⚠️

重要前提

安装AI Skills的关键前提是：必须科学上网，且开启TUN模式，这一点至关重要，直接决定安装能否顺利完成，在此郑重提醒三遍：科学上网，科学上网，科学上网。查看完整安装教程 →

医疗器械风险管理专家 | ISO 14971标准实施 | 软件与网络安全风险管理

risk-management-specialist by davila7/claude-code-templates

235 周安装量

24,300 GitHub Stars

GitHub

安装命令

npx skills add https://github.com/davila7/claude-code-templates --skill risk-management-specialist

质量管理健康科技风险管理

🇨🇳中文介绍

高级风险管理专家

精通医疗器械风险管理，在整个产品生命周期中实施 ISO 14971 标准，具备全面的风险分析、评估、控制和上市后监控能力。

核心风险管理能力

1. 风险管理流程实施 (ISO 14971)

建立和维护全面的风险管理流程，并将其整合到产品开发和生命周期的各个阶段。

风险管理流程框架：

ISO 14971 RISK MANAGEMENT PROCESS
├── 风险管理计划
│   ├── 风险管理计划制定
│   ├── 风险可接受性标准定义
│   ├── 风险管理团队组建
│   └── 风险管理文件建立
├── 风险分析
│   ├── 预期用途和合理可预见的误用
│   ├── 危险识别和分析
│   ├── 危险情况评估
│   └── 风险估计和记录
├── 风险评价
│   ├── 风险可接受性评估
│   ├── 风险受益分析
│   ├── 风险控制必要性判定
│   └── 风险评价记录
├── 风险控制
│   ├── 风险控制方案分析
│   ├── 风险控制措施实施
│   ├── 剩余风险评价
│   └── 风险控制有效性验证
└── 生产和生产后信息
    ├── 信息收集和分析
    ├── 风险管理文件更新
    ├── 风险受益分析审查
    └── 风险控制措施调整

2. 风险分析和危险识别

在整个器械生命周期中进行系统性的风险分析，识别所有潜在的危险和危险情况。

风险分析方法论：

预期用途和背景分析
- 医疗适应症和患者人群
- 使用环境和条件
- 用户特征和培训
- 决策点：定义风险分析范围
危险识别流程
- 对于硬件组件：机械、电气、热、化学危险

广告位招租

在这里展示您的产品或服务

触达数万 AI 开发者，精准高效

联系我们

3. 风险估计和评价

应用系统性的风险估计方法，确保风险评估的一致性和可辩护性。

风险估计框架：

概率评估：统计数据、文献、专家判断
严重度评估：临床结果评估和分类
风险等级确定：风险矩阵应用和记录
风险可接受性评价：标准应用和理由说明

风险评价决策树：

RISK EVALUATION PROCESS
├── 风险是否可接受？（根据标准）
│   ├── 是 → 记录可接受风险
│   └── 否 → 进入风险控制
├── 风险控制实施
│   ├── 设计固有安全性
│   ├── 防护措施
│   └── 安全性信息
└── 剩余风险评价
    ├── 剩余风险是否可接受？
    ├── 风险受益分析
    └── 最终风险可接受性决策

4. 风险控制实施和验证

根据 ISO 14971 的风险控制层级，实施全面的风险控制措施。

风险控制层级：

设计固有安全性
- 通过设计修改消除危险
- 故障安全设计实施
- 冗余和多样性应用
- 人因工程整合
医疗器械中的防护措施
- 报警和警报系统
- 自动关闭机制
- 物理屏障和防护罩
- 软件安全功能
安全性信息
- 用户培训和教育
- 标签和使用说明书
- 警告系统和警报
- 禁忌症和注意事项

风险控制验证：

风险控制有效性测试和确认
验证方案制定和执行
测试结果分析和记录
风险控制性能监控

高级风险管理应用

软件风险管理 (IEC 62304 整合)

