2. This presentation will cover
1. Overview of Quality Risk Management
Process
2. Application of ASTM Standard E 2500 in
Commissioning & Qualification.
www.drugregulations.org 2
6. 6
Individual: Risk is a cognitive and emotional
response to expected loss.
Society: Risk is a societal expression of expected
harm tempered by expected benefits.
Technical: Risk is usually based on the expected
value of the conditional probability of the event
occurring X the consequence of the event given that
it has occurred.
7. Risk
◦ Combination of
◦ Probability of occurrence of harm and
◦ Severity of that harm.
Harm
◦ Damage to Health including the damage that can
occur from the loss of Product Quality or
availability.
Hazard : Potential Source of Harm
8. Which consequence is more severe?
◦ 300 lives lost in single, fiery plane crash.
◦ 300 lives lost on roads over a weekend.
◦ 300 lives potentially lost from cancer within the next 20 years
Which probability is probable?
What does a “30% chance of rain tomorrow” mean?
◦ 30% of the days like tomorrow will have at least a trace of rain.
◦ 30% of the area will have rain tomorrow.
◦ 30% of the time tomorrow, it will rain.
10. Time
ProcessParameter
Lower Specification Limit (LSL)
Upper Specification Limit (USL)
today
Uncertainty
RISK: For a given severity of risk event, what are the chances
(probability) of exceeding the USL in the next period of time?
Tomorrow ?
11. Time
ProcessParameter
Lower Specification Limit (LSL)
Upper Specification Limit (USL)
today
Uncertainty
RISK: Control options are scenarios for risk management. Note
that this scenario shows the best estimate is below the USL.
Tomorrow ?
13. Risk Identification
What might go wrong?
Risk Assessment
www.drugregulations.org 13
Risk Review
RiskCommunication
Risk Assessment
Risk Evaluation
unacceptable
Risk Control
Risk Analysis
Risk Reduction
Risk Identification
Review Events
Risk Acceptance
Initiate
Quality Risk Management Process
Output / Result of the
Quality Risk Management Process
RiskManagementtools
14. System Risk (facility & people)
◦ e.g. interfaces, operators risk, environment,
components such as equipment, IT, design elements
System Risk (organisation)
◦ e.g. Quality systems, controls, measurements,
documentation, regulatory compliance
Process Risk
◦ e.g. process operations and quality parameters
Product Risk (safety & efficacy)
◦ e.g. quality attributes:
measured data according to specifications
15. Risk Identification
What might go wrong?
Risk Analysis
What is the likelihood (probability) it will go
wrong
What are the consequences (severity)?
Risk Evaluation
What is the level of risk? Any mitigating factors?
Risk Assessment
www.drugregulations.org 15
Risk Review
RiskCommunication
Risk Assessment
Risk Evaluation
unacceptable
Risk Control
Risk Analysis
Risk Reduction
Risk Identification
Review Events
Risk Acceptance
Initiate
Quality Risk Management Process
Output / Result of the
Quality Risk Management Process
RiskManagementtools
16.
17. Risk Identification
What might go wrong?
Risk Analysis
What is the likelihood (probability) it will go
wrong
What are the consequences (severity)?
Risk Evaluation
What is the level of risk? Any mitigating factors?
Risk Assessment
www.drugregulations.org 17
Risk Review
RiskCommunication
Risk Assessment
Risk Evaluation
unacceptable
Risk Control
Risk Analysis
Risk Reduction
Risk Identification
Review Events
Risk Acceptance
Initiate
Quality Risk Management Process
Output / Result of the
Quality Risk Management Process
RiskManagementtools
Risk Reduction
Mitigation or avoidance of quality risk
Elimination of risks, where appropriate
Risk Control
Risk Acceptance
Acceptance of Residual Risk
19. Should risks
be assessed?
Are there clear rules
for decision making?
e.g. regulations
Yes
“no RM“
Risk assessment not required
(No flexibility)
Follow procedures
(e.g. Standard Operating Procedures)
Document results,
decisions and actions
CONSIDERATIONS
1. What might go wrong?
2. What is the likelihood (probability)
it will go wrong?
