ISO 14971 - Use of detection in FMEA

It seems regulatory agencies are flagging any risk files where "detection" is used for scoring. As we know, a lot of manufacturers use FMEA in support of risk files and detection is a very common score in a classical pFMEA. While arguments are still ongoing in the industry as to whether FMEA is a right tool for risk estimation and evaluation, I believe it can be if tailored correctly to meet 14971 requirements.

I've had some arguments that per ISO 14971 risk is defined as severity and probability of occurrence of that harm and "detection" is not in that definition. For pFMEA, our company uses RPN=S X O X D where occurrence is assigned to how often failure mode (not effect!) occurs and detection is whether you can timely detect and prevent that failure causing the final effect. The key element is timeliness and knowledge of what to do when failure mode is detected which is essential in pFMEAs: if you manufacture defective product but can catch it during inspections, you surely will have less defective product in the market causing harm. Our controls are targeted on a) decreasing the probability of failure occurring and b) increasing the ability to detect the failure and catch the product before release. Our pFMEA effects are phrased and scored in terms of harms that our nonconforming product would cause if released to market. Therefore, the "Occurrence of Harm" in this case is a probability of the two factors O X D which is embedded within our RPN equation. In essence, we simply break down the "Occurrence of Harm" into 2 factors for better visibility which is not precluded by ISO 14971.

Has anyone else had arguments about detection?

 

We only use detection in PFMEAs. Trying to assign a value to detection for a wide range of user types would be challenging, at best. Even if the user detected it, would they do the right thing? And I think the argument is that if it can be detected (by the system), something should be done (designed out or warned).