1、 IEC/TR 80001-2-1 Edition 1.0 2012-07 TECHNICAL REPORT Application of risk management for IT-networks incorporating medical devices Part 2-1:Step-by-step risk management of medical IT-networks Practical applications and examples IEC/TR 80001-2-1:2012(E)colourinsideCopyrighted material licensed to BR
2、 Demo by Thomson Reuters(Scientific),Inc.,downloaded on Nov-28-2014 by James Madison.No further reproduction or distribution is permitted.Uncontrolled when printed.THIS PUBLICATION IS COPYRIGHT PROTECTED Copyright 2012 IEC,Geneva,Switzerland All rights reserved.Unless otherwise specified,no part of
3、this publication may be reproduced or utilized in any form or by any means,electronic or mechanical,including photocopying and microfilm,without permission in writing from either IEC or IECs member National Committee in the country of the requester.If you have any questions about IEC copyright or ha
4、ve an enquiry about obtaining additional rights to this publication,please contact the address below or your local IEC member National Committee for further information.IEC Central Office Tel.:+41 22 919 02 11 3,rue de Varemb Fax:+41 22 919 03 00 CH-1211 Geneva 20 infoiec.ch Switzerland www.iec.ch A
5、bout the IEC The International Electrotechnical Commission(IEC)is the leading global organization that prepares and publishes International Standards for all electrical,electronic and related technologies.About IEC publications The technical content of IEC publications is kept under constant review
6、by the IEC.Please make sure that you have the latest edition,a corrigenda or an amendment might have been published.Useful links:IEC publications search-www.iec.ch/searchpub The advanced search enables you to find IEC publications by a variety of criteria(reference number,text,technical committee,).
7、It also gives information on projects,replaced and withdrawn publications.IEC Just Published-webstore.iec.ch/justpublished Stay up to date on all new IEC publications.Just Published details all new publications released.Available on-line and also once a month by email.Electropedia-www.electropedia.o
8、rg The worlds leading online dictionary of electronic and electrical terms containing more than 30 000 terms and definitions in English and French,with equivalent terms in additional languages.Also known as the International Electrotechnical Vocabulary(IEV)on-line.Customer Service Centre-webstore.ie
9、c.ch/csc If you wish to give us your feedback on this publication or need further assistance,please contact the Customer Service Centre:csciec.ch.Copyrighted material licensed to BR Demo by Thomson Reuters(Scientific),Inc.,downloaded on Nov-28-2014 by James Madison.No further reproduction or distrib
10、ution is permitted.Uncontrolled when printed.IEC/TR 80001-2-1 Edition 1.0 2012-07 TECHNICAL REPORT Application of risk management for IT-networks incorporating medical devices Part 2-1:Step-by-step risk management of medical IT-networks Practical applications and examples INTERNATIONAL ELECTROTECHNI
11、CAL COMMISSION XB ICS 11.040.01;35.240.80 PRICE CODE ISBN 978-2-83220-201-2 Warning!Make sure that you obtained this publication from an authorized distributor.colourinsideCopyrighted material licensed to BR Demo by Thomson Reuters(Scientific),Inc.,downloaded on Nov-28-2014 by James Madison.No furth
12、er reproduction or distribution is permitted.Uncontrolled when printed.2 TR 80001-2-1 IEC:2012(E)CONTENTS FOREWORD.5 INTRODUCTION.7 1 Scope.8 2 Normative references.8 3 Terms and definitions.8 4 Prerequisites.14 5 Study of terms used in RISK MANAGEMENT.14 5.1 Overview.14 5.2 HAZARDS.15 5.3 HAZARDOUS
13、 SITUATIONS.15 5.4 Foreseeable sequences of events and causes.16 5.5 UNINTENDED CONSEQUENCE.16 5.6 RISK CONTROL measures(mitigations).17 5.7 Degrees of RISK.17 5.8 Checking wording.18 6 The steps.18 6.1 Overview of the steps.18 6.2 A basic example using the 10 steps.19 6.2.1 General.19 6.2.2 Initial
14、 RISK Steps 1 5(Figure 2).19 6.2.3 RISK CONTROL and final RISK Steps 6 10(Figure 3).20 7 IEC 80001-1:2010,Clause 4.4:Step by step.23 7.1 General.23 7.2 Application of Subclause 4.4.1:Document all RISK MANAGEMENT elements.23 7.3 Note about RISK EVALUATION.23 7.4 The 10-step PROCESS.23 7.4.1 STEP 1:Id
15、entify HAZARDs and HAZARDOUS SITUATIONS.23 7.4.2 STEP 2:Identify causes and resulting HAZARDOUS SITUATIONS.24 7.4.3 STEP 3:Determine UNINTENDED CONSEQUENCES and estimate the potential severities.25 7.4.4 STEP 4:Estimate the probability of UNINTENDED CONSEQUENCE.25 7.4.5 STEP 5:Evaluate RISK.26 7.4.6
16、 STEP 6:Identify and document proposed RISK CONTROL measures and re-evaluate RISK(return to Step 3).27 7.4.7 STEP 7:Implement RISK CONTROL measures.28 7.4.8 STEP 8:Verify RISK CONTROL measures.29 7.4.9 STEP 9:Evaluate any new RISKS arising from RISK CONTROL.30 7.5 The steps and their relationship to IEC 80001-1 and ISO 14971.30 8 Practical examples.31 8.1 General.31 8.2 Example 1:Wireless PATIENT monitoring during PATIENT transport.32 8.2.1 Full description of context.32 8.2.2 Description of