Od-2044 - Ed 2 4-Tracking

IECEE OD-2044
Edition 2.43 20219-06
IECEE
OPERATIONAL DOCUMENT
IEC System of Conformity Assessment Schemes for Electrotechnical

Equipment and Components (IECEE System)
Committee of Testing Laboratories (CTL)
Evaluation of Risk Management in medical electrical equipment according

to the IEC 60601-1 & ISO/IEC 80601-1 Series of Standards
IECEE OD-2044:20219-06(EN)
THIS PUBLICATION IS COPYRIGHT PROTECTED
Copyright © 2019 20210 IEC, Geneva, Switzerland
All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form
or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from
either IEC or IEC's member National Committee in the country of the requester.
If you have any questions about IEC copyright or have an enquiry about obtaining additional rights to this publication,
please contact the address below or your local IEC member National Committee for further information.
IEC Central Office Tel.: +41 22 919 02 11

3, rue de Varembé Fax: +41 22 919 03 00
CH-1211 Geneva 20 [email protected]
Switzerland www.iec.ch
About the IEC

The International Electrotechnical Commission (IEC) is the leading global organization that prepares and publishes
International Standards for all electrical, electronic and related technologies.
About IEC publications
The technical content of IEC publications is kept under constant review by the IEC. Please make sure that you have the
latest edition, a corrigenda or an amendment might have been published.
Useful links:
IEC publications search - Electropedia - www.electropedia.org

webstore.iec.ch/advsearchform The world's leading online dictionary on
The advanced search enables to find IEC electrotechnology, containing more than 22 000
publications by a variety of criteria (reference terminological entries in English and French, with
number, text, technical committee,…). It also gives equivalent terms in 16 additional languages. Also
information on projects, replaced and withdrawn known as the International Electrotechnical
publications. Vocabulary (IEV) online.
IEC Just Published - IEC Glossary - std.iec.ch/glossary
webstore.iec.ch/justpublished 67 000 electrotechnical terminology entries in
Stay up to date on all new IEC publications. Just English and French extracted from the Terms and
Published details all new publications released. Definitions clause of IEC publications issued since
Available online and once a month by email. 2002. Some entries have been collected from earlier
publications of IEC TC 37, 77, 86 and CISPR.
IEC Customer Service Centre -
webstore.iec.ch/csc
If you wish to give us your feedback on this publication or
need further assistance, please contact the Customer
Service Centre: [email protected].
–2– IECEE OD-2044:20219 © IEC 2021019
Contents
Contents ................................................................................................................................. 2
FOREWORD .......................................................................................................................... 3
1 Scope.............................................................................................................................. 4
2 Reference documents ..................................................................................................... 4
3 Terms and definitions ...................................................................................................... 4
4 Application of Risk Management Principle for IEC 60601 series CB Scheme investigations
....................................................................................................................................... 5
5 Assessment of Risk Management principles in the IEC 60601 series CB Scheme
investigations .................................................................................................................. 5
6 Clause mapping guide IEC 60601 / ISO 14971 .............................................................. 18
Annex A - ISO 14971:2000 Checklist (Informative) ............................................................... 51
Annex B - ISO 14971:2007 Checklist (Informative) ............................................................... 53
Disclaimer: This document is controlled and has been released electronically.

Only the version on the IECEE Website is the current document version
IECEE OD-2044:20219 © IEC 2021019 –3–
FOREWORD
Document Owner
CTL ETF-3 “MEAS, MED”
History of changes
Date Brief summary of changes

Document reviewed no changes required and new document
2018-06-30
template implemented.
2021-01-01 Document reviewed. No changes required
Effective date Next maintenance due date

20219-06-30 20241-06-30

–4– IECEE OD-2044:20219 © IEC 2021019
1 Scope
The scope of this procedure is to provide a uniform approach to the CBTL and Manufacturer on how to assess
and document compliance with the relevant clauses of IEC 60601 standard series related to the standard
ISO 14971.
2 Reference documents
IEC 60601-1:2005, Medical electrical equipment - Part 1: General requirements for basic safety and essential
performance
IEC 60601-1:2005 Incl. Am 1:2012, Medical equipment – Part 1: General requirements for basic safety and
essential performance (Also known as IEC 60601-1:2005 + A1:2012)
IEC 60601-1-2:2007, Medical electrical equipment - Collateral standard: Electromagnetic compatibility -

Requirements and tests
Note: The RM requirements are addressed through the IEC 60601-1:2005
IEC 60601-1-3:2008, Medical electrical equipment - Collateral Standard: Radiation protection in diagnostic X-
ray equipment
IEC 60601-1-6:2010, Medical electrical equipment - Collateral Standard: Usability
IEC 60601-1-8:2006, Medical electrical equipment - Collateral Standard: General requirements, tests and
guidance for alarm systems in medical electrical equipment and medical electrical systems
IEC 60601-1-10:2007, Medical electrical equipment - Collateral Standard: Requirements for the development of
physiologic closed-loop controllers
IEC 60601-1-11:2010, Medical electrical equipment - Collateral Standard: Requirements for medical electrical
equipment and medical electrical systems used in the home healthcare environment
IEC 62366:2007, Medical devices – Application of usability engineering to medical devices
IEC 62304:2006, Medical device software – Software life cycle processes
ISO 14971:2000, Medical devices – Application of risk management to medical devices
ISO 14971:2007, Medical devices – Application of risk management to medical devices
IEC60601_1G, IECEE Test Report Form - IEC 60601-1: 2005 + CORR. 1(2006) + CORR 2 (2007)
IEC60601_1H, IECEE Test Report form - IEC 60601-1: 2005 + AM1 (2012)
3 Terms and definitions

For the purposes of this Operational Document, the terms and definitions of ISO 14971 standard and
IEC 60601 standard series apply.
For the purpose of this document, the Risk Management Process is a management system intended to address
all activities related to ISO 14971.
For the purpose of this document, unless otherwise specified, the following conventions are used:
• IEC 60601-1:2005 or IEC 60601-1:2005 + A1:2012 designates "the general standard" alone;
• IEC 60601-1 designates reference to IEC 60601-1:2005 and IEC 60601-1:2005 + A1:2012
• IEC 60601-1-nn designates a specific collateral standard (this applies for all the collateral standards
stated in this document where “nn” is the number of the collateral)
IECEE OD-2044:20219 © IEC 2021019 –5–
• IEC 60601 series designates the combination of the general standard IEC 60601-1:2005/IEC 60601-
1:2005 + A1:2012 and the collateral standards IEC 60601-1-nn.
• ISO 14971 designates references to ISO 14971:2000 and ISO 14971:2007
4 Application of Risk Management Principle for IEC 60601 series CB Scheme investigations
4.1 General
The third edition of IEC 60601-1:2005 is the primary standard in a series of standards that covers safety and
essential performance of medical electrical equipment. It is the first IEC standard in the scope of the CB
Scheme that incorporates risk management principles according to ISO 14971:2000. The introduction of Risk
Management is the reason for this Operational Document.
The existence of a CB Test Certificate does not solely establish legal market entry. However, it could be used
to help substantiate a request for legal market access.
This Operational Document is related solely to the IECEE CB Scheme and is intended for use by those
individuals with a working knowledge of risk management for medical electrical equipment and the provisions
of the IEC 60601 series.
NOTE: IEC 60601-1:2005 + A1:2012 incorporates risk management principles according to ISO 14971:2007.
5 Assessment of Risk Management principles in the IEC 60601 series CB Scheme

investigations
5.1 General principles
There is a general requirement to perform the risk management process as specified in ISO 14971:2000
(IEC 60601-1:2005, Clause 4.2.) or ISO 14971:2007 (IEC 60601-1:2005 + A1:2012, Clause 4.2.2).
The registration to ISO 13485 is not sufficient to demonstrate that a risk management process compliant with
ISO 14971 requirements is performed. There can be no investigation to IEC 60601 series without the
manufacturer’s Risk Management File being available, unless specifically permitted by the rules of the CB
Scheme.
The CB Test Report and Certificate confirms that there is a Risk Management Process performed which
complies with the risk management requirements of IEC 60601 series and the applicable requirements of ISO
14971. This does not mean that a complete Risk Management System in compliance with ISO 14971 is in
place. The CB Test Report is only a snapshot in time and does not necessarily assess all top management
responsibilities.
Several clauses of ISO 14971 define the requirements for the application of the Risk Management Process to
“the particular medical device being considered”. When those clauses of ISO 14971 are used to address Risk
Management requirements in IEC 60601-1, the verification shall confirm whether the Risk Management
Process is correctly applied to the particular Device Under Evaluation/Test.
A separate certification of registration to ISO 14971 indicates that a risk management system conforming to
ISO 14971 is in place, but does not necessarily provide the risk management device specific documentation to
meet the requirements of IEC 60601 series. IEC 60601 series requires specific Risk Management activities to
be done and the CB Test Report requires objective evidence that these activities have been performed for the
Device Under Test.
A CB Scheme Test Certificate does not imply that an audit of the manufacturer’s Risk Management System
was conducted.
In view of the above and similar to the second edition, the CB Test Report according to IEC 60601-1 is not
necessarily a guarantee of certification by an accepting NCB.
A certificate of registration may be requested for local or regional certification to IEC 60601 series as it relates
to follow-up services. There may be differences in requirements that are the subject of local legal market entry
requirements.
–6– IECEE OD-2044:20219 © IEC 2021019
5.2 Implementation of ISO 14971 into the IEC 60601 series
In the clauses of IEC 60601-1 series there are three types of references to ISO 14971 Risk Management
requirements:
a) Direct reference to Risk Management Process as specified by ISO 14971 (for example clause 4.2 or
4.2.2).
b) Test related references to give appropriate alternative to the application of laboratory testing with
specific pass/fail criteria or to select appropriate tests to be performed on the specific product (for
example clause 5.7).
c) Indirect reference to offer additional elements to be considered in the implementation of the Risk
Management Process specified by ISO 14971 for the specific product. (for example clause 14.1)
The manufacturer can also identify alternative means to provide an equivalent safety level to IEC 60601 series.
The manufacturer may implement new and original approaches to developing effective means of protection
against unacceptable risks. The manufacturer must verify that the residual risks that result from applying the
alternative means are equal to or less than the residual risks that result from applying the requirements of IEC
60601 series. All these activities must be performed in accordance with the requirements of ISO 14971.
Clause 4.2 of IEC 60601-1:2005 and Clause 4.2.2 of IEC 60601-1:2005 + A1:2012 do not require post market
monitoring (e.g. clause 9 of ISO 14971) of the effectiveness of the risk control measures
Tables appended in Clause 6 of this Operational Document provide mapping with all the clauses of
IEC 60601-1 and the IEC collaterals standards which require risk management, and the applicable clauses in
ISO 14971. These tables provide guidance and considerations for application and assessment of RM criteria.
5.3 ISO 14971:2000 (1 st edition ) and ISO 14971:2007 (2 nd edition)

The process of standards development progresses over a significant length of time. The IEC 60601 series of
standards to which this Operational Document refers were published between 2005 and 2010. When IEC
60601-1:2005 was published and consequentially its collateral standards published, the risk management
standard used as reference was the ISO 14971:2000.
This situation is not valid when referring to IEC 60601-1-6:2010 which includes a direct link to IEC 62366:2007.
The IEC 62366:2007 also refers directly to ISO 14971:2007. This situation is also not valid when referring to
IEC 60601-1:2005 + A1:2012 which also makes a direct reference to ISO 14971:2007.
For this reason, in the tables appended that provide mapping with all the clauses of IEC 60601 series, the
following references have been made:
• ISO 14971:2000 clauses are used to address the risk management process required by IEC 60601-1 series
aligned with IEC 60601-1:2005;
• ISO 14971:2007 clauses used to address the risk management process required by IEC 60601-1 series
aligned with IEC 60601-1:2005 + A1:2012;
• ISO 14971:2007 clauses are used to address the risk management process required by IEC 62366:2007
(IEC 60601-1-6:2010).
5.4 Description of ISO 14971 clauses application in regards to IEC 60601-1 standard
The following Table is a guidance document. Refer to standard ISO 14971 for more detailed requirements and
supporting rationales. This table explains what action or evidence is required for each clause of ISO 14971.
IEC 60601-1 TRF – RM RESULTS TABLE 4.2 – Risk Management Process
4.2 RM RESULTS TABLE: Risk Management Process for ME Equipment or ME P

Systems
Clause Document Ref. in RMF Result – Remarks Verdict
of ISO (Document No. and - What type of objective evidence would be
14971 paragraph) required in the Document Ref.
– Main topic of clause
IECEE OD-2044:20219 © IEC 2021019 –7–
3.3a Management Requires that the manufacturer define and document P
(2000) or responsibilities the policy for determining criteria for risk
3.2 acceptability; this policy ensures that criteria are
(2007) based upon applicable national or regional
regulations and relevant International Standards, and
takes into account available information such as the
generally accepted state of the art and known
stakeholder concerns. The CBTL must review the
manufacturer’s policy and verify that it meets these
requirements. This review is done once, as is
recommended to be completed early in the risk
management review process.
ISO 14971:2007, additionally requires an
assessment to ensure the manufacturer will
allocate sufficient resources and assign trained
personnel to the risk management process
3.3 (2007 Qualification of Requires the personnel performing risk management P
only) personnel tasks to have the appropriate knowledge and
experience for the tasks assigned to them. This
includes knowledge and experience related to the
medical device(s), their use, technologies involved
and risk management techniques. The manufacturer
is required to maintain qualification records
3.5e Risk management plan The criteria for risk acceptability are based on the P
(2000) or manufacturer’s policy for determining acceptable risk,
3.4 including criteria for accepting risks when the
(2007) probability of occurrence of harm cannot be
estimated. The manufacturer’s risk management
process must include the risk acceptability criteria.
The CBTL must review the manufacturer’s risk
acceptability criteria and verify that it meets
established requirements. This review is done once,
as is recommended to be completed early in the risk
management review process
3.5 (2007 Risk management file Requires the manufacturer to estabilish and maintain P
only) a file containing the results of the risk management
activities including all documentation requirements
specified in ISO 14971 and traceability for each
identified hazard to: the risk analysis, the risk
evaluation, risk control measures and acceptance of
residual risks
4.1 Risk analysis process Risk analysis shall be performed for the particular P
medical device as described in 4.2 to 4.4. The
implementation of the planned risk analysis activities
and the results of the risk analysis shall be recorded
in the risk management file.
In addition to the records required in 4.2 to 4.4, the
documentation of the conduct and results of the risk
analysis shall include at least the following:
a) a description and identification of the medical
device that was analyzed;
b) identification of the person(s) and organization who
carried out the risk analysis;
c) scope and date of the risk analysis

