Embed Size (px)
Citation preview
Quality Risk Management
(ICH Q9)
Neeraj ShrivastavaQuality Assurance
Goals:• Risk Management (priorities, resources
allocation and setting regulatory requirements).• Science-based regulatory approaches (conduct
scientific risk assessment.• Strong public health focus.• Assessment and implementation of appropriate
quality management systems.• Integrated product quality regulatory practice
(review and inspection processes).
The Expectations:• The evaluation of the risk should ultimately link
back to the potential risk to the patient.• The extent of the risk management process
should be commensurate with the level of risk associated with the decision.
• Assembling background information and data on the hazard, harm or human health impact relevant to the assessment.
• A more robust data set will lead to lower uncertainty.
• People who apply risk management should have the appropriate training, skills and experience.
• The risk management process should be appropriately documented and verifiable.
• Defining specifically the risk management problem or question, including the assumptions leading to the question.
• Assembling background information and data on the hazard, harm or human health impact relevant to the assessment.
The Expectations:
The Expectations• Identifying the necessary resources, members of the
team who have the appropriate expertise, with the leader clearly identified.
• Asking the right risk assessment questions.• Stating clearly the assumptions in the risk
assessment.• Assessing the quality and sufficiency of relevant
data.• Specifying and deliverables for the risk assessment.
Risk Management Tools
Use the appropriate tool(s)! No one tool is “all
inclusive”!
Principles1. The evaluation of the risk to
quality should be based on scientific knowledge and ultimately link to the protection of the patient.
2. The level of effort, formality and documentation of the quality risk management process should be commensurate with the level of risk.
Risk Assessment and Control Tools:
• Basic risk management facilitation methods (flowcharts, check sheets etc.)
• Failure Mode Effects Analysis (FMEA)
• Failure Mode, Effects and Criticality Analysis (FMECA)
• Fault Tree Analysis (FTA)
Risk Assessment and Control
Tools: continue..• Hazard Analysis and Critical Control Points (HACCP)
• Hazard Operability Analysis (HAZOP)
• Preliminary Hazard Analysis (PHA)
• Risk ranking and filtering• Supporting statistical tools
Experience or Institution based approach
• Traditionally used, as it requires.• No factual analysis or observations.• Biased.
Symptom Remedy
Investigative Tools:
Data based approach• Scientific.• Methodical.• Unbiased.
Symptom Root cause Remedy
Investigative Tools:
Investigative Tools: for QRM
USE CORRECT TOOL FOR CORRECT WORK
Initiating a QRM Process• Quality risk management is systematic process designed to coordinate, facilitate and improve science-based decision making for the assessment, control, communication and review of risks to the quality of the drug (medicinal) product across the product lifecycle.
Initiating a QRM Process• Define the problem and/or risk
question, including pertinent assumptions identifying the potential for risk.
• Assemble background information and/ or data on the potential hazard, harm or human health impact relevant to the risk assessment
• Specify a timeline, deliverables and appropriate level of decision making for the risk management process.
Risk Review
Ris
k C
om
mu
nic
a tio
n
Risk Assessment
Risk Evaluationunacceptable
Risk Control
Risk Analysis
Risk Reduction
Risk Identification
Review Events
Risk Acceptance
InitiateQuality Risk Management Process
Output / Result of theQuality Risk Management Process
Risk M
an
age
men
t tools
Ris
k M
anag
emen
t Pr
oces
s
Risk Assessment• What can go wrong?• What is the likelihood (probability) it
would go wrong?• What are the consequences?• Identification of hazards, analysis and
evaluation of risks associated with exposure to those hazards.
Related Terminology:• Risk Analysis is a systematic use of information
to identify specific sources of harm (hazard) and to estimate the risk.
• Risk evaluation compares the estimated risk against risk criteria using a quantitative or qualitative scale to determine the significance of the risk.
• Risk management focuses on a reduction of severity of harm.
• Risk acceptance is a decision to accept risk, i,e, no additional risk control activities are necessary at that time.
• Focuses on processes for mitigation or avoidance of quality risk when it exceeds a specified (acceptable) level. Risk reduction might include actions taken to mitigate the severity and probability of harm. Processes that improve the detectability of hazards and quality risks might also be used as part of a risk control strategy.
Risk Control
• Is the risk above an acceptable level?• What can be done to reduce or
eliminate risks?• What is the appropriate balance
among benefits, risks and resources?• Are new risks introduced as a result of
the identified risks being controlled?
