What is ISO 14971:2007?

Application of Risk Management to Medical Devices

iso 14971
Buy ISO 14971

ISO 14971 outlines a process to identify the hazards associated with medical devices. It helps insure the safety of a medical device during the product life cycle. The process steps are:

  1. Estimate and evaluate risks
  2. Control risks
  3. Monitor risk control effectiveness

There are many risks associated with the design & production of Medical Devices but also in their use. Risk to safety of patients, users, handlers and Regulatory Product liability must all be managed. Manufacturers must conduct and document a risk management process.

Tools to help with Risk Management:
guide 73
ISO Guide 73
– Risk management vocabulary
Risk Management Exercise and PowerPoint
risk procedure
Risk Management Procedure

ISO 14971 is recognized by:

  • The U.S. Food and Drug Administration (FDA)
  • The EU has harmonized with European Medical Devices Directive 93/42/EEC.
  • ISO 13485 refers to ISO 14971 for guidance related to risk management.

Download a free presentation:

iso14971 Compare Risk Management requirements of ISO 13485, ISO 14971, and FDA QSR-820

Risk Management Plan in your organization

ISO 14971 provides a framework of risk management activities as applied to medical devices. From initial analysis to risk control & evaluation, the probability and frequency of harm can be assessed, analyzed & managed.

Risk Analysis and Management Plan

Create a mitigational plan outlining your risk management program, the required resources, and the training/experience of the those calculating the risks. Measure and monitor processes as required in ISO 13485.

risk management

Organizational Commitment

As required in ISO 13485, management commitment and involvement is essential. Risk objectives are part of the organization’s goals and resources must be allocated to properly mitigate risk.

Estimate Risks

ISO 14971 requires medical device manufacturers to consider all possible negative consequences resulting from use of their device. There are several ways to identify the risks in medical devices, then you estimate it’s probability and impact as defined in the standard.

Control Risk

Determine ways to minimize risk to an acceptable level, which must be clearly communicated to all stakeholders.


ISO 9001 All in One Package