explainx.ainewsletter3.4k
Productivity

risk-management-specialist

davila7/claude-code-templates · updated Apr 8, 2026

MDX-style export adds YAML metadata + attribution linking explainx.ai and this canonical listing URL.

$npx skills add https://github.com/davila7/claude-code-templates --skill risk-management-specialist
0 commentsdiscussion
summary

Expert-level medical device risk management implementing ISO 14971 throughout the complete product lifecycle with comprehensive risk analysis, evaluation, control, and post-production monitoring capabilities.

skill.md

Senior Risk Management Specialist

Expert-level medical device risk management implementing ISO 14971 throughout the complete product lifecycle with comprehensive risk analysis, evaluation, control, and post-production monitoring capabilities.

Core Risk Management Competencies

1. Risk Management Process Implementation (ISO 14971)

Establish and maintain comprehensive risk management processes integrated throughout the product development and lifecycle.

Risk Management Process Framework:

ISO 14971 RISK MANAGEMENT PROCESS
├── Risk Management Planning
│   ├── Risk management plan development
│   ├── Risk acceptability criteria definition
│   ├── Risk management team formation
│   └── Risk management file establishment
├── Risk Analysis
│   ├── Intended use and reasonably foreseeable misuse
│   ├── Hazard identification and analysis
│   ├── Hazardous situation evaluation
│   └── Risk estimation and documentation
├── Risk Evaluation
│   ├── Risk acceptability assessment
│   ├── Risk benefit analysis
│   ├── Risk control necessity determination
│   └── Risk evaluation documentation
├── Risk Control
│   ├── Risk control option analysis
│   ├── Risk control measure implementation
│   ├── Residual risk evaluation
│   └── Risk control effectiveness verification
└── Production and Post-Production Information
    ├── Information collection and analysis
    ├── Risk management file updates
    ├── Risk benefit analysis review
    └── Risk control measure adjustment

2. Risk Analysis and Hazard Identification

Conduct systematic risk analysis identifying all potential hazards and hazardous situations throughout device lifecycle.

Risk Analysis Methodology:

  1. Intended Use and Context Analysis

    • Medical indication and patient population
    • Use environment and conditions
    • User characteristics and training
    • Decision Point: Define scope of risk analysis

  2. Hazard Identification Process

    • For Hardware Components: Mechanical, electrical, thermal, chemical hazards
    • For Software Components: Software failure modes per IEC 62304
    • For Combination Products: Drug-device interaction risks
    • For Connected Devices: Cybersecurity and data privacy risks

  3. Hazardous Situation Analysis

    • Sequence of events leading to hazardous situations
    • Foreseeable misuse and use error scenarios
    • Single fault condition analysis
    • Multiple fault condition evaluation

3. Risk Estimation and Evaluation

Apply systematic risk estimation methodologies ensuring consistent and defensible risk assessments.

Risk Estimation Framework:

  • Probability Assessment: Statistical data, literature, expert judgment
  • Severity Assessment: Clinical outcome evaluation and classification
  • Risk Level Determination: Risk matrix application and documentation
  • Risk Acceptability Evaluation: Criteria application and justification

Risk Evaluation Decision Tree:

RISK EVALUATION PROCESS
├── Is Risk Acceptable? (per criteria)
│   ├── YES → Document acceptable risk
│   └── NO → Proceed to risk control
├── Risk Control Implementation
│   ├── Inherent safety by design
│   ├── Protective measures
│   └── Information for safety
└── Residual Risk Evaluation
    ├── Is residual risk acceptable?
    ├── Risk benefit analysis
    └── Final risk acceptability decision

4. Risk Control Implementation and Verification

Implement comprehensive risk control measures following the hierarchy of risk control per ISO 14971.

Risk Control Hierarchy:

  1. Inherent Safety by Design

    • Design modifications eliminating hazards
    • Fail-safe design implementation
    • Redundancy and diversity application
    • Human factors engineering integration

  2. Protective Measures in the Medical Device

    • Alarms and alert systems
    • Automatic shut-off mechanisms
    • Physical barriers and shields
    • Software safety functions

  3. Information for Safety

    • User training and education
    • Labeling and instructions for use
    • Warning systems and alerts
    • Contraindications and precautions

Risk Control Verification:

  • Risk control effectiveness testing and validation
  • Verification protocol development and execution
  • Test results analysis and documentation
  • Risk control performance monitoring

Advanced Risk Management Applications

Software Risk Management (IEC 62304 Integration)

Integrate software lifecycle processes with risk management ensuring comprehensive software safety assessment.

Software Risk Management Process:

  • Software Safety Classification: Class A, B, or C determination
  • Software Hazard Analysis: Software contribution to hazardous situations
  • Software Risk Control: Architecture and design safety measures
  • Software Risk Management File: Integration with overall risk management file

Cybersecurity Risk Management

Implement cybersecurity risk management per FDA guidance and emerging international standards.

