Risk matrix

Risk matrix


Risk levels are based on risk-based management techniques (e.g. device safety, device risks, and device reliability) and can therefore be considered the identification, assessment, and prioritization of risks followed by coordinated and economical application of resources to minimize, monitor, and control the probability and/or impact of unfortunate events or equipment mishaps.

Note: "/" means "or"

Maintenance risk levels with example equipment device types
Risk Level Device Types Inspection Cycles
High Life sustaining or likely to cause death , emergent, one-of-a kind Anesthesia, Ventilators, OR Suites 6 / 12 months
Moderate Urgent, critical, likely to cause injury Infusion Pumps, Defibrillators, ER Suites 6 / 12 months
Low Routine, Poses very little harm vital sign monitors, Scales, etc 12 months
No Significant Risk Routine, Poses no documented harm to the patient stethoscopes, otoscopes, examination tables, veterinary offices 0 months

It is this author's recommendation that no significant risk items still be accountable items for inventory purpose and dollar value accountability but assign a "zero" or "no" scheduled maintenance cycle inspection as part of the risk-based management initiative. These devices would only serve for for unscheduled maintenance work order accountability and hazard device alert tracking. Disclaimer: First always consult OEM recommendations. BiomedGuy 23:05, November 21, 2010 (UTC)

In 2007, the latest revision ISO 14971 standard was published that represents the requirements for a risk management system for medical devices. This International Standard was developed specifically for medical device/system manufacturers using established principles of risk management. For other manufacturers, e.g., in other healthcare industries, this International Standard could be used as informative guidance in developing and maintaining a risk management system and process. Today, It is accepted that the concept of risk has two components:

  • a) the probability of occurrence of harm;
  • b) the consequences of that harm, that is, how severe it might be.

The concepts of risk management are particularly important in relation to medical devices because of the variety of stakeholders including medical practitioners, the organizations providing health care, governments, industry, patients and members of the public. [1]

Risk Matrix[]


Risk Matrix

Before looking at potential methods for combining individual risks to determine an overall risk level, it is first necessary to review the method defined in ISO/IEC 14971: 2000 for establishing individual risk levels. In essence, the standard requires that all hazards (i.e., potential sources of harm) associated with the device be identified. For each of these hazards, the likelihood that the hazard will occur (i.e., the likelihood that the initiating event will happen and, when it does, that there will be exposure to the hazard) must be estimated. Likelihood can be expressed as a numeric probability, or simply as remote, possible, likely, certain, etc. In addition, the potential severity of the harm, which ranges from minor injury through severe injury to permanent injury or death, must be estimated. Finally, likelihood and severity must be combined to establish a risk index. Acceptable methods for combining likelihood and severity include graphically, as in Figure 1, or mathematically, by the following equation:

An additional variable can be included into this new equation to show required maintenance and services. See formula:


(Establishing the likelihood and severity indices typically involves assigning an arbitrary numeric scale—such as 1 through 10—to achieve normalized values). A good management practice and scoring system for "severity" (its the medical device function) could be assigned for life supporting high risk devices a numeric value of "10" (highest value), for moderate risk devices a value of "5" and no significant risk devices a "0" (lowest value). Next, "likelihood" (its the actual perceived risk or harm to a patient or staff) could be assigned for high risk devices that can cause death a numeric value of "5" (highest value), for moderate risk devices that can cause injury a value of "3" and no significant risk devices that can cause no or very little patient harm a "0" (lowest value). Lastly, "required maintenance" (its the average time spent performing maintenance on high risk devices that can cause death a numeric value of "5" (highest value), for moderate risk devices that can cause injury a value of "3" and no significant risk devices that can cause no or very little patient harm a "0" (lowest value). Once all three variable values are combined the result is the higher the numeric value the lower the set preventive maintenance cycle to be set by the manager. For example, the total value for all three variables equals " 20" possible points. So, if we have a ventilator in our inventory and its values are:

  • Severity Index = 10
  • Likelihood Index = 5
  • Required Maintenance/Services = 4

Our sum is 19 points from a total of 20 possible points. This would indicate the ventilator should be set on a cyclic schedule of every 3 or 6 months depending on how you choose to set those values.

A good management practice and scoring system could be set the preventive maintenance intervals:

  • Between 20 to 14 points = 6 months
  • Between 14 to 6 points = 12 months
  • Between 6 to 0 points = 0 months

**disclaimer: the author recommends you set-up the scoring values that best meets your facility requirements and devices you have on inventory.

Both the graphical and mathematical techniques yield essentially identical results, but when one is evaluating individual hazards, the mathematical approach makes the combination of all individual risk indices into an overall risk index for the device appear more straightforward. However, some who perform risk assessment criticize the use of conventional probabilities in these calculations, asserting that the format of these calculations implies an accuracy that is rarely achieved owing to the extensive effort required to maintain adequately high confidence intervals. These individuals also assert that even if such accuracy were achieved, the meaningfulness of that accuracy becomes moot when the probabilities are combined with the severity values. (The severity values are coarse estimations if they are “less than death” or “greater than none.”)

Whether the mathematical or graphical method is used, the standard suggests risk levels be allocated into three basic categories: unacceptable, as low as reasonably practicable (ALARP), and broadly acceptable. Unacceptable risks are just as the name implies—unacceptable under any terms. ALARP risks may be acceptable if an evaluation shows that the resulting residual risk is justified because there are product benefits that offset it. Broadly acceptable risks are those that are low enough in severity, likelihood, or both to be roughly equivalent to the day-to-day risks encountered in ordinary life. Implicit in all three levels, especially in the latter two, is the recognition that “zero risk” does not exist.

Finally, it should be kept in mind that earlier approaches to assessing the risk of medical devices, which used only risk analysis, have been replaced by the life-cycle model inherent in risk management. [3]


  1. "ISO 14971: Medical devices — Application of risk management to medical devices". 2nd Ed. 2007-03-01.
  2. Olaf Dössel, Wolfgang C. Schlegel. "World Congress on Medical Physics and Biomedical Engineering". Scientific Publishing Co. Ltd. pp. 804.
  3. Schmidt, Mike W., "Establishing Overall Risk for Medical Devices". 2003.