500 likes | 649 Views
18.06.2009. FTO III. Quality Risk Management. Root Cause Analysis. Drivers. Regulatory basis of Quality Risk Management Program. Pharmaceutical cGMPs for the 21st Century – a risk based approach (USFDA) ICH Q 9
E N D
18.06.2009 FTO III Quality Risk Management Root Cause Analysis
Regulatory basis of Quality Risk Management Program • Pharmaceutical cGMPs for the 21st Century – a risk based approach (USFDA) • ICH Q 9 • Regulatory Basis – EU Annex 15 to Volume 4 of the EU Guide on Good Manufacturing Practice (GMP) on Qualification and Validation • The new EU GMP Annex 20 corresponds to ICH Q9 guideline on Quality Risk Management.
cGMP for 21st Century white paper - USFDA • New concept of science and Risk based approach to GMP • Quality Risk Management is critical in development of the Product Quality Control Strategy • An understanding of the product and process in terms of fundamental, mechanistic properties as opposed to empirical. • Utilization of prior knowledge in defining the product, process and facility. • Facility designed to accommodate the product’s lifecycle • Risk Analysis, Risk Assessment, Risk Management
Regulatory Basis - ICH In 2005 the ICH Q9, Quality Risk Management, was published This outlined how an effective quality risk management (QRM) approach can: • Further ensure the high quality of the drug (medicinal) product to the patient by providing a proactive means to identify and control potential risks to the patient during manufacturing. • Improve the decision making if a quality problem arises • Facilitate better and more informed decisions • Provide regulators with greater assurance of a company’s ability to deal with potential risks • Beneficially affect the extent and level of direct regulatory
Regulatory Basis - EU In 2001, the EMEA issued the final version of Annex 15 to Volume 4 of the EU Guide on Good Manufacturing Practice (GMP) on Qualification and Validation: “This Annex describes the principles of qualification and validation which are applicable to the manufacture of medicinal products. It is a requirement of GMP that manufacturers identify what validation work is needed to prove control of the critical aspects of their particular operations. Significant changes to the facilities, the equipment and the processes, which may affect the quality of the product, should be validated. A risk assessment approach should be used to determine the scope and extent of validation.”
Regulatory Basis – EU (cont’d). “The new GMP Annex 20 corresponds to ICH Q9 guideline on Quality Risk Management. It provides guidance on a systematic approach to quality risk management facilitating compliance with GMP and other quality requirements. It includes principles to be used and options for processes, methods and tools which may be used when applying a formal quality risk management approach.”
QRM - Introduction • Protection of the patient • Valuable component of Quality system • Quality should be maintained throughout the product lifecycle • Proactive method • Improve the decision making • Provide assurance to regulators on company’s ability to deal with potential risks • QRM does not obviate industry’s obligation to comply with regulatory requirements
QRM – Principle The Quality risk management considers the following principle : • The evaluation of the risk to product quality shall be based on scientific knowledge and shall be linked to the protection of the patient • The level of effort and documentation of the quality risk management process shall be commensurate with the level of risk
QRM - Risk Risk (Failure mode) is a combination of the probability of occurrence of harm and the severity of the harm. Effect of failure mode shall be defined based on the terms of “what the customer might see or experience with the identified failure”. The examples of failure effects include: • Injury to the user • Improper appearance of the product or process • Odors
Initiate QRM process Risk Assessment Ri sk Commun Ica t ion Risk Identification Risk Management tools Risk Analysis Risk Evaluation Risk Control Risk acceptance Risk reduction Output / Result of the QRM Process Risk Review Risk Events
QRM - Responsibilities • Usually, undertaken by Interdisciplinary teams with knowledgeable about the QRM process • Experts from the appropriate areas (e.g., Quality unit, Engineering, Regulatory affairs, Production operations, sales and marketing )
QRM - Initiating a QRM Process Possible steps used to initiate and plan a quality risk management process might include the following: • Define the problem and/or risk question, including pertinent assumptions identifying the potential for risk • Assemble background information and/ or data on the potential hazard, harm or human health impact relevant to the risk assessment • Identify a leader and necessary resources • Specify a timeline, deliverables and appropriate level of decision making for the risk management process
QRM - Risk Assessment Risk assessment consists of the • Risk identification • Risk analysis • Risk evaluation The risk assessment process involve three fundamental questions : • What might go wrong? • What is the likelihood (probability) it will go wrong? • What are the consequences (severity)?