–8– IECEE OD-2044:20219 © IEC 2021019
4.2 Intended use and For the particular medical device being considered, P
identification of the manufacturer documents the intended use and
characteristics related reasonably foreseeable misuse. The manufacturer
to the safety of the identifies and documents those qualitative and
quantitative characteristics that could affect the safety
medical device of the medical device and, where appropriate, their
defined limits. This documentation shall be
maintained in the risk management file. The CBTL
must review the risk management file and verify that
based on the device, the manufacturer has complied
with these requirements. Note that the identification
of characteristics that could affect safety, needs to
include those hazard based requirements from the
IEC 60601 series of standards where clause 4.2 of
ISO 14971 is a required element. This review repeats
for each IEC 60601 series hazard based risk
management requirement.
4.3 Identification of The manufacturer compiles documentation on known P
hazards and foreseeable hazards associated with the medical
device in both normal and fault conditions. The
manufacturer processes identified risks through
hazard identification→event(s) or circumstance(s)
leading to a hazardous situation→hazardous
situation→event(s) or circumstance(s) leading to
harm→harm→who or what is harmed. For those
hazard based requirements that are applicable to the
medical device, the CBTL uses this information for
completing clause 4.3 and 4.4 of the IECEE Risk
Management Results Tables. The CBTL reviews and
verifies compliance for all of the applicable hazard
based risk management requirements.
4.4 Estimation of the The manufacturer determines and documents P
risk(s) for each rreasonably foreseeable sequences or combinations
hazardous situation of events that can result in a hazardous situation and
records the resulting hazardous situation(s).
For each identified hazardous situation, the
manufacturer estimates the associated risk(s) using
available information or data. For hazardous
situations for which the probability of the occurrence
of harm cannot be estimated, the possible
consequences shall be listed for use in risk evaluation
and risk control. The results of these activities shall
be recorded in the risk management file.
Any system used for qualitative or quantitative
categorization of probability of occurrence of harm or
severity of harm shall be recorded in the risk
management file.
The CBTL reviews the risk analysis and risk
estimation and enters verification of each of the
hazards based risk management analysis and risk
estimation in the test results table.

IECEE OD-2044:20219 © IEC 2021019 –9–
5 Risk evaluation For each identified hazardous situation, the P
manufacturer shall decide, using the criteria defined
in the risk management plan, if risk reduction is
required. If risk reduction is not required, the
requirements given in 6.2 to 6.6 do not apply for this
hazardous situation. The results of this risk evaluation
shall be recorded in the risk management file.
The CBTL reviews the manufacturer’s risk evaluation
for each hazard based risk required by the IEC 60601
series of standards and enters a verdict in the Risk
Management Results Table. The CBTL uses this
information for test plans and conducting tests.(e.g.
unacceptable performance becomes essential
performance).
6.1 Risk reduction When risk reduction is required, risk control activities, P
as described in 6.2 to 6.7, shall be performed.
6.2 Risk control option The manufacturer identifies risk control measure(s) P
analysis that are appropriate for reducing the risk(s) to an
acceptable level. The manufacturer uses one or more
of the following risk control options in the priority
order listed:
a) inherent safety by design;
b) protective measures in the medical device itself or
in the manufacturing process;
c) information for safety
The manufacturer records the risk control measure(s)
in the risk management file.
If, during risk control option analysis, the
manufacturer determines that required risk reduction
is not practicable, the manufacturer shall conduct a
risk/benefit analysis of the residual risk (proceed to
6.5).
The CBTL reviews the manufacturer’s chosen risk
control measure(s) for each hazard based
requirement from IEC 60601 series of standards and
documents their findings in the Risk Management
Results Tables in the TRF.
6.3 Implementation of risk The manufacturer implements the identified risk P
control measure(s) control measure(s). The manufacturer verifies the
implementation of each hazard based risk control
measure. The effectiveness of the risk control
measure(s) shall be verified and the results shall be
recorded in the risk management file.
The CBTL reviews manufacturer’s implementation,
verification and effectiveness of risk control
measure(s) for each hazard based requirement from
IEC 60601 series of standards and documents their
findings in the Risk Management Results Tables in
the TRF.

– 10 – IECEE OD-2044:20219 © IEC 2021019
6.4 Residual risk After the risk control measures are applied, the P
evaluation manufacturer evaluates any residual risk using the
criteria defined in the risk management plan. The
results of this evaluation are recorded in the risk
management file.
If the residual risk is not judged acceptable using
these criteria, then the manufacturer applies further
risk control measures.
For residual risks that are judged acceptable, the
manufacturer decides which residual risks to disclose
and what information is necessary to include in the
accompanying documents in order to disclose those
residual risks.
The CBTL reviews the manufacturer’s residual risk
analysis, risk control looping where necessary, and
their determination of information to be included in
the accompanying documents. The CBTL verifies
compliance with these requirements and records their
findings in the Risk Management Results Tables of
the TRF for each hazard based risk management from
the IEC 60601 series of standards.
6.5 Risk/benefit analysis If the residual risk is not judged acceptable using the P
criteria established in the risk management plan and
further risk control is not practicable, the
manufacturer may gather and review data and
literature to determine if the medical benefits of the
intended use outweigh the residual risk. If this
evidence does not support the conclusion that the
medical benefits outweigh the residual risk, then the
risk remains unacceptable. If the medical benefits
outweigh the residual risk, then proceed to 6.6.
For risks that are demonstrated to be outweighed by
the benefits, the manufacturer shall decide which
information for safety is necessary to disclose the
residual risk.
The CBTL is responsible for carefully reviewing the
manufacturers’ risk management file and entering
their findings in the Risk Management Results table.
6.6 Risks arising from risk The manufacturer reviews the effects of the risk P
control measures control measures with regard to:
a) the introduction of new hazards or hazardous
situations;
b) whether the estimated risks for previously
identified hazardous situations are affected by the
introduction of the risk control measures.
The manufacturer processes newly identified hazards
or hazardous situations through their risk
management process and reprocesses risks that are
affected by the introduction of risk control measures
through initial risk estimation, risk evaluation and if
necessary, risk control.
The CBTL reviews the manufacturers’ risk
management file and records their findings in the TRF
Risk Management Results Table.

IECEE OD-2044:20219 © IEC 2021019 – 11 –
6.7 Completeness of risk The manufacturer ensures that the risk(s) from all P
control identified hazardous situations have been considered.
The results of this activity are recorded in the risk
management file.
management file and records their findings in the Risk
Management Results Table
7 Evaluation of overall After all risk control measures have been P
residual risk implemented and verified, the manufacturer decides if
acceptability the overall residual risk posed by the medical device
is acceptable using the criteria defined in the risk
management plan.
If the overall residual risk is not judged acceptable
using the criteria established in the risk management
plan, the manufacturer may gather and review data
and literature to determine if the medical benefits of
the intended use outweigh the overall residual risk. If
this evidence supports the conclusion that the
medical benefits outweigh the overall residual risk,
then the overall residual risk can be judged
acceptable. Otherwise, the overall residual risk
remains unacceptable.
For an overall residual risk that is judged acceptable,
the manufacturer shall decide which information is
necessary to include in the accompanying documents
in order to disclose the overall residual risk.
management file regarding their overall residual risk
and records a verdict in the TRF Risk Management
Results Table.
8 (2007 Risk management Requires the manufacturer to prepare a report prior to P
only) report commercial release documenting a review of the risk
management process (specific to activities on specific
devices). The report is intended to ensure that the
risk management plan was properly implemented, the
overall residual risk is acceptable and there are
appropriate methods in place to collect and analyze
production and post-production information.
The portion of the requirement related to production
and post-production information is outside the scope
of assessment under the IECEE CB Scheme
5.5 Evaluating RISK - HAZARDS identified in the IEC 60601-series

The requirements of this standard shall be applied in the following way when evaluating RISK:
a) Where this standard or its collateral or particular standards specify requirements addressing particular
HAZARDS, together with specific acceptance criteria, compliance with these requirements is presumed
to establish that the RESIDUAL RISKS have been reduced to acceptable levels unless there is
OBJECTIVE EVIDENCE to the contrary.
EXAMPLE 1: Sub-clause 8.5.1.2, MEANS OF PATIENT PROTECTION (MOPP)
EXAMPLE 2: Sub-clause 9.4.2.1, Instability in transport position

Compliance is checked by satisfying the relevant requirements of this standard and its collateral and
particular standards.

– 12 – IECEE OD-2044:20219 © IEC 2021019
b) Where this standard or its collateral or particular standards specify requirements addressing particular
HAZARDS but do not provide specific acceptance criteria, the MANUFACTURER shall provide the
acceptance criteria for which the RESIDUAL RISK shall be acceptable according to the criteria for RISK
acceptability recorded in the RISK MANAGEMENT plan.
EXAMPLE 3: Sub-clause 9.8.3.3, Dynamic forces due to loading from persons (Note: IEC 60601-1:2005
+ A1:2012 removes reference to unacceptable RISK and replaces the text with reference to maintaining
BASIC SAFETY and ESSENTIAL PERFORMANCE)
EXAMPLE 4: Sub-clause 11.6.3, Spillage on ME EQUIPMENT and ME SYSTEM

Compliance is checked by confirming that the documentation in the RISK MANAGEMENT FILE
demonstrates that after applying the specific requirements of this standard and the acceptance criteria
determined by the manufacturer the RESIDUAL RISK is acceptable using the criteria for RISK
acceptability recorded in the RISK MANAGEMENT plan, i.e. no unacceptable RISK remains. Only the
relevant parts of the RISK MANAGEMENT FILE need to be reviewed, e.g. MANUFACTURER'S
calculations or test results, or the determination of RISK
c) Where this standard or its collateral or particular standards identify particular HAZARDS that have to be
investigated without providing specific technical requirements:
– The MANUFACTURER shall determine whether such HAZARDS exist for the particular ME
EQUIPMENT or ME SYSTEM, and
– where such HAZARDS exist for the particular ME EQUIPMENT or ME SYSTEM, the
MANUFACTURER shall evaluate and (if necessary) control these RISKS following the RISK
MANAGEMENT PROCESS specified in 4.2/4.2.2.
EXAMPLE 5: Sub-clause 10.2, Alpha, beta, gamma, neutron and other particle radiation Compliance is
checked by confirming that the documentation in the RISK MANAGEMENT FILE demonstrates that the
RESIDUAL RISK is acceptable using the criteria for RISK acceptability recorded in the RISK
MANAGEMENT plan, i.e. no unacceptable RISK remains.
Only the relevant parts of the RISK MANAGEMENT FILE need to be reviewed, e.g. MANUFACTURER'S
calculations or test results, or the determination of RISK acceptability.
NOTE: When ME EQUIPMENT or an ME SYSTEM has been designed in such way that for a certain type of HAZARD no
HAZARDOUS SITUATION exists, no further RISK ASSESSMENT for that HAZARD is necessary. This can be verified by tests
or inspections.
5.6 Evaluating RISK - HAZARDS not identified in the IEC 60601-series
For HAZARDS that are identified for the particular ME EQUIPMENT or ME SYSTEM but are not specifically
addressed in the Standard IEC 60601-1 or its collateral or particular standards, the MANUFACTURER shall
address those HAZARDS in the RISK MANAGEMENT PROCESS as specified in 4.2.2.
EXAMPLE 6: ME EQUIPMENT or an ME SYSTEM for which there are particular RISKS but no particular
standard
Compliance is checked by inspection of the RISK MANAGEMENT FILE.

Clause 4.2 of ISO 14971 has caused confusion when used with the IEC 60601 series of standards. The
manufacturers Intended Use statement is information that the CBTL can use to understand the intended
purpose of the product. The manufacturer must identify and document a list of qualitative and quantitative
characteristics that could affect safety. Where clause 4.2 of ISO 14971 is called out in the hazard based
clauses of IEC 60601 series, the CBTL must use the manufacturers’ list of qualitative and quantitative
characteristics that could affect safety. For example, high humidity for extended period of time, the
manufacturer should have identified and documented the intended use environment.
One of the IEC 60601-1:2005 risk management requirements is process based and not hazard based. This
requirement will not be found in the manufactures hazard identification. The process based clause is 4.2 and it
is expected that the manufacturer will have implemented appropriate system procedures to address this
clause.

IECEE OD-2044:20219 © IEC 2021019 – 13 –
Four of the elements (requirements) of ISO 14971 only require single use/review including 3.3 a), 3.5 e), 6.7
and 7 since they are process requirements rather than hazard based requirements. Note that not all of the
elements (requirements) of ISO 14971 are required by the IEC 60601 series of standards.
The manufacturer addresses the hazard based clauses of the IEC 60601 series of standards according to the
ME Equipment. The Risk Management Results Tables in the TRFs are based on the requirements of the IEC
60601 series of standards. For a specific hazard, a manufacturers’ risk management file may go beyond the
specific Risk Management Results Table, or the manufacturers’ risk management file may use only a portion of
the risk management elements and, therefore, it is acceptable to enter NA into some of the identified ISO
14971 Risk Management Results Table clauses based on the specific risk for the ME Equipment.
For hazard based risk management requirements, the flow diagram below shows the steps that the
manufacturer must consider. For example, if they complete risk evaluation with an acceptable level of risk, they
may not proceed to risk control.
5.7 Risk Management Flowchart (Reference to the ISO 14971:2007, 2 nd edition – Figure B.1)
The following flowchart is used to process each identified hazard

– 14 – IECEE OD-2044:20219 © IEC 2021019
Start
Intended Use and identification of qualitative and quantitative

characteristics related to safety (4.2)
Risk Analysis
Identify known or foreseeable hazards (risk analysis) (4.3)
Estimate risk(s) for hazardous situation(s) (4.4)
No
Evaluation
Is risk reduction necessary? (5)

Risk
Yes
Identify appropriate risk control measure(s), record risk control

requirements (6.2)
No
Is the risk reducible? (6.2)
Yes
Implement, record and verify appropriate measures (6.3)
No
Is residual risk acceptable? (6.4)
Risk Control
Yes Do medical benefits

Yes outweigh the residual
risk? (6.5)
No
Are new hazards or hazardous situations

Yes introduced or existing risks affected?
(6.6)
No
Are all identified hazards considered?

