FME(C)A or FMEA?

June 29, 2017

FMEA or FMECA?

Criticality or not? Which one is better? Which one should you use?

The answer is simple: it depends.

You are probably fed up with the “it depends” answers you get in this sector.

But in this case it means “It depends on YOU”.

First the compliance bit: there is no requirement, in ISO 13485, 21 CFR 820, ISO 14971 that prescribes you have to pick one rather than the other.

It’s not even a requirement to have a FME(C)A at all.

The only requirement is to identify the hazards, the related harms and the appropriate causes. A top down analysis.

So which one is better?

It is a case by case decision (which is another way to say “it depends”, I know…)

This is our point of view on the matter:

1) You should have at least one FMECA (usually the one at a system level) that talks directly to the Top-Down analysis. Risk mitigation actions should be reported in the latter, so you will have only 1 document that will dictate the acceptability of each risk.

2) All the other bottom-up analyses should be FMEAs, limiting the effect to the local level (i.e. what happens to the subsystem covered by the FMEA)

3) FMEAs are general tools that you can use for any purpose, not necessarily to determine the acceptability of risks. A typical use (where the concept of RPN comes from – Risk Prioritization Number) is to identify the areas of higher risk to distribute resources and effort more effectively.

It is also good practice to ensure that it is aligned with your top-down analysis, and this is particularly important for a FMECA; in this case it is strongly recommended to have some sort of automated traceability software, otherwise you will soon get lost in the web of links.

We help medical device companies fast-track the development of their Quality Management System and automate their compliant Risk Management with the help of our Atlassian add-ons for Confluence and JIRA.

Table of Contents

Ready to get started?

Contact us to book a demo and learn how SoftComply can cover all your needs

Xray SoftComply Risk Based Testing Solution
Picture of Marion Lepmets

Marion Lepmets

CEO
July 7, 2026

Risk management is a critical part of product development and QA, especially in regulated industries where every feature must meet strict safety and compliance standards. Yet, as teams move faster in agile environments, managing the connection between risk and testing often becomes messy or manual. What if your risk management...

Frictionless CISO in Jira
Picture of Marion Lepmets

Marion Lepmets

CEO
July 2, 2026

What if your next ISO 27001 audit required almost no preparation? That’s exactly how Lemuel Valdez, CISO at Cobham Satcom, approaches security. Instead of scrambling to collect evidence before an audit, he builds systems where audit readiness is simply a byproduct of everyday work. “Controls, risk approvals, documents and evidence...

e-signature
Picture of Matteo Gubellini

Matteo Gubellini

Regulatory Affairs Manager
June 30, 2026

Not every Confluence e-signature app is designed for regulated industries. This guide explains how to evaluate Atlassian Marketplace apps against 21 CFR Part 11 and choose the right solution for MedTech, pharma, and biotech teams. Looking for an E-Signature App for Confluence? Open the Atlassian Marketplace and search for electronic...