ISO 14971 2007 Plain English Dictionary

Accompanying Document - Harm - Hazard - Hazardous Situation - Intended Use

IVD Medical Device - Life-Cycle - Manufacturer - Medical Device - Objective Evidence

Post-Production - Procedure - Process - Record - Residual Risk - Risk - Risk Analysis

Risk Assessment - Risk Control - Risk Estimation - Risk Evaluation - Risk Management

Risk Management File - Safety - Severity - Top Management - Use Error - Verification



2.1 Accompanying document

An accompanying document is one that is formally connected with a
medical device and is distributed to the user or the operator of that device
and to those accountable for its installation, use, and maintenance. The
purpose of an accompanying document is to ensure that the medical
device is used safely and that it is properly installed and maintained.

2.2 Harm

Harm occurs when people are injured physically or their health is
compromised or when property or the environment is damaged

2.3 Hazard

A hazard is a potential source of harm. Annex E.2 categorizes hazards
in the following way: energy hazards, chemical hazards, biological
hazards, operational hazards, and informational hazards.

2.4 Hazardous situation

A hazardous situation occurs when people are exposed to a hazard or
when property or the environment is threatened. A hazardous situation
exists when a vulnerable entity is exposed to a hazard.

2.5 Intended use

A product’s intended use is what it is supposed to be used for according
to the manufacturer’s specifications, instructions, and other information.
It’s the product’s intended purpose. The United States tends to use the
term intended use while Europe prefers the term intended purpose.
Both terms mean essentially the same thing.

2.6 IVD medical devices

An in vitro diagnostic medical device is a manufactured product that has
been designed to be used to examine specimens derived from the human
body and to provide information that is used for diagnostic or monitoring
purposes or to determine compatibility. IVD medical devices include
reagents, calibrators, and specimen collection and storage devices, as
well as control materials and related instruments, apparatuses, or articles
These devices can be used alone or in combination as a system.

2.7 Life-cycle

The life-cycle of a medical device includes all phases from
initial concept and design to production and post-production
and includes final decommissioning and disposal.

2.8 Manufacturer

A manufacturer is a natural or legal person who is responsible for
designing, producing, packaging, labelling, or adapting medical devices
before they are put into service or brought to market, or assembling the
associated systems. The term manufacturer also includes third parties
who have been given these responsibilities.

2.9 Medical device

A manufactured product is defined
as a medical device if it is used to:

  • Cope with human disease.
    • Prevent human disease.
    • Diagnose human disease.
    • Treat human disease.
    • Alleviate human disease.
    • Monitor human disease.

  • Care for human injuries.

    • Diagnose human injuries.
    • Treat human injuries.
    • Alleviate human injuries.
    • Monitor human injuries.
    • Compensate for human injuries.

  • Meet human anatomical needs.

    • Investigate human anatomical issues.
    • Replace human anatomical structures.
    • Modify human anatomical structures.
    • Support human anatomical structures.

  • Maintain human physiological functions.

    • Investigate human physiological functions.
    • Replace human physiological functions.
    • Modify human physiological functions.
    • Support human physiological functions.

  • Support or sustain human life.
  • Control human conception.
  • Disinfect human medical devices.
  • Examine specimens taken from human bodies.

Medical devices can include:

  • Instruments
  • Appliances
  • Implants
  • Machines
  • Software
  • Materials
  • Calibrators
  • Apparatuses
  • In vitro reagents
  • Related articles.

Manufactured products that achieve results by pharmacological,
immunological, or metabolic means are not medical devices. However,
the results achieved by medical devices may be assisted by these means.

In some jurisdictions, the following products may be thought of as
medical devices: products used to assist disabled or handicapped people,
products used to diagnose and treat animal injuries and diseases, products
used as medical device accessories, products used as disinfectants, and
products that incorporate animal or human tissues.

ISO 14971 applies to accessories that facilitate the use of a “parent”
medical device and enable it to fulfill its intended use or purpose.

2.10 Objective evidence

Objective evidence is data that shows or proves that something exists or
is true. Objective evidence can be collected by performing observations,
measurements, tests, or by performing observations, measurements,
tests, or by using any other suitable method

2.11 Post-production

The life-cycle of any medical device can be divided into two phases:
production and post-production. The post-production phase starts
after the design has been completed and the medical device has
been manufactured. The post-production phase includes product
transportation, storage, installation, use, maintenance, and repair
and also covers all product modification, decommissioning, and
disposal activities.

2.12 Procedure

A procedure is a way of carrying out a process or activity.
Procedures may be documented or not documented.

2.13 Process

A process is a set of activities that are interrelated or that interact with
one another. Processes use resources to transform inputs into outputs.

