ISO 14971 Risk File Author
Get Started with This SkillOverview
Guided elaboration of risk management file for medical devices per ISO 14971: hazard identification, risk analysis, risk control, residual risk acceptability, and benefit–risk rationale. Flags risks above acceptability thresholds without control or justification.
Getting Started
Add your source materials to the project workspace, then activate the ISO 14971 Risk File Author skill. The agent will guide you through the process step by step.
Example Conversation
You: Our risk analysis has several risks we’ve marked as “high” or “unacceptable”. I need to make sure each has either risk control or a benefit–risk justification in the risk management report.
Agent: I’ll run
check_risk_acceptance_criteriaon your risk file to find any high/unacceptable risk mentions that don’t have clear risk control or benefit–risk rationale nearby. Then we can add the missing controls or rationale.Agent: The tool found three places where “high” or “unacceptable” risk is mentioned. One has a risk control and residual risk note; the other two don’t yet reference control measures or benefit–risk. I’ve added a “Risk control” and “Benefit–risk (if residual above criteria)” column to your risk table and drafted benefit–risk rationale for the two remaining items, referencing clinical benefit and acceptable residual risk per risk management plan.
You: Keep the rationale; we’ll get approval from the project lead.
Agent: The rationale is in place. Re-run
check_risk_acceptance_criteriaafter any further risk updates to ensure no high/unacceptable risk is left without control or justification.
Sample Output Excerpt
Excerpt from a risk management file: risk evaluation and benefit–risk.
Risk evaluation (excerpt)
| Hazard | Severity | Probability | Risk level | Risk control | Residual risk | Benefit–risk (if above criteria) |
|---|---|---|---|---|---|---|
| Electrical shock (user) | 4 | 2 | High | Double insulation; PE connection; user IFU | Low | N/A (residual acceptable) |
| Incorrect dose (software) | 4 | 3 | Unacceptable | Limits; confirmation step; alarm | Medium | Clinical benefit (therapy) outweighs residual risk; documented in RMR. |
| Latex allergy | 3 | 2 | Medium | Material change to non-latex | Low | N/A |
Risk management report (RMR) documents benefit–risk determination for all residual risks above acceptability criteria per ISO 14971.
Built-in Validation Tools
The skill includes an extension tool that scans risk management documents for acceptability and benefit–risk coverage.
What the tool checks
| Check | check_risk_acceptance_criteria |
|---|---|
| High/unacceptable risk | Looks for “high risk”, “unacceptable”, “above threshold”, severity/probability 4/5 |
| Risk control / justification | Looks for risk control, control measure, mitigation, benefit–risk, benefit outweigh, rationale, residual risk acceptable |
| Findings | WARNING if high/unacceptable risk is present but control or benefit–risk justification is not; INFO when both are present |
| Scope | Focuses on risk analysis / evaluation / residual risk sections |
Example validation output
======================================================================
ISO 14971 RISK ACCEPTANCE & BENEFIT–RISK CHECK
======================================================================
Document: risk-management/risk-analysis.md
--- FINDINGS ---
[WARNING] Document mentions high or unacceptable risk but does not clearly reference risk control measures or benefit–risk justification. Per ISO 14971, risks above acceptability criteria require risk control and/or documented benefit–risk rationale.
[INFO] High/unacceptable risk and control or benefit–risk content found; verify every such risk has explicit control or benefit–risk rationale in the risk management report.
--- SUMMARY ---
Errors: 0
Warnings: 1
======================================================================
Run the tool on your risk management file or risk analysis document after updates; address warnings before design freeze or submission.