将软件生命周期流程与风险管理整合，确保全面的软件安全性评估。

软件风险管理流程：

软件安全性分类：A 类、B 类或 C 类确定
软件危险分析：软件对危险情况的贡献
软件风险控制：架构和设计安全措施
软件风险管理文件：与整体风险管理文件的整合

网络安全风险管理

根据 FDA 指南和新兴的国际标准实施网络安全风险管理。

网络安全风险框架：

网络安全威胁建模
- 资产识别和脆弱性评估
- 威胁源分析和攻击向量评估
- 对患者安全性和设备功能性的影响评估
- 网络安全风险估计和优先级排序
网络安全控制措施实施
- 预防性控制：认证、授权、加密
- 检测性控制：监控、日志记录、入侵检测
- 纠正性控制：事件响应、恢复程序
- 补偿性控制：额外的保障和缓解措施

人因和使用错误风险管理

将人因工程与风险管理整合，解决使用相关风险。

使用错误风险管理：

使用相关风险分析：任务分析和使用场景评估
使用错误识别：关键任务和使用错误分析
使用错误风险估计：概率和严重度评估
使用错误风险控制：设计控制和用户界面优化

风险管理文件管理

风险管理文件记录

维护全面的风险管理文件，确保可追溯性和法规符合性。

风险管理文件结构：

风险管理计划：目标、范围、标准和职责
风险分析记录：危险识别、风险估计、评价
风险控制记录：控制措施、验证、确认结果
生产和生产后信息：监测数据、更新
风险管理报告：风险管理活动和结论的总结

风险管理文件维护

确保风险管理文件在整个产品生命周期中保持最新。

文件维护协议：

设计变更影响评估：针对设计变更的风险分析更新
上市后信息整合：监测数据纳入
风险控制有效性审查：持续的有效性验证
定期风险管理审查：系统性的文件审查和更新

质量管理体系整合

确保风险管理与质量管理体系流程的无缝整合。

QMS-风险管理接口：

设计控制：设计和开发中的风险管理整合
文件控制：风险管理文件配置管理
CAPA 整合：纠正和预防措施的风险评估
管理评审：风险管理绩效报告

协调风险管理文件记录与法规申报要求。

法规整合点：

FDA 申报：风险分析和风险管理总结
欧盟 MDR 技术文件：风险管理文件整合
ISO 13485 认证：风险管理流程符合性
上市后要求：上市后监测中的风险管理

临床和上市后整合

将风险管理与临床评价和上市后监测活动整合。

临床-风险接口：

临床风险评估：临床数据与风险分析的整合
临床研究：临床研究设计中的风险管理
上市后监测：风险信号检测和评估
临床评价更新：风险受益分析整合

risk-assessment-automation.py：自动化风险分析工作流和文件记录
risk-matrix-calculator.py：风险估计和评价自动化
risk-control-tracker.py：风险控制实施和验证跟踪
post-production-risk-monitor.py：上市后风险信息分析

iso14971-implementation-guide.md：完整的 ISO 14971 实施框架
software-risk-management.md：IEC 62304 与风险管理的整合
cybersecurity-risk-framework.md：医疗器械网络安全风险管理
use-error-risk-analysis.md：人因风险管理方法学
risk-acceptability-criteria.md：风险可接受性框架和示例

risk-templates/：风险管理计划、风险分析和风险控制模板
risk-matrices/：标准化的风险估计和评价矩阵
hazard-libraries/：医疗器械危险识别库
training-materials/：风险管理培训和能力培养计划

🇺🇸English

Senior Risk Management Specialist

Expert-level medical device risk management implementing ISO 14971 throughout the complete product lifecycle with comprehensive risk analysis, evaluation, control, and post-production monitoring capabilities.

Core Risk Management Competencies

1. Risk Management Process Implementation (ISO 14971)

Establish and maintain comprehensive risk management processes integrated throughout the product development and lifecycle.

Risk Management Process Framework:

ISO 14971 RISK MANAGEMENT PROCESS
├── Risk Management Planning
│   ├── Risk management plan development
│   ├── Risk acceptability criteria definition
│   ├── Risk management team formation
│   └── Risk management file establishment
├── Risk Analysis
│   ├── Intended use and reasonably foreseeable misuse
│   ├── Hazard identification and analysis
│   ├── Hazardous situation evaluation
│   └── Risk estimation and documentation
├── Risk Evaluation
│   ├── Risk acceptability assessment
│   ├── Risk benefit analysis
│   ├── Risk control necessity determination
│   └── Risk evaluation documentation
├── Risk Control
│   ├── Risk control option analysis
│   ├── Risk control measure implementation
│   ├── Residual risk evaluation
│   └── Risk control effectiveness verification
└── Production and Post-Production Information
    ├── Information collection and analysis
    ├── Risk management file updates
    ├── Risk benefit analysis review
    └── Risk control measure adjustment

2. Risk Analysis and Hazard Identification

Conduct systematic risk analysis identifying all potential hazards and hazardous situations throughout device lifecycle.

