Page 38 - Safety Risk Management for Medical Devices
P. 38

Understanding Risk  17


                   4.2 TYPES OF RISK
                   The word risk can conjure up many thoughts in people’s minds, depending on the
                   point of view of the listener. A project manager may think of risk to on-time comple-
                   tion of the project. A CEO may think of the business risk. An engineer may think of
                   risk of infringing on someone else’s intellectual property.
                      Examples of types of risk:



                                 • Project risk                   • Technical risk
                                 • Financial risk                 • Schedule risk
                                 • IP risk                        • Regulatory risk
                                 • Security risk                  • Safety risk


                      In this book, we focus only on safety risk. It’s important that when you use the
                   words “risk management” to make sure your audience understands which type of risk
                   you are talking about.
                      Due to inadequate understanding of risk, harm and risk are frequently confused.
                   The manufacturers are required to disclose residual risks of medical devices, or phar-
                   maceuticals. As seen in the example of Lipitor in Section 4.1, typically a list of Harms
                   is presented to fulfill this requirement. This book helps to provide more clarity and
                   distinctions on these terms to help reduce or prevent such confusions.

                   4.3 CONTRIBUTORS TO RISK

                   A major contributor to risk is the human, be it the designer, builder, maintainer, or
                   the user of the System. Assuming good intention, the main cause of human influence
                   on risk is inconsistency between reality, and the mental model of reality that the
                   human holds. Mental models are necessary to function in life. Model: putting your
                   hand in boiling water will cause a burn. Imagine if you lost this mental model and
                   had to relearn this every time.
                      Leveson [12] says all models are abstractions; they simplify the thing being mod-
                   eled by abstracting away what are assumed to be irrelevant details and focusing on the
                   features of the phenomenon that are judged to be the most relevant. Selecting some
                   factors as relevant and others as irrelevant is, in most cases, arbitrary and entirely the
                   choice of the modeler. That choice, however, is critical in determining the usefulness
                   and accuracy of the model in predicting future events.
                      The mental models that we hold are hypotheses based on theories or empirical
                   observations. Their usefulness depends on how accurately they model reality. If mod-
                   els that we employ in risk management are incorrect, the safety Risk Controls that we
                   devise may not be effective in reducing risk.
   33   34   35   36   37   38   39   40   41   42   43