ISO 13485:2016 has a broader view of risk management than in the past. Risks are to be considered in terms of the impact on medical device safety and performance, and in terms of meeting regulatory requirements.For managing quality system process risks, rather than adding a “Risk” section to each Standard Operating Procedure (SOP) as some have suggested, I added a new section to my Quality Manual to address risks for each quality system process, i.e. each SOP. The format of my new Quality Manual risk section is shown below. A row is included in the table for each SOP.
Since my Quality Manual already lists the SOPs, this makes sense to me. And by having all of the risk assessment and control information in this single document, it seems easier to manage than sprinkling risk assessment/control information into each SOP.
Here is how I show risk management in my Quality Manual process interaction diagram.