ISO 14971 2007 Plain English Introduction


ISO 14971 is an international risk management standard for
medical devices (including in vitro diagnostic medical devices).
It defines a set of medical device risk management requirements.

The purpose of this standard is to help manufacturers to establish
a medical device risk management process that can be used to
identify hazards, to estimate and evaluate risks, and to implement
and monitor the effectiveness of risk control measures.

ISO 14971 was first published in 2000. This second edition was
officially published on March 1, 2007. It cancels and replaces the first
edition. ISO 14971 was developed because no standard existed at the
time and because regulators throughout the world wanted manufacturers
to apply risk management to their medical devices. When the standard
development process began it soon became obvious that “absolute
safety” was not achievable.

In addition, it became clear that product safety standards cannot
deal with all possible risks. There are just too many products and
applications for a product oriented approach to work effectively.
Because of this, and because there was a great need to manage
risks throughout the entire product life-cycle, the standards
development committee decided to prepare ISO 14971.


ISO 14971 applies to all medical device manufacturers and all
medical devices and should be used to manage risk throughout
all stages of the product life-cycle from initial concept right through
to final disposal. It applies to product design, production, and all
post-production activities. Since risks can be introduced throughout
the product life-cycle and since risks that emerge at one point can
often be controlled at a completely different point, ISO 14971
must be used throughout the product’s entire existence.

However, this standard does not apply to clinical decision making.
Whether or not a medical device should be used in the context of a
particular clinical procedure is a matter of judgment. Such judgments
are usually made by qualified health care professionals and are not
regulated by this international standard.


ISO 14971 is widely recognized as the official standard for medical
device risk management. Regulators in most major markets expect
medical device manufacturers to use this standard to manage risk.
ISO 14971 has been officially recognized by the U.S. FDA and by
Health Canada. In addition, the European Union has adopted it as
a harmonized standard and Australia and Japan have accepted it
as the official standard for medical device risk management.

Medical device risk management is now mandatory in most
countries and regions of the world. Every regulated medical device
manufacturer now needs to be able to prove to regulators that they
use risk management methods to control risk and to ensure that
their products are safe.


ISO 14971 does not expect medical device manufacturers to
become certified. You can simply use the standard to manage
risk and then declare that you are in compliance (if you can
demonstrate that this is in fact true).

However, regulators may require certification and your customers
may be more impressed if an independent registrar (certification body)
has confirmed that you use the standard to manage risk and that you
actually are in compliance.

While this standard does not expect you to become certified,
several registrars now offer certification services. Some of these

include BSI, Underwriters Laboratories, Intertek, and SGS.


ISO 14971 describes a risk management process
(Parts 3 to 9) and is organized in the following way:

3. Establish your risk management framework.
4. Perform a risk analysis for each medical device.
5. Evaluate risk for each identified hazardous situation.
6. Develop risk control measures when risk must be reduced.
7. Evaluate the overall residual risk posed by each device.
8. Review risk management process and prepare report.
9. Monitor device during production and post-production.

The following flowchart summarizes this material in diagrammatic form.
It highlights key decision points and lists the steps that should be taken.

ISO 14971 Flowchart


Overview of Medical Device Risk Management Standard

Plain English Medical Device Risk Management Definitions

ISO 14971 Medical Device Standard Translated into Plain English


ISO 31000 2009 Risk Management Library

ISO 13485 Medical Device Quality Management Library

Home Page

Our Libraries

A to Z Index


How to Order

Our Products

Our Prices


Praxiom Research Group Limited      780-461-4514

Updated on May 16, 2016. First published on February 28, 2011.

Legal Restrictions on the Use of this Page
Thank you for visiting this webpage. You are welcome to view our material as often as
you wish, free of charge. And as long as you keep intact all copyright notices, you are also
welcome to print or make one copy of this page for your own personal, noncommercial,
home use. But, you are not legally authorized to print or produce additional copies or to
copy and paste any of our material onto another web site or to republish it in any way.

Copyright 2011 - 2016 by Praxiom Research Group Limited. All Rights Reserved.

Praxiom Research Group Limited