidance

    Dr Clare Dixon Dr Clare Dixon Regulatory Specialist
  11. A futuristic-looking factory full of labelled cardboard boxes.

    Decoding UDI: Your Ultimate Guide to Smarter Medical Device Labelling

    The Unique Device Identifier (UDI) ensures medical device traceability and compliance. We break down its structure, Device Identifier (UDI-DI), Production Identifier (UDI-PI) and its role in EUDAMED.

    Kamiya Crabtree Kamiya Crabtree Regulatory Medical Writer
  12. A medical team discuss performance data at their desktop computer.

    Key Updates for Navigating EMDN: MDCG 2024-2 Rev.1 & 2021-12 Rev.1

    Release of the updated guidance helps manufacturers navigate the EMDN system for accurate device classification, ensuring market access.

    Ron Sangal Ron Sangal Lead Medical Writer
  13. A dated monitor for medical equipment.

    Understanding Clinical Evidence Requirements with MDCG 2020-6

    How can manufacturers ensure legacy devices meet MDR's stringent requirements? Discover how MDCG 2020-6 guidance simplifies the path to compliance.

    Dr Clare Dixon Dr Clare Dixon Regulatory Specialist
  14. A stethoscope laid on a desk of regulatory documentation.

    Clinical benefits of an in vitro diagnostic medical device

    How to determine the clinical benefit of an IVD and successfully incorporate it into regulatory documentation.

    Dr Gayle Buchel Dr Gayle Buchel Chief Medical Writer
  15. EU flags

    Regulation (EU) 2024/1860 - Its impact on EU MDR and IVDR

    How does the recent Regulation (EU) 2024/1860 amendment affect the EU MDR & IVDR?

    Shona Richardson Shona Richardson Regulatory Medical Writer
  16. EU flag

    MDCG 2024-10 - Orphan medical devices

    How to apply MDR pre-market clinical evidence requirements to medical devices intended for limited usage.

    Dr Simon Cumiskey Dr Simon Cumiskey Senior Lead Medical Writer
  17. Considering a medical device's intended purpose

    A medical device's intended purpose - what is the point?

    How do you define intended purpose, indication for use, intended clinical benefits, and claims?

    Dr Simon Cumiskey Dr Simon Cumiskey Senior Lead Medical Writer
  18. Mantra Systems presents EnableChat, your AI-powered MDR & MDCG chatbot

    EnableChat - Your AI-powered MDR and MDCG chatbot

    Search the MDR and MDCG documents in seconds by asking EnableChat your questions.

    Dr Simon Cumiskey Dr Simon Cumiskey Senior Lead Medical Writer
  19. Searching adverse event databases for vigilance data

    Staying vigilant - A guide to searching for adverse events data

    We discuss the pros and cons of existing adverse event databases for vigilance data searching.

    Dr Simon Cumiskey Dr Simon Cumiskey Senior Lead Medical Writer
  20. A doctor reading an SSCP document with a patient

    What is Summary of Safety and Clinical Performance (SSCP)?

    We explain what the SSCP is, when you'll need it and what its objectives are.

    Sandra Gopinath Sandra Gopinath Chief Regulatory Officer
  21. A pile of question marks

    Medical Device 'Significant Changes' – Navigating EU MDR Article 120(3) using MDCG 2020-3 rev. 1

    Understand what changes to your medical device are considered 'significant' under EU MDR (2017/745).

    Shen May Khoo Shen May Khoo Junior Regulatory Specialist
  22. A signpost giving unsure directions

    MDR or IVDR - A sibling rivalry?

    A guide to easily understanding whether your device is a medical device or an in vitro diagnostic medical device (IVD).

    Dr Gayle Buchel Dr Gayle Buchel Chief Medical Writer
  23. An EU and UK flag

    What the latest Brexit U-turn means for CE Marking of medical devices in Great Britain

    Will Great Britain continue to allow the use of the CE mark for medical devices beyond the 2024 deadline?

    Dr Hanna Gul Dr Hanna Gul Lead Medical Writer
  24. A woman writing her own medical device regulation documentation

    Gain confidence, reassurance and control over your EU MDR strategy

    Find out how to build your own technical files within a guided framework while minimising financial outlays.

    Dr Gayle Buchel Dr Gayle Buchel Chief Medical Writer
  25. Racing to achieve MDR compliance

    Still racing to achieve MDR compliance? A transition period update

    On January 6th 2023, the EU commission has adopted the proposal to extend the transition rules of the EU MDR.

    Sandra Gopinath Sandra Gopinath Chief Regulatory Officer
  26. A 7-step guide to navigating regulatory requirements for medical device start-ups

    A medical device regulations guide for start-up companies

    We present a 7-step guide to navigating regulatory requirements on a budget.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  27. An update on UKCA Marking of Medical Devices

    UKCA Marking of Medical Devices – An update on the status quo

    We review recently updated requirements for UKCA marking and what it means for your regulatory strategy.

    Dr Hanna Gul Dr Hanna Gul Lead Medical Writer
  28. How to choose a CER writer for your MDR Clinical Evaluation

    Choosing a CER writer for your MDR Clinical Evaluations

    We've compiled a list of considerations that will help you make the right choice when choosing a CER writer.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  29. Achieving MDR Compliance for Class I medical devices

    How to achieve MDR Compliance for Class I medical devices

    We outline a strategy for the regulatory compliance of Class I medical devices.

    Sandra Gopinath Sandra Gopinath Chief Regulatory Officer
  30. Literature Search, SOTA Review and Clinical Evaluation

    Literature Search, SOTA Review process and Clinical Evaluation

    We help to demystify the process of systematic search & review of literature for Clinical Evaluation.

    Sandra Gopinath Sandra Gopinath Chief Regulatory Officer
  31. Literature Search Protocols & SOTA Reviews for medical devices and what to know before you start

    Literature searches and reviews for medical devices - what to know before you start

    We explain what you should know before beginning a literature search & review for your medical device.

    Sandra Gopinath Sandra Gopinath Chief Regulatory Officer
  32. Five useful resources when writing a medical device CER

    Five useful resources when writing a medical device CER

    We outline five of the most useful and trustworthy Clinical Evaluation Report writing resources.

    Dr Victoria Cartwright Dr Victoria Cartwright Relationship Manager
  33. Avoid pitfalls when writing a Clinical Evaluation Report

    Five common pitfalls when writing a Clinical Evaluation Report

    We illustrate five pitfalls when writing CERs and give you some tips to overcome them.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  34. How to make a medical device equivalence claim under the MDR

    Five tips for making a medical device equivalence claim under the MDR

    We'll show you what to keep in mind with regards to equivalance and Clinical Evaluation.

    Sandra Gopinath Sandra Gopinath Chief Regulatory Officer
  35. Keeping medical devices in market and maintaining CE-marks - a guide to effective data collection

    Keeping medical devices in market and maintaining CE-marks

    The 4 golden rules to drive regulatory compliance with PMCF and vigilance data collection.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  36. How PMCF goes beyond simple compliance - improving products and engaging customers

    How PMCF goes beyond simple compliance

    The wider benefits of a well-designed PMCF system include improving your products and your relationship with your clients.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  37. PMCF systems for medical devices

    Why you'll almost certainly need a PMCF system for your medical devices

    We tell you what to be aware of under the EU MDR regarding PMCF and your medical devices.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  38. Ensure medical device regulatory compliance of your devices through Brexit

    The impact of Brexit on medical device regulatory compliance

    How to ensure regulatory alignment of your devices in the territories affected by Brexit.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  39. Use medical device regulatory consulting services to supercharge your MDR transition

    Is outside consulting support the answer to your MDR transition?

    Getting ready for the MDR is a demanding process. Outsourcing might be your solution.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  40. Increasing data entry compliance in PMCF studies

    Increasing data entry compliance in PMCF studies

    5 methods every medical device manufacturer should know to improve their Post-Market Clinical Follow-up studies.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  41. Why medical doctors can drive MDR compliance

    Why medical doctors can drive MDR compliance

    Working with the MDR requires knowing how to work with clinical evidence. Medical doctors are perfectly positioned to meet this requirement.

    Dr Victoria Cartwright Dr Victoria Cartwright Relationship Manager
  42. Software as a Medical Device

    Software as a Medical Device

    Unless you have spent time working with medical device legislation in the past, the idea that software could be a medical device may be rather unexpected.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  43. clinical investigator for pmcf eu mdr compliance

    Ensuring that clinical investigations work in practice

    How can medical device manufacturers ensure valid clinical investigations when access to medical expertise remains limited?

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  44. Coronavirus and medical device regulations

    Relaxing medical device regulatory requirements during a healthcare crisis

    During the coronavirus pandemic, how far should we go when relaxing medical device regulatory requirements?

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  45. The new MDR compliance challenge

    The new MDR compliance challenge

    Across the industry, medical device companies are facing challenges in meeting the demands of the new Medical Device Regulations (MDR) 2017/745 framework.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer
  46. Sources of Real World Evidence for MDR compliance

    Sources of Real World Evidence for MDR compliance

    At Mantra Systems our objective is to make sure that our clients choose the method of real world data harvesting that is right for them.

    Dr Paul Hercock Dr Paul Hercock Chief Executive Officer

More articles

Do you need support with your medical device approval strategy?

Contact us today