Skip to main content
QMSQMS
QMS
  • Welcome to your QMS
  • Quality Manual
  • Procedures
    • GP-001 Control of documents
    • GP-002 Quality planning
      • Specific procedures
        • SP-002-001 Process risk management
        • T-002-010 Process risk register
      • Templates
    • GP-003 Audits
    • GP-004 Vigilance system
    • GP-005 Human Resources and Training
    • GP-006 Non-conformity, Corrective and Preventive actions
    • GP-007 Post-market surveillance
    • GP-009 Sales
    • GP-010 Purchases and suppliers evaluation
    • GP-011 Provision of service
    • GP-012 Design, redesign and development
    • GP-013 Risk management
    • GP-014 Feedback and complaints
    • GP-015 Clinical evaluation
    • GP-016 Traceability and identification
    • GP-017 Technical assistance service
    • GP-018 Infrastructure and facilities
    • GP-019 Non-product software validation
    • GP-020 QMS Data analysis
    • GP-021 Communications
    • GP-022 Document translation
    • GP-023 Change control management
    • GP-024 Predetermined Change Control Plan
    • GP-025 Usability and Human Factors Engineering
    • GP-027 Corporate Governance
    • GP-028 AI Development
    • GP-029 Software Delivery and Commissioning
    • GP-030 Cyber Security Management
    • GP-050 Data Protection
    • GP-051 Security violations
    • GP-052 Data Privacy Impact Assessment (DPIA)
    • GP-100 Business Continuity (BCP) and Disaster Recovery plans (DRP)
    • GP-101 Information security
    • GP-200 Remote Data Acquisition in Clinical Investigations
    • GP-026 Market-specific product requirements
    • GP-110 Esquema Nacional de Seguridad
  • Records
  • Legit.Health Plus Version 1.1.0.0
  • Legit.Health Plus Version 1.1.0.1
  • Legit.Health Utilities
  • Licenses and accreditations
  • Applicable Standards and Regulations
  • Pricing
  • Public tenders
  • Procedures
  • GP-002 Quality planning
  • Specific procedures
  • T-002-010 Process risk register

T-002-010 Process risk register

  • Governed by GP-002 Quality planning
  • Specific procedure: SP-002-001 Process risk management

Process information​

  • Process name: Insert process name (e.g., Document control, Design and development, Supplier evaluation)
  • Process owner: Insert responsible JD
  • Assessment date: YYYY-MM-DD
  • Review period: Annual / Triggered by change

Risk assessment criteria​

Severity (S)​

ScoreLevelDescription
1NegligibleMinor impact, easily corrected, no effect on QMS effectiveness
2MinorLimited impact, correctable with minor effort, minimal effect on QMS
3ModerateNoticeable impact, requires significant effort to correct, affects QMS effectiveness
4MajorSignificant impact on QMS, may affect product quality or compliance
5CriticalSevere impact, regulatory non-compliance, potential product safety issues

Probability (P)​

ScoreLevelDescription
1RemoteUnlikely to occur (< 1% chance)
2LowCould occur occasionally (1-10% chance)
3ModerateMay occur sometimes (10-30% chance)
4HighLikely to occur (30-60% chance)
5Very highExpected to occur (> 60% chance)

Detection (D)​

ScoreLevelDescription
1Almost certainRisk will almost always be detected before impact
2HighHigh probability of detection
3ModerateModerate probability of detection
4LowLow probability of detection
5RemoteRisk is unlikely to be detected

Risk acceptability​

RPN RangeRisk LevelRequired Action
1-15LowMonitor, no immediate action required
16-40MediumImplement risk reduction measures within 6 months
41-75HighImplement risk reduction measures within 3 months
76-125CriticalImmediate action required, escalate to management

Process risk assessment table​

Risk IDRisk descriptionCategorySPDRPNRisk levelControl measureResponsibleDeadlineStatusResidual SResidual PResidual DResidual RPN
PR-001
PR-002
PR-003
PR-004
PR-005

Risk categories​

  • OPE: Operational (equipment failure, human error, resource unavailability)
  • COM: Compliance (non-compliance with ISO 13485, MDR requirements gaps)
  • STR: Strategic (technology obsolescence, market changes)
  • RES: Resource (key personnel loss, budget constraints)
  • EXT: External (supplier failures, regulatory changes, force majeure)

Status options​

  • Open: Risk identified, pending control measures
  • In progress: Control measures being implemented
  • Monitoring: Control measures implemented, monitoring effectiveness
  • Closed: Risk controlled, residual risk acceptable

Verification of control measures effectiveness​

Risk IDVerification methodVerification dateResultVerified by

Risk summary​

Risk levelNumber of risksPercentage
Low (1-15)
Medium (16-40)
High (41-75)
Critical (76-125)
Total100%

Conclusions​

Overall process risk assessment​

Provide an overall assessment of the process risk status. Include:

  • Summary of the most significant risks identified
  • Assessment of whether the process is adequately controlled
  • Trend compared to previous assessment (if applicable)

Actions required​

List any actions required based on this risk assessment:

ActionPriorityResponsibleTarget date

Recommendations for management review​

Include any recommendations to be presented at the annual management review:

  • Resource needs
  • Process improvement opportunities
  • Training needs
  • Changes to procedures or controls

Next review​

  • Next scheduled review date: YYYY-MM-DD
  • Trigger for earlier review: Describe conditions that would require an earlier review (e.g., significant non-conformity, process change, regulatory update)

Approval​

RoleNameSignatureDate
Prepared by
Reviewed by
Approved by

Signature meaning

The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:

  • Author: Team members involved
  • Reviewer: JD-003 Design & Development Manager, JD-004 Quality Manager & PRRC
  • Approver: JD-001 General Manager
Previous
SP-002-001 Process risk management
Next
Templates
  • Process information
  • Risk assessment criteria
    • Severity (S)
    • Probability (P)
    • Detection (D)
    • Risk acceptability
  • Process risk assessment table
    • Risk categories
    • Status options
  • Verification of control measures effectiveness
  • Risk summary
  • Conclusions
    • Overall process risk assessment
    • Actions required
    • Recommendations for management review
    • Next review
  • Approval
All the information contained in this QMS is confidential. The recipient agrees not to transmit or reproduce the information, neither by himself nor by third parties, through whichever means, without obtaining the prior written permission of Legit.Health (AI Labs Group S.L.)