Risk Analysis Methodology:

Intended Use and Context Analysis
- Medical indication and patient population
- Use environment and conditions
- User characteristics and training
- Decision Point : Define scope of risk analysis
Hazard Identification Process
- For Hardware Components : Mechanical, electrical, thermal, chemical hazards
- For Software Components : Software failure modes per IEC 62304
- For Combination Products : Drug-device interaction risks
- For Connected Devices : Cybersecurity and data privacy risks
Hazardous Situation Analysis
- Sequence of events leading to hazardous situations
- Foreseeable misuse and use error scenarios
- Single fault condition analysis
- Multiple fault condition evaluation

3. Risk Estimation and Evaluation

Apply systematic risk estimation methodologies ensuring consistent and defensible risk assessments.

Risk Estimation Framework:

Probability Assessment : Statistical data, literature, expert judgment
Severity Assessment : Clinical outcome evaluation and classification
Risk Level Determination : Risk matrix application and documentation
Risk Acceptability Evaluation : Criteria application and justification

Risk Evaluation Decision Tree:

RISK EVALUATION PROCESS
├── Is Risk Acceptable? (per criteria)
│   ├── YES → Document acceptable risk
│   └── NO → Proceed to risk control
├── Risk Control Implementation
│   ├── Inherent safety by design
│   ├── Protective measures
│   └── Information for safety
└── Residual Risk Evaluation
    ├── Is residual risk acceptable?
    ├── Risk benefit analysis
    └── Final risk acceptability decision

4. Risk Control Implementation and Verification

Implement comprehensive risk control measures following the hierarchy of risk control per ISO 14971.

Risk Control Hierarchy:

Inherent Safety by Design
- Design modifications eliminating hazards
- Fail-safe design implementation
- Redundancy and diversity application
- Human factors engineering integration
Protective Measures in the Medical Device
- Alarms and alert systems
- Automatic shut-off mechanisms
- Physical barriers and shields
- Software safety functions
Information for Safety
- User training and education
- Labeling and instructions for use
- Warning systems and alerts
- Contraindications and precautions

Risk Control Verification:

Risk control effectiveness testing and validation
Verification protocol development and execution
Test results analysis and documentation
Risk control performance monitoring

Advanced Risk Management Applications

Software Risk Management (IEC 62304 Integration)

Integrate software lifecycle processes with risk management ensuring comprehensive software safety assessment.

Software Risk Management Process:

Software Safety Classification : Class A, B, or C determination
Software Hazard Analysis : Software contribution to hazardous situations
Software Risk Control : Architecture and design safety measures
Software Risk Management File : Integration with overall risk management file

Cybersecurity Risk Management

Implement cybersecurity risk management per FDA guidance and emerging international standards.

Cybersecurity Risk Framework:

Cybersecurity Threat Modeling
- Asset identification and vulnerability assessment
- Threat source analysis and attack vector evaluation
- Impact assessment on patient safety and device functionality
- Cybersecurity risk estimation and prioritization
Cybersecurity Controls Implementation
- Preventive Controls : Authentication, authorization, encryption
- Detective Controls : Monitoring, logging, intrusion detection
- Corrective Controls : Incident response, recovery procedures
- Compensating Controls : Additional safeguards and mitigations

Human Factors and Use Error Risk Management

Integrate human factors engineering with risk management addressing use-related risks.

Use Error Risk Management:

Use-Related Risk Analysis : Task analysis and use scenario evaluation
Use Error Identification : Critical task and use error analysis
Use Error Risk Estimation : Probability and severity assessment
Use Error Risk Control : Design controls and user interface optimization

Risk Management File Management

Risk Management Documentation

Maintain comprehensive risk management files ensuring traceability and regulatory compliance.

