const contentTitle = "R-TF-013-004 Checklist ISO 14971";
R-TF-013-004 Checklist ISO 14971
This checklist provides a comprehensive review of compliance with the ISO 14971:2019 standard for application of risk management to medical devices. The checklist is structured according to the major clauses of the standard and should be completed as part of the quality management system documentation for the device.
| Field | Value |
|---|
| Product Name | Legit.Health Plus |
| Version | 1.1.0.0 |
| Checklist Prepared By | Saray Ugidos Seman |
| Checklist Prepared Date | 18 November 2025 |
| Checklist Reviewed By | Alfonso Medela |
| Checklist Review Date | |
| Checklist Approved By | Andy Aguilar |
| Checklist Approval Date | |
Purpose
This checklist demonstrates compliance with ISO 14971:2019 "Medical devices — Application of risk management to medical devices" for Legit.Health Plus. The standard specifies a process for a manufacturer to identify hazards associated with medical devices, estimate and evaluate the associated risks, control these risks, and monitor the effectiveness of controls throughout the product lifecycle.
4. General Requirements for Risk Management System
4.1 Risk management process
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 4.1 | Establish, document and maintain risk management process throughout lifecycle | TRUE | ☑ | GP-013 Risk management; R-TF-013-001 Risk management plan |
| 4.2 | Establish and maintain top management commitment to risk management | TRUE | ☑ | GP-013 Risk management - Risk management policy; Quality Manual |
| 4.3 | Ensure competence of personnel performing risk management activities | TRUE | ☑ | R-TF-013-001 Risk management plan - Qualification of the risk management team; T-005-002 Personnel card |
4.2 Management responsibilities
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 4.2 | Top management ensures that risk management is part of design and development | TRUE | ☑ | GP-013 Risk management; GP-012 Design, redesign and development; Quality Manual |
4.3 Qualification of personnel
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 4.3 | Personnel performing risk management activities have appropriate education, training, and experience | TRUE | ☑ | R-TF-013-001 Risk management plan - Qualification of the risk management team; T-005-002 Personnel card; CVs archived in HR system |
4.4 Risk management plan
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 4.4 a) | Plan defines scope of risk management activities | TRUE | ☑ | R-TF-013-001 Risk management plan - Scope section |
| 4.4 b) | Plan assigns responsibilities and authorities for risk management activities | TRUE | ☑ | R-TF-013-001 Risk management plan - Assignment of responsibilities and authorities |
| 4.4 c) | Plan defines requirements for review of risk management activities | TRUE | ☑ | R-TF-013-001 Risk management plan - Risk management activities review |
| 4.4 d) | Plan defines criteria for risk acceptability | TRUE | ☑ | R-TF-013-001 Risk management plan - Criteria for risk acceptability; GP-013 Risk management |
| 4.4 e) | Plan defines verification activities | TRUE | ☑ | R-TF-013-001 Risk management plan - Verification activities; GP-013 Risk management |
| 4.4 f) | Plan defines activities related to collection and review of production and post-production information | TRUE | ☑ | R-TF-013-001 Risk management plan - Collection and review of production and post-production information; GP-006, GP-007, GP-014 |
4.5 Risk management file
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 4.5 | Establish and maintain risk management file | TRUE | ☑ | R-TF-013-001 Risk management plan; R-TF-013-002 Risk management record; R-TF-013-003 Risk management report; Design History File |
5. Risk Analysis
5.1 Risk analysis process
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 5.1 | Perform risk analysis | TRUE | ☑ | R-TF-013-002 Risk management record; GP-013 Risk management |
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 5.2 | Document intended use and identify characteristics related to safety | TRUE | ☑ | R-TF-012-031 Product requirements specification; R-TF-013-003 Risk management report - Intended use and identification characteristics; Description and specifications document |
5.3 Identification of hazards
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 5.3 | Identify known and foreseeable hazards | TRUE | ☑ | R-TF-013-002 Risk management record - Hazard identification column |
| 5.3 | Consider use errors and reasonably foreseeable misuse | TRUE | ☑ | R-TF-013-002 Risk management record; R-TF-025-002 Identification of characteristics for safety and possible use errors |
| 5.3 | Document hazards in risk management file | TRUE | ☑ | R-TF-013-002 Risk management record |
5.4 Estimation of risk(s) for each hazardous situation
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 5.4 a) | Estimate probability of occurrence of harm | TRUE | ☑ | R-TF-013-002 Risk management record - P1 probability column; GP-013 Risk management |
| 5.4 b) | Estimate severity of harm | TRUE | ☑ | R-TF-013-002 Risk management record - Severity column; GP-013 Risk management |