No
(6.7)
Yes
Residual Risk
Evaluation
Do medical benefits outweigh

No No
the overall residual risk? (7)
Is the overall residual risk acceptable?
(7)
Yes
Yes
Prepare risk management report (8)

Production Information
Production and Post
Review production and post production information (9) Unacceptable
Required by the
IEC 60601 Series
of Standards
Yes Is reassessment of risk necessary? (9) No
Color
Key Not required by
the IEC 60601
Series of
Standards

IECEE OD-2044:20219 © IEC 2021019 – 15 –
5.8 IEC 60601-1 Test Report Form (TRF)
To assess the requirements for Risk Management process required by IEC 60601 series, the CB Scheme
utilizes Risk Management Results tables within the IEC 60601 series TRF in conjunction with the test data
tables, containing reference to the manufacturer's documents intended to support objective evidence of
compliance.
For a clause from IEC 60601-1 which makes reference to the RM file refer to TABLE 1 - IEC 60601- 1 / ISO
14971 CLAUSE MAPPING GUIDE to identify which clauses from ISO 14971 need to be documented.
For example, IEC 60601-1:2005 Clause 9.2.4 which requires reference to the RM file; Table 1 of this OD 2044
specifies that documents demonstrating compliance with clauses 4.2 to 6.6 of ISO 14971:2000 shall be
provided for evaluation.
9.2.4 Emergency stopping - Does the MEE use emergency stopping devices? 4.2
devices - Are risks caused by mechanical hazards which are to
reduced by the use of the emergency stopping devices 6.6
reduced to an acceptable level?
The actual clauses that are to be used to provide evidence are referenced in the Risk Management Results
Tables of the TRF; the ISO 14971 range of clauses in table 1 is given for reference only.
After evaluation, the 9.2.4 Risk Management Results Table shall be filled in appropriately.
9.2.4 Risk Management Results Table: Emergency stopping devices Pass

Clause Document Ref. in RMF
ISO (Document No. & Result- Remark Verdict
14971 paragraph)
See document 453627 rev 1 The Treadmill is intended to make a patient walk
4.2 Pass
Product Specifications on a moving belt.
See document 1234567 rev The possible hazard of the patient tripping has
4.3 Pass
1 clause 13.1a been identified.
The probability of occurrence of the harm has
Document 7654321 – rev 2 been estimated in “ProbRange C”.
4.4 Pass
Refer to clause 13.1a The severity of the harm has been estimated as
“SevRange B”
Document 7654321 – rev 2 The risk has been evaluated as “TBR = To Be
5 Pass
Refer to clause 13.1a Reduced”
The measure that has been identified to control
Document 7654321 – rev 2
6.2 the risk is the use of an emergency stopping Pass
Refer to clause 13.1a
device.
Document 1726354 – rev 3 The Treadmill is provided with an emergency
6.3 Pass
Design Verification stopping device.
The emergency stopping device works as
intended.
Document 1726354 – rev 3 The probability of occurrence of the harm has
6.4 Pass
Design Verification been reduced to “ProbRange A”.
The residual risk has been evaluated as
“acceptable”.
6.5 Not deemed necessary N/A
6.6 No other hazards generated Pass

– 16 – IECEE OD-2044:20219 © IEC 2021019
IEC 60601-1:2005 Clause 11.6.3 which requires reference to the RM file; Table 1 of this OD 2044 specifies
that documents demonstrating compliance with clauses 4.2 to 6.5 of ISO 14971:2000 shall be provided for
evaluation.
11.6.3 RM RESULTS TABLE: Spillage on ME equipment and ME system Pass

Clause Document Ref. in RMF Result - Remarks Verdict
of ISO (Document No. &
14971 paragraph)
4.2 See document 453627 rev 1 The Treadmill is provided with a cup Pass
Product Specifications holder. Spillage of liquids may occur.
4.3 See document 1234567 rev The possible hazard of electric shock to Pass
1 clause 7.1 the patient caused by the insulation
breakdown has been identified.
For the purpose of the test, the following
test conditions have been identified:
Type of liquid: mineral water
Volume: 1 liter
Duration of spill: 15 s
Point of contact: on the end of the belt
above the drum motor from a height not
exceeding 5 cm
4.4 Document 7654321 – rev 2 The probability of occurrence of the harm Pass
Refer to clause 7.1 has been estimated in “ProbRange C”.
The severity of the harm has been
estimated as “SevRange A”
5 Document 7654321 – rev 2 The risk has been evaluated as “TBR = To Pass
Refer to clause 7.1 Be Reduced”
6.2 Document 7654321 – rev 2 The measure that has been identified to Pass
Refer to clause 7.1 control the risk is a protective cover to the
motor.
6.3 Document 1726354 – rev 3 The Treadmill is provided with a protective Pass
Design Verification cover
6.4 No wetting of uninsulated electrical parts or Pass
electrical insulation of parts could result in
a Hazardous Situation.
Document 1726354 – rev 3
The probability of occurrence of the harm
Design Verification has been reduced to “ProbRange A”.
The residual risk has been evaluated as
“acceptable”.
6.5 Not deemed necessary N/A
Compliance with those sub-clauses in IEC 60601-1 that refer to "minimizing risk" are deemed satisfied if the
manufacturer can show that the particular condition or event does not result in an unacceptable risk.
Compliance with those sub-clauses in IEC 60601-1 that require protection against a particular condition or
event that "could result in a hazardous situation" are deemed to be satisfied if the manufacturer can show that
the particular condition or event does not result in an unacceptable risk.
5.9 Workflow
a) Based on the latest TRF version, establish the relevant clauses of IEC 60601 series that have to be
supported by RM documentation.
b) Verify the required documentation and identify the relevant reference points to be listed in the TRF. To
initiate the assessment process of a manufacturer, the CBTL may use attachment 1, from this Procedure
IECEE OD-2044:20219 © IEC 2021019 – 17 –
(ISO 14971:2000 Checklist), attachment 2 from this Procedure (ISO 14971:2007 Checklist) or equivalent.
The form is intended to facilitate an understanding of the manufacturer’s risk management procedures. The
completion of this form documents the assessment of the manufacturer’s risk management process. (Note:
It is not necessary to maintain a copy of the risk management file).
c) In case the use of RM influences the tests (see clause 5.2)
3.1 Identify the test to be conducted
3.2 Identify the test parameters and conditions to be used performing the tests
3.3 Identify the RM Pass/Fail criteria. The Pass/Fail criteria and the rationale for acceptance shall
be reported in the TRF.
d) Perform verification and report the results in the TRF tables.

5.10 Application of Risk Management to the General and Collateral Standards
The evaluation of clauses and sub-clauses of IEC 60601-1 containing risk management requirements are
provided in Table 1 of this document, Clause Mapping Guide.
The evaluation of clauses and sub-clauses in IEC 60601-1-nn, Collateral standards containing risk
management requirements are provided in Tables 1-3 through 1-11 of this document.
Note: Guidance has not yet been developed by the task force for IEC 60601 3rd edition particular standards IEC 60601-2-nn. The
collateral standard IEC 60601-1-2:2007 does not contain any risk management requirements, the RM requirements are addressed
through the IEC 60601-1 (Clause 17).
There is no planned guidance for IEC 60601-1-9:2007.

– 18 – IECEE OD-2044:20219 © IEC 2021019
6 Clause mapping guide IEC 60601 / ISO 14971
6.1 Application of ISO 14971:2000 in IEC 60601-1:2005 product evaluation
IEC 60601-1:2005 (Ed.3) Medical electrical equipment, Part 1: General requirements for basic safety &
essential performance - Guidance for the application of ISO 14971:2000 (Ed.1)
Clause 4 – General requirements
IEC 60601- Subject Considerations for application of RM criteria ISO 14971

1 Clauses Clauses
4.2 Risk Compliance is checked by inspection of the risk 3.3 a),
Management management file. The requirements of this clause and all 3.5 e),
Process for ME requirements of this standard referring to inspection of the 4 to 7
Equipment or risk management file are considered to be satisfied if the
ME Systems manufacturer has:
- established a risk management process; and
- established acceptable levels of risks; and
- demonstrated that the residual risk is acceptable
Does the manufacturer have a risk management process
according to ISO14971:2000 in place?
Was this process used for the device being considered?
If so, a limited number of more detailed questions can be
addressed at this point:
• Are all risk management procedures (that meet the
requirements of ISO14971:2000, including acceptability
criteria) developed and applied for the device
considered (clauses 3.3 a), 3.5 e), 4 to 7 of
ISO14971:2000)?
• Is there a risk management plan (including resources
and commitment) for the device considered (clause 3.3
a), 3.5 e) of ISO14971:2000)?
• Is the overall residual risk for the device considered
acceptable (clause 7 of ISO 14971:2000)?
4.3 Essential Compliance is checked by inspection of the risk 4.2 to 5
performance management file.
Have, apart from the essential performance identified in
the particular standards, hazardous situations been
identified whereby the residual risk is unacceptable due to
the absence of performance of the device?
If so, has this performance been identified as essential
performance for the device during the risk assessment
process?
If so, have risk control measures or particular tests been
identified to check whether this performance is
maintained?
If so, has this been checked by inspection or by functional
test?
4.5 Equivalent Compliance is checked by inspection of the risk 4.2 to 5,
safety for ME management file. 6.2 to 6.5
Equipment of Are there particular risks for which alternative means of
ME System controlling these risks are applied such that the resulting
risk level is acceptable for these risks?
If so, have these risks been identified as such during the
risk assessment process?
If so, is the resulting risk level equal or less than the
residual risk that results from applying the requirements of
this standard?

IECEE OD-2044:20219 © IEC 2021019 – 19 –

1 Clauses Clauses
4.6 ME equipment Compliance is checked by inspection of the risk 4.2 to 6.5
or ME system management file. Have parts been identified during the risk
parts that management process which can come into contact with the
contact the patient but fall outside the definition of applied parts?
patient If so, are all the relevant requirements and tests of this
standard applied?
If so, are there residual risks which are not acceptable?
If so, are risk controls measures implemented that make
the residual risk acceptable?
4.7 Single Fault Compliance is determined by applying the specific 4.2 to 4.4
Condition for requirements and tests associated with the single fault
ME Equipment conditions identified in 13.2, and tests for the failures
identified from evaluation of the results of the risk analysis.
Compliance is determined if the introduction of any of the
single fault conditions described in 13.2, one at the time,
does not lead directly to the hazardous situations
described in 13.1, or any other outcome that results in an
unacceptable risk.
Are there single fault conditions which lead directly to
hazardous situations described in 13.1 or to risks that are
unacceptable?
4.8 Components of Compliance is checked by inspection and, where 4.2 to 6.5
ME Equipment necessary, by test. The tests of this standard for motors
(see 13.2.8 and 13.2.13.3) and transformers (see 15.5.3)
are considered to be comprehensive and together with the
evaluation of the motor or transformer insulation system
according to Table 22 represent all testing required by this
standard. ME system components that provide isolation
from non-ME equipment are evaluated to clause 16.
Are specific exceptions made for any component of the
device under investigation to allow it to be used not in
accordance with its specified rating?
If so, are these exceptions formulated as the result of the
risk management process?
If so, have inspection or test requirements been formulated
to make the hazardous situations acceptable?
4.9 Use of Compliance is checked by inspection of the risk 4.2 to 6.5
components management file and the selection criteria for the
with high- components with high-integrity characteristics.
integrity Are components with high-integrity characteristics applied?
characteristics If so, have the risks associated with its use been identified
in ME as such during the risk assessment process, or in other
words are they selected and evaluated consistent with their
conditions of use and reasonably foreseeable misuse
during the expected service life of the ME equipment?

