Risk management according to the European legislation and EN ISO 14971:2019

Clinical Performance Studies under the IVDR – What’s required, what has changed?

General Background

According to Annex I, Section 3 of Regulation (EU) 2017/45 (EU MDR) manufacturers of medical devices are required to establish, implement, document, and maintain a risk management system to receive approval for their devices in Europe. The harmonized standard EN ISO 14971:2019 defines the specific risk management activities in more detail than provided by the MDR. ISO 14971 provides manufacturers with a framework for application of a systematic approach to manage the risks associated with the use of their medical devices – including in vitro diagnostic medical devices – and is also formally recognized as the risk management standard by regulatory authorities outside of the EU, including the US, Canada, and Australia.

ISO 14971 illustrates the requirements for a risk management process as part of the manufacturers risk management system in a helpful schematic representation:

Key considerations for manufacturers under the EU IVDR include:

Support & Training

Contact AKRA TEAM for support, hands on implementation services and personalized training by experts with key competencies in the areas listed below.

Key points

Key changes that require the manufacturer´s immediate attention:

  • Compliance with the EU MDR requires the manufacturer to establish, implement, document, and maintain a risk management system.

  • Specific risk management activities are defined in the harmonized standard EN ISO 14971:2019 and additional guidance on the application of the requirements of the standard is laid out in the technical report ISO/TR 24971.

  • A clear description of the intended use is a prerequisite for the risk analysis allowing a discrimination between the correct use or correct application of the medical device and its misuse. The intended use includes the medical indication and application (disease type, tissue and part of the body), the intended target treatment population (children, adults, elderly or specific patient groups such as pregnant and lactating individuals), the users and the use environment (lay users at home, professional users in or outside a clinical environment), as well as the operating principle (how the diagnosis or treatment is achieved).

  • The risk management plan is expected to describe a specification of methods that are used to examine qualitative and quantitative aspects of clinical safety with clear explanation how residual risks and side-effects are determined.

  • The overall residual risk of a medical device must be acceptable, and the manufacturer must be able to provide adequate justifications that the benefit-risk ratio for the medical device is favorable.

Our Services

Even though the harmonized standard provides a framework for the risk management process there are still many challenges when implementing the individual process steps for a specific medical device. AKRA TEAM can help you fulfilling your legal obligations in a practical and reasonable way by mitigating your risk and increasing your certification success.


AKRA TEAM can provide training on implementing and maintaining a risk management system according to the requirements laid out in the EU MDR and the harmonized standard EN ISO 14971:2019. This will ensure that your personnel have the appropriate training to perform the risk management tasks assigned to them.

Process and Templates Development

AKRA TEAM can assist creating required SOPs for your risk management process including defining post-production activities as well as providing templates for risk management plan and risk management report.

Gap Assessment

AKRA TEAM offers reviewing your risk management file and providing a gap assessment on all parts of the file, especially, the risk management process, the risk management plan and report, as well as the risk analysis including risk estimation and risk control measures, the conclusion of the benefit-risk evaluation and completeness of disclosed residual risks.


AKRA TEAM can support you in the implementation of your defined risk management activities ensuring that the risk management plan is properly executed and confirming that all information provided is aligned and consistent across the technical documentation. This will also ensure that all clinical risks identified in the clinical evaluation are covered in the risk file.

Continuous update of documentation

AKRA TEAM can help updating your documentation according to information from the production phase and from the post-market surveillance system. This may include improving your processes to facilitate continuous update and evaluation of hazards and their frequency of occurrence, estimates of their associated risks, as well as on the overall risk, benefit-risk ratio, and risk acceptability.

Interested in our services?

Lorem ipsum dolor sit amet, consec tetur adipis cing elit. Ut elit tellus, luctus nec ullam corper mattis, pulvinar dapibus leo.

Scroll to Top
GDPR Cookie Consent with Real Cookie Banner