According to 21 CFR 820.30(g), as part of the design validation process, risk analysis must also be performed and documented in the DHF (design history file). Risk analysis involves the identification, understanding, control, and prevention of failures that can result in hazards when people use medical devices. A risk management plan can be broken down into 2 parts. First there is the risk assessment which includes the risk analysis and evaluation. Then there is the risk management which consists of the risk control, evaluation of the overall residual risk and the risk management review. The final step is the production and post-production activities. The risk management program must continue after the device goes into production and into the hands of actual users.
A company recently received the following observation:
….. Risk analysis was not performed.
Specifically,
a. Risk management procedures have not been established in that you have failed to identify new hazards and risks from quality data sources (e.g., complaints and CAPAs). More specifically, risk management files have not been updated to include the failure, hazards, and harm for … events and power-related failures.
b. …. risk management files are not in accordance with the current risk management procedure, SOP … “Risk Management Process”. For example, SOP …, “Risk Management Process”, defines new terminology that hasn’t been applied to the risk management files.
For more information on how to implement a risk management program, refer to the following: FDA presentation, Risk Management and the total Product Life Cycle and FDA Guidance for Industry, Q9 Quality Risk Management.
To view more observations pertaining to pest control, refer to the following GMP Trends® Issues: 1098, 1038, 1033, and 1028.
Stay in Compliance! Subscribe today!