– 20 – IECEE OD-2044:20219 © IEC 2021019
Clause 5 – General requirements for testing MEE

1 Clauses Clauses
5.1 Type Tests The tests to be performed are determined taking into 4.2 to 4.4
consideration the requirements of clause 4, in particular
4.2.
For the selection of the tests to be performed, is a risk
management process according to ISO14971:2000
applied?
If so, this requirement is fulfilled.
The results of the risk analysis are used to determine
which combination(s) of simultaneous faults are to be
tested.
For the determination of which combination(s) of
simultaneous faults have to be tested, is a risk assessment
applied?
5.4 a) Other Unless otherwise specified in this standard, ME equipment 4.2 to 4.4
conditions is to be tested under the least favourable working
conditions as specified in the Instructions for Use that are
identified during the risk analysis.
For testing of the ME equipment, have the least favourable
working conditions been identified via the risk analysis?
5.7 Humidity Where the risk management process suggests that the ME 4.2 to 6.5
preconditioning equipment can be exposed to high humidity for extended
treatment periods, the period is extended appropriately.
Has it been determined via the application of the risk
management process whether the ME equipment can be
exposed to high humidity for extended periods?
If so, is the period for testing been extended appropriately
following the conclusions of the risk management process?
5.9.2.3 Actuating Inspection of the risk management file demonstrates that 4.2 to 6.5
mechanisms the relevant part is unlikely to become detached
unintentionally during the expected service life of the ME
equipment.
Has the result of the risk analysis demonstrated that the
relevant part is unlikely to become detached unintentionally
during the expected service life time of the ME equipment
and that an acceptable residual risk results?
Clause 7- MEE Identification, markings and documents

1 Clauses Clauses
7.2.2 Identification ME Equipment and its detachable parts not marked with 4.2 to 5,
the name or trademark of the manufacturer and with a 6.4
Model or Type reference does not present an unacceptable
risk?
7.2.5 ME Equipment Are the model or Type reference of the specified other 4.2 to 5,
intended to equipment marked if this could result in an unacceptable 6.4
receive power risk?
from other
equipment

IECEE OD-2044:20219 © IEC 2021019 – 21 –

1 Clauses Clauses
7.2.13 Physiological Do the instructions for use describe the nature of the 4.2 to 5,
effects (safety HAZARD and the precautions for avoiding it or minimizing 6.3
signs and the associated RISK?
warning
statements)
7.2.17 Protective Can premature unpacking of ME Equipment or its parts 4.2 to 5,
packaging result in an unacceptable RISK? 6.3, 6.4
Is the packaging marked with a suitable safety sign?
7.3.3 Batteries Are there lithium batteries or fuel cells which are 4.2 to 5,
incorporated where incorrect replacement could result in 6.3
an unacceptable RISK? If so, is there a warning indicating
that replacement by inadequately trained personnel could
result in a HAZARD?
7.3.7 Supply Are Terminals for supply conductors marked adjacent to 4.3
terminals the terminals? If not, does the identification of known or
foreseeable hazards (risk management file) demonstrate
that no HAZARDOUS SITUATION can result if connections
are interchanged?
7.4.2 Control devices In normal use, can the change of the setting of a control 4.2 to 5,
result in an unacceptable RISK to the patient? If so, review 6.2, 6.3
the manufacturers risk management file for risk analysis,
risk evaluation and where necessary implementation of risk
control.
7.5 Safety signs Is marking used to convey a warning, prohibition or 4.3 to 5,
mandatory action that mitigates a RISK that is not obvious 6.3
to the operator? If so, review the manufacturers risk
management file for risk analysis, risk evaluation and
where necessary implementation of risk control.
7.9.1 General Compliance is checked by inspection of the risk 4.2 to 5,
accompanying management file. 6.2, 6.3
documents Has the manufacturer applied the risk management
format. (see process to determine which information also needs to be
also Table C.4) provided as hard copy or as marking on the ME
equipment?
7.9.2.4 Electrical If leakage from a battery would result in an unacceptable 4.2 to 5,
power source RISK, do the instructions for use include a warning to 6.3
remove the battery if the ME Equipment is not likely to be
used for some time? If so, review the manufacturers risk
where necessary implementation of risk control.
If loss of power would result in an unacceptable risk, do the
instructions for use include a Warning that the ME
Equipment must be connected to an appropriate power
source? If so, review the manufacturers risk management
file for risk analysis, risk evaluation and where necessary
implementation of risk control.

– 22 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses Clauses
7.9.3.2 Replacement of Where replacement of a component could result in an 4.2 to 6.5
fuses, power unacceptable RISK, is there appropriate warnings to
supply cords identify the nature of the HAZARD and, if the Manufacturer
and other parts specifies the component as replaceable by service
personnel, is all information necessary to safely replace
the component? Review the manufacturers risk
where necessary risk control measures.
Clause 8 - Protection against electrical hazards from MEE

1 Clauses Clauses
8.1 b Fundamental 1. Has the manufacturer identified in their risk analysis if b(1) 4.3
rule of the interruption of any one power carrying conductor & 4.4
protection between MEE parts in separate enclosures might cause b(2) 4.2
against electric permitted limits (voltage, current, energy) to be exceeded? to 6.5
shock If so, then during product safety verification, this must be b(3) 4.3
one of the SFC’s tested.
2. Has the manufacturer identified in their risk management
process that a component’s movement must be considered
as a SFC because its lack of securement (8.10.1) over the
expected service life of the MEE may cause permitted
limits (voltage, current, energy) to be exceeded?
If so, then during product safety verification, this must be
one of the SFC’s tested.
3. Has the manufacturer identified in their risk management
process accidental detachment of conductors and
connectors?
If so, then during product safety verification, this must be
one of the SFC’s tested
8.2.2 Connection to Does ME Equipment specified for power supplied from an 4.2 to 5
an external d.c. external d.c. power source, have no HAZARDOUS
power source SITUATION, other than absence of essential performance,
develop when a connection with the wrong polarity is
made? Review the manufacturers risk management file for
risk analysis and risk evaluation.
Does the ME Equipment, when connection is subsequently

made with the correct polarity, provide freedom from
unacceptable RISK? Review the manufacturers risk
management file for risk analysis and risk evaluation.
8.3 d Classification Has the manufacturer identified in their risk management 6.2
of applied parts process the need for parts (not being applied parts) to be
subject to the requirements for an applied part of Type BF
or Type CF?
If so, then during product safety verification, these parts
are to be tested accordingly.

IECEE OD-2044:20219 © IEC 2021019 – 23 –

1 Clauses Clauses
8.4.2 c Accessible Has the manufacturer identified parts (not being applied 4.2-4.4
parts including parts) where a current exceeding the allowable touch
applied parts current could flow, either directly or through the body of an
operator, however, the risk analysis determined that the
probability in normal use is negligible?
If so, then during product safety verification, these
identified parts do not require touch current testing. Inspect
the instructions for use includes instructions for the
operator not to touch the relevant part and the patient
simultaneously.
8.5.2.2 Type B applied Has the manufacturer identified in their risk management 4.2 to 5
parts file, unearthed Type B applied parts that are not separated
from unearthed conductive accessible parts, however,
determined that the level of risk that the unearthed
accessible part will make contact with a source of voltage
or leakage current above permitted limits is acceptably
low?
If so, accepted.
If not, then one means of protection is required.
8.5.2.3 Patient Leads Has the manufacturer identified in their risk management 4.2 to 5
process connectors for electrical connections on a patient
lead at the end of the lead remote from the patient and that
contains a conductive part that is not separated from all
patient connections by one MOPP for a working voltage
equal to the maximum mains voltage, that will not present
an unacceptable risk from contact with objects other than a
mains socket or a flat surface (e.g. corners or edges)?
If so, during product safety verification, the test using a
straight, rigid test finger with a force of 10 N is not
required, however, the remaining inspections of this clause
are required.
8.6.3 Protective Does the manufacturer’s risk management file indicate the 4.2 to 6.5
earthing of need to bond moving parts to the protective earth
moving parts connection?
If so, has the manufacturer demonstrated the reliability of
the connection during the expected service life?
8.8.4.1 Mechanical Has the manufacturer identified in the risk management file 4.2 to 6.5
strength and the need for insulations of all types, considering its
resistance to resistance to heat in the application and the expected
heat service life?
Has the manufacturer identified any specific test protocols
that must be performed during product safety verification?
If so, conduct the tests required in this clause and any
additional tests or inspections identified in the risk
management file.
8.10.1 Fixing of Has the manufacturer identified components the movement 4.2 to 6.5
components of which could result in an unacceptable risk in their risk
management file?
If so, verify that such identified components are securely
mounted and will remain so for the expected service life.

– 24 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses Clauses
8.10.2 Fixing of wiring Has the manufacturer identified in their risk management 4.3 to 6.5
file the need to restrain by double securement any
conductors and connectors where if they were to break free
and touch circuit points this could result in a hazardous
situation?
If so, inspect the construction and restraint of these
conductors and connectors to ensure that they are held in
place by use of double securement.
8.10.5 Mechanical Has the manufacturer identified in the risk management file 4.3 to 6.5
protection of the need to protect against contact with moving parts,
wiring friction at sharp corners and edges or damage during
assembly or the opening or closing of access covers of
internal cables, wiring, cord forms or components, where
the damage or insulation damage could result in a
hazardous situation?
If so, inspect these parts carefully considering their
location and potential damage during assembly,
disassembly, contact with moving parts and friction at
sharp corners and edges.
8.11.5 Mains fuses Has the manufacturer provided justification for omission of 4.3 to 6.5
and over- fuses or over-current releases in the risk management file?
current If so, inspect the circuit according to the requirements of
releases this clause ensuring double insulation and acceptable fault
condition tests results.
Clause 9 - Protection against mechanical hazards of MEE and MES

1 Clauses Clauses
9.2.1 Hazards Are protective measures used to reduce the risk from 4.2 to 6.5
associated with contact with moving parts?
moving parts - Considering use as indicated in the Accompanying
General Documents or reasonably foreseeable misuse and bearing
in mind the ease of access, the ME Equipment function,
the shape of the parts, the energy and speed of the motion
and the benefits to the patient, is this risk reduced to an
acceptable level?
Is exposure to moving parts needed for MEE to perform its
intended function?
Have all reasonable protective measures including warning
markings on the MEE where the hazards persist been
implemented?
9.2.2.4.3 Movable Are the risks caused by mechanical hazards associated 4.2 to 6.5
guards with moving parts and reduced by use of the movable
guards addressed?
9.2.2.4.4 Protective Are the risks caused by mechanical hazards associated 4.2 to 6.5
measures with moving parts and reduced by the use of protective
measures incorporated in the control system addressed?
9.2.2.5 c Continuous Are the risks caused by mechanical hazards associated 4.2 to 6.5
activation with accessibility to a trapping zone and reduced by use of
the continuous activation of the movement control
addressed?

IECEE OD-2044:20219 © IEC 2021019 – 25 –

1 Clauses Clauses
9.2.2.6 Speed of Are the risks caused by mechanical hazards associated 4.2 to 6.5
movement(s) with the speed of movement addressed?
9.2.3.2 Over travel Are the risks caused by mechanical hazards associated 4.2 to 6.5
with the over travel addressed?
9.2.4 Emergency Does the MEE use emergency stopping devices? 4.2 to 6.6
stopping Are risks caused by mechanical hazards which are
devices reduced by the use of the emergency stopping devices
reduced to an acceptable level?
9.2.5 Release of Are the risks caused by mechanical hazards associated 4.2 to 6.5
patient with release of patient addressed?
9.3 Hazards Are the risks caused by mechanical hazards associated 4.3 to 6.5
associated with with surfaces, corners and edges addressed?
surfaces,
corners and
edges
9.4.2.4.3 Movement over Are the risks caused by mechanical hazards associated 4.2 to 6.5
a threshold with movement over a threshold addressed?
9.5.1 Protective Have the risks caused by mechanical hazards associated 4.3 to 6.5
means with expelled parts been addressed?
9.6.1 Acoustic Have the risks caused by mechanical hazards associated 4.2 to 6.5
energy - with acoustic energy and vibration been addressed?
General
9.6.2.2 Infrasound and Have the risks caused by mechanical hazards associated 4.2 to 6.5
ultrasound with infrasound and ultrasound energy been addressed?
energy
9.7.2 Pneumatic and Have the risks caused by mechanical hazards associated 4.3 to 6.5
hydraulic parts with pneumatic and hydraulic parts been addressed?
9.7.4 Pressure rating Have the risks caused by mechanical hazards associated 4.3 to 6.5
of ME with pressure rating of MEE parts been addressed?
equipment
parts
9.7.6 Pressure- Have the risks caused by mechanical hazards associated 4.3 to 6.5
control device with pressure – control device been addressed?
9.7.7 Pressure-relief Have the risks caused by mechanical hazards associated 4.3 to 6.5
device with a pressure-relief device been addressed?
9.8.1 Hazards Have the risks caused by hazards arising from static, 4.2 to 6.5
associated with dynamic, vibration, impact and pressure loading,
support foundation and other movements, temperature,
systems - environmental, manufacture and service conditions been
General addressed?
Were all of the following failures considered: excessive
deflection, plastic deformation, ductile or brittle fracture,
fatigue fracture, instability (buckling), stress-assisted
corrosion cracking, wear, material creep, and material
deterioration?
Were the following residual stresses resulting from the
manufacturing process, e.g. machining, assembling,
welding, heat treatment or surface coating considered?

– 26 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses Clauses
9.8.2 Tensile safety When not according to Table 21, what alternative method 4.3 to 6.5
factor was used to determine the tensile safety factor?
Have the risks related to the value of the tensile factor
been addressed?
9.8.3.1 Strength of Have the risks caused by mechanical hazards associated 4.2 to 6.5
patient or with support or suspensions of the patient (including
operator particular applications) been addressed?
support or
suspension
systems -
General
9.8.3.2 a, Static forces Have the risks caused by mechanical hazards associated 4.3 to 6.5
b due to loading with static forces due to loading from persons been
from persons addressed?
9.8.4.1 Systems with Does the MEE use mechanical protective devices? 4.3 to 6.5
mechanical Does the mechanical protective device activate before
protective travel (movement) produces an unacceptable risk?
devices-
General
9.8.4.3 Mechanical Does the MEE use mechanical protective devices intended 4.3 to 6.5
protective for single activation?
device intended Where risks caused by mechanical hazards which have
for single been reduced by the use of mechanical protective devices
activation intended for single activation:
9.8.5 Systems Has the manufacturer determined that the use of 4.3 to 6.5
without mechanical protective devices in the MEE is not required?
mechanical Has the manufacturer justified the reasons not to use
protective mechanical protective devices?
devices
Clause 10 - Protection against unwanted and excessive radiation hazards

1 Clauses Clauses
10.1.2 ME equipment When applicable, has the manufacturer identified hazards 4.2 to 6.5
intended to and hazardous situations associated with production of X-
produce radiation in the risk management file?
diagnostic or
therapeutic X-
radiation
10.2 Alpha, beta, When applicable, has the manufacturer identified hazards 4.2 to 6.5
gamma, and hazardous situations associated with production of
neutron and alpha, beta, gamma, neutron or other particle radiation in
other particle the risk management file?
radiation
10.3 Microwave When applicable, has the manufacturer identified hazards 4.2 to 6.5
radiation and hazardous situations associated with production of
microwave radiation in the risk management file?

