How to apply tool driven, integrated risk assessments for Medical Device Technical Documentation
-
Written byAnders Emmerich
-
on17 February 2026
-
. Posted in
In a research paper by Falk and Björlin at KTH in Sweden published in 2025, a major medical device manufacturer using Word and Excel for managing design and risk traceability was analysed for compliance and efficiency.
Despite significant manual effort, the researchers observed:
- inconsistent use of terms and phrasing in the different documents, negatively affecting searching
- varying trace approaches being used by different departments
- significant probability of human errors when manually handling the traceability data
- excessive manual work copying redundant information between the systems
The resulting traceability error rate was approximately 6.6 percent.
This finding is not an academic anomaly. It reflects a systemic weakness that persists across the medical device industry. In modern regulated medical device development, a design control management approach that does not include tool supported, data-driven risk assessment functionality is an inherent liability.
Risk management and design controls are structurally interdependent. Risk drives safe design decisions, and design changes continuously reshape the risk profile of a device. Manually handling this ever-changing, interconnected data may work for small devices but will quickly become untenable when complex design is required.
The question is therefore not whether to integrate risk into design controls, but how to structure a tool-driven approach that makes this integration reliable, scalable, and auditable.
Let’s explore the steps to apply a tool-driven integrated risk assessment approach.
Step 1: Define a Unified Design Control Object Model
The foundation of tool driven, integrated risk assessments lies in the underlying structure of the design control system. Risk must exist as a first-class design control object, not as a static document. Hazards, hazardous situations, harms, risk estimations, risk acceptability decisions, and risk control measures must be managed as structured, versioned data elements within the same environment that manages design inputs, design outputs, and verification activities.
This structure directly supports the regulatory expectation that risk drives design. ISO 14971 requires that hazards are identified early, risks are estimated and evaluated, and risk control measures are defined before design solutions are finalized. When risk objects are embedded into the design control system, they can directly inform functional requirements, safety mechanisms, materials, software architecture, and user interaction concepts.
From experience, it is this latter part (analysing design changes for new risks) that often get neglected during the later stages of the design and development lifecycle!
Step 2: Establish mandatory structural relationships between Risk and Design
Once risk exists as structured data, the next critical requirement is enforced traceability, both incoming and outgoing.
Risk control measures shall trace to the corresponding implementation of those controls. In case of where the measure addresses device design, these can be specifications, software functions, hardware features, alarms, safeguards, or user interface elements.
Such implementation items should then be verification for both correct implementation and effective risk reduction. This traceability is essential to demonstrate that identified risks are not only assessed but actively realized in the actual design.
But this is not the hard part. Equally important is the inverse relationship, where design elements serve as direct inputs into the risk assessment itself. Design inputs such as intended use, user needs, functional requirements, performance characteristics, materials, system architecture, and connectivity features are all potential carriers of risk and should serve as input for the risk identification process.
As the design evolves, new and changing inputs continuously feed back into the risk assessment to ensure that new hazards are identified and existing risks are reassessed accordingly. ISO 14971 explicitly requires this iterative relationship, and ISO 13485 mandates that risk management activities be embedded within design and development records.
From experience, it is this latter part that often get neglected during the later stages of the design and development lifecycle.
Manual traceability approaches fail here because links are either neglected or lost during design development or inconsistently copied across documents. A tool would enforce such relationships and eliminate this fragility.
Step 3: Integrate non-traditional Design Controls into the risk structure
Risk assessment does not operate in isolation. A compliant design control system must integrate a wide range of regulatory and technical inputs that either feed into or result from risk decisions.
- Regulatory requirements such as EU MDR General Safety and Performance Requirements must be traceable to both design controls and risk justifications.
- Clinical evaluation findings influence risk probability estimates and residual risk acceptability.
- Usability engineering activities conducted under IEC 62366 identify use related hazards that must be reflected in the risk analysis.
- Cybersecurity analyses introduce additional hazard categories that directly affect design and verification strategy.
By representing these elements as structured objects within the same system, a tool driven approach allows them to be connected directly to risk assessments. This ensures that safety, performance, usability, cybersecurity, and clinical evidence remain consistent across the technical documentation.
More importantly, it ensures that risk assessments are based on the full regulatory and clinical context rather than a narrow technical view.
Step 4: Enable change impact through relationship-based navigation
One of the most critical advantages of an integrated design and risk structure is reliable change impact analysis. Design changes inevitably occur, and each change has the potential to alter the risk profile of the device. ISO 14971 explicitly requires risk management to be iterative, and ISO 13485 requires that risk management activities are part of design and development records.
When a design input, specification, or software component changes, a well-designed can immediately identify which hazards, risk control measures, verification activities, regulatory requirements, and clinical justifications are impacted. This prevents the common error often observed in disconnected systems where risk documentation becomes outdated and residual risk acceptability is no longer valid.
Step 5: Derive technical documentation directly from the structured data
The final step is ensuring that technical documentation is an output of the integrated system rather than a separately maintained artifact. The risk management file, design history file, traceability matrices, and MDR Annex II sections should be generated directly from the live data and relationships within the tool.
This approach eliminates the inconsistencies that arise when documentation is manually assembled from disconnected sources. It ensures that what is submitted to regulators accurately reflects the current design state, implemented risk controls, and verified evidence. It also provides audit readiness at any point in time, since traceability is inherent in the structure rather than reconstructed on demand.
Conclusion
The evidence is clear. Document-based and disconnected approaches to risk and design control traceability introduce measurable error rates, weaken safety justification, and expose organizations to failed submissions and delayed market access.
Risk drives design, design changes drive risk, and regulatory expectations require that this relationship is fully traceable, auditable, and continuously maintained.
A tool driven, integrated design and risk management structure enables consistent decision making, reliable change impact analysis, and a defensible technical documentation being audit ready at any time. Most importantly, it ensures that safety is actively engineered into the product.
About the Expert
Anders Emmerich is a co-founder of Aligned AG. With more than 20 years in the medical device industry, he has seen paradigms and trends come and go. What remain are true and tested ideas on medical device development and medical device documenation strategies.
Accelerate your journey to CE Mark and FDA approval
Try aligned elements 30 days for free!
