Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Hazard Analysis and FMEA: the most common approaches to Risk Management for Medical Devices

What is Hazard Analysis?

Hazard Analysis is described as the Risk Management process in ISO 14971. It is a Top-Down type of risk analysis, starting from the end effects - Hazards and Hazardous Situations, and then proceeds backwards to identify the “reasonably foreseeable sequences or combinations of events that can result in a hazardous situation”.

Hazards Analysis can be started early in the device design process, as initial Hazards can be identified simply by analysing the Intended Use of the device and general application. The list of Hazards in Annex C of ISO 14971 can also be used as starting point.

Hazard Analysis approach.png

Let’s take an example of a catheter that is used for heart surgery. It most certainly has hazards related to the interaction of the device with the body (biocompatibility, cleanliness, sterilization), in particular regarding effects on the circulatory system and surrounding tissues.

Being a mechanical device, it can physically damage (scratch, cut, pierce, etc.) the surrounding membranes. If it is electrically powered, then electricity-related hazards can also apply.

What is FMEA?

FMEA (Failure Mode(s) and Effects Analysis) is a “Bottom-Up” type of Risk Analysis. It typically starts from components, subsystems and assemblies and identifies all possible ways they can (reasonably) fail; it then works its way up to find what effects (hazards and hazardous situations) they can result in.

FMEA approach.png


FMEA is a method used in many safety-critical industries in addition to MedTech, like Automotive and Aerospace. Due to its flexibility, this approach can be used for different risk areas, e.g. Use-related Risk Analysis, Cybersecurity risk analysis, and more.

FMEAs can be initiated only when there is, at a minimum, the definition of the product design. The subsystems / software components of the device must be identified, including their functions and interactions.

To continue the catheter example mentioned above, the catheter is composed, at a high level, by a “handle” that the user controls, a flexible tube that navigates the patient’s arteries and a tip with a certain function. Consider what will happen if the handle breaks: the user may lose control of the catheter, resulting in an inadvertent damage to the arteries. What happens if the tube breaks? Part of the catheter may be stuck in the patient’s body and additional surgery may be required to remove it.


What is the Difference between Hazard Analysis and FMEA?

The relationship between the top-down approach of Hazard analysis and the bottom-up approach of FMEA is shown in the diagram below. The main link between the FMEA and the Hazard Analysis is at the Cause level: a certain failure mode has the potential to result in a hazardous situation; and the hazard related to this hazardous situation is caused by (among others) that failure mode.

Hazop and FMEA relation.png

 Example of Hazard Analysis & FMEA in Jira

Let's look at the similarities and differences of the FMEA and the Hazard Analysis with the help of an example, the same catheter as described above. We used the SoftComply Risk Manager Plus app on Jira Cloud, specifically its multi-sheet Risk Table, to highlight how the two approaches connect to each other in device risk management. 

On the upper part of the illustration is a simple FMEA table view - a fragment can detach from the catheter caused by wrong dimensions. The effect is that the fragment can circulate in the bloodstream and cause embolism (hazardous situation):

Connection between Hazop and FMEA.png

 The same case in a top-down approach of Hazard Analysis is depicted on the lower part of the illustration above - the hazard of a loose fragment of the catheter in an embolism, where the fragment can travel through the bloodstream and cause a blockage. This can be caused by the head bolt breaking, because of its wrong dimensions.

Remember that in the Hazard Analysis, the severity rating for a certain harm must always be the same. Similarly, the risk mitigation for the same cause-effect risk items must report the same activities and so should their verification activities.


Different approaches to risk analysis are not mutually exclusive, and can actually complement each other to provide a more exhaustive analysis.

For more information about Medical Device Risk Management app in Jira, check out the SoftComply Risk Manager app in Jira - you can try it out for free for 30 days.
Alternatively, you can schedule a call with the SoftComply team!



Log in or Sign up to comment
AUG Leaders

Atlassian Community Events