Cybersecurity Risk Framework:

  1. Cybersecurity Threat Modeling

    • Asset identification and vulnerability assessment
    • Threat source analysis and attack vector evaluation
    • Impact assessment on patient safety and device functionality
    • Cybersecurity risk estimation and prioritization

  2. Cybersecurity Controls Implementation

    • Preventive Controls: Authentication, authorization, encryption
    • Detective Controls: Monitoring, logging, intrusion detection
    • Corrective Controls: Incident response, recovery procedures
    • Compensating Controls: Additional safeguards and mitigations

Human Factors and Use Error Risk Management

Integrate human factors engineering with risk management addressing use-related risks.

Use Error Risk Management:

  • Use-Related Risk Analysis: Task analysis and use scenario evaluation
  • Use Error Identification: Critical task and use error analysis
  • Use Error Risk Estimation: Probability and severity assessment
  • Use Error Risk Control: Design controls and user interface optimization

Risk Management File Management

Risk Management Documentation

Maintain comprehensive risk management files ensuring traceability and regulatory compliance.

Risk Management File Structure:

  • Risk Management Plan: Objectives, scope, criteria, and responsibilities
  • Risk Analysis Records: Hazard identification, risk estimation, evaluation
  • Risk Control Records: Control measures, verification, validation results
  • Production and Post-Production Information: Surveillance data, updates
  • Risk Management Report: Summary of risk management activities and conclusions

Risk Management File Maintenance

Ensure risk management files remain current throughout product lifecycle.

File Maintenance Protocol:

  • Design Change Impact Assessment: Risk analysis updates for design changes
  • Post-Market Information Integration: Surveillance data incorporation
  • Risk Control Effectiveness Review: Ongoing effectiveness verification
  • Periodic Risk Management Review: Systematic file review and updates

Cross-functional Integration

Quality Management System Integration

Ensure seamless integration of risk management with quality management system processes.

QMS-Risk Management Interface:

  • Design Controls: Risk management integration in design and development
  • Document Control: Risk management file configuration management
  • CAPA Integration: Risk assessment for corrective and preventive actions
  • Management Review: Risk management performance reporting

Regulatory Submission Integration

Coordinate risk management documentation with regulatory submission requirements.

Regulatory Integration Points:

  • FDA Submissions: Risk analysis and risk management summaries
  • EU MDR Technical Documentation: Risk management file integration
  • ISO 13485 Certification: Risk management process compliance
  • Post-Market Requirements: Risk management in post-market surveillance

Clinical and Post-Market Integration

Integrate risk management with clinical evaluation and post-market surveillance activities.

Clinical-Risk Interface:

  • Clinical Risk Assessment: Clinical data integration with risk analysis
  • Clinical Investigation: Risk management in clinical study design
  • Post-Market Surveillance: Risk signal detection and evaluation
  • Clinical Evaluation Updates: Risk-benefit analysis integration

Resources

scripts/

  • risk-assessment-automation.py: Automated risk analysis workflow and documentation
  • risk-matrix-calculator.py: Risk estimation and evaluation automation
  • risk-control-tracker.py: Risk control implementation and verification tracking
  • post-production-risk-monitor.py: Post-market risk information analysis

references/

  • iso14971-implementation-guide.md: Complete ISO 14971 implementation framework
  • software-risk-management.md: IEC 62304 integration with risk management
  • cybersecurity-risk-framework.md: Medical device cybersecurity risk management
  • use-error-risk-analysis.md: Human factors risk management methodologies
  • risk-acceptability-criteria.md: Risk acceptability frameworks and examples

assets/

  • risk-templates/: Risk management plan, risk analysis, and risk control templates
  • risk-matrices/: Standardized risk estimation and evaluation matrices
  • hazard-libraries/: Medical device hazard identification libraries
  • training-materials/: Risk management training and competency programs
how to use risk-management-specialist

How to use risk-management-specialist on Cursor

AI-first code editor with Composer

1

Prerequisites

Before installing skills in Cursor, ensure your development environment meets these requirements:

  • Cursor installed and configured on your development machine
  • Node.js version 16.0+ with npm package manager (verify with node --version)
  • Active project directory or workspace where you want to add risk-management-specialist
2

Execute installation command

Execute the skills CLI command in your project's root directory to begin installation:

$npx skills add https://github.com/davila7/claude-code-templates --skill risk-management-specialist

The skills CLI fetches risk-management-specialist from GitHub repository davila7/claude-code-templates and configures it for Cursor.

3

Select Cursor when prompted

The CLI will show a list of available agents. Use arrow keys to navigate and space to select Cursor:

◆ Which agents do you want to install to?
│ ── Universal (.agents/skills) ── always included ────
│ • Amp
│ • Antigravity
│ • Cline
│ • Codex
│ ●Cursor(selected)
│ • Cursor
│ • Windsurf
4

Verify installation

Confirm successful installation by checking the skill directory location:

.cursor/skills/risk-management-specialist

Reload or restart Cursor to activate risk-management-specialist. Access the skill through slash commands (e.g., /risk-management-specialist) or your agent's skill management interface.

Security & Verification Notice

We perform automated surface-level scans (Gen AI Scanner, Socket, Snyk) during installation. These checks detect common vulnerabilities but do not guarantee complete security. Always review skill source code and verify the publisher's reputation before production use.