IECEE OD-2044:20219 © IEC 2021019 – 27 –

1 Clauses Clauses
10.5 Other visible When applicable, has the manufacturer identified hazards 4.2 to 6.5
electromagnetic and hazardous situations associated with production of
radiation visible electromagnetic radiation in the risk management
file?
10.6 Infrared When applicable, has the manufacturer identified hazards 4.2 to 6.5
infrared radiation in the risk management file?
10.7 Ultraviolet When applicable, has the manufacturer identified hazards 4.2 to 6.5
ultraviolet radiation in the risk management file?
Clause 11 - Protection against excessive temperatures and other hazards

1 Clauses Clauses
11.1.1 Maximum temperature during normal use
Table 23 Has the manufacturer identified parts of the ME Equipment 4.2 to 6.5
that are likely to be touched in normal or foreseeable
misuse that can contact more than 10% of the surface area
operator or patient’s body or 10% of the surface area of the
patient’s or operator’s head?
Has the manufacturer identified the duration of continuous
or aggregate contact?
Has the manufacturer identified and addressed such risks?
Has the RM process determined suitable limits for
temperature based on the risk acceptability criteria and risk
benefit analysis in association with patient state of health
and whether adult, pediatric or neonate?
Table 24 Has the manufacturer identified applied parts of the ME 4.2 to 6.5
Equipment that can contact more than 10% of the surface
area operator or patient’s body or 10% of the surface area
of the patient’s or operator’s head during normal or
foreseeable misuse?
Has the manufacturer identified the duration of continuous
or aggregate contact of these applied parts?
Has the manufacturer identified and addressed such risks?
Has the RM process determined suitable limits for
temperature based on the risk acceptability criteria?
If the temperature limits exceed the values in table 24 has
a favorable risk benefit analysis in association with patient
state of health and whether adult, pediatric or neonate
been documented?
11.1.2.1 Applied parts Is any part of the ME Equipment intended to supply heat or 4.2 to 6.5
intended to otherwise intended to cool a patient?
supply heat to Has the manufacturer identified and addressed the clinical
a patient risks associated with hazards?
Has the manufacturer disclosed such risks?
11.1.2.2 Applied parts Does the ME equipment have any applied parts that are 4.2 to 6.5
not intended to not intended to heat or cool the patient that could in normal
supply heat to or foreseeable misuse exceed 41 °C or cool below ambient
a patient temperature?

– 28 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses Clauses
11.1.3 e Measurements Has the manufacturer identified hazardous situations that 4.2 to 6.5
relate to maximum heating effect of nearby surfaces?
If no hazardous situations are apparent has the
manufacturer made appropriate declarations in the RMF?
Has the manufacturer identified all conditions of intended
use and foreseeable misuse to determine occurrence and
duration of contact with parts and applied parts that could
be touched?
11.2.2.1 Risk of fire in Has the manufacturer identified that there is a risk of fire 4.2 to 6.5
an oxygen rich from an oxygen rich environment?
environment Where scenario number 3 is applicable, has the
manufacturer conducted a risk assessment to determine
hazards associated with leaks or component failures
causing a source of ignition been conducted?
11.3 Constructional Have the specific requirements of this clause been 4.2 to 6.5
requirements employed to comply with cl 13.1.2?
for fire Has the manufacturer analyzed and addressed risks of not
enclosures of complying with the constructional requirements and
ME equipment showed than an equivalent level of risk / benefit has been
provided?
11.5 ME equipment Is the ME Equipment intended to (or can it through 4.2 to 6.5
and ME foreseeable misuse) come into contact with flammable
systems agents?
intended for
use in
conjunction
with flammable
agents
11.6.2 Overflow in ME Does a HAZARDOUS SITUATION or unacceptable risk due 4.2 to 5
Equipment to overflow develop if transportable ME Equipment is tilted
through an angle of 15°? Review the manufacturers risk
Does wetting of uninsulated electrical parts or electrical
insulation of parts that could result in a HAZARDOUS
SITUATION occur? Review the manufacturers risk
11.6.3 Spillage on ME Does the ME Equipment require the handling of liquids in 4.2 to 6.5
equipment and normal or foreseeable misuse?
ME system Could the wetting of the ME equipment result in a
hazardous situation?
Has the manufacturer identified hazardous situations
relating to the worst case volume and type of liquid?
Has the manufacturer identified hazardous situations
relating to the worst location for the equipment to spill?
11.6.5 Ingress of Does the ME Equipment show no signs of bridging of 4.2 to 5
water or insulation (or electrical components) that could result in a
particulate HAZARDOUS SITUATION in normal condition or in
matter into ME combination with a single fault condition? Review the
Equipment and manufacturers risk management file for risk analysis and
ME Systems risk evaluation.

IECEE OD-2044:20219 © IEC 2021019 – 29 –

1 Clauses Clauses
11.6.6 Cleaning and Has the manufacturer identified the parts of the ME 4.2 to 6.5
disinfection of equipment which may be subject to cleaning or disinfection
ME equipment in normal or foreseeable misuse and the type of cleaning
and ME or disinfection?
systems Based on the ESL of the ME equipment has the
manufacturer extrapolated the number of cleaning
processes to which the equipment will be subjected?
Has the manufacturer identified all related hazards and
addressed such risks in the RMF?
11.6.7 Sterilization of Has the manufacturer identified the parts of the ME 4.2 to 6.5
ME equipment equipment which may be subject to sterilization in normal
and ME or foreseeable misuse and the type of sterilization?
systems
11.6.8 Compatibility Has the manufacturer identified all substances to which the 4.2 to 6.5
with ME Equipment may come into contact with in normal or
substances foreseeable misuse?
used with the
ME equipment
Clause 12 - Accuracy of controls & instruments; protection against hazardous outputs

1 Clauses Clauses
12.1 Accuracy of Has the manufacturer identified all controls and 4.2 to 6.5
controls and instruments contained on the ME Equipment?
instruments Has the manufacturer conducted a hazard analysis to
identify the risks associated with the accuracy of the above
identified controls and instruments?
12.3 Alarm systems Has the manufacturer considered in their option analysis 4.2 to 6.5
the inclusion of alarms as a means to mitigate the risk of
accuracy of controls and instruments for controlling
hazards against hazardous outputs?
If yes, has the use of alarms been implemented as a
means of mitigating the risk of accuracy of controls and
instruments for controlling hazards against hazardous
outputs?
If yes, has the manufacturer in their risk analysis explored
and addressed the hazards of operation or failure of the
alarm systems?
Does the residual risk of such hazards meet IEC 60601-1-
8?
12.4.1 Intentional Has the manufacturer identified risks associated with the 4.2 to 6.5
exceeding of intentional exceeding of safety limits?
safety limits Has the manufacturer addressed such risks to comply with
the manufacturer’s risk acceptability criteria?
12.4.2 Indication of Has the manufacturer identified all functions related to the 4.2 to 6.5
parameters delivery of energy or substances to the patient?
relevant to Has the manufacturer explored such functions for
safety hazardous situations in which these functions can produce
an output to the patient?

– 30 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses Clauses
12.4.3 Accidental Has the manufacturer identified all features of the ME 4.2 to 6.5
selection of Equipment that provide an output to the patient for
excessive therapeutic purposes?
output values Has the manufacturer identified which of these features
have multiple purposes that require different intensities for
different treatments?
Has the manufacturer identified hazards associated with
accidental selection of excessive output values?
12.4.4 Incorrect output Has the manufacturer identified all features of the ME 4.2 to 6.5
Equipment that provide an output?
Has the manufacturer identified hazards associated with
incorrect output?
12.4.5.2 Diagnostic X- Has the manufacturer identified if the product emits 4.2 to 6.5
ray equipment intentional X-ray radiation for diagnostic purposes?
Has the manufacturer identified and explored risks
associated with emission of X-Ray radiation for diagnostic
purposes?
12.4.5.3 Radiotherapy Has the manufacturer identified if the product is intended 4.2 to 6.5
equipment for radiotherapy purposes?
Has the manufacturer identified and explored risks
associated with emission radiation for therapeutic
purposes?
12.4.5.4 Other ME Has the manufacturer identified if the product is intended 4.2 to 6.5
equipment for radiotherapy purposes?
producing Has the manufacturer identified and explored risks
diagnostic or associated with emission radiation for therapeutic
therapeutic purposes?
radiation
12.4.6 Diagnostic or Has the manufacturer identified if the equipment emits an 4.2 to 6.5
therapeutic acoustic pressure output?
acoustic Has the manufacturer identified and explored risks
pressure associated with emission of such acoustic pressure?
Clause 13 - Hazardous situations and fault conditions

1 Clauses Clauses
13.2.6 Leakage of Has the manufacturer determined the appropriate test 4.2 to 6.5
liquid conditions for the evaluation of liquid leakage?

IECEE OD-2044:20219 © IEC 2021019 – 31 –
Clause 14 - Programmable Electrical Medical Systems (PEMS)

1 Clauses Clauses
14.1 Programmable Does the application of ISO 14971 demonstrate that the 4.2 to 5
electrical medical failure of the PEMS does not lead to an unacceptable
systems - risk?
General
14.6.1 Identification of Has the manufacturer considered those hazards 4.3
known and associated with the software and hardware aspects of the
foreseeable PEMS including those associated with Network/Data
hazards coupling and legacy subsystems?
14.6.2 Risk control Has the manufacturer identified suitable tools and 6.1
procedures to implement risk control measures?
Are these tools and procedures appropriate to ensure
that each risk control measure effectively reduces the
identified risks?
14.7 Requirement Does the requirement specification include and 6.3
specification distinguish any risk control measures?
14.8 Architecture Does the architecture specification reduce the risk to an 6.3
acceptable level, where appropriate, using levels a) – f)?
Does the architecture specification take into
consideration allocation of risk control measures?
14.9 Design and Is descriptive data regarding the design environment 6.2, 6.3
Implementation included in the risk management file?
14.10 Verification Is the result of the verification activity documented? 6.3
Have all functions that implement risk control measures
been verified?
14.11 Programmable Has the manufacturer documented the professional 6.3
electrical medical relationships of the members of the PEMS Validation
systems - PEMS team with members of the design team?
validation Is a reference to the methods and results of the PEMS
Validation included in the risk management file?
14.13 Connection of Is there a list of the HAZARDOUS SITUATIONS resulting 4.2 to 5,
PEMS by from a failure of the network/data coupling provided with 6.2, 6.3
network/data the specified characteristics? Review the manufacturers
coupling to other risk management file for any risk analysis, risk evaluation
equipment and any necessary risk control measures.
Does a connection of the PEMS to a network/data
coupling that includes other equipment result in
previously unidentified RISKS to patients, operators or
third parties? Review the manufacturers risk management
file for any risk analysis, risk evaluation and any
necessary risk control measures.

– 32 – IECEE OD-2044:20219 © IEC 2021019
Clause 15 - Construction of MEE

1 Clauses Clauses
15.1 Construction of Has the manufacturer identified in the risk management 4.2 to 6.5
ME equipment - process the risks associated with the arrangement of
Arrangements of controls and indicators?
controls and If so, inspect for the arrangement of controls and
indicators of ME indicators.
equipment
15.3.2 Push test After the push test, were damages sustained that result in 4.2 to 5
an unacceptable risk identified?
15.3.3 Impact test After the impact test, were damages sustained that 4.2 to 5
resulted in an unacceptable risk identified?
15.3.4.2 Portable ME After the drop test, were damages sustained that resulted 4.2 to 5
equipment in an unacceptable risk identified?
15.3.5 Rough handling After the rough handling test, were damages sustained 4.2 to 5
test that resulted in an unacceptable risk identified?
15.4.1 Construction of Has the manufacturer identified electrical, hydraulic, and 4.2 to 6.5
connectors pneumatic or gas connection terminals and connectors
removable without the use of a tool where incorrect
connection to other outlets intended for other functions
would not result in unacceptable risks?
If so, ensure that incorrect connection does not result in
an unacceptable risk. (Gas connectors must comply with
item b) of this clause).
15.4.2.1 a Temperature Has the manufacturer identified in the risk management 4.2 to 5
and overload file, any automatic resetting thermal cut-outs or over-
control devices current releases where their use would not result in an
- Application unacceptable risk?
If so, ensure that the resetting of these devices does not
result in unacceptable risks.
15.4.2.1 b Application Has the manufacturer identified in the risk management 4.2 to 4.4
file the use of thermal cut-outs with a safety function?
If so, ensure that such components are not of the types
that have to be reset by a soldering operation that can
affect the operating value.
15.4.2.1 c Application Has the manufacturer identified the use of a thermostat in 4.2 to 4.4
the MEE in the risk management file?
If so, inspect for an independent non-self-resetting
thermal cut-out with a setting outside the maximum range
of the thermostat but within the safe temperature limit for
its intended function.
15.4.2.1 d Application Has the manufacturer identified that loss of function of the 4.2 to 4.4
MEE could result in a hazardous situation?
If so, ensure that the operation of a thermal cut-out or
over-current release does not result in an unacceptable
risk.
15.4.2.1 h Application Has the manufacturer identified the need for fusing each 4.2 to 4.4
lead for the use of tubular heating elements in the risk
management file?
If so, inspect for fuses in both leads and fault either lead
to ground and ensure over-heating does not occur.
IECEE OD-2044:20219 © IEC 2021019 – 33 –

1 Clauses Clauses
15.4.3.1 Housing Has the manufacturer identified the need for ventilated 4.2 to 4.4
battery housings where gases that could result in a
hazard can escape during charging or discharging?
If so, inspect the battery housings for proper ventilation.
Has the manufacturer identified the need for battery
polarity connection construction such that short-circuiting
is not possible?
If so, inspect the battery connection and ensure that
incorrect connection is not possible.
15.4.3.2 Connection If a HAZARDOUS SITUATION might develop by the 4.2 to 4.4
incorrect connection or replacement of a battery, verify
the ME Equipment is fitted with a means of preventing
incorrect polarity of connection. Review the manufacturers
risk management file for any risk analysis.
15.4.3.3 Protection Does overcharging of any battery of ME Equipment result 4.2 to 4.4
against in an unacceptable RISK, the design shall prevent
overcharging overcharging? Review the manufacturers risk
management file for any risk analysis.
15.4.3.4 Lithium batteries Do lithium batteries used in ME EQUIPMENT that could 4.2 to 4.4
become a HAZARD comply with the requirements of IEC
60086-4? Review the manufacturers risk management file
for any risk analysis.
15.4.3.5 Excessive Has the manufacturer provided justification for the 4.2 to 6.5
current and omission of fuses or over-current releases in the risk
voltage management file?
protection If so, protection against fire caused by excessive currents
is by inspection of the design and the risk management
file and no additional testing is required.
15.4.4 Indicators Are indicator lights provided on ME Equipment 4.2 to 4.4
incorporating non-luminous heaters to indicate that the
heaters are operational, if a HAZARDOUS SITUATION
could exist unless it is otherwise apparent to the operator
from the normal operating position? Review the
manufacturers risk management file for any risk analysis.
Are indicator lights provided on ME Equipment to indicate
that an output exists where an accidental or prolonged
operation of the output circuit could constitute a
HAZARDOUS SITUATION? Review the manufacturers
risk management file for any risk analysis.
15.4.5 Pre-set controls Where applicable, has the manufacturer addressed the 4.2 to 6.5
risk associated with pre-set controls?
15.4.7.3 b Entry of liquids Has the manufacturer conducted risk analysis for foot 4.2 to 4.4
operated control devices during their risk management
process?
If so, is the probability of occurrence of the intended
normal use in areas where liquids are likely to be found
low enough such that foot-operated control devices that
contain electrical circuits do not have to be classified
IPX6 according to IEC 60529?
If so, then perform testing at the manufacturer’s lesser
IPX_ rating. Note IPX1 is the minimum rating.
If not, then verify compliance to IPX6 classification.

