Each hazard-related use scenario must describe the full task sequence leading to a hazardous situation plus the harm severity — this task-sequence granularity is what enables summative test case design.
AMD1:2020 editorial updates; use difficulties observed during formative evaluation may surface new scenarios requiring identification under this clause.
Scenario descriptions that include complete task sequences and harm severity — scenario lists that merely restate the hazard without task decomposition are the most frequent clause 5.4 finding.
Maps to
IEC 62366: §5.4 Identify and describe HAZARD-RELATED USE SCENARIOS
ISO 13485: §7.3.3 Design and development inputs
ISO 14971: §5.4 Identification of hazards and hazardous situations
Requirement text
The manufacturer shall identify and describe the reasonably foreseeable hazard-related use scenarios associated with the identified hazards and hazardous situations. The description of each identified hazard-related use scenario shall include all tasks and their sequences as well as the severity of the associated harm. The results shall be stored in the usability engineering file.
Why this clause exists
Clause 5.4 exists because a hazard alone does not drive usability risk analysis — what drives analysis is the specific sequence of user tasks and decisions that would expose a user to the hazard under real use conditions. The distinction between a hazard (e.g., potential for a drug overdose) and a hazard-related use scenario (e.g., a nurse programs a rate in mL/hr but the pump defaults to mL/dose, the discrepancy is not displayed prominently at the confirmation step, and the nurse confirms without detecting the unit mismatch) is precisely the level of specificity needed to design a targeted risk control and to evaluate whether that risk control eliminates or reduces the use-error probability for the specific task sequence. Without this level of scenario description, risk controls are generic rather than task-specific, and summative evaluation cannot be designed to verify the controls because the test cases cannot be derived from the scenarios. The clause’s requirement to document task sequences and harm severity in each scenario description is the bridge between hazard identification and summative evaluation planning: it is what allows the manufacturer to select which scenarios require evaluation (clause 5.5) and to design summative test cases that faithfully reproduce the hazardous task context.
What changed
IEC 62366-1:2015+AMD1:2020 CSV clause 5.4 was amended by AMD1:2020 to clarify the scenario description requirements. The core obligation — identify and describe reasonably foreseeable hazard-related use scenarios, including tasks, sequences, and harm severity — is unchanged from 2015. AMD1:2020 made editorial updates aligning terminology with ISO 14971:2019 (updated cross-references from 2007 to 2019 edition). AMD1:2020 also introduced the concept of ‘use difficulty’ (near-misses) throughout the standard; while clause 5.4 itself addresses confirmed hazard-related use scenarios, use difficulties observed during formative evaluation may give rise to new scenarios requiring identification under clause 5.4.
Common gaps (what we see in audits)
- Scenarios described at hazard level without task-sequence detail — Manufacturers describe hazard-related use scenarios at the level of ‘user may make a dosing error’ or ‘user may misread the display’ without the task-sequence granularity needed to design summative test cases. A scenario description without a task sequence cannot support test case derivation and fails the clause 5.4 requirement.
- Harm severity missing from scenario descriptions — Scenario lists do not include the severity of the associated harm, making it impossible to apply the severity-based selection criterion in clause 5.5 and preventing auditors from verifying that high-severity scenarios were included in summative evaluation.