Updated May 18, 2022

Template: Risk Management Plan

Dr. Oliver Eidel

Template Download

This is a free template, provided by OpenRegulatory.

You can download it as Word (.docx), PDF, Google Docs or Markdown file. Scroll down for a preview!

The template license applies (don't remove the copyright at the bottom).

Don't Miss Updates to This Template

Subscribe to our newsletter and we'll keep you posted on which templates we've changed.

Questions? Still Lost in Regulation?

Good news! Our goal is to provide lots of stuff for free, but we also offer consulting if you need a more hands-on approach. We get stuff done really fast. Have a look!

Related Documents

The following templates are Documents or SOPs related to this template. That means that they mention this template somewhere and (most likely) contain instructions on how and when to fill it out.

Template preview

Risk Management Plan

The Risk Management Plan contains the relevant processes and activities which will be conducted for product-specific risk management. In this case, it mainly references other documents because most risk management activities are part of the integrated software development process (SOP Integrated Software Development). Also, the risk policy and acceptability are defined in the Risk Acceptance Table, and the actual risks are in the Risk Table.

Mapping of Standard Requirements to Document Sections

ISO 14971:2019 Section Document Section
4.1 1
4.2 1.2, 3
4.3 (Records of competence are kept as Part of QMS)
4.4 (all)
4.5 (all)
5.1 1.1
7.2 1.3
10.1 1.4

1. Relevant Processes

1.1 Risk Management Process and Activities

Risk Management Activities are integrated in the Software Development Lifecycle as described in SOP Integrated Software Development.

1.2 Risk Policy and Risk Acceptability

Criteria for Risk Acceptability are defined in the Risk Acceptance Matrix.

1.3 Verification of Risk Control Measures

Risk Control Measures are verified as described in SOP Software Development Lifecycle.

1.4 Assessment of the overall residual risk

After determination of the Risk Control Measures any risk that could arise from the combination of the individual risks or mitigating measures is assessed. For this purpose, the probability and severity of the possibly residual risk are estimated and evaluated using the existing risk matrix.

1.5 Collection and Review of Post-Production Information

Review and collection of Post-Production information is described in SOP Post-Market Surveillance.

3. Roles

Title Name(s)
Risk Manager  
Context / Subject Matter Expert, e.g. physician  

Template Copyright openregulatory.com. See template license.

Please don’t remove this notice even if you’ve modified contents of this template.

No Cookie For You Privacy Policy Imprint
No QMS on this planet will save you from creating crappy software.