Information Technology Reference
In-Depth Information
Finally, and most importantly, risk management reduces the potential for system-
atic errors in the development process and increases the likelihood that the DFSS
team will get it right the first time.
APPENDIX 15.A
Risk Management Terminology
Harm
: Physical injury or damage to the health of people or damage to property or to
the environment caused by software failure, defect, or fault.
Hazard
: The potential source of harm.
Hazard Analysis
: A risk analysis activity that analyzes the software and the usage
of the associated hardware, including any reasonably foreseeable misuse throughout
the life cycle. The analysis is performed in-house or at usage level and results
in mitigations that are at a functional or system requirements level. The primary
emphasis is to identify the list of harms, the causes (hazards) of the harms, the users
affected by the harm, the risk, and to ensure that the system's safety functions and
requirements have been identified for further implementation.
Risk Management Plan
: Includes the scope, defining identification, and a descrip-
tion of the system and the applicability of the plan, a link to the verification plan,
allocation of responsibilities, risk management activities and the review(s), and the
criteria for risk accessibility.
Mitigations
: see risk controls.
Occurrence
: The probability of occurrence of harm. The occurrence should include
the probability that the cause creates the hazardous condition that result in the harm.
Postmarket
: The time or activities after the release of a new software or software
change (e.g., upgrade) into the market place.
Postmarket Monitoring Requirements
: A document that identifies the safety and
effectiveness parameters to be monitored during launch and support stages, the cri-
teria for monitoring, and the actions to be taken if the acceptance criteria have not
been met.
Postmarket Risk Analysis
: Any risk analysis conducted based on post-market risk
data. The postmarket risk analysis initiates the review and/or update of the appropriate
risk management documents.
Postmarket Risk Data
: Any data collected after the product has left the development
stages, including production process data, supplier and supplied data, service data,
complaint data, new customer requirements (actual or regulatory), advisories, warning
and recalls, corrective and preventative action trends, field corrective action trends,
customer's requests for information, and other similar types of data.
Software Requirements
: The requirements are inputs from the Identify DFSS phase
and include marketing or customer requirements, architecture documents, system
requirements, subsystem or component requirements, formulations, production or
servicing requirements, specifications, and so on.
Software Life cycle
: All phases in the software life cycle from the initial de-
velopment through pre- and postapproval until the product's discontinuation (see
Chapter 8).
Search WWH ::
Custom Search