2.14 Record

A record is a type of document. Records provide evidence that
activities have been performed or results have been achieved.

2.15 Residual risk

Residual risk is the risk left over after you’ve taken risk control measures.
It’s the risk remaining after you’ve done one or more of the following:
accepted the risk, avoided the risk, reduced the risk, modified the
consequences, or changed the probabilities.

2.16 Risk

According to ISO 14971, the concept of risk combines two
variables: the probability of harm and the severity of harm.
For example, if a particular hazardous situation is very likely
to cause harm and would be very harmful if it actually occurred,
then it would be a high risk situation. Conversely, if it’s very
unlikely to cause harm and would be only slightly harmful
if it actually occurred, then it would be a trivial risk.

2.17 Risk analysis

Risk analysis is a systematic process that is used to identify hazards
and to estimate risk. It includes an examination of every reasonably
foreseeable sequence or combination of events that could produce
a hazardous situation and cause harm.

2.18 Risk assessment

Risk assessment is a process that is, in turn, made up of two
interconnected processes: risk analysis and risk evaluation.
Risk analysis
is a process that is used to identify hazards and to
estimate risk. Risk evaluation is a process that is used to examine
the estimated risk for each hazardous situation and then to use risk
acceptability criteria to determine whether or not the estimated risk
is acceptable and to decide if risk reduction is required.

2.19 Risk control

Risk control is a process that is used to consider risk control
options and to select and implement risk control measures that
will reduce risk or maintain risk within specified levels. ISO 14971
expects you to consider the following risk control options and,
if possible, to apply them in the following order:

1. Design safety into the product.
2. Establish protective measures.
3. Provide safety information.

2.20 Risk estimation

Risk estimation is a process that is used to assign qualitative or
quantitative probability values and severity values to each hazardous
situation. These values are then used to estimate risk.

For example, if a specific hazardous situation is very likely to cause harm
and would be very harmful if it actually occurred, then it would be a high
risk situation. Conversely, if it’s very unlikely to cause harm and would
be only slightly harmful if it actually occurred, then it would be a trivial
risk. Of course, this is just a simple example. You can use any
appropriate probability and severity categories.

2.21 Risk evaluation

Risk evaluation is a process that is used to examine the estimated
risk for each hazardous situation and then to use risk acceptability
criteria to determine whether or not the estimated risk is acceptable
and to decide if risk reduction is required

2.22 Risk management

Risk management uses policies, procedures, and practices
to systematically analyze, evaluate, control, and monitor risk

2.23 Risk management file

A risk management file must be created for each medical device.
Your risk management file should include all of the records and
documents that your risk management process generates.

Risk management files should contain risk management plans and
are used to record risk analyses, risk evaluations, risk control measures,
and residual risk evaluations. Risk management files are also used to
facilitate traceability and to check whether or not your organization
complies with this ISO 14971 standard.

2.24 Safety

Safety is freedom from unacceptable risk. Risk acceptability criteria
are used to help decide whether or not a risk is unacceptable

2.25 Severity

Severity is a measure of the possible harmful consequences
that a hazard could potentially cause.

2.26 Top management

The term top management refers to a person or a group of people
at the highest level within an organization. In the context of ISO 14971,
it refers to the people who coordinate, direct, and control organizations
that manufacture medical devices.

2.27 Use error

A use error is an act or omission that results in a medical device
response that is either not expected by the user or unintended by
the manufacturer. Use errors include slip-ups, lapses, and mistakes.

2.28 Verification

Verification is a process. It uses objective evidence to confirm
that specified requirements have been met. Whenever specified
requirements have been met, a verified status is achieved. There are
many ways to verify that requirements have been met. For example,
you could do tests, perform demonstrations, carry out alternative
calculations, compare a new design specification with a proven
design specification, or you could inspect documents before
you issue them.

Also see our ISO 13485 Medical Device Quality Management Definitions

Our Risk Management Dictionary is based on ISO 14971, section 2,
Terms and Definitions
. We have translated these definitions into
plain English in order to make them easier to understand.


Introduction to ISO 14971 Risk Management

Overview of ISO 14971 Medical Device Risk Management Standard

ISO 14971 Medical Device Standard Translated into Plain English


ISO 31000 2009 Risk Management Library

ISO 13485 Medical Device Quality Management Library

Home Page

Our Libraries

A to Z Index


How to Order

Our Products

Our Prices


Praxiom Research Group Limited       780-461-4514

Updated on December 2, 2013. First published on February 28, 2011.

Legal Restrictions on the Use of this Page
Thank you for visiting this webpage. You are welcome to view our material as often as
you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright 2011 - 2013 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited