| Key Takeaways |
| Process validation sample size is one of the most commonly cited FDA 483 observations. The citation: organizations fail to ensure processes are “validated with a high degree of assurance” using justified sample sizes (21 CFR 820.75). Risk-based methods directly address this regulatory requirement. |
| The Success-Run Theorem provides the formula: n = ln(1 – C) / ln(R), where C = confidence level and R = reliability level. A 95% confidence / 95% reliability requirement produces a minimum sample size of 59 units with zero defects allowed. |
| Risk level from FMEA drives the confidence/reliability combination. High-risk process steps (RPN > 200 or severity 9-10) require 95/99 or 99/99 confidence/reliability. Medium-risk steps use 95/95. Low-risk steps can use 90/90 or 95/90. |
| Traditional fixed-sample approaches (MIL-STD-105E, ANSI/ASQ Z1.4) assume normal distribution, use arbitrary assurance levels, and do not scale with process variability. Risk-based methods produce sample sizes that are proportional to actual process risk. |
| A worked example in this guide walks through a medical device sterilization validation, linking FMEA risk priority numbers to confidence/reliability levels and calculating exact sample sizes for three process steps at different risk levels. |
| Continuous (variable) data and attribute (pass/fail) data require different sample size formulas. This guide provides both, with decision criteria for choosing the appropriate method. |
| A 90-day roadmap takes organizations from arbitrary sample sizes to a documented, risk-justified statistical sampling strategy that satisfies FDA, ISO 13485, and EU MDR requirements. |
Process validation sample size is one of the most frequently cited deficiencies in FDA 483 inspectional observations. The agency consistently flags organizations that cannot demonstrate their sample sizes are based on valid statistical rationale.
FDA’s 2022 Statistical Techniques conference highlighted recurring findings: sampling plans not based on valid statistical rationale, no documented evidence substantiating sample sizes in shelf-life or process validation protocols, and firms using inspection tables without selecting the proper rows or levels.
The root cause is usually the same: organizations default to arbitrary sample sizes (“we always test 30 units”) or apply military-era acceptance sampling tables without connecting the sample size to the actual risk level of the process.
A sterilization process that could kill patients if it fails gets the same sample size as a packaging labeling check. Risk-based sample size methods fix this mismatch by linking the statistical requirements directly to the risk assessment output, specifically the FMEA risk priority number.
High-risk process steps get higher confidence and reliability requirements, which drive larger sample sizes. Low-risk steps get proportionally smaller samples, conserving resources without compromising safety.
This guide provides the complete statistical toolkit: the Success-Run Theorem, confidence/reliability tables, FMEA-to-sample-size linkage, continuous vs. attribute data formulas, and worked examples you can apply to your next validation protocol.
Each method aligns to FDA 21 CFR 820.75, ISO 13485:2016 Section 7.5.6, EU MDR Annex II, and ISO 31000 risk management principles.
Why Risk-Based Sample Sizes Replace Traditional Fixed Approaches
Traditional approaches to process validation sampling derive from military acceptance standards (MIL-STD-105E, superseded by ANSI/ASQ Z1.4).
These standards recommend fixed sample sizes based on lot size and desired Acceptable Quality Level (AQL). While they served manufacturing quality control well in the 20th century, they have significant shortcomings when applied to modern process validation.
Traditional vs. Risk-Based Sampling: Comparison
| Dimension | Traditional Fixed Approach (MIL-STD / ANSI Z1.4) | Risk-Based Approach |
| Sample size determination | Fixed table lookup based on lot size and AQL. Lot of 1,000 at AQL 1.0% = 80 units sampled. | Calculated from confidence level, reliability level, and process risk. Directly linked to FMEA output. |
| Connection to risk | None. The same table applies regardless of the process’s impact on patient safety, product quality, or regulatory compliance. | Direct. High-risk processes (severity 9-10 in FMEA) get higher confidence/reliability requirements, producing larger samples. Low-risk processes get smaller samples. |
| Statistical assumption | Assumes normal distribution, which may not hold for skewed, bounded, or multimodal process data. | Distribution-free methods available (Success-Run Theorem works for attribute data regardless of distribution). Variable data methods can specify the distribution. |
| Acceptance criteria | Allows a fixed number of defects (e.g., Ac = 2, Re = 3). Nonconforming units are expected and accepted within the AQL. | Zero-defect acceptance is the default for high-risk validation. The sample size is calculated to demonstrate the required reliability with zero failures. |
| Scalability | Fixed tables do not scale well. Very large lot sizes (>500K) require interpolation. Very small lots have limited table entries. | Scales mathematically. The formula works for any lot size, any confidence level, and any reliability level. |
| Regulatory alignment | Referenced in older FDA guidance. Not explicitly required by current 21 CFR 820.75 or ISO 13485. | Directly supports “high degree of assurance” language in 21 CFR 820.75. Aligns with ISO 13485 Section 7.5.6 and EU MDR Annex II requirement for validated processes using recognized statistical methods. |
The regulatory trajectory is clear. FDA, ISO 13485 (harmonized with 21 CFR 820 in February 2026 under QMSR), and the EU MDR all require that validation use recognized statistical methods with justified sample sizes proportional to risk. Risk-based methods are the direct answer to this requirement.
The Success-Run Theorem: The Core Formula
The Success-Run Theorem is the most widely used method for calculating risk-based sample sizes in process validation.
The method is based on the binomial distribution and determines the minimum number of units that must pass testing with zero defects to demonstrate a given reliability at a given confidence level.
Formula: n = ln(1 – C) / ln(R)
Where: n = minimum sample size (round up to next integer), C = confidence level (e.g., 0.95 for 95%), R = reliability level (e.g., 0.95 for 95%), ln = natural logarithm. The acceptance criterion is zero defects (c = 0). Any failure in the sample invalidates the demonstration.
Success-Run Theorem Sample Size Table
| Confidence Level | R = 90% | R = 95% | R = 97% | R = 99% | R = 99.9% |
| C = 90% | 22 | 45 | 76 | 230 | 2,302 |
| C = 95% | 29 | 59 | 99 | 299 | 2,995 |
| C = 99% | 44 | 90 | 152 | 459 | 4,603 |
| C = 99.9% | 66 | 135 | 228 | 688 | 6,905 |
Read the table as: “To demonstrate with [C]% confidence that the process has at least [R]% reliability, test [n] units with zero defects.”
The most common combination in medical device process validation is 95% confidence / 95% reliability, requiring 59 units. High-risk sterilization or biocompatibility processes often require 95% confidence / 99% reliability, requiring 299 units.
Linking FMEA Risk to Sample Size Requirements
The power of risk-based sample sizing comes from connecting the FMEA output to the confidence/reliability requirement.
A process step with a high Risk Priority Number (RPN) or high severity gets a more demanding statistical requirement, which drives a larger sample size. This is the direct link between risk assessment and validation planning.
The table below provides a practical mapping used by leading medical device and pharmaceutical manufacturers.
FMEA Risk Level to Confidence/Reliability Mapping
| Risk Level | RPN Range | Severity Criteria | Confidence | Reliability | Min Sample (c=0) | Example Process Step |
| Critical | RPN > 200 OR Severity = 9-10 | Patient death or serious injury. Product recall. Process failure undetectable by inspection. | 99% | 99% | 459 | Sterilization cycle. Bioburden reduction. Hermetic seal integrity. |
| High | RPN 120-200 OR Severity = 7-8 | Patient harm requiring medical intervention. Major product defect. Process failure detectable only by destructive test. | 95% | 99% | 299 | Adhesive bond strength. Electrical safety test. Drug potency. |
| Medium | RPN 60-119 OR Severity = 4-6 | Minor patient discomfort. Cosmetic defect. Process failure detectable by in-line inspection. | 95% | 95% | 59 | Dimensional tolerance check. Labeling verification. Color matching. |
| Low | RPN < 60 AND Severity = 1-3 | No patient impact. Administrative nonconformance. Process failure immediately obvious. | 90% | 95% | 45 | Packaging weight check. Box count verification. Label placement. |
This mapping creates a documented, defensible rationale for every sample size in the validation protocol. When an FDA investigator asks “why did you test 59 units?”, the answer traces directly from the FMEA:
This process step has a severity of 6, an occurrence of 4, and a detection of 3 (RPN = 72). Per our risk-based sampling procedure, medium-risk steps require 95% confidence / 95% reliability, which yields n = 59 at c = 0 using the Success-Run Theorem.” That answer satisfies 21 CFR 820.75.
Sample Sizes for Continuous (Variable) Data
The Success-Run Theorem applies to attribute (pass/fail) data. When the quality characteristic is continuous (measured on a scale, such as tensile strength, thickness, or concentration), a different approach is needed.
The two primary methods are tolerance interval analysis and capability-based sample sizing.
Continuous Data Methods Comparison
| Method | When to Use | Formula / Approach | Minimum Sample Size |
| Tolerance Interval (K-factor) | Process data is approximately normally distributed. Goal is to demonstrate that at least P% of the population falls within specification at C% confidence. | Use K-factor tables (NIST/SEMATECH). For P = 95%, C = 95%, n = 59 gives K = 2.022. Specification range must be > 2K x standard deviation. | Depends on desired P/C combination. n = 59 is a common starting point for 95/95. |
| Process Capability (Cpk) Demonstration | Process capability index (Cpk) must meet a target value. Common targets: Cpk > 1.0 (minimum), Cpk > 1.33 (capable), Cpk > 1.67 (highly capable). | Calculate Cpk from sample data. Use confidence interval on Cpk to demonstrate the target is met at the required confidence level. Larger samples narrow the confidence interval. | n = 30 minimum for Cpk point estimate. n = 60-100 to demonstrate Cpk > 1.33 at 95% confidence. |
| Bayesian Approach | Prior process knowledge exists (e.g., from development runs or analogous processes). Goal is to combine prior information with validation data. | Define prior distribution from historical data. Update with validation sample data using Bayes’ theorem. Calculate posterior probability that process meets specification. | Depends on strength of prior. Strong prior data can reduce validation sample sizes significantly. |
| Power Analysis (Hypothesis Testing) | Validation protocol includes a hypothesis test (e.g., “mean output > lower specification limit”). Goal is to detect a meaningful difference with specified power. | Standard power analysis: n = [(Z_alpha + Z_beta) x sigma / delta]^2, where sigma = std dev, delta = difference to detect, Z values from confidence and power requirements. | Calculated per protocol. Typical: n = 20-50 for detecting a 1-sigma shift at 80% power and 95% confidence. |
The choice between methods depends on the data type and the validation objective. Attribute data (pass/fail, go/no-go) uses the Success-Run Theorem.
Continuous data with a normality assumption uses tolerance intervals or Cpk. Continuous data where normality cannot be assumed uses non-parametric methods or larger sample sizes to compensate for distributional uncertainty.
Monte Carlo simulation can also determine sample sizes by simulating the validation outcome under various distributional assumptions and identifying the sample size that achieves the desired confidence.
Worked Example: Medical Device Sterilization Validation
A medical device manufacturer is validating the ethylene oxide (EO) sterilization process for a Class III implantable device.
The validation team conducts an FMEA on three critical process steps and calculates the required sample sizes using the risk-based approach.
Step 1: FMEA Output
| Process Step | Failure Mode | S | O | D | RPN | Risk Level | C/R Requirement |
| EO gas exposure cycle | Insufficient gas concentration: incomplete sterilization | 10 | 3 | 5 | 150 | High | 95% / 99% |
| Aeration (gas removal) | Residual EO exceeds ISO 10993-7 limit: cytotoxicity risk | 9 | 2 | 4 | 72 | Medium (but S=9 triggers High) | 95% / 99% |
| Package seal integrity | Seal breach during handling: sterility loss post-sterilization | 7 | 4 | 3 | 84 | Medium | 95% / 95% |
Step 2: Sample Size Calculation
| Process Step | C/R Requirement | Success-Run Calculation | Required Sample Size |
| EO gas exposure cycle | C = 95%, R = 99% | n = ln(1 – 0.95) / ln(0.99) = ln(0.05) / ln(0.99) = -2.996 / -0.01005 = 298.1 (round up) | n = 299 units, c = 0 defects |
| Aeration (gas removal) | C = 95%, R = 99% (severity override) | Same formula: n = 299 (severity of 9 triggers High-risk C/R regardless of RPN) | n = 299 units, c = 0 defects |
| Package seal integrity | C = 95%, R = 95% | n = ln(1 – 0.95) / ln(0.95) = -2.996 / -0.05129 = 58.4 (round up) | n = 59 units, c = 0 defects |
Step 3: Validation Protocol Summary
| Process Step | Sample Size | Accept Criteria | Test Method | Risk Level | Rationale |
| EO gas exposure | 299 | 0 defects (all units must pass sterility test) | Sterility test per ISO 11137 / USP <71> | High | Severity = 10 (patient death). FMEA RPN = 150. Per SOP-VAL-003, High risk requires 95/99 C/R. |
| Aeration | 299 | 0 defects (all units must have residual EO < 4mg per ISO 10993-7) | GC headspace analysis | High (severity override) | Severity = 9 (cytotoxicity). FMEA RPN = 72 but severity > 8 triggers High-risk override per SOP-VAL-003. |
| Package seal integrity | 59 | 0 defects (all units must pass seal strength and dye penetration test) | ASTM F88 (seal strength), ASTM F1929 (dye penetration) | Medium | Severity = 7, RPN = 84. Per SOP-VAL-003, Medium risk requires 95/95 C/R. |
The worked example demonstrates the direct traceability from FMEA to sample size. An FDA investigator reviewing this protocol can see exactly why 299 units were tested for sterilization (high severity + high confidence/reliability) and why 59 units were tested for seal integrity (medium risk). This documented rationale is the “valid statistical rationale” that 21 CFR 820.75 requires.
Regulatory and Standards Alignment
| Regulation / Standard | Requirement | How Risk-Based Sample Sizing Satisfies the Requirement |
| FDA 21 CFR 820.75 | Process validation must ensure the process “can consistently produce a result meeting predetermined specifications” with “a high degree of assurance.” | Risk-based sample sizes demonstrate the required confidence and reliability levels. The FMEA-to-sample-size mapping provides the documented statistical rationale FDA expects. |
| ISO 13485:2016 Section 7.5.6 | “The organization shall validate any processes for production and service provision where the resulting output cannot be verified by subsequent monitoring or measurement.” Validation methods must be proportionate to risk. | Risk-based approach scales validation effort to process risk, directly implementing the proportionality principle. FMEA integration ensures the most critical steps receive the most rigorous validation. |
| EU MDR Annex II, Section 3(b) | Technical documentation must include “manufacturing processes and their validation” using “recognised statistical methods.” | Success-Run Theorem and confidence/reliability methods are recognized statistical techniques. ISO 2859 and ISO 3951 provide the standards-based sampling framework. |
| ISO 31000:2018 | Risk assessment shall determine the nature, likelihood, and consequences of risk. Treatment shall be proportional to the risk level. | FMEA provides the risk assessment input. Confidence/reliability levels provide the proportional treatment. The sample size is the operationalized expression of risk-proportional validation. |
| GHTF/SG3/N99-10 | “Validation should establish, by objective evidence, that a process consistently produces a result or product meeting its predetermined specifications.” | Objective evidence = test results from a statistically justified sample. Risk-based methods provide the justification that arbitrary fixed sample sizes cannot. |
| FDA CSA Guidance (Sept 2025) | Computer software assurance activities “shall be proportionate to the risk associated with the use of the software” (aligning with ISO 13485 language). | Same risk-proportionality principle applied to software validation: high process risk = more assurance activities; low risk = streamlined approach. |
Implementation Roadmap
| Phase | Actions | Deliverables | Success Metrics |
| Days 1-30: Foundation | Develop a risk-based sampling SOP that defines the FMEA-to-confidence/reliability mapping. Train validation engineers on the Success-Run Theorem and continuous data methods. Audit existing validation protocols to identify sample sizes without statistical justification. | Risk-based sampling SOP (approved). Training records for validation engineers. Gap analysis of existing validation protocols. | SOP approved by quality management. 100% of validation engineers trained. Gap analysis identifies protocols requiring updated sample size justifications. |
| Days 31-60: Remediate | Update the top 5 highest-risk validation protocols with risk-based sample sizes. Recalculate sample sizes using the FMEA-to-C/R mapping. Document the statistical rationale in each protocol. Validate one new process using the risk-based approach as a pilot. | Updated validation protocols (top 5). Pilot validation protocol with full risk-based sample size justification. Updated FMEA-to-protocol traceability matrix. | All top 5 protocols have documented statistical rationale. Pilot validation executed with risk-based sample sizes. No 483-type gaps in the pilot protocol. |
| Days 61-90: Operationalize | Roll out the risk-based sampling SOP to all future validation activities. Integrate the FMEA-to-sample-size table into the validation protocol template. Train quality auditors to verify sample size justification during internal audits. Schedule annual review of the C/R mapping table. | Updated validation protocol template (organization-wide). Internal auditor training materials. Annual review schedule for the FMEA-to-C/R mapping. | All new validation protocols use risk-based sample sizes. Internal audit checklist includes sample size justification verification. First annual review scheduled. |
Common Pitfalls and How to Avoid Them
| Pitfall | Root Cause | Remedy |
| “We always test 30 units” without statistical justification | Organizational habit or misapplication of a rule of thumb. The number 30 comes from central limit theorem guidance (n > 30 for normality assumption), not from process validation requirements. | Calculate the sample size from the confidence/reliability requirement using the Success-Run Theorem. Document why the calculated number is appropriate. The answer may be 59, 299, or 22, but never an unjustified round number. |
| Using AQL acceptance sampling tables for process validation | Confusion between acceptance sampling (production lot inspection) and process validation (demonstrating process capability). MIL-STD tables allow defects; validation often requires zero defects. | Reserve AQL-based sampling for routine production inspection. Use Success-Run or tolerance interval methods for process validation, where the goal is to demonstrate capability, not to accept or reject a lot. |
| No link between FMEA and sample size | The FMEA is completed as a separate quality activity. The validation protocol is written independently. The two documents never reference each other. | Require every validation protocol to reference the FMEA and trace the sample size to a specific confidence/reliability requirement derived from the FMEA risk level. |
| Applying attribute methods to continuous data (or vice versa) | The validation team uses the Success-Run Theorem (attribute method) on dimensional measurement data, losing information by converting measurements to pass/fail. | Match the statistical method to the data type. Use tolerance intervals or Cpk for continuous data. Use Success-Run for attribute data. The method choice should be documented in the validation protocol. |
| Sample size calculated once, never revisited | The initial sample size was based on development-phase FMEA. The process was modified during scale-up, changing the risk profile, but the sample size was never recalculated. | Require sample size recalculation whenever the FMEA is updated (e.g., after a process change, CAPA, or design modification). Embed this requirement in the change control procedure. |
| Zero-defect criterion too rigid for high-volume processes | For some processes, zero defects in 299 units is statistically unrealistic given the inherent variability. Teams test more units but struggle to achieve zero failures. | Consider whether the acceptance criterion should be c = 0 or c > 0. The ANSI/ASQ Z1.9 tables allow calculation with a specified number of acceptable defects. Alternatively, use Cpk demonstration for continuous data where zero defects is impractical. |
Looking Ahead: Process Validation Trends 2025-2027
FDA’s harmonization of 21 CFR 820 with ISO 13485:2016 under the Quality Management System Regulation (QMSR), effective February 2026, will reinforce the risk-proportionality principle.