– 34 – IECEE OD-2044:20219 © IEC 2021019
Clause 16 – ME Systems

1 Clauses Clauses
16.1 General After installation or subsequent modification, does the ME 4.2 to 5
Requirements system result in an unacceptable risk?
for ME Systems Have hazards arising from combining various equipment
to constitute an ME system been considered?
Is the level of safety equivalent to ME system complying
with this standard IEC 60601-1 within the patient
environment?
If the ME System is reconfigurable, have risk
management methods been used to determine which
configurations constitute the highest risks and which
measures are needed to ensure that the reconfiguration
does not constitute an unacceptable risk?
16.9.1 Connection Are the design and construction of electrical, hydraulic, 4.2 to 6.5
terminals and pneumatic and gas connection terminals and connectors
connectors such that incorrect connection of accessible connectors,
removable without the use of a tool, can be prevented
where a HAZARDOUS SITUATION could otherwise exist?
Review the manufacturers risk management file for any
risk analysis, risk evaluation and risk control measures.
Are plugs for patient leads designed to prevent connection
to other outlets of the same ME System that are likely to
be located in the patient environment unless no
hazardous situation can result? Review the manufacturers
risk management file for any risk analysis, risk evaluation
and risk control measures.
Clause 17 – Electromagnetic compatibility of MEE and MES

1 Clauses Clauses
17 Electromagnetic Does the risk management process address the risks 4.2 to 6.5
compatibility of associated with the electromagnetic phenomena existing
ME equipment at the locations where the ME equipment or ME System is
and ME systems intended to be used as indicated in the accompanying
documents?
Does the risk management process address the risks
associated with the introduction by the ME equipment or
ME system of electromagnetic phenomena into the
environment that might degrade the performance of other
devices, electrical equipment, and systems?
Notes: Clauses 3.3a, 3.5e, and 7 shall be included in the complete RM file which has been addressed through clause 4.3. Numbering
above is inclusive as applicable. This document includes clauses from IEC 60601-1 which have guidance for inspection requirements of
the manufacturer’s risk management file, risk control measures and risk management process. The document does not address other
clauses from IEC 60601-1 which include key terms for example RISK (with or without qualifying words such as unacceptable,
acceptable and significant), HAZARD, HAZARDOUS SITUATION. These clauses do not necessarily require the manufacturer to include
them in their risk management process.

IECEE OD-2044:20219 © IEC 2021019 – 35 –
6.2 Application of ISO 14971:2007 in IEC 60601-1:2005 + A1:2012 product evaluation

IEC 60601-1:2005 + A1:2012 (Ed.3 + Am. 1) Medical electrical equipment, Part 1: General requirements for
basic safety & essential performance - Guidance for the application of ISO 14971:2007 (Ed.2)
Clause 4 – General requirements

1 Clauses Clauses
4.2.2 General Compliance is checked by: 3.3,
requirements - inspection of the MANUFACTURER'S policy for 3.5,
for RISK determining criteria for RISK acceptability; 4.1 to 8
MANAGEMENT - inspection of the RISK MANAGEMENT plan for the
particular ME EQUIPMENT or ME SYSTEM under
consideration; and
- confirming the MANUFACTURER has prepared a
RISK MANAGEMENT FILE containing the RISK
MANAGEMENT RECORDS and other
documentation required by this standard for the
particular ME EQUIPMENT or ME SYSTEM under
consideration.
Does the manufacturer have a risk management process

according to ISO14971:2007 in place?
Was this process used for the device being considered?
If so, a limited number of more detailed questions can be

addressed at this point:
• Are all risk management procedures (that meet the
requirements of ISO14971:2007, including acceptability
criteria) developed and applied for the device
considered (clauses 3.3, 3.4, 3.5, 4 to 8 of
ISO14971:2007)?
• Is there a risk management plan (including resources
and commitment) for the device considered (clause 3.4
of ISO14971:2007)?
• Has the manufacturer established requirements for
maintaining a Risk management file (clause 3.5 of ISO
14971:2007)?
• Is the overall residual risk for the device considered
acceptable (clause 7 of ISO 14971:2007)?
• Has the manufacturer established requirements for
creating a Risk management report to document the
review of Risk management activities (clause 8 of ISO
14971:2007)?
NOTES:
The table shown above is a modified version of Table 4.2 from Section 6.1 of this document used when applying IEC 60601-1:2005 +
A1:2012 and ISO 14971:2007. For all other Risk management requirements in IEC 60601-1:2005 + A1:2012, use the corresponding
guidance from section 6.1 of this document for completing the RM Tables in Revision H of the TRF. Where no RM Table exists in
Revision H of the TRF, no assessment of the Risk management file is required.
IEC 60601-1:2005 + A1:2012 modified the Risk management requirements now summarized in Table 4.2.2 and removed the need to
assess the Risk management file for many other clauses. No new Risk management requirements were added above those already
described in IEC 60601-1:2005..
Clauses 3.3, 3.4, 3.5, 7 and 8 shall be included in the complete RM file which has been addressed through clause 4.3. Numbering
above is inclusive as applicable. This document includes clauses from IEC 60601-1 which have guidance for inspection requirements of
the manufacturer’s risk management file, risk control measures and risk management process. The document does not address other
clauses from IEC 60601-1 which include key terms for example RISK (with or without qualifying words such as unacceptable,

– 36 – IECEE OD-2044:20219 © IEC 2021019
acceptable and significant), HAZARD, HAZARDOUS SITUATION. These clauses do not necessarily require the manufacturer to include
them in their risk management process.

IECEE OD-2044:20219 © IEC 2021019 – 37 –
6.3 IEC 60601-1-3:2008 / ISO 14971:2000

IEC 60601-1-3:2008 Collateral standard: Radiation Protection in Diagnostic X-Ray Equipment - Guidance
for the application of ISO 14971:2000
IEC 60601- Subject Considerations for application of RM criteria ISO

1 Clauses 14971
Clauses
6.3.2 Reproducibility of Has the manufacturer addressed this risk by applying an 4.2 to 6.4
the RADIATION applicable particular standard?
output If yes, this requirement does not apply.
If no, does the RISK MANAGEMENT FILE determine the
reproducibility of the RADIATION output relative to fixed
LOADING FACTORS required for the INTENDED USE?
6.4.3 Indication of Has the manufacturer addressed this risk by applying an 4.2 to 6.4
LOADING applicable particular standard?
FACTORS and If yes, this requirement does not apply.
MODES OF If no, has the Manufacturer determined the accuracy of
OPERATION the LOADING FACTORS required for the INTENDED
USE?
6.5 AUTOMATIC Has the manufacturer addressed this risk by applying an 4.2 to 6.4
CONTROL applicable particular standard?
SYSTEM If yes, this requirement does not apply.
If no, does the RISK MANAGEMENT FILE determine the
constancy of AUTOMATIC EXPOSURE CONTROLS
required for the INTENDED USE?
6.7.2 System Has the Manufacturer defined and specified metrics 4.2 to 6.6
performance describing imaging performance for the INTENDED USE?
6.7.3 Nominal focal Has the Manufacturer defined The nominal focal spot 4.2
spot value values of the X-RAY TUBE(s) FOCAL SPOTS in the
EQUIPMENT according to IEC 60336?
6.7.4 RADIATION If a RADIATION DETECTOR or X-RAY IMAGE 4.3 to 6.6
DETECTOR or X- RECEPTOR is integrated in the X-RAY EQUIPMENT, has
RAY IMAGE the Manufacturer specified the contribution to the metrics
RECEPTOR of imaging performance?
Is this contribution sufficient to ensure the efficient use of
RADIATION?
If no X-RAY IMAGE RECEPTOR is integrated in the
system, has the Manufacturer described in the
ACCOMPANYING DOCUMENTS examples of X-RAY
IMAGE RECEPTOR types or performance?

– 38 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses 14971
Clauses
7.2 Waveform of the Has the manufacturer addressed this risk by applying an 4.2 to 6.4
X-RAY TUBE applicable particular standard?
VOLTAGE If yes, this requirement does not apply.
If no, has the Manufacturer define the characteristics of
The X-RAY TUBE VOLTAGE waveform, taking in
consideration:
• the rising phase of the X-RAY TUBE VOLTAGE;
• the falling phase of the X-RAY TUBE VOLTAGE;
and
• the shape and amplitude of the X-RAY TUBE
VOLTAGE RIPPLE.
which, in conjunction with the TOTAL FILTRATION in the
XRAY EQUIPMENT, results in an acceptable RADIATION
dose for the INTENDED USE?
8.1 Limitation of the Has the manufacturer addressed this risk by applying an 4.4 to 6.4
extent of the X- applicable particular standard?
RAY BEAM If yes, this requirement does not apply.
(General) If no, does the risk management file consider all the risk
associated not to limit the RADIATION FIELD not
contributing to the formation of the image?
8.5.3 Correspondence Has the manufacturer addressed this risk by applying an 4.4 to 6.4
between X-RAY applicable particular standard?
FIELD and If yes, this requirement does not apply.
EFFECTIVE If no, does the Manufacturer identify and provide means
IMAGE to adjust the X-RAY FIELD such that its position and size
RECEPTION correspond to the EFFECTIVE IMAGE RECEPTION
AREA AREA?
Is this means designed with an acceptable accuracy?
Note: For clause 4.4 and 5.0 of ISO 14971, see also
8.5.1.
9.1 FOCAL SPOT TO Has the manufacturer addressed this risk by applying an 4.4 to 6.4
SKIN DISTANCE applicable particular standard?
If yes, this requirement does not apply.
If no, has the Manufacturer identified The FOCAL SPOT
TO SKIN DISTANCES in NORMAL USE sufficiently large
to keep the RADIATION dose to the PATIENT as low as
reasonably achievable?
Has the Manufacturer defined a minimum FOCAL SPOT
TO SKIN DISTANCE?

IECEE OD-2044:20219 © IEC 2021019 – 39 –

1 Clauses 14971
Clauses
10.1 ATTENUATION of Has the manufacturer addressed this risk by applying an 4.2 to 6.4
the X-RAY BEAM applicable particular standard?
between the If yes, this requirement does not apply.
PATIENT and the If no, has the manufacturer designed the X-RAY
X-RAY IMAGE EQUIPMENT in such a way that the ATTENUATION of
RECEPTOR the X-RAY BEAM by material interposed between the
PATIENT and the X-RAY IMAGE RECEPTOR is kept as
low as reasonably achievable in order to avoid
unnecessarily high doses to the PATIENT and, through
STRAY RADIATION, to the OPERATOR.
Does the risk management file determine the values of
ATTENUATION EQUIVALENT and RADIATION
CONDITIONS for testing required for the INTENDED
USE?
11 Protection against Has the manufacturer addressed this risk by applying an 4.3 to 6.6
RESIDUAL applicable particular standard?
RADIATION If yes, this requirement does not apply.
If no, does the RISK MANAGEMENT FILE evaluate the
RADIATION dose resulting from the RESIDUAL
RADIATION:
• for the PATIENT, relative to the RADIATION dose
resulting from the examination, and
• for other persons, relative to the dose resulting from
X-RADIATION scattered off the PATIENT?
Does the Manufacturer identify the need to incorporate in
the X-RAY EQUIPMENT a PRIMARY PROTECTIVE
SHIELDING?
Is this PRIMARY PROTECTIVE SHIELDING taking into
account the RESIDUAL RADIATION which contribute
significantly to the RADIATION dose received by:
• OPERATORS,
• other persons present in the examination room
during the LOADING (e.g. parents holding a child,
other PATIENTS or personnel),
• parts of the PATIENT other than from those being
currently imaged?

