Description:
This Risk Management Procedure defines how we implement, document, and maintain an ongoing ISO 14971 / EN ISO 14971 risk management process across the full device lifecycle.

• Establish and maintain a Risk Management File (RMF) containing RMP, RA, and RMR

• Apply the lifecycle phases: risk analysis, risk evaluation, risk control, and production/post-production monitoring

• Define risk acceptability criteria in the Risk Management Plan (RMP) using severity and likelihood rankings

• Use Risk Priority Number (RPN) and an acceptability scale (low / undesirable / intolerable) to evaluate risks

• Define criteria and methods for overall residual risk acceptability and Benefit/Risk (B/R) evaluation

• Plan and execute risk control measures and verify implementation and effectiveness

• Collect and review production and post-market inputs (e.g., complaints, PMS, PMCF, vigilance, FSCA) to update the RMF

Your needs:

• Risk management procedure

• Risk management procedure for MDR decision-making

• Reduce rework, strengthen benefit-risk justifications, and improve audit readiness

This document is used to standardise risk management activities for each device or device family, from early design through post-market monitoring, ensuring decisions are consistent, documented, and maintained over time.

It sets the rules for risk evaluation and acceptability. RPN is the numeric ranking from multiplying severity and likelihood; it matters because it helps prioritise which risks require stronger controls. Overall residual risk is the remaining cumulative risk after controls; it matters because it must remain acceptable versus the device’s benefits.

• Maintain RMF structure and controlled identification (RMF/RMP/RA/RMR codes)

• Define severity/likelihood criteria and quantitative thresholds where possible

• Perform B/R evaluation via labeling review and/or expert review (linked to the CER)

• Apply AFAP risk reduction and assess risks introduced by controls

• Verify control effectiveness using testing, V&V, process validation, and clinical data

At Lexqara, we help you implement ISO 14971-aligned workflows, build audit-ready RMFs, and connect risk management to design controls, clinical documentation, PMS/PMCF, and regulatory strategy without overburdening teams. Get templates in our Resource Center and explore our Regulatory Strategy support. For institutional context, consult EU MDR (Regulation (EU) 2017/745).

Download the template or request a short gap assessment.