Risk Reduction
• Some types of harms, even the best quality risk management practices might not entirely eliminate risk. In these circumstances, it might be agreed that an appropriate quality risk management strategy has been applied and that quality risk is reduced to a specified (acceptable) level, will depend on many parameters and should be decided on a case-by-case basis
Risk Acceptance
• The sharing of information about risk and risk management between the decision makers and others can communicate at any stage of the risk management process. The result of the quality risk management process should be appropriately communicated and documented. The included information might relate to the existence, nature, form, probability, severity, acceptability, control, treatment, detectability or other aspects of risks to quality.
Risk Communication
• The results of the risk management process should be reviewed to take into account new knowledge and experience. Once a quality risk management process has been initiated, that process should continue to be utilized for events that might impact the original quality risk management decision, whether these events are planned (e.g. results of product review, inspections, audits, change control) or unplanned (e.g. root cause from failure investigations, recall).
Risk Review
QRM Methodology QRM supports a scientific and practical approach to decision-making. It provides documented, transparent and reproducible methods to accomplish steps of the quality risk management process based on current knowledge about assessing the probability, severity and sometimes detectability of the risk.
severity
prob
abili
tyhigh
medium
low
risk
detec
tabilit
y
Parameters for evaluating risks
Probability Detectability or Detection time
Severity
past today future
Refers to
time
Refers to
Refers to
= Risk Priority Number
x x
Risk Priority Number
Action based on RPNRPN (Risk Priority
NumberRisk Action
RPN No.: ≤ 4 Low Not required
RPN No.: 5 – 8 Medium To be decided by team if necessary
RPN No.: ≥ 9 High Must be done
Severity of Effect (S) Severity of Effect Rating Example
No relevant consequences.
1 No effect on Quality, equipment.
Might have effect on product, personnel.
2 Out of calibration of component, loss of Product.
Harm to people, quality of product, damage to equipment
3 Must be done
Probability of Occurrence (O)Severity of Effect Rating Example
Very unlikely 1 Failure are very rare (1/10000-Failure)
Unlikely 2 Failure are rare (1/1000-Failure)
Likely 3 Failure are unknown have experience of happening it in past (1/100-Failure)
Detection Time (D)Detection Time Rating Example
Immediately 1 In-process control with 100% Test of check.
Later 2 Periodic monitoring, weekly checks, release testing.
Never 3 No checks or test might detect or identify the failure.
Risk Assessment Evaluation
• Quality risk management methods and the supporting statistical tools can be used in combination (e.g. Probabilistic Risk Assessment). Combined use provides flexibility that can facilitate the application of quality risk management principles.
The weakest linkin the chain will no
longer be a problem
Anything that has the potential to harm patients, product quality or the business (loss, interruption, image)
Potential threat- chemical reaction
- manufacturing issues - facilities and equipment
System defect- not detected
- insufficiently prevented- emerges by degree
Failure- technical breakdown- human breakdown- extrinsic effect
hazard
Definition: Hazard
• Understand and influence the factors (hazards) which impact regulators and industry business
• Create awareness and a culture • Supports an effective pro-active
behaviour– Open factual dialogue– Make decisions traceable and consistent
• Provide assurance – Risks are adequately managed– Compliance to external and internal
requirements• Recognise risks at a desired level
– Zero risk not possible
QRM- Scientific Activity
Quality Risk
Management
Proactive disclosure
build trust and understanding
Improve communication
through sharing best practice and science
based knowledge
• An appropriate integrated approach
helps to meet requirements more efficiently
Master complexity Convert data into knowledge
e.g. by using methodology and tools
Empowerment & Flexibility
• Hiding risks• Writing half the truth (e.g. in an investigation report)
• A means of removing industry’s obligation to comply with regulatory requirements.
• Both Companies & Inspectors have to think and not simply follow black and white rules.
Concerns regarding QRM
Say, what you do
Do, what you say
Gain experience
Improve it
Approval
Manufacture for market
Analyse root cause:Continuous improvement
Update documentation
Quality Risk
Management
(QRM)
(Risk of) Failure ?
Integrate QRM during product life cycle
However, if you don’t use it, you will not gain the benefits
Quality Risk Management is mandatory is an
expectation of EU & PICs GMP – but ICH Q9 is not
Change in behaviourSharing information
Sharing information