Organizations that have already implemented risk-based sample sizing will transition smoothly. Those still using arbitrary fixed sample sizes face remediation pressure.
Continuous process verification (CPV) is supplementing traditional three-batch validation with ongoing statistical monitoring. CPV uses real-time process data, control charts, and capability indices to demonstrate sustained process control, reducing the reliance on large upfront validation sample sizes.
The FDA’s 2011 Process Validation Guidance already endorsed this lifecycle approach, and adoption has accelerated in pharmaceutical manufacturing. Key risk indicators derived from CPV data, such as Cpk trend lines and out-of-specification rates, provide continuous evidence of process capability.
Bayesian statistical methods are gaining acceptance in process validation, particularly where prior knowledge from development batches, analogous products, or literature data can be incorporated.
Bayesian approaches reduce validation sample sizes when strong prior evidence exists, while increasing sample sizes when prior evidence is weak.
This risk-proportional behavior aligns naturally with regulatory expectations. Quantitative risk analysis techniques, including Monte Carlo simulation, are being used to model validation outcomes and optimize sample sizes before executing costly validation runs.
The organizations that master risk-based sample sizing gain a dual advantage: regulatory confidence (documented statistical rationale that satisfies FDA, ISO, and EU MDR) and resource efficiency (smaller samples where risk is low, freeing resources to invest in higher-risk validation activities).
In a regulated manufacturing environment where every validation run costs time, material, and laboratory capacity, that efficiency is a competitive advantage.
Ready to implement risk-based sample sizing in your validation program? Visit riskpublishing.com to access risk assessment templates, quantitative risk analysis guides, and FMEA resources. Need a tailored validation statistics workshop? Contact our consulting team to design a training program aligned to your regulatory requirements.
References
1. FDA 21 CFR 820.75: Process Validation — U.S. Food and Drug Administration
2. ISO 13485:2016 Medical Devices Quality Management Systems — International Organization for Standardization
3. FDA Statistical Techniques Conference Presentation, July 2022 — FDA CDRH
4. ISO 31000:2018 Risk Management Guidelines — International Organization for Standardization
5. ISO 2859-1:1999 Sampling by Attributes — International Organization for Standardization
6. ISO 3951-1:2022 Sampling by Variables — International Organization for Standardization
7. GHTF Quality Management Systems: Process Validation Guidance — Global Harmonization Task Force (now IMDRF)
8. Risk-Based Approach and Statistical Methods in Process Validation — Seleon GmbH
9. Risk-Based Approaches to Establishing Sample Sizes for Process Validation — Med Device Online (Durivage)
10. FDA Process Validation Guidance (Pharmaceutical) — FDA CDER
11. FDA Computer Software Assurance Final Guidance, September 2025 — FDA CDRH
12. NIST/SEMATECH e-Handbook of Statistical Methods — National Institute of Standards and Technology
13. ANSI/ASQ Z1.4-2003 Sampling Procedures for Inspection by Attributes — American Society for Quality
14. EU MDR 2017/745 Annex II Technical Documentation — European Parliament and Council
.
Chris Ekai is a Risk Management expert with over 10 years of experience in the field. He has a Master’s(MSc) degree in Risk Management from University of Portsmouth and is a CPA and Finance professional. He currently works as a Content Manager at Risk Publishing, writing about Enterprise Risk Management, Business Continuity Management and Project Management.