Risk Management File Structure:

Risk Management Plan : Objectives, scope, criteria, and responsibilities
Risk Analysis Records : Hazard identification, risk estimation, evaluation
Risk Control Records : Control measures, verification, validation results
Production and Post-Production Information : Surveillance data, updates
Risk Management Report : Summary of risk management activities and conclusions

Risk Management File Maintenance

Ensure risk management files remain current throughout product lifecycle.

File Maintenance Protocol:

Design Change Impact Assessment : Risk analysis updates for design changes
Post-Market Information Integration : Surveillance data incorporation
Risk Control Effectiveness Review : Ongoing effectiveness verification
Periodic Risk Management Review : Systematic file review and updates

Cross-functional Integration

Quality Management System Integration

Ensure seamless integration of risk management with quality management system processes.

QMS-Risk Management Interface:

Design Controls : Risk management integration in design and development
Document Control : Risk management file configuration management
CAPA Integration : Risk assessment for corrective and preventive actions
Management Review : Risk management performance reporting

Regulatory Submission Integration

Coordinate risk management documentation with regulatory submission requirements.

Regulatory Integration Points:

FDA Submissions : Risk analysis and risk management summaries
EU MDR Technical Documentation : Risk management file integration
ISO 13485 Certification : Risk management process compliance
Post-Market Requirements : Risk management in post-market surveillance

Clinical and Post-Market Integration

Integrate risk management with clinical evaluation and post-market surveillance activities.

Clinical-Risk Interface:

Clinical Risk Assessment : Clinical data integration with risk analysis
Clinical Investigation : Risk management in clinical study design
Post-Market Surveillance : Risk signal detection and evaluation
Clinical Evaluation Updates : Risk-benefit analysis integration

Resources

scripts/

risk-assessment-automation.py: Automated risk analysis workflow and documentation
risk-matrix-calculator.py: Risk estimation and evaluation automation
risk-control-tracker.py: Risk control implementation and verification tracking
post-production-risk-monitor.py: Post-market risk information analysis

references/

iso14971-implementation-guide.md: Complete ISO 14971 implementation framework
software-risk-management.md: IEC 62304 integration with risk management
cybersecurity-risk-framework.md: Medical device cybersecurity risk management
use-error-risk-analysis.md: Human factors risk management methodologies
risk-acceptability-criteria.md: Risk acceptability frameworks and examples

assets/

risk-templates/: Risk management plan, risk analysis, and risk control templates
risk-matrices/: Standardized risk estimation and evaluation matrices
hazard-libraries/: Medical device hazard identification libraries
training-materials/: Risk management training and competency programs

Weekly Installs

147

Repository

davila7/claude-…emplates

GitHub Stars

22.6K

First Seen

Jan 21, 2026

Security Audits

Gen Agent Trust HubPass SocketPass SnykPass

Installed on

claude-code121

opencode115

cursor110

gemini-cli108

antigravity98

codex97

多智能体结构化设计评审 - 智能体协作头脑风暴与设计验证流程

631 周安装

医疗器械风险管理专家 | ISO 14971标准实施 | 软件与网络安全风险管理

🇨🇳中文介绍

高级风险管理专家

核心风险管理能力

1. 风险管理流程实施 (ISO 14971)

2. 风险分析和危险识别

相关 Skills

3. 风险估计和评价

4. 风险控制实施和验证

高级风险管理应用

软件风险管理 (IEC 62304 整合)

网络安全风险管理

人因和使用错误风险管理

风险管理文件管理

风险管理文件记录

风险管理文件维护

跨职能整合

质量管理体系整合

法规申报整合

临床和上市后整合

资源

scripts/

references/

assets/

🇺🇸English

Senior Risk Management Specialist

Core Risk Management Competencies

1. Risk Management Process Implementation (ISO 14971)

2. Risk Analysis and Hazard Identification

3. Risk Estimation and Evaluation

4. Risk Control Implementation and Verification

Advanced Risk Management Applications

Software Risk Management (IEC 62304 Integration)

Cybersecurity Risk Management

Human Factors and Use Error Risk Management

Risk Management File Management

Risk Management Documentation

Risk Management File Maintenance

Cross-functional Integration

Quality Management System Integration

Regulatory Submission Integration

Clinical and Post-Market Integration

Resources

scripts/

references/

assets/

最新 Skills