Skills execute code in your development environment. Always verify the publisher's identity, review recent commits, and test in isolated environments before production deployment.

Additional Resources

View source code on GitHubSkills CLI documentationLearn more about CursorWhat are agent skills?

List & Monetize Your Skill

Submit your Claude Code skill and start earning

GET_STARTED →

Use Cases

User Story & Requirements Generation

Create detailed user stories, acceptance criteria, and feature specs

Example

Generate user stories for 'password reset feature' with acceptance criteria, edge cases, and test scenarios

Reduce spec writing time by 50%, ensure comprehensive coverage

Competitive Analysis

Research competitors, compare features, identify gaps

Example

Analyze 5 competitor products, create feature comparison matrix, suggest differentiation opportunities

Complete competitive research in 2 hours instead of 2 days

Roadmap Prioritization

Evaluate features using frameworks (RICE, ICE, Kano) and create prioritized backlogs

Example

Score 20 feature ideas using RICE framework, generate prioritized roadmap with rationale

Make data-driven prioritization decisions faster

Stakeholder Communication

Draft PRDs, status updates, and stakeholder presentations

Example

Create executive summary of Q3 roadmap, monthly progress report, feature launch announcement

Save 3-5 hours/week on communication overhead

Implementation Guide

Prerequisites

  • Claude Desktop or compatible AI client
  • Access to product documentation and roadmap tools (Jira, Notion, etc.)
  • Understanding of product management frameworks (RICE, Jobs-to-be-Done, etc.)
  • Stakeholder contact information and communication channels

Time Estimate

30-60 minutes to see productivity improvements

Installation Steps

  1. 1.Install product management skill
  2. 2.Start with user story generation for known feature
  3. 3.Progress to competitive analysis: research 2-3 competitors
  4. 4.Use for roadmap prioritization: apply RICE/ICE scoring
  5. 5.Draft stakeholder communications and refine based on feedback
  6. 6.Build template library for recurring PM tasks
  7. 7.Share effective prompts with product team

Common Pitfalls

  • Not validating competitive research—verify facts before sharing
  • Accepting user stories without involving engineering team
  • Over-relying on frameworks without qualitative judgment
  • Not customizing outputs to company culture and communication style
  • Skipping stakeholder validation of generated requirements

Best Practices

✓ Do

  • +Validate research and competitive analysis with real data
  • +Collaborate with engineering when generating technical requirements
  • +Customize frameworks and templates to your company context
  • +Use skill for first drafts, refine with stakeholder input
  • +Document successful prompt patterns for PM tasks
  • +Combine AI efficiency with human judgment and intuition

✗ Don't

  • Don't publish competitive analysis without fact-checking
  • Don't finalize user stories without engineering review
  • Don't make prioritization decisions solely on AI scoring
  • Don't skip customer validation of generated requirements
  • Don't ignore company-specific context and culture

💡 Pro Tips

  • Provide context: company goals, constraints, customer feedback
  • Ask for alternatives: 'Show 3 ways to prioritize this roadmap'
  • Request stakeholder-specific formatting: 'Executive summary vs. engineering spec'
  • Use skill for 70% generation + 30% customization to company needs

When to Use This

✓ Use When

Use for user story writing, competitive research, roadmap prioritization, stakeholder communication, and PRD drafting. Best for reducing repetitive documentation and research work.

✗ Avoid When

Avoid for strategic product vision (requires deep customer empathy), pricing decisions (needs market and financial expertise), or when face-to-face customer discovery is more valuable than speed.

Learning Path

  1. 1Basic: user stories, feature specs, status updates
  2. 2Intermediate: competitive analysis, prioritization frameworks, PRDs
  3. 3Advanced: product strategy, go-to-market planning, OKR setting
  4. 4Expert: product vision, market positioning, business model innovation

Discussion

Product Hunt–style comments (not star reviews)
  • No comments yet — start the thread.
general reviews

Ratings

4.474 reviews
  • Lucas Agarwal· Dec 28, 2024

    risk-management-specialist reduced setup friction for our internal harness; good balance of opinion and flexibility.

  • Neel Singh· Dec 28, 2024

    risk-management-specialist is among the better-maintained entries we tried; worth keeping pinned for repeat workflows.

  • Jin Shah· Dec 24, 2024

    risk-management-specialist fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.

  • Nikhil Mehta· Dec 16, 2024

    I recommend risk-management-specialist for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • Neel White· Dec 16, 2024

    risk-management-specialist has been reliable in day-to-day use. Documentation quality is above average for community skills.

  • Ganesh Mohane· Dec 8, 2024

    risk-management-specialist reduced setup friction for our internal harness; good balance of opinion and flexibility.

  • Zaid Desai· Dec 4, 2024

    Useful defaults in risk-management-specialist — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.

  • Sakshi Patil· Nov 27, 2024

    I recommend risk-management-specialist for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

  • Nikhil Malhotra· Nov 23, 2024

    Registry listing for risk-management-specialist matched our evaluation — installs cleanly and behaves as described in the markdown.

  • Jin Huang· Nov 19, 2024

    I recommend risk-management-specialist for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

showing 1-10 of 74

1 / 8