3. What are the consequences (severity)?No or
justification needed
Can you answer
the risk assessment
questions?
Yes
“informal RM“
Initiate Risk assessment
(risk identification, analysis & evaluation)
Run risk control
(select appropriate measures)
Agree on a team
(small project)
Select a Risk Management tool
(if appropriate e.g. see ICH Q9 Annex I)
No
“formal RM“
Carry out the
quality risk management process
Document the steps
www.drugregulations.org 19
20.
21. Supporting statistical tools
◦ Acceptance Control Charts (see ISO 7966)
◦ Control Charts (for example)
Control Charts with Arithmetic Average and
Warning Limits (see ISO 7873)
Cumulative Sum Charts; “CuSum” (see ISO 7871)
Shewhart Control Charts (see ISO 8258)
Weighted Moving Average
◦ Pareto Charts
◦ Process Capability Analysis
◦ Histograms
◦ Design of Experiments (DOE)
◦ Use others that you are familiar with….
www.drugregulations.org 21
22. Risk Assessment is not an “Exact
science”.
There is no such thing as “Zero” “ Risk”
What you need to decide is “ What is
acceptable Risk”
Risk Management is not an “one off”
activity.
23. The evaluation of
the risk to quality
should be based on
scientific knowledge
and ultimately link
to the protection
of the patient
The level of effort,
formality and
documentation
of the quality risk
management process
should be
commensurate with the
level of risk
ICH Q9
28. Centered around Documentation
Guidance was not Followed as intended
Criteria not used to gain comprehensive
understating of the Product , Process and
System
www.drugregulations.org 28
31. ASTM E 2500 -07
A consensus standard based on sound
scientific, engineering and Quality Principles
Focus on product & process design through
detailed requirements and mitigating risks in
the Design Phase
www.drugregulations.org 31
32. Focus on that which affects Product Quality
Process User Requirements Key to
acceptability
Risk Assessment and Process Knowledge
used to identify Critical Elements
Only critical features/ functions are qualified
Use of Supplier Documents
www.drugregulations.org 32
33. Science & Risk based approach to assure that
GMP Equipment & Systems are
◦ Fit for Intended Use
◦ Have been properly Installed
◦ Are Operating Correctly
Extent of Verification & Level of Detail
◦ Risk to Product Quality
◦ Risk to Patient Safety
◦ Complexity & Novelty of Manufacturing System
www.drugregulations.org 33
34. Critical Quality Attribute
◦ Physical ,chemical, biological or
microbiological property that should be
within appropriate limit , range or distribution
to ensure desired product Quality
Critical Process parameter
◦ A process parameter whose variability has an
impact on a critical quality attribute and
therefore should be monitored or controlled
to ensure process produces desired quality.
www.drugregulations.org 34
35. Critical Aspects are
◦ Functions, Features, abilities and
Performance & Quality Characteristics To
Ensure Consistent Product Quality &
Patient Safety
◦ Should be identified & documented based
on scientific product & process
understanding.
◦ Verification should focus on these aspects.
www.drugregulations.org 35
41. Step 1 : Planning and Documentation
VMP
Verification Team and Responsibilities
Document Matrix
Eligible Vendor Documentation
Select Risk Assessment Tool
FMEA can be used to Identify & Evaluate “CRITICAL ASPECTS” of a
Manufacturing System.
Engineering Change Notification
Process to document & approve modifications that occur during system
design , startup & Verification
Applicability to regulatory laws & expectations must be justified
www.drugregulations.org 41
42. Step 2 : Identify Subject Matter Expert
SME’s are responsible for Specifications,
Design & Verification
Individuals with specific expertise &
responsibility in a particular area
www.drugregulations.org 42
43. Step 3 : Requirements Definition
Process Engineering SME’s develop these
Identify specific requirements
Used further for Specifications, Design &
Verification
www.drugregulations.org 43
44. Step 4 : Risk Assessment
SME’s conduct FMEA as a design review
Identify “CRITICAL ASEPCTS” that affect
systems Installation , Operation and
Performance.
