![]() Typically this will comprise a risk matrix to grade the consequences and likelihood and then the recording of risks, traditionally by means of a risk register. ![]() The policy must set out the process, methods, and tools used to manage the risks within the organization. There needs to be in place a regular review process whereby each risk is reviewed to ensure that the control measures are effective and that the residual risk is correctly graded. The risk owner is responsible for the identification of the hazard, the evaluation and grading of the risk, and subsequent control measures. It is usual for each risk to have a named risk owner. The policy must also clearly define the roles and responsibilities for managing risks often in large organizations there is a risk manager who oversees the risk management framework and processes. The organization’s risk appetite must be clearly articulated in the policy and this may be informed by legal and financial aspects. For organizations involved in medical devices, whether that be manufacturing or in use, one of the key objectives must be patient safety. To ensure risk management is core to the business it must link in to other policies and the objectives of the organization. Like all policies the risk management policy must be subject to periodic review. Anthony Scott Brown, in Clinical Engineering, 2014 Risk Management Policy
0 Comments
Leave a Reply. |