Edition #16 - Product Risk Assessments Done Right

Product risk assessments can be a contentious topic. They are often dismissed as a box-ticking exercise and a drain on resources that delivers little real benefit. I won’t deny that I’ve seen plenty of risk assessments performed that fit that description. However, when used well, they become a systematic framework that helps uncover risks you may have otherwise missed.

A risk assessment as a standalone risk mitigation exercise is never enough. It should support your other risk mitigation activities that are achieved through:

• Compliance with regulations and standards (particularly the intent of those)
• Tailored verification testing
• Integration of learnings from your business’s own experiences and that of others in your industry
• Your teams sound engineering design practices
  

By carrying out a formal risk assessment, your business is taking a pause in its development activities, to specifically think about potential failures and risks. We all know, when you are in the thick of it, it is easy to overlook things that might otherwise seem obvious.

Many product regulations require some form of risk assessment or risk analysis. For example:

• Machinery Regulation (EU): Requires a risk assessment to be carried out. The key harmonised standard is ISO 12100, which outlines principles and methodologies for identifying hazards and evaluating risks across the machinery lifecycle.
• Low Voltage Directive (EU): Mandates an adequate analysis and assessment of risks, though it does not provide a specific harmonised standard for risk assessment.
• General Product Safety Regulation (EU): Requires internal risk analysis for consumer products but does not prescribe a specific harmonised risk assessment standard.
• Toy Safety Directive (EU): Requires a safety assessment but leaves the method and format of the assessment to the discretion of the manufacturer.
• Pressure Equipment Directive (EU): Requires hazard and risk analysis to determine the appropriate conformity assessment route.
• Medical Device Regulation (EU): Requires a comprehensive risk management system throughout the product lifecycle. The harmonised standard ISO 14971 provides the framework for identifying, evaluating, and managing risks in medical devices.

Additionally, more specific standards can supplement these frameworks, such as ISO 13849-1, which focuses on Safety of Machinery, Safety-related Parts of Control Systems. This standard delves deeper into functional safety, particularly control systems that detect and respond to failures (e.g., emergency stop functions and interlocks). It defines performance levels, which are informed by ISO 12100 assessments, ensuring that if a failure occurs, the control system detects the issue and mitigates harm.

Failure Modes Effects Analysis (FMEA) is another widely used risk assessment method, particularly in the automotive industry, although it’s also useful for non-automotive products. The AIAG & VDA FMEA Handbook defines three key types of FMEA:

• System FMEA: Conducted on the entire system or product.
• Design FMEA: Conducted on the product design often at component level.
• Process FMEA: Conducted on the manufacturing or assembly process.

FMEA-Monitoring and System Response is also covered in the handbook and focuses on how a system monitors itself and responds to failures during operation. This is particularly relevant for safety-critical systems, such as Advanced Driver-Assistance Systems. It relates to Design FMEA in a similar way that ISO 13849-1:2015 relates to ISO 12100.
The principles of these FMEA types can be adapted to create a model that best addresses the specific risks you need to capture. For example, incorporating guidelines from ISO 12100 to break down lifecycle risks, including shipping, unpacking, commissioning, usage, maintenance, and disposal, can add significant value.

Some keys to ensuring an effective risk assessment process include:

• Starting with objectives and tailoring the risk assessment accordingly: Unless your teams first clarify what it is they want to assess, they risk overlooking the very issues that matter most.
• Keeping the assessment up to date: The initial assessment identifies and prioritises risks, followed by actions to mitigate them. Then the risks must be reassessed to confirm they’ve been addressed and to check that no new risks have been introduced. When product changes occur later, such as post-market improvements, the risk assessment must be revisited for the same reason.
• Supporting assessments with data: For critical risks, it’s worth actively working on how to obtain that data, whether through testing or simulation methods.
• Ensuring foreseeable misuse is included in the assessment: Foreseeable misuse involves uses that are unintended but can be reasonably anticipated based on the product’s design, instructions, or context of use. These are scenarios where misuse is predictable, allowing the manufacturer to take steps to mitigate the associated risks.
• Eliminating serious risks identified entirely: The goal for serious risks such as death, permanent injury, or injuries requiring medical attention, must be to eliminate the risk entirely, not just reduce its likelihood to make it appear acceptable.

A risk assessment is not just paperwork. When used well, it brings rigour to intuition, challenges assumptions, and helps prevent the kinds of failures that are always obvious in hindsight. Treat it as a living tool, review it often, and use it to strengthen your design and decision making at every stage.