Identify Control & Verification techniques to
manage risks to an acceptable levels
www.drugregulations.org 44
45. Step 5 : Specification & Design
Leverage Qualified Vendor Expertise ( SME) to identify &
document elements which may affect Critical Quality
Attributes
Communicate factors that impact product quality to the
system designer
Strive to mitigate product quality & patient risks through
design
Functional Specifications provide acceptance criteria for
functional tests specified in the verification plan
SME’s translate URS into system description & functional
specification
www.drugregulations.org 45
46. Step 6 : Verification Plan
Verify the critical Aspects of the
Manufacturing System
Design
Properly installed
Operate correctly
Are fit for intended use
www.drugregulations.org 46
47. Step 6 : Verification Plan consists of
◦ Inventory Verification List & Verification Test Matrix
Inventory Verification List
Identifies all necessary system design &
Verification documentation
Serves as a Document acquisition checklist
Contains : URS , FS, HSD , SDS , P & ID’s ,
Electrical & Mechanical Drawings , manuals, a risk
analysis report , Verification Testing Matrix ,
Verification Protocol & Report
www.drugregulations.org 47
48. Step 6 : Verification Plan consists of
Verification Test Matrix
Identifies Critical Testing based on Risk Levels, Design
Documentation & SME Input
Identifies Chronological point when testing will be done
◦ Factory , Installation , Start up , Qualification
NON CRITICAL ASPECTS are documented using the IVL
checklist .
Do not require SME oversight or QA Personnel.
CRITICAL ASPECTS require SME scrutiny & documented in
Verification Test Protocol
◦
www.drugregulations.org 48
49. Step 6 : Verification Plan consists of
Verification Test Matrix
Acceptance criteria are derived from
Functional Requirements in : URS & FS
VTP lists test to mitigate High Risk aspects
Tests to demonstrate system functionality,
features, capacity, and output quality.
Critical Tests are generally executed only
once.
www.drugregulations.org 49
50. Step 6 : Verification Plan consists of
Verification Test Matrix
VTP contains only the critical testing
necessary to verify that
A system is properly installed
It operates correctly
Fit for its intended use
www.drugregulations.org 50
51. Step 6 : Verification Plan consists of
Verification Test Matrix
VTP organizes testing as it pertains to
Installation/ Utility Verification
Startup/ Operation Verification
Functional / Performance Verification
These phases can be used to satisfy Annex
15 requirements.
www.drugregulations.org 51
52. Step 6 : Verification Plan consists of
Verification Test Matrix
The value of VTP is isolation of CRITICAL
TESTING needed to verify a system.
CRITICAL TESTING is reviewed by SME & QA
Other testing and documentation are moved
to IVL checklist.
www.drugregulations.org 52
53. Step 7 : Verification Plan Execution
Verification Test Matrix identifies when testing
document acquisition for the IVL & VTP will
happen
Testing may be performed as a part of FAT / SAT
protocols or
Performed according to test functions within a
VTP
Testing of NON CRITICAL ASPECTS is more simply
verified using IVL
www.drugregulations.org 53
54. Step 8 : SYSTEM Verification Report
Reviews testing conducted during System Design
, Fabrication , Installation , Start Up &
Verification.
Report is written by an Independent SME
Independent review of protocol exceptions ,
deviations & punch list
Summarizes system performance data
Concludes whether the system is or is not FIT
FOR INTENDED USE
www.drugregulations.org 54
55. Step 9 : GMP Release
Performed by QA
QA verifies compliance with other other GMP
systems : Training , calibration , maintenance,
operating procedures & change Management.
Step 10 : GMP operation & Change Management
Modifications are controlled through Change
Management with focus on CRITICAL ASPECTS &
SYSTEM PERFORMACE
www.drugregulations.org 55