– 40 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses 14971
Clauses
12.1 Protection against Has the manufacturer addressed this risk by applying and 4.2 to 6.6
LEAKAGE applicable particular standard?
RADIATION If yes, this requirement does not apply.
If no, does the RISK MANAGEMENT FILE evaluate the
RADIATION dose resulting from the LEAKAGE
RADIATION:
• for the PATIENT, relative to the RADIATION dose
resulting from the examination, and
• for other persons, relative to the dose resulting from
X-RADIATION scattered off the PATIENT?
Does the RISK MANAGEMENT FILE consider the
LEAKAGE RADIATION which contribute significantly to
the RADIATION dose received by:
• OPERATORS,
• other persons present in the examination room
during the LOADING (e.g. parents holding a child,
other PATIENTS or personnel),
• parts of the PATIENT other than from those being
currently imaged?
12.2 Mounting of X- Has the manufacturer addressed this risk by applying an 4.2 to 6.6
RAY SOURCE applicable particular standard?
ASSEMBLIES and If yes, this requirement does not apply.
X-RAY IMAGING If no, does the RISK MANAGEMENT FILE included
ARRANGEMENTS exceptions to justify that the X-RAY SOURCE
ASSEMBLIES and/or the X-RAY IMAGE RECEPTOR
need to be hand held during LOADING in NORMAL USE?
13.2 Control of X-ray Has the manufacturer addressed this risk by applying an 4.2 to 6.6
equipment from a applicable particular standard?
protected area If yes, this requirement does not apply.
If no, does the RISK MANAGEMENT FILE cover
exceptions related to the following control functions:
• selection and control of MODES OF OPERATION;
• selection of LOADING FACTORS;
• actuation of the IRRADIATION SWITCH;
• other necessary controls for the OPERATOR during
LOADING,
where the control functions are to be implemented from a
PROTECTED AREA after installation, for X-RAY
EQUIPMENT specified exclusively for examinations that
do not need the OPERATOR or staff to be close to the
PATIENT during NORMAL USE?
Supplementary information: See also 13.3
13.3 Protection by Has the manufacturer addressed this risk by applying an 4.2 to 6.6
distance applicable particular standard or some exception
applies?
If yes, this requirement does not apply.
If no, does the RISK MANAGEMENT FILE determine, for
the INTENDED USE, the distance required and the
RADIATION dose resulting from the STRAY
RADIATION?
Is this distance sufficiently long to protect operator?
Supplementary information: See also 13.2

IECEE OD-2044:20219 © IEC 2021019 – 41 –
6.4 IEC 60601-1-6:2010 / ISO 14971:2007 / IEC 62366:2007
When evaluating compliance with IEC 60601-1-6:2010, it is important to understand the relationships that exist
between this standard, IEC 60601-1:2005, IEC 62366:2007 and ISO 14971:2007.
Figure 1 below provides a graphical representation of this relationship. IEC 60601-1-6:2010 is a collateral
standard in the IEC 60601-1 series covering the requirements for the Usability Engineering Process. IEC
60601-1:2005 makes a normative reference to IEC 60601-1-6 for requirements related to usability. Currently,
IEC 60601-1-6:2010 links the IEC 62366:2007 which contains requirements for the usability engineering
process.
Figure 1: Relationship between USABILITY (IEC 60601-1-6 & IEC 62366) and RISK MANAGEMENT (ISO
14971)
IEC 60601-1-6:2010 makes a normative reference to IEC 62366:2007 for the Usability Engineering Process
requirements: In turn, IEC 62366:2007 makes a normative reference to ISO 14971:2007 for the requirements
related to Risk Management.
When performing the usability engineering process and the risk management process there are deliverables
from each process that are used as inputs into the other process. Figure 1 indicates in which process these
deliverables are generated and which deliverables are necessary for completing the other process.
When complying with IEC 60601-1:2005, IEC 60601-1-6:2010, IEC 62366:2007 and ISO 14971:2007 are all
required to satisfy the requirements for the Usability Engineering Process.

– 42 – IECEE OD-2044:20219 © IEC 2021019
IEC 60601-1-6:2010 Collateral standard: Usability
Guidance for the application of ISO 14971:2007 and IEC 62366:2007

1 Clauses Clauses
4.2 General Compliance is confirmed through application of IEC 60601- 3.2, 3.4d,
(60601-1- Requirements – 1-6:2010, IEC 62366:2007 and ISO 14971:2007 4-7
6) Conditions for Equipment provides adequate USABILITY such that RISKS
application to resulting from NORMAL USE and USE ERROR are
ME considered acceptable
EQUIPMENT Has the USABILITY ENGINEERING PROCESS adequately
addressed all RISKS associated with NORMAL USE and
USE ERROR?
4.1.2 RESIDUAL RISK Compliance is checked by inspection of the USABILITY 6.4
(62366) ENGINEERING FILE
Has compliance with Clause 5.9 of IEC 62366:2007 been
demonstrated?
Has the USABILITY ENGINEERING PROCESS integrated
all elements of RISK MANAGEMENT as required by this
standard?
Have all design changes related to USABILITY been
reviewed to determine if any new HAZARDS or
HAZARDOUS SITUATIONS have been generated?
Has the manufacture adequately addressed all risks
related to usability, and have all the risk been mitigated to
an acceptable level?
4.1.3 Information for Compliance is checked by inspection of the 5, 6.2
(62366) SAFETY ACCOMPANYING DOCUMENTS and the USABILITY
ENGINEERING FILE
Has the MANUFACTURER identified any information for
SAFETY as a RISK CONTROL MEASURE?
• If yes, has this information been subject to the
USABILITY ENGINEERING PROCESS to determine
acceptable USABILITY?
• If yes, has this information been subject to the RISK
MANAGEMENT PROCESS when determining the
appropriate RISK CONTROL measure?
4.3 Scaling of the Compliance is checked by inspection of the USABILITY 4.2-4.4
(62366) USABILITY ENGINEERING FILE
ENGINEERING Has the MANFACTURER scaled the USABILITY
effort ENGINEERING PROCESS?
• If yes, has the MANUFACTURER taken into account
the nature of the MEDICAL DEVICE, the intended
USER and the INTENDED USE?
• If yes, does the RISK ANALYSIS indicate the scaling
was based on the significance of the modification?
5.3.1 Identification of Compliance is checked by inspection of the USABILITY 4.2
(62366) characteristics ENGINEERING FILE
related to When applying ISO 14971:2007, clause 4.2, has the
SAFETY MANFACTURER identified all characteristics related to
SAFETY related to USABILITY (or poor USABILITY)?
Has the MANUFACTURER included the application
specification, USER PROFILE(s), and list of frequently
used functions as inputs?

IECEE OD-2044:20219 © IEC 2021019 – 43 –

1 Clauses Clauses
5.3.2 Identification of Compliance is checked by inspection of the USABILTY 4.3
(62366) known or ENGINEERING FILE
foreseeable When applying ISO 14971:2007, Clause 4.3, has the
HAZARDS and MANUFACTUER identified all known or foreseeable
HAZARDOUS HAZARDS and HAZARDOUS SITUATIONS related to
SITUATIONS USABILITY (or poor USABILITY)?
Has the MANUFACTURER adequately identified
reasonably foreseeable sequences or combinations of
events involving the USER INTERFACE?
When identifying HAZARDS and HAZARDOUS
SITUATIONS related to USABLITY, has the
MANUFACTURER considered (used as inputs) the
following:
• Application specification, including the USER
PROFILE(S)
• Task related requirements (user)
• Context of use
• Known HAZARDS and HAZARDOUS SITUATIONS
from USER INTERFACES of similar MEDICAL
DEVICES
• USE SCENARIOS
• Foreseeable USE ERROR(S)
• A review of the USER INTERFACE
5.5 USABILITY Compliance is checked by inspection of the USABILITY 3.4 d),
(62366) SPECIFICATION ENGINEERING FILE 4.3, 5,
Does the USABILITY ENGINEERING FILE contain specific 6.2-6.4
criteria for determining the adequacy of RISK CONTROL
measures related to USABILITY?
Does the USABILITY SPECIFICATION included the
following minimum items:
• Application specification
• PRIMARY OPERATING FUNCTIONS
• HAZARDS/HAZARDOUS SITUATIONS related to
USABILITY
• Known and foreseeable USE ERRORS
At a minimum, does the USABILITY SPECIFICATION
describe the following:
• USE SCENARIOS related to the PRIMARY
OPERATING FUNCTIONS (frequent USE
SCENARIOS, reasonably foreseeable worst case USE
SCENARIOS)
• USER INTERFACE requirements for the PRIMARY
OPERATING FUNCTIONS including those used as
RISK MITIGATIONS
• Requirements for determining if the PRIMARY
OPERATING FUNCTIONS are easily recognized by
the USER
5.6 USABILITY Compliance is checked by inspection of the USABILITY 3.4 d)
(62366) VALIDATION ENGINEERING FILE
plan Does the plan for validation of the PRIMARY OPERATING
FUNCTIONS include the criteria for RISK acceptability
determined through ISO 14971:2007, clause 3.4 d) as
acceptance criteria?

– 44 – IECEE OD-2044:20219 © IEC 2021019

1 Clauses Clauses
5.9 USABILITY Compliance is checked by inspection of the USABILITY 4.4, 5,
(62366) VALIDATION ENGINEERING FILE 6.4-6.5
If the criteria of the USABILITY VALIDATION plan have not
been met, and the MANUFACTURER has determined that
further improvement of the USER INTERFACE is not
practical; has the MANUFACTURER done the following:
• Estimated RISKS arising from USABILITY problems
• Gathered and reviewed data and literature to
determine that the medical benefit of the INTENDED
USE outweighs the RISKS arising from the
USABILITY problems
• Determined that all RISKS are acceptable?
6.5 IEC 60601-1-8:2006 / ISO 14971:2000

IEC 60601-1-8:2006 Collateral standard: General requirements, tests and guidance for alarm systems in
medical electrical equipment and medical electrical systems
Guidance for the application of ISO 14971:2000
IEC Subject Considerations for application of RM criteria ISO

60601-1-8 14971
Clauses Clauses
4 Alarm System – Compliance is checked by inspection of the risk management file. 6.2-6.6
General As a means of risk control, has the manufacturer provided an
requirements alarm system that is used to notify the operator that a hazardous
situation can exist?
• If so, then an alarm system complying with this standard is
used for this purpose. 4.3-5
• If not, continue with other risk management requirements.
Does the manufacturer’s risk assessment identify hazards to
patients, operators and other persons arising from the alarm
system?
• If so, verify that the resulting risk is an acceptable level
before or after risk control measures are implemented as
applicable based on the manufacturers criteria for
acceptable risks.
• If not, and the medical electrical equipment has an alarm
system, then this is an unacceptable result.
6.1.2 Alarm condition Compliance is checked by inspection of the risk management file. 4.2 – 5,
priority Does the manufacturer’s risk management file include the 6.2 – 6.6
assignment of alarm priorities based on Table 1 or in accordance
with relevant particular standards?
• If so, then verify by testing them accordingly.
• If not, then this is an unacceptable result.
Review the manufacturer’s risk management file in regards to the
assignment of alarm condition priorities

IECEE OD-2044:20219 © IEC 2021019 – 45 –
IEC Subject Considerations for application of RM criteria ISO
60601-1-8 14971
Clauses Clauses
6.3.1 Generation of Compliance is checked by inspection of the risk management file. 4.2-5,
Alarm Signals Does the manufacturer’s risk management file, risk assessment 6.2-6.5
considering the environment in which the ME Equipment is
intended, identify the need for additional alarm signals (audio,
verbal, vibratory or produced by other means)?
• If so, then verify the implementation according to the
manufacturer’s risk management file;
• If not implemented, then this is an unacceptable result,
unless the risk assessment shows no need for additional
alarm signals.
6.3.4 Characteristics of Compliance is checked by inspection of the risk management file. 4.2-5,
verbal alarm Does the manufacturer’s risk management file, consider the risks 6.2-6.6
signals associated with verbal alarm signals?
• If so, verify the implementation of verbal alarm signals in
accordance with the risk management file;
• If not, and the ME Equipment has provisions for verbal
alarm signals, then this is an unacceptable result;
• If not, and the ME Equipment does not have provisions for
verbal alarm signals, then proceed to other risk
management requirements.
6.8.3 Global indefinite Compliance is checked by inspection of the risk management file. 4.2-5
Alarm Signal Has the manufacturer’s risk management file, risk assessment,
inactivation states considered the intended environment of use, and accepted the
Alarm System function of global Alarm Off or global Audio Off?
• If so, follow the requirements of the standard.

– 46 – IECEE OD-2044:20219 © IEC 2021019
6.6 IEC 60601-1-10:2007 / ISO 14971:2000
IEC 60601-1-10:2007 Collateral standard: Requirements for the development of physiologic closed-loop
controllers - Guidance for the application of ISO 14971:2000
IEC Subject Considerations for application of RM criteria ISO 14971

60601-1- Clauses
10
Clauses
4 General Compliance is checked by inspection of the risk 4.3-4.4
requirements management file.
Has the risk analysis considered HAZARDS from a
PCLC?
• If so, then they shall be included in the RISK
MANAGEMENT PROCESS.
6.1 Accuracy of Compliance is checked by inspection of the risk 4.3 – 4.4, 6.2
controls and management file. -6.3
instruments and Has the indication over time not lead to an
protection unacceptable RISK?
against • If so, then the indication over time may be omitted. See
hazardous • If not, then the information indication over time USABILITY
outputs - shall be indicated continuously or by OPERATOR ENGINEERING
Usability action. FILE
Have the presentation format and the choice between assessment
indicating the information continuously or by per IEC
OPERATOR action based on the USABILITY 60601-1-6
ENGINEERING PROCESS?
• If so, then they shall be included in the RISK
MANAGEMENT PROCESS.
8.2.1 RECORDS and Compliance is checked by inspection of the risk 4.3-4.4
PROCESS management file.
scaling Have the RECORDS and documents produced from
application of the PCLC development PROCESS been
established and maintained to provide evidence of
conformity to requirements of this collateral standard?
• If so, then they shall form part of the RISK
MANAGEMENT FILE
Have the results of the RISK ANALYSIS based on
significance of the modification of a PCLC design
been documented?
• If so, then the PCLC development PROCESS
shall include the scaling up or scaling down of that
modification.
• • If not, then this is an unacceptable result.
8.2.2.3 FALLBACK Compliance is checked by inspection of the risk 4.3-4.4, 5,
MODE management file. 6.2-6.5
Has the MANUFACTURER specified all FALLBACK
MODES of the PCLCS?
• If so, then the FALLBACK MODE shall have no
unacceptable RISK.

IECEE OD-2044:20219 © IEC 2021019 – 47 –
60601-1- Clauses
10
Clauses
8.2.2.5 Limitation of the Compliance is checked by inspection of the risk 4.3-4.4, 5,
MANIPULATED management file. 6.2-6.5
VARIABLE If necessary, have the measures been taken or
means provided to eliminate, control, or decrease
RISKS to acceptable levels by controlling of the
following?
– the range of the MANIPULATED VARIABLE;
– the integral over a period of time of the
MANIPULATED VARIABLE; or
– the rate of change of the MANIPULATED
VARIABLE.
8.2.2.6 Responses of Compliance is checked by inspection of the risk 4.3-4.4, 5,
the PCLCS management file. 6.2
If the PCLC changes its mode of operation, does the
PCLCS have a means of notifying and indicating to
the OPERATOR of its change in mode of operation?
• If so, the RISK ANALYSIS shall determine the
choice between an INFORMATION SIGNAL and
an ALARM CONDITION and its priority.
8.2.2.7 Range limitation Compliance is checked by inspection of the risk 4.3-4.4, 5,
of management file. 6.2-6.5
PHYSIOLOGIC Does the PCLCS provide the means to monitor the
VARIABLE value of the PHYSIOLOGIC VARIABLE within its
acceptable range? Or limit the value of the
MANIPULATED VARIABLE, or CONTROLLER
OUTPUT VARIABLE?
• If so, follow the requirements of the standard and
if the value of the PHYSIOLOGIC VARIABLE
exceeds its specified range, the PCLCS shall
switch into a FALLBACK MODE.
8.2.3.1 General Have measures been taken or means provided in the 4.3-4.4, 5,
PCLC to eliminate unacceptable RISK to the 6.2-6.5
PATIENT that could be caused by unfavourable
response of the PCLCS to DISTURBANCE
VARIABLES including PATIENT DISTURBANCE
VARIABLES?

