BOOK A CALL
Blog

What is a Risk/Benefit Analysis & How To Do It?

Picture of Marion Lepmets
Marion Lepmets
CEO
May 12, 2017

The Risk / Benefit analysis is one of the most misinterpreted areas of the Risk Management process.

And consequently one of the preferred digging points for the Notified Bodies.

The spirit of the regulations and standards is “the benefit provided by the use of the device must outweigh the associated risk”.

That sounds simple doesn’t it?

Let’s take a step back.

The basic requirements are listed in ISO 14971 (2012) par 6.5. This paragraph allows for the following case:

If a residual risk is acceptable, a risk/benefit analysis is not required.

What often slips through the cracks is that the ISO 14971 is usually supplemented by additional requirements in each region. In particular, when the EU adopts a standard, additional information is added to it. In this case, there are several Annexes added to ISO 14971 when it becomes the European Edition of the standard – EN ISO 14971. These annexes describe the gaps and deviations from the Medical Device Directives.

The one that usually catches the device manufacturers is Annex ZA par 4:

“[…] the manufacturer must undertake the risk-benefit analysis for the individual risks and the overall risk-benefit analysis (weighing all risks combined against their benefit) in all cases.”

To summarize: ALWAYS carry out a Risk/Benefit analysis before a product is placed on the market, and include ALL risk items, regardless of their acceptability.

How to conduct a Risk/Benefit Analysis?

Risk/Benefit Analysis in 3 Simple Steps:

1. Summarize all risk items from all risk analysis documents;

2. Summarize the traceability to risk mitigation actions;

3. Arrange a review with the project team, management, Regulatory, Quality and ideally an external expert on the device / use (e.g. a surgeon):

(a) Agree that the risks have been mitigated As Far As Possible and additional risk controls do not significantly reduce the risk.

(b) Agree that each residual risk is acceptable.

(c) Agree that the overall residual risk is acceptable.

(d) Agree that the benefit of using the device outweighs the residual risk

We help medical device companies automate their compliant Risk Management with the help of the SoftComply Risk Manager – the most advanced Risk Management app on Jira.

Table of Contents

Ready to get started?

Contact us to book a demo and learn how SoftComply can cover all your needs

BOOK A CALL
Medical Device Compliance Guide

Medical Device Compliance Guide for 2025

Picture of Marion Lepmets

Marion Lepmets

CEO
September 23, 2024

Introduction This medical device compliance guide focuses on the key requirements and strategies for navigating the regulatory landscape. We will cover the role of major regulatory bodies like the FDA, the classification of devices, and the importance of quality management. We will also discuss the challenges of global compliance and...

Read more
CVSS-FDA-cybersecurity-medical-devices-1712x599-c

Navigating FDA Cybersecurity Requirements for Medical Devices – A Case Study

Picture of Matteo Gubellini

Matteo Gubellini

Regulatory Affairs Manager
September 16, 2024

This case study describes the experience of a multinational medical device manufacturer meeting the FDA cybersecurity requirements. The company is operating in the MedTech sector developing a class 2/IIb device consisting of hardware and software. The company spent about 2 years working on the security risk management of the device....

Read more
Information Security Risk Management Guide

Information Security (ISO 27001) Risk Management Best Practices for 2025

Picture of Marion Lepmets

Marion Lepmets

CEO
September 13, 2024

Keeping your data safe is vital for every business. One way to do this is by following ISO 27001. But how can we manage these information security risks with a tool like Jira? Let’s dive in! What is Information Security Risk Management Information Security Risk Management is all about identifying,...

Read more

Trust

Company

Locations

  • Munich | 80339 | Germany
  • Tallinn | 11312 | Estonia

Social media