| 5.4 | Document risk estimation in risk management file | TRUE | ☑ | R-TF-013-002 Risk management record |
6. Risk Evaluation
6.1 Risk evaluation process
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 6.1 | For each hazardous situation, decide if risk reduction necessary | TRUE | ☑ | R-TF-013-002 Risk management record - Risk acceptability before risk control column; GP-013 Risk management |
| 6.1 | Use risk acceptability criteria from risk management plan | TRUE | ☑ | R-TF-013-001 Risk management plan - Criteria for risk acceptability; GP-013 Risk management |
| 6.1 | Document risk evaluation in risk management file | TRUE | ☑ | R-TF-013-002 Risk management record |
7. Risk Control
7.1 Risk control option analysis
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 7.1 a) | Identify and implement risk control measures using appropriate option(s) | TRUE | ☑ | R-TF-013-002 Risk management record - Risk control measures and Control method selected columns |
| 7.1 b) | Give preference to inherently safe design | TRUE | ☑ | R-TF-013-002 Risk management record - Control method selected column; GP-013 Risk management |
| 7.1 c) | If inherently safe design not practical, implement protective measures | TRUE | ☑ | R-TF-013-002 Risk management record - Control method selected column |
| 7.1 d) | If above not sufficient, provide information for safety | TRUE | ☑ | R-TF-013-002 Risk management record - Control method selected column; IFU; Label |
7.2 Implementation of risk control measures
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 7.2 | Implement risk control measures in design/manufacturing | TRUE | ☑ | R-TF-013-002 Risk management record - Risk control measures implementation; DHF documents; R-TF-012-043 Traceability Matrix |
7.3 Residual risk evaluation
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 7.3 | Evaluate residual risk after risk control measures applied | TRUE | ☑ | R-TF-013-002 Risk management record - P2 probability and Risk acceptability after risk control columns |
| 7.3 | Decide if residual risk is acceptable | TRUE | ☑ | R-TF-013-002 Risk management record - Risk acceptability after risk control column; R-TF-013-003 Risk management report |
7.4 Benefit-risk analysis
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 7.4 | If residual risk not acceptable, perform benefit-risk analysis | TRUE | ☑ | R-TF-013-002 Risk management record - Acceptability of the individual benefit-risk ratio column; R-TF-013-003 Risk management report - Benefit-risk analysis section |
| 7.4 | Document benefit-risk analysis in risk management file | TRUE | ☑ | R-TF-013-003 Risk management report |
| 7.4 | Consider medical benefit provided by device | TRUE | ☑ | R-TF-015-003 Clinical evaluation report; R-TF-013-003 Risk management report |
7.5 Risks arising from risk control measures
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 7.5 | Identify hazards and hazardous situations introduced by risk control measures | TRUE | ☑ | R-TF-013-002 Risk management record - Assessment of risks arising from risk control measures column |
| 7.5 | Assess risks arising from risk control measures | TRUE | ☑ | R-TF-013-002 Risk management record - Assessment of risks arising from risk control measures column |
7.6 Completeness of risk control
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 7.6 | Review to ensure completeness of risk control | TRUE | ☑ | R-TF-013-003 Risk management report - Completeness of risk control section; R-TF-013-002 Risk management record - all hazards assessed |
8. Evaluation of Overall Residual Risk Acceptability
8.1 Overall residual risk evaluation
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 8.1 | Decide if overall residual risk is acceptable | TRUE | ☑ | R-TF-013-003 Risk management report - Overall residual risk evaluation section |
| 8.1 | Consider medical benefit of intended use | TRUE | ☑ | R-TF-013-003 Risk management report; R-TF-015-003 Clinical evaluation report |
| 8.1 | If overall residual risk not acceptable, gather further data | TRUE | ☑ | R-TF-013-003 Risk management report |
9. Risk Management Review
9.1 Risk management review before release
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 9.1 a) | Review risk management process has been appropriately carried out | TRUE | ☑ | R-TF-013-003 Risk management report - Risk management review section |
| 9.1 b) | Review overall residual risk is acceptable | TRUE | ☑ | R-TF-013-003 Risk management report - Overall residual risk evaluation section |
| 9.1 c) | Review appropriate methods in place to obtain production and post-production information | TRUE | ☑ | R-TF-013-003 Risk management report; R-TF-007-001 PMS plan; GP-006; GP-007; GP-014 |
| 9.1 | Document risk management review in risk management file | TRUE | ☑ | R-TF-013-003 Risk management report |
10. Production and Post-production Information
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 10.1 | Establish and document system to collect production and post-production information | TRUE | ☑ | R-TF-007-001 PMS plan; GP-006 Non-conformity. Corrective and preventive actions; GP-007 Post-market surveillance; GP-014 Feedback and complaints; GP-004 Vigilance system |
