Understanding risk-based thinking

Insights from a conversation with Bijan Elahi

Note: this is a recording of a LinkedIn audio event with Bijan Elahi of MedTech Safety. The article below highlights a few key points from the discussion.

We make tens of thousands1 of decisions each day in our personal lives, from the moment we wake up, to the time we go to sleep.

A great majority of these decisions are made intuitively, following our gut, and without a thoughtful, conscious effort. These decisions are guided by our world view, values and habits shaped by years of real-life experiences.

When it comes to highly consequential decisions, often we find that following our gut does not always lead to the best outcome. In those situations we find ourselves feeling regretful, but we learn and move on.

In a professional environment, we cannot take that chance. We have to think about the consequences of our actions and decisions on others, including our customers, patients and doctors.

This is where using a disciplined risk-based thinking is needed.

But what is risk-based thinking? Can it be learned? How does it help us in making good decisions?

Listen to the recording our conversation above to learn more.

Here are a few key highlights from this discussion.

1. What is risk-based thinking?

Risk-based thinking is really a process of decision making, which involves a careful consideration of risks in the context of anticipated benefits.

As noted above, we make many decisions each day. At some level, every decision we make is based on our understanding and evaluation of risk. In most normal situations, we make these risk-based decisions intuitively, and they generally lead to expected outcomes.

There are many other, more consequential, decisions which require us to think more deeply about different options as we evaluate their cost/benefit or benefit/risk2.

This more deliberate decision making process is based on risk-based thinking.

Here is one definition of risk-based decision-making.

Risk-based decision making is a method of choosing among the available options, the option that is optimally aligned with the goals and risk perceptions of the stakeholders.

Our goal is to maximize the benefits and minimize the risks. There is a whole body of research around decision science3 which can help us learn some of the techniques related to risk-based decision making.

At the high level, risk-based decision making involves identifying and estimating risks and evaluating them in the context of anticipated benefits. The goal is to select the best possible choice from available alternatives.

2. Why is it important?

If you follow a disciplined risk-based decision making process, you can explain and defend your decisions to various stakeholders.

The medical device industry, in particular, has to address the concerns of many stakeholders such as regulators, patients and physicians. Medical devices are expected to be safe and effective, which essentially means that the probable benefits of their use must outweigh the probable risks.

Generally, this involves a careful balancing act based on available scientifically valid data. The final conclusion is made using expert judgment based on facts, not gut feelings.

Risk-based decision making based on a formal, disciplined process is explainable and defensible to stakeholders, especially when the outcome(s) is not satisfactory.

In a heavily regulated medical industry such as medical devices, our decisions also have legal implications. That is why using a formal, disciplined process and critical thinking is very important.

An element of critical thinking would be to first look at the quality and quantity of objective evidence available. Based on this information, we will need to consider the level of uncertainty in our overall decision. As a result, there is inherently a level of risk associated with our decisions, and we may have to gather more data to improve our level of confidence.

3. Collaboration is key to facilitating risk-based decisions at the business level

Decisions at the business level involve careful consideration of different types of risks and cost/benefit of various options.

Risk is broadly defined as effect of uncertainty on objectives4.

Manufacturing and distributing a medical device in the market involves many different operations. Even relatively simple medical devices involve sophisticated operations, each optimized to deliver results against specific objectives. Therefore, the nature of risk is different, which requires a different approach to understanding and managing the effect of uncertainty.

At the business level, top management decisions are driven by a more holistic view of risk, not just safety or quality risks.

As an example, risks to the safe use of a medical device by patients and users are addressed throughout the product lifecycle by implementing a risk management system according to ISO 149715. Since the focus is on safety, this specialized practice is generally known as safety risk management.

Similarly, there are quality risks, financial risks, legal risks, reputational risks etc., each indicating the area of specialization of risk management.

At the business level, all of these different types of risks are considered as a whole to inform a certain decision.

As an example, the decision to recall a potentially unsafe medical device from the market is a business decision. It involves consideration of not only the safety risk, but also the risk of disrupting patient access to a life-critical therapy.

Therefore, it is very important for experts from each functional area to collaborate and provide a clear set of options to inform a risk-based decision by the senior executives.

Risk managers at the Enterprise level, therefore, need to be able to synthesize information from different functions and present it in a clear, coherent way to facilitate informed decisions by senior executives.

In Conclusion

  1. Risk-based thinking is used to make consequential decisions by carefully balancing benefits and risks to select an optimal through a formal, disciplined process.

  2. In a heavily regulated industry, such as medical devices, consequential decisions also have legal implications. Decisions are made using risk-based thinking are explainable and defensible.

  3. At the business level, the decision making process requires a holistic review of all applicable risks, not just risks related to quality or safety. Therefore, it is very important to collaborate with cross-functional partners and present information in a clear, coherent way to facilitate these decisions by senior executives.

About Bijan Elahi

Bijan Elahi is the founder of MedTech Safety and a globally recognized expert on safety risk management of medical devices. He currently serves as a technical fellow and corporate advisor on product safety risk management at Medtronic. In this capacity, he offers education and consulting on risk management to all Medtronic business units worldwide. He has trained over 7000 people worldwide and his book Safety Risk Management of Medical Devices, now in its second edition, is a bestseller.

About Let’s Talk Risk with Dr. Naveen Agarwal

Let’s Talk Risk with Dr. Naveen Agarwal is a weekly live audio event on LinkedIn, where we talk about risk management related topics in a casual, informal way. Join us at 11:00 am EST every Friday on LinkedIn.


Information and insights presented in this article are for educational purposes only.


On average, we make about 35000 decisions each day! (various sources on the internet)


Harvard Center for Health Decision Science: What is Decision Science?

Naveen Agarwal, Ph.D.