Skip to content

Managing risk

PS Partnerships work with companies within the medical device, construction, cosmetic, plastics and ATEX sectors to implement risk management processes that comply with regulations and international standards.

Risk is more than a tick box exercise and should be part of the product life-cycle – not just a ‘one and done’ exercise.  The risk management process can be broken down into a number of key steps:

  • Assessment and analysis
  • Evaluation
  • Treatment and control
  • Review

Risk management

Risk management is the process of identifying, monitoring and managing potential risks to minimise the negative impact they have … and can be one of the most overlooked aspects of product design and development.

It’s essential in many sectors, such as medical device and ATEX, for the design and development of safe and effective products.

But, it is often considered to be an isolated activity performed merely to fulfil a regulatory requirement.

ITS NOT!  When done properly risk management involves the design, development and transfer of safe, effective and reliable products to manufacturing, while at the same time identifying, reducing, controlling and monitoring risk throughout the products life-cycle.

Medical Devices

Risk management for medical devices is a regulatory or legal requirement in most countries, and without it you won’t gain approval for releasing to the market.

ISO 14971 provides a framework to identify medical device hazards, assess and control risks and monitor the effectiveness of risk controls throughout the lifetime of the device.

PS Partnerships provides comprehensive training on ISO 14971 and medical device regulations as well as supporting businesses develop, implement and integrate compliant policies and procedures.

Explosive Atmospheres

A potentially explosive atmosphere exists when a mixture of air gases, vapours, mists, or dusts combine in a way that can ignite under certain operating conditions.

Equipment and protective systems intended for use in potentially explosive atmospheres (ATEX) cover a range of products, including those used on fixed offshore platforms, petrochemical plants, mines, and flour mills, amongst others.

Risk analysis and risk assessments are a requirement of Directive 2014/34/EU (of the European Parliament and of the Council of 26 February 2014 on the harmonisation of the laws of the Member States relating to equipment and protective systems intended for use in potentially explosive atmospheres (recast)).  Annex III(3)(c), Annex VIII(2) and Annex IX(2.1) explicitly state that technical documentation must include an adequate risk analysis and risk assessment, covering all risks as well as those being non-typical for explosion protection (e.g. risks caused by voltage, noise or moveable parts).

Information Security

Risk assessments are at the centre of your information security management system.  They help you to assess and manage incidents that have the potential to cause harm to your data.

Risk assessment is one of the most complex parts of ISO 27001 and sets the basis for you information security management system – but vitally important.  Simply put, they are to identify what incidents could occur and implement the most appropriate ways for avoiding such incidents.  By assessing the importance of each risk, focus can be on the key ones.

ISO/IEC 27005: Information security risk management provides guidelines for information security risk management and supports the concepts in ISO 27001.

If you want to simplify your risk management process or implement a new process from scratch

If you want to simplify your risk management process or implement a new process from scratch