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 10.2 | Review production and post-production information | TRUE | ☑ | R-TF-007-003 PSUR; R-TF-007-004 PMS report; Annual management review |
| 10.2 | Assess if previously unrecognized hazard is present | TRUE | ☑ | GP-007 Post-market surveillance; R-TF-007-003 PSUR |
| 10.2 | Assess if estimated risk(s) is no longer acceptable | TRUE | ☑ | GP-007 Post-market surveillance; R-TF-007-003 PSUR |
10.3 Actions arising from review
| Reference | Requirement | Required | Fulfilled | Evidence/Comments |
|---|
| 10.3 | If previously unrecognized hazard identified, update risk management file | TRUE | ☑ | GP-006 Non-conformity. Corrective and preventive actions; GP-007 Post-market surveillance; R-TF-013-002 Risk management record is updated as needed |
| 10.3 | If risk no longer acceptable, implement corrective or preventive action | TRUE | ☑ | GP-006 Non-conformity. Corrective and preventive actions; GP-023 Change control management |
Summary
| Section | Total Items | Fulfilled | Percentage |
|---|
| 4. General Requirements | 12 | 12 | 100% |
| 5. Risk Analysis | 10 | 10 | 100% |
| 6. Risk Evaluation | 3 | 3 | 100% |
| 7. Risk Control | 16 | 16 | 100% |
| 8. Overall Residual Risk Evaluation | 3 | 3 | 100% |
| 9. Risk Management Review | 4 | 4 | 100% |
| 10. Production and Post-production | 5 | 5 | 100% |
| Total | 53 | 53 | 100% |
Compliance Statement
☑ Full Compliance: All required items have been fulfilled and documented appropriately.
☐ Partial Compliance: Some items remain unfulfilled. See action plan below.
☐ Non-Compliance: Significant items are unfulfilled. Immediate corrective action required.
Key Evidence Documents
The following key documents provide evidence of compliance with ISO 14971:2019:
Risk Management Planning and Documentation
- GP-013 Risk management: General procedure defining the risk management process
- R-TF-013-001 Risk management plan: Product-specific risk management plan
- R-TF-013-002 Risk management record: Complete risk analysis and control documentation
- R-TF-013-003 Risk management report: Risk management review and conclusions
Design and Development
- GP-012 Design, redesign and development: Design control procedure
- R-TF-012-031 Product requirements specification (PRS): Product requirements including safety requirements
- R-TF-012-043 Traceability Matrix: Traceability of requirements to risks and verification
- Design History File (DHF): Complete design documentation including risk control implementation
Usability Engineering
- R-TF-025-001 Usability plan: Usability engineering process plan
- R-TF-025-002 Identification of characteristics for safety and possible use errors: Use-related hazard identification
- R-TF-025-007 Summative evaluation report: Usability validation results
Clinical Evaluation
- R-TF-015-001 Clinical Evaluation Plan: Clinical evaluation planning including benefit-risk considerations
- R-TF-015-003 Clinical evaluation report (CER): Clinical data and benefit-risk analysis
Post-market Surveillance
- GP-006 Non-conformity. Corrective and preventive actions: CAPA system
- GP-007 Post-market surveillance: PMS process
- GP-014 Feedback and complaints: Complaint handling system
- GP-004 Vigilance system: Adverse event reporting
- R-TF-007-001 PMS plan: Post-market surveillance plan
- R-TF-007-003 PSUR: Periodic Safety Update Report
- R-TF-007-004 PMS report: Post-market surveillance report
Quality Management
- Quality Manual: Top management commitment to risk management
- GP-023 Change control management: Management of changes affecting risk
Personnel Qualification
- T-005-002 Personnel card: Personnel qualification records
- CVs: Curriculum vitae of risk management team members
- Instructions for Use (IFU): Safety information for users
- Label: Device labeling including safety information
- R-TF-001-006 IFU and label validation: Validation of information for safety
| Item Reference | Description | Responsible | Target Date | Status |
|---|
| N/A | No non-conformities identified | N/A | N/A | N/A |
Observations and Continuous Improvement Opportunities
While full compliance with ISO 14971:2019 has been achieved, the following observations are noted for continuous improvement:
- Regular Reviews: Continue to perform annual reviews of the risk management plan as specified in R-TF-013-001.
- Post-market Data: Maintain vigilance in collecting and analyzing post-market data through the established PMS system.
- Emerging Hazards: Stay informed about new hazards related to AI/ML technologies and update risk management file accordingly.
- Team Competence: Continue to invest in training and development of the risk management team.
Approvals
| Role | Name | Signature | Date |
|---|
| Checklist Prepared By | Saray Ugidos Seman | | 18 November 2025 |
| Checklist Reviewed By | Alfonso Medela | | |
| Checklist Approved By | Andy Aguilar | | |
End of ISO 14971 Checklist
Signature meaning
The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:
- Author: Team members involved
- Reviewer: JD-003, JD-004
- Approver: JD-001