Risk Math (Severity, Probability, Risk Level)
← Return to FAQWhat is the severity scale rmForge uses?
Five bands (S1 through S5): Negligible, Minor, Serious, Critical, Catastrophic. S5 Catastrophic covers death and permanent severe disability.
What is the probability scale rmForge uses?
Five bands (P1 through P5): Very Low, Low, Medium, High, Very High. Each band has quantitative anchors that the agent applies when assigning probabilities.
What are p1 and p2?
p1 is the probability that a hazardous situation arises. p2 is the conditional probability that, once the hazardous situation exists, harm actually occurs. Both are categorical (P1 through P5).
How is Po computed?
Po is looked up from a deterministic combined-probability table as a function of p1 and p2. The table is identical across analyses. Language-model judgment does not override the table value.
How is Risk Level computed?
Risk Level is looked up from a deterministic table as a function of Severity and Po. Four bands: Negligible, Acceptable, Tolerable, Intolerable.
What if I disagree with a severity assignment?
You can edit the row in the downloaded workbook. The workbook will recompute it according to your choices. With all risk analysis, the user must perform a cross functional review and approval process for all changes.
Why are there only four Risk Levels and not five?
Four bands map cleanly to risk-control decisions: Negligible = no action, Acceptable = monitor, Tolerable = consider control, Intolerable = mandatory control with verification. rmForge has the opinion that a five-band scheme adds ambiguity without evidence of improving safety outcomes. We make no claims of fact regardless.
What is residual risk?
Risk remaining after the application of risk control measures and the potential for those risk control measures to create new risks. ISO 14971 requires that residual risk post risk control measures be evaluated and, if not acceptable, that further controls or a benefit-risk justification be documented.
What is an acceptable level of residual risk?
The manufacturer defines acceptability in the manufacturer's Risk Management Plan per ISO 14971. rmForge's default policy treats Negligible and Acceptable as acceptable, Tolerable as conditional (requires justification), and Intolerable as not acceptable. You can override during analysis. This is simply a starting point for the user-manufacturer.
Why doesn't rmForge use ALARP?
ALARP (As Low As Reasonably Practicable) is driven by the manufacturer. rmForge presents proposed risk levels and the manufacturer ultimately decides risk acceptability. Refer to ISO 14971 for detail.
Can I change the severity or probability scale?
Not at this time. Custom scales are on the roadmap for enterprise customers. Custom scales must be controlled documents on the customer side; we do not let you change scales mid-analysis.
What is "use error" versus "abnormal use"?
Use error is reasonably foreseeable wrong use. Abnormal use is intentional misuse outside reasonable foresight. ISO 14971 and IEC 62366-1 require use error to be evaluated.
Does rmForge address cybersecurity risk?
A cybersecurity hazard row set is reserved in our internal specification and will activate when wizard answers indicate a connected device. Full cybersecurity threat modeling per FDA premarket guidance is on the roadmap.
How does rmForge handle "single fault" assumptions?
Per IEC 60601-1 and rmForge's N versus F separation, fault rows assume single-fault conditions only. Cascading faults are not enumerated as single rows; they require a separate analysis. However, a foreseeable sequence of events is indicative of an event leading to a hazardous situation that may lead to harm of patient or property.