Post-market investigations often stall at an avoidable bottleneck: the risk management file is technically “complete,” but operationally hard to use. When hazard analysis is built as hundreds (or thousands) of granular line items, investigators spend disproportionate time translating a real-world signal into “the right” risk record instead of using the file to quickly identify hazardous situations, implicated risk controls, and the verification evidence needed for defensible decisions. The result is slower triage, inconsistent conclusions, weaker feedback into ISO 14971 lifecycle activities, and risk estimates that drift toward assumptions rather than evidence.

This presentation introduces a practical approach to Evidence by Design by structuring the ISO 14971 risk management file as a V-model-aligned investigation blueprint using system-level risk control packages. Rather than treating controls as scattered mitigations tied only to bottom-up FMEA failure modes, this method reconciles two directions of traceability: (1) bottom-up mapping from failure modes and effects into hazardous situations, and (2) top-down system engineering safety requirements that validate those linkages and define verification evidence. High-level hazardous situation categories become the investigator’s entry point, while allocated subsystem mitigations remain traceable and testable within the same framework.

Attendees will learn how to build hazard analysis documentation that supports complaint intake and coding aligned to hazardous situations and causes (consistent with ISO/TR 24971 Annex H), creates a predefined pathway from signal to hazardous situation to controls to evidence, and enables clearer post-market estimation of P1 and P2. The outcome is a risk file that scales across the lifecycle, improves investigability, strengthens traceability, and reduces the granular mess that turns risk management into documentation instead of a safety system.