Biomedical Engineering Reference
In-Depth Information
should be clear reference to risk assessments and indeed a list of risk assessments
conducted should be included or linked to the register. A management process should
be in place to review risk management-this may be incorporated into the quality
management review process [18].
(See Table 3.3 for the entire list of questions and answers.)
International agencies are also ensuring that this expectation is being met
through audit observation such as:
There was no risk register to facilitate the management, monitoring, and review of
formal risk assessments ...
” [19]
The expectation for the use of a high level risk summary document such as a
risk register arises from the formal inclusion of the review of risk assessments
during inspections. It is now a well-understood requirement that all organizations
have a system for risk management. The evolution of the use of risk management
in the industry has brought it to a point where a collection of risk assessments
performed on the site need to be managed and reviewed as a whole and not just
as individual assessments. Without a high level risk summary document for a site,
managing (review and communication) of the highest risk items from dozens of
risk assessments becomes unwieldy.
A formal risk register or risk master plan can be seen as mutually beneficial
for both the industry and the regulators. It provides a summary document for
the regulators to review during inspections, and it provides the management of
a manufacturing site a living document that summarizes the high risk items for
their site (see Fig. 3.1).
This high level document will summarize the significant risks of a manufac-
turing site and should provide a brief explanation of the mitigation of those risks
or the current plan to which these risks are being reduced. It is also expected
that the risk register or risk master plan has links to, or has listed within, the
individual formal risk assessments that have been performed at the site. There is
also an expectation that the risk register will include an explanation of the man-
ufacturing site's risk review process, or how often the risk register is reviewed
and residual risk updated.
The risk register will look very similar in form to an FMEA, although some
of the information from the detailed assessments does not need to be transferred
to the register.
3.2.4 Audit of the Risk Management Systems
International health authorities and agencies will set aside time to audit a com-
pany's QRM program. These audits will generally target three areas (see Table 3.4
for a detailed list of typical audit questions).
Search WWH ::




Custom Search