Which regulation would apply in addressing the risk management of medical devices?

The regulation that specifically addresses the risk management of medical devices is ISO 13485. This standard focuses on the requirements for a quality management system (QMS) where an organization needs to demonstrate its ability to provide medical devices and related services that consistently meet customer and applicable regulatory requirements. Key aspects of ISO 13485 include risk management and design controls throughout the product lifecycle.

The standard emphasizes a proactive approach to risk management, ensuring that potential risks associated with medical devices are adequately identified, assessed, and mitigated. This is crucial for manufacturers to ensure safety and effectiveness before the products reach the market.

The other options, while relevant in different contexts, do not directly address risk management in the same comprehensive manner that ISO 13485 does. For example, GMP/QSR relates broadly to quality systems and manufacturing practices, FDA Modernization Act focuses on the modernization of regulatory processes rather than risk management specifically, and NIST Guidelines provide frameworks for cybersecurity but do not anchor directly into the risk management processes for medical device quality assurance.