– 48 – IECEE OD-2044:20219 © IEC 2021019
60601-1- Clauses
10
Clauses
8.2.3.2 Disturbance Compliance is checked by inspection of the risk 4.3-4.4, 5,
analysis management file. 6.2-6.5
Has the analysis of the effect of DISTURBANCE
VARIABLES on the PCLCS in NORMAL USE included
the following activities?
a) identification of foreseeable DISTURBANCE
VARIABLES;
b) characterization of those DISTURBANCE
VARIABLES;
c) analysis of the potential responses of the
PHYSIOLOGIC VARIABLE to those
DISTURBANCE VARIABLES in any mode of
operation; and
d) analysis of the response of the PCLCS to those
DISTURBANCE VARIABLES in any mode of
operation
8.2.4 PCLC Compliance is checked by inspection of the risk 6.3
Verification management file.
Has the PCLC undergone VERIFICATION against all
Risk Management specifications required by this
collateral standard?
8.2.5.1 PCLCS Compliance is checked by inspection of the risk 4.3-4.4, 5,
Validation management file. 6.2-6.5
Has the Validation plan been based on the RISK
ANALYSIS and knowledge of the RESIDUAL RISKS?
• If so, follow the method selection requirements of
the standard.
6.7 IEC 60601-1-11:2010 / ISO 14971:2000
IEC 60601-1-11:2010 Collateral standard: Requirements for medical electrical equipment and medical
electrical systems used in the home healthcare environment -
Guidance for the application of ISO 14971:2000

1-11 Clauses
Clauses
4.2.1 Environmental Do the instructions for use state a more restricted range of 4.2-4.4
conditions of environmental transport and storage conditions between
transport and uses?
storage between If yes, the range of environmental conditions shall be
uses justified in the Risk Management file.
4.2.2 Environmental Do the instructions for use state a more restricted range of 4.2-4.4
operating environmental operating conditions of the ME Equipment?
conditions If yes, the range of environmental conditions shall be
justified in the Risk Management file

IECEE OD-2044:20219 © IEC 2021019 – 49 –
1-11 Clauses
Clauses
7.4.1 Additional For each warning and safety sign, the instructions for use 4.2-4.4, 5,
requirements for shall describe the nature of the HAZARD, likely 6.2-6.4
warning and consequences that could occur if the advice is not followed,
safety notices and the precautions for reducing the RISK. Review the
manufacturers risk management file for risk analysis, risk
evaluation and where necessary implementation of risk
control.
7.4.5 Additional Where the instructions for use include a description of 4.3-4.4, 5,
requirements for generally known conditions in the HOME HEALTHCARE 6.2-6.4
operating ENVIRONMENT that can unacceptably affect the BASIC
instructions SAFETY and ESSENTIAL PERFORMANCE of the ME
EQUIPMENT and the steps that can be taken by the LAY
OPERATOR to identify and resolve these conditions, review
the manufacturers risk management file for risk analysis, risk
evaluation and implementation of risk control.
8.4 Additional When loss or failure of the SUPPLY MAINS or INTERNAL 4.2-4.4, 5,
requirements for ELECTRICAL POWER SOURCE would result in an 6.2-6.7
interruption of unacceptable risk, do the time or number of PROCEDURES
the power remaining allow for alternative life-supporting methods to be
supply/supply employed? If so, review the manufacturers risk management
mains to ME file for risk analysis, risk evaluation and where necessary
Equipment and implementation of risk control, as well as whether an
ME System acceptable residual risk results.
9 Accuracy of Have the RISKS associated with USABILITY in the HOME See
controls and HEALTHCARE ENVIRONMENT included consideration of all USABILITY
instruments and factors identified by the Standard, placing particular ENGINEERING
protection emphasis on the limited training of a LAY OPERATOR with FILE
against respect to the ability to intervene and maintain BASIC assessment
hazardous SAFETY and ESSENTIAL PERFORMANCE? If so, review per IEC
outputs the manufacturer’s USABILITY ENGINEERING FILE for risk 60601-1-
analysis, risk evaluation and where necessary 6:2010
implementation of risk control, as well as whether an
acceptable residual risk results.
11.0 Protection Have means been provided to control the RISK of 4.3-4.4, 5,
against strangulation and asphyxiation of the PATIENT and others to 6.2-6.6
strangulation or an acceptable level?
asphyxiation If so, review the manufacturers risk management file for risk
analysis, risk evaluation and where necessary
implementation of risk control, including whether other
hazards may have been generated.
6.8 IEC 62304 Edition 1.0 2006-05

Medical device software –Software life cycle processes
When the requirements for software apply for the medical devices, 60601-1 requires compliance with
applicable clauses of IEC 62304 that makes normative reference to ISO 14971. In fact in the evaluation of a
device with respect to the requirements of 60601-1 which employs PEMS and PESS, a risk management
process is required to be followed.
According to IEC 60601-1, when the requirements in 14.2 to 14.13 apply, the requirements in subclause 4.3,
Clause 5, Clause 7, Clause 8 and Clause 9 of IEC 62304:2006 shall also apply to the development or
modification of software for PEMS and for each PESS.

– 50 – IECEE OD-2044:20219 © IEC 2021019
IEC 62304 makes a normative reference to ISO 14971. However, some minor additional RISK MANAGEMENT
requirements are identified for software, especially in the area of identification of contributing software factors
related to HAZARDS. These requirements are summarized and captured in Clause 7 of IEC 62304 as the
software RISK MANAGEMENT PROCESS.
The CBTL needs to ensure the manufacturer has taken into account the additional requirement for the
Software Risk Management.

IECEE OD-2044:20219 © IEC 2021019 – 51 –
Annex A - ISO 14971:2000 Checklist (Informative)
Clause Subject Item References
3.3 a) Management a. Policy for determining

Responsibilities acceptable risk.
3.5 e) Risk Management Plan e. Evidence of risk

acceptability criteria.
4.1 Risk Analysis Procedure Procedure for risk analysis.

4.2 Intended use/intended Record of safety issue
purpose and/or analysis.
identification of
characteristics related to
the safety of the medical
device
4.3 Identification of known or Record of hazard analysis
foreseeable hazards
4.4 Estimation of the risk(s) a. Definition of methods
for each hazard used for estimating risks.
b. Description of method(s)
used.
c. Result of risk estimation
activities.
5.0 Risk evaluation a. Result of risk evaluation
activities.
6.1 Risk reduction Procedure for risk control
activities
6.2 Option analysis Record of risk control option
analysis (including risk-benefit
analysis, if appropriate).
6.3 Implementation of risk Inputs from risk management
control measures activities
6.4 Residual risk evaluation Final results of the residual
risk evaluation and, if
necessary, information
necessary to explain the
residual risk(s) in the
appropriate accompanying
documents
6.5 Risk-Benefit Analysis Evidence as necessary.
6.6 Other generated hazards Record of results of review of

all risk controls for to identify
if other hazards are
introduced by any risk control
measures and the associated
risk(s) assessment(s)

– 52 – IECEE OD-2044:20219 © IEC 2021019
6.7 Completeness of risk Record of assessment to

evaluation assure that the risk(s) from all
identified hazards have been
evaluated
7 Overall residual risk Records of related meetings,
evaluation analysis, and overall results.
Note: The Annex A above is for ISO 14971 1 st edition, if ISO 14971 2 nd edition is used Annex B is applied.

IECEE OD-2044:20219 © IEC 2021019 – 53 –
Annex B - ISO 14971:2007 Checklist (Informative)
3.2 Management - provision of adequate resources

responsibilities - assignment of qualified personnel
- Policy for determining acceptable risk
3.3 Management Persons performing work have appropriate knowledge

Responsibilities and experience
3.4 Risk a) Scope of risk management activities

management b) Assignment of responsibilities and authorities
plan
c) Requirements for review of activities
d) Evidence of risk acceptability criteria
e) Verification activities
3.5 Risk Criteria for the establishment of a risk management file

management file providing traceability for each identified hazard
4.1 Risk Analysis Procedure for risk analysis.

Procedure
4.2 Intended Record of safety issue analysis.
use/intended
purpose and/or
identification of
characteristics
related to the
safety of the
medical device
4.3 Identification of Record of hazard analysis
known or
foreseeable
hazards
4.4 Estimation of the d. Definition of methods used for estimating risks.
risk(s) for each e. Description of method(s) used.
hazard
f. Result of risk estimation activities.
5.0 Risk evaluation b. Result of risk evaluation activities.

– 54 – IECEE OD-2044:20219 © IEC 2021019
6.1 Risk reduction Procedure for risk control activities
6.2 Option analysis Record of risk control option analysis (including risk-
benefit analysis, if appropriate).
6.3 Implementation Inputs from risk management activities
of risk control
measures
6.4 Residual risk Final results of the residual risk evaluation and, if
evaluation necessary, information necessary to explain the
residual risk(s) in the appropriate accompanying
documents
6.5 Risk-Benefit Evidence as necessary.
Analysis
6.6 Other generated Record of results of review of all risk controls for to
hazards identify if other hazards are introduced by any risk
control measures and the associated risk(s)
assessment(s)
6.7 Completeness of Record of assessment to assure that the risk(s) from
risk evaluation all identified hazards have been evaluated
7 Overall residual Records of related meetings, analysis, and overall
risk evaluation results.
8 Risk Documented review of risk management process prior
management to commercial distribution
report

INTERNATIONAL IEC SYSTEM OF CONFORMITY ASSESSMENT
ELECTROTECHNICAL SCHEMES FOR ELECTROTECHNICAL
COMMISSION EQUIPMENT AND COMPONENTS (IECEE)
IECEE Secretariat c/o IEC

3, rue de Varembé 3, rue de Varembé
PO Box 131 PO Box 131
CH-1211 Geneva 20 CH-1211 Geneva 20
Switzerland Switzerland
Tel: + 41 22 919 02 11 Tel: + 41 22 919 02 11

[email protected] [email protected]
www.iec.ch www.iecee.org

Od-2044 - Ed 2 4-Tracking

Uploaded by

Copyright:

Available Formats

Od-2044 - Ed 2 4-Tracking

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Od-2044 - Ed 2 4-Tracking

Uploaded by

Copyright:

Available Formats

IECEE OD-2044

Edition 2.43 20219-06

IEC System of Conformity Assessment Schemes for Electrotechnical

Committee of Testing Laboratories (CTL)

Evaluation of Risk Management in medical electrical equipment according

IEC Central Office Tel.: +41 22 919 02 11

About the IEC

IEC publications search - Electropedia - www.electropedia.org

Disclaimer: This document is controlled and has been released electronically.

CTL ETF-3 “MEAS, MED”

Date Brief summary of changes

Effective date Next maintenance due date

Disclaimer: This document is controlled and has been released electronically.

IEC 60601-1-2:2007, Medical electrical equipment - Collateral standard: Electromagnetic compatibility -

IEC 60601-1-6:2010, Medical electrical equipment - Collateral Standard: Usability

IEC 62366:2007, Medical devices – Application of usability engineering to medical devices

IEC 62304:2006, Medical device software – Software life cycle processes

ISO 14971:2000, Medical devices – Application of risk management to medical devices

ISO 14971:2007, Medical devices – Application of risk management to medical devices

3 Terms and definitions

5 Assessment of Risk Management principles in the IEC 60601 series CB Scheme

5.3 ISO 14971:2000 (1 st edition ) and ISO 14971:2007 (2 nd edition)

IEC 60601-1 TRF – RM RESULTS TABLE 4.2 – Risk Management Process

4.2 RM RESULTS TABLE: Risk Management Process for ME Equipment or ME P

Disclaimer: This document is controlled and has been released electronically.

Disclaimer: This document is controlled and has been released electronically.

Disclaimer: This document is controlled and has been released electronically.

Disclaimer: This document is controlled and has been released electronically.

5.5 Evaluating RISK - HAZARDS identified in the IEC 60601-series

EXAMPLE 2: Sub-clause 9.4.2.1, Instability in transport position

Disclaimer: This document is controlled and has been released electronically.

EXAMPLE 4: Sub-clause 11.6.3, Spillage on ME EQUIPMENT and ME SYSTEM

Compliance is checked by inspection of the RISK MANAGEMENT FILE.

Disclaimer: This document is controlled and has been released electronically.

Disclaimer: This document is controlled and has been released electronically.

Intended Use and identification of qualitative and quantitative

Identify known or foreseeable hazards (risk analysis) (4.3)

Estimate risk(s) for hazardous situation(s) (4.4)

Is risk reduction necessary? (5)

Identify appropriate risk control measure(s), record risk control

Implement, record and verify appropriate measures (6.3)

Yes Do medical benefits

Are new hazards or hazardous situations

Are all identified hazards considered?

Do medical benefits outweigh

Prepare risk management report (8)

Review production and post production information (9) Unacceptable

Disclaimer: This document is controlled and has been released electronically.

9.2.4 Risk Management Results Table: Emergency stopping devices Pass

6.6 No other hazards generated Pass

Disclaimer: This document is controlled and has been released electronically.

11.6.3 RM RESULTS TABLE: Spillage on ME equipment and ME system Pass

d) Perform verification and report the results in the TRF tables.

Disclaimer: This document is controlled and has been released electronically.

Clause 4 – General requirements

IEC 60601- Subject Considerations for application of RM criteria ISO 14971

Disclaimer: This document is controlled and has been released electronically.

IEC 60601- Subject Considerations for application of RM criteria ISO 14971

Disclaimer: This document is controlled and has been released electronically.