In response to Nichole's question and Beatrice's response, I wish to restate, as has been done several times in this Forum, that no where is there a requirement to use FMEA in any form. In fact, there are limitations on the use of this Reliability tool in Risk Management, including that is NOT a Risk Analysis.
Among its limitations is the fact that it is a single-fault tool, which means It does not meet these two requirements: first, it does not meet the requirement to identify all fault condition hazards, and second, it does not identify normal condition hazards, those where no fault has occurred.
FMEA may be used at the Design Output stage to identify fault conditions which may have safety related effects At that point, this information is transferred out of the FMEA to the Risk Analysis as a Hazard, This is where the use of FMEA in any form, ends and moves to the Risk Management process. FMEA only is used as a tool to identify Hazards in Risk Management and nothing else. Its terminology definitions and usage is different from Risk Management and you can see excellent discussions on the proper use of FMEA in Risk Management such as a recent one by Kevin Randall
Additionally as Beatrice has indicated there are no regulatory requirements to perform any type of FMEA. It is only one tool that may be used when appropriate, which is many times not appropriate. US FDA, for example, may only cite for requirements in the regulations and since FMEA is not in the regulations they may not cite for failures in FMEA. However, if FMEA appears as a requirement in your Quality System, they can cite you for any failure to follow your own quality system.
As for the question about FMEA not appearing in ISO 14971, that is correct, there is no requirement in the standard. However, there is guidance on implementing ISO 14971 in another ISO document ISO TR 24971 which in Annex B describes several tools which may be used in the risk management process including FMEA, but there is not a description on how these tools may be used.
Hopefully we have helped you understand the issues around this topic.
------------------------------
Edwin Bills
Edwin Bills Consultant
ASQ Fellow CQE, CQA, CQM/OE, RAPS RAC
elb@edwinbillsconsultant.comMember, ISO TC 210 JWG1
------------------------------
Original Message:
Sent: 11-Mar-2024 22:11
From: Beatrice NAJEM
Subject: PFMEA
Hi to all, I am aligned with what is said on the absence of a clear law/ standard text requiring in particular the pFMEA to assess manufacturing risk.
However, I would like to underlign the importance of the risk management in the medical devices lifecycle. What a LM is expected to have is a medical device that is safe and efficient from its design to its end of use. I have participed and build manay risk management files for medical devices, my favorites were those that is segmented by life cycle (Design/ manufacturing/ distribution/ use/ end of use).
It means that, you could eventually have a pFMEA or cover manufacturing step in the risk file or both if you bring back the manufacturing risks of the DFMEA to the global Risk assessment keeping consistensies.
I didn't want to add any text reference to what was said below and that was complete from RA point of view. I hope that this would give some practical ideas to assess possibilities that suit you.
good luck !
Béatrice
------------------------------
Beatrice NAJEM
CEO & Founder of Quarex Consulting LLC
Belmont MA
United States
Original Message:
Sent: 02-Mar-2024 20:08
From: Nicole Thibodeau
Subject: PFMEA
Hello,
Is having a pFMEA a requirement? If so, what standard/guidance is there to help create one (I couldn't find it in ISO 14971)? If not, can an auditor list not having a pFMEA as a finding during an ISO 13485 audit?
Thank you in advance!
Best,
Nicole
---------------------------------
Nicole Thibodeau
Regulatory Affairs Specialist II
Hamilton Thorne Inc.
Beverly MA
United States
---------------------------------