Hazard analysis and FMEA

Hazard Analysis and FMEA: the Most Common Approaches to Risk Management for Medical Devices

21 Mar 2024
by Marion
Table of Contents

    What is Hazard Analysis?

    Hazard Analysis is described as the Risk Management process in ISO 14971. It is a Top-Down type of risk analysis, starting from the end effects – Hazards and Hazardous Situations, and then proceeds backwards to identify the “reasonably foreseeable sequences or combinations of events that can result in a hazardous situation”.

    Hazards Analysis can be started early in the device design process, as initial Hazards can be identified simply by analysing the Intended Use of the device and general application. The list of Hazards in Annex C of ISO 14971 can also be used as starting point.

    Let’s take an example of a catheter that is used for heart surgery. It most certainly has hazards related to the interaction of the device with the body (biocompatibility, cleanliness, sterilization), in particular regarding effects on the circulatory system and surrounding tissues. Being a mechanical device, it can physically damage (scratch, cut, pierce, etc.) the surrounding membranes. If it is electrically powered, then electricity-related hazards can also apply.

    What is FMEA?

    FMEA (Failure Mode(s) and Effects Analysis) is a “Bottom-Up” type of Risk Analysis. It typically starts from components, subsystems and assemblies and identifies all possible ways they can (reasonably) fail; it then works its way up to find what effects (hazards and hazardous situations) they can result in.

    It is a method used in many safety-critical industries in addition to MedTech, like Automotive and Aerospace. Due to its flexibility, this approach can be used for different risk areas, e.g. Use-related Risk Analysis, Cybersecurity risk analysis, and more.

    FMEAs can be initiated only when there is, at a minimum, the definition of the product design. The subsystems / software components of the device must be identified, including their functions and interactions.

    To continue the catheter example mentioned above, the catheter is composed, at a high level, by a “handle” that the user controls, a flexible tube that navigates the patient’s arteries and a tip with a certain function. Consider what will happen if the handle breaks: the user may lose control of the catheter, resulting in an inadvertent damage to the arteries. What happens if the tube breaks? Part of the catheter may be stuck in the patient’s body and additional surgery may be required to remove it.

    What is the difference between Hazards analysis & FMEA?

    The relationship between the top-down approach of Hazard analysis and the bottom-up approach of FMEA is shown in the diagram below. The main link between the FMEA and the Hazard Analysis is at the Cause level: a certain failure mode has the potential to result in a hazardous situation; and the hazard related to this hazardous situation is caused by (among others) that failure mode.

    Relationship between Hazard Analysis and FMEA

    We can further compare the two risk management approaches by looking at things like when to start with one or the other approach, what are the inputs and outputs for either as well as the advantages and disadvantages of these approaches.

    CharacteristicHazard AnalysisFMEA
    Type of analysisTop-DownBottom-Up
    InputsIntended Use.
    ISO 14971 hazards list.
    Complaints / Adverse Events for similar devices.
    Other standards such as ISO 10933, IEC 60601.
    Device architecture, detailed design, specifications.
    Preliminary testing.
    Technical knowledge of how used components / technology generally fails.
    Starting pointHazards and Hazardous situationsComponents and failure modes
    End pointCauses, failure modesHazards and Hazardous situations
    When it can be startedEarly in the projectOnce the design architecture is defined
    OutputsEarly identification of critical issues that can lead to significant architectural decisions.Identification of critical components and need for redundancy or details redesign.
    AdvantagesIt does need a lot of design information to be initiated and can provide early, valuable inputs to the architecture.Very detailed, it analyses failures at any level of granularity.Technical in nature.
    DisadvantagesIt is not difficult to miss low level causes, so it cannot go too “deep” into the design.It may miss the “big picture”.


    Let’s look at the similarities and differences of the FMEA and the Hazard Analysis with the help of an example, the same catheter as described above. The illustration below highlights where the two approaches connect to each other in device risk management.

    On the upper part of the illustration is a simple FMEA view – a fragment can detach from the catheter caused by wrong dimensions. The effect is that the fragment can circulate in the bloodstream and cause embolism (hazardous situation):

    The same case in a top-down approach of Hazard Analysis is depicted on the lower part of the illustration above – the hazard of a loose fragment of the catheter in an embolism, where the fragment can travel through the bloodstream and cause a blockage. This can be caused by the head bolt breaking, because of its wrong dimensions.

    Remember that in the Hazard Analysis, the severity rating for a certain harm must always be the same. Similarly, the risk mitigation for the same cause-effect risk items must report the same activities and so should their verification activities.

    To summarize, the main link between the FMEA and the Hazard Analysis is at the Cause level: a certain failure mode has the potential to result in a hazardous situation; and the hazard related to this hazardous situation is caused by (among others) that failure mode.

    Which Risk Management approach is best for my device?

    Hazard Analysis is the bare minimum that any agency or regulatory body would accept for a simple, low-risk device. Increased risk or complexity may make Hazard Analysis insufficient to comprehensively capture all risks; in this case, one or more FMEAs should then be used to complete the picture.

    In general, it is important to remember that different approaches to risk analysis are not mutually exclusive, and can actually complement each other to provide a more exhaustive analysis.

    For more information about Medical Device Risk Management app in Atlassian Jira, check out the  most advanced Risk Management app in Jira – you can try it out for free for 30 days. Alternatively, schedule a call with the SoftComply team!

    Follow us on LinkedIn for more on Risk Management:

    Try us out on

    SoftComply apps are available on Atlassian Marketplace – you can try them all out for free!