Risk Assessment - Risk Identification Identification of threats which could impact product quality or security Personnel: The assessment of Personnel include the attributes, training, education, competence, reporting relationships and communication. Equipment: The assessment of equipment includes the type, design, condition, capability, location, installation, operation, maintenance and calibration of the equipment. Facilities: The assessments of facilities include layout, utilities, maintenance, dedication, and hygiene of the facility.
Risk Assessment - Risk Identification Methods and procedures: The assessment of method and procedures include checking, modifications, distribution, utilisation, condition, change control, deviations, storage, trends, handling planned breaks and abnormal events. Materials: The assessment of materials includes identity, status control, quantity, handling, specifications, security, arrangements, counterfeiting control and material condition. Environment: The assessment of Environment include physical effects of climatic and storage conditions (temperature, time, humidity, rain, air pressure, light, vibration, etc), pest infestation, cross contamination, and damage such as fire or flood.
Initiate QRM process Risk Assessment Ri sk Commun Ica t ion Risk Identification Risk Management tools Risk Analysis Risk Evaluation Risk Control Risk acceptance Risk reduction Output / Result of the QRM Process Risk Review Risk Events
Risk Priority Number The Risk Priority Number is a mathematical product of the numerical Severity, Probability, and Detection ratings: RPN = (Severity / Consequences) x (Probability of occurrence) x (Chances of Detection) A high RPN indicates that the risk is high and a low RPN indicates that the risk is low.
Risk Assessment - Risk Analysis • In Risk analysis, the likelihood / probability of occurrence of the identified risk shall be considered. • A numerical value shall be assigned to each cause that indicates how likely that cause is (probability of the cause occurring). • A scale 1 indicating low and 10 indicate high likelihood of occurrence. • This value shall be used for the calculation of Risk Priority number (RPN).
Risk Evaluation - Severity / Consequences • In Risk evaluation, the “severity / consequences” of the problem shall be defined quantitatively. • A numerical ranking for the severity of the effect shall be established. • A scale 1 indicating low and 10 indicate high severity of the problem.
Risk Assessment - Risk evaluation • The Current Controls for the design or process shall be specified. • The Current Controls (design or process) prevent the cause of the failure mode from occurring or which detect the failure before it reaches the Customer. Each of these controls shall be assessed to determine how well it is expected to identify or detect failure modes. • The likelihood of Detection shall be determined. • Detection is an assessment of the likelihood that the Current Controls (design and process) will detect the Cause of the Failure Mode or the Failure Mode itself, thus preventing it from reaching the Customer. • This value shall be used for the calculation of Risk Priority number (RPN). • A scale of “1” indicates a high probability of detection and “10” indicate low probability of detection.
Risk Priority Number The Risk Priority Number is a mathematical product of the numerical Severity, Probability, and Detection ratings: RPN = (Severity / Consequences) x (Probability of occurrence) x (Chances of Detection) A high RPN indicates that the risk is high and a low RPN indicates that the risk is low.
Risk Control The RPN (Risk Priority Number) shall be used to prioritize items which require additional quality planning or action. The Risk control process shall include the decision making to reduce (risk reduction) and / or accept risks (risk acceptance) to an acceptable level. The amount of effort used for risk control shall be proportional to the significance of the risk. The following questions shall be considered at the time of carrying out at the risk control process. • Is the risk above an acceptable level? • What can be done to reduce, control or eliminate risks? • What is the appropriate balance among benefits, risks and resources? • Are new risks introduced as a result of the identified risks being controlled?
Risk Reduction • In Risk reduction, the processes for mitigation or avoidance of quality risk when it exceeds an acceptable level shall be considered. • The RPN of “125” shall be considered as the cut off value at which action is required. This is based on “125” being the score derived when the mid score is applied to all three categories (i.e., the numerical value “5” severity x 5 for occurrence x 5 for detection). • These actions could include but not limited to; specific inspection, testing or quality procedures, selection of different components or materials, limiting environmental stresses or operating range; redesign of the item to avoid the failure mode; monitoring mechanisms; performing preventative maintenance; and inclusion of back-up systems or redundancy. • The Risk reduction shall include recommended actions to be taken to mitigate the severity and probability of harm. The Processes that improve the detectability of hazards and quality risks shall also be used as part of a risk control strategy.
Risk acceptance In the risk acceptance stage the decision on risk under acceptance level shall be taken. Risk acceptance can be a formal decision to accept the residual risk based on optimal quality risk management strategy.
Risk Communication The output of the quality risk management process shall be documented and shall be communicated to the Quality Assurance Head and Plant Head.
Risk Review • The output / results of the risk management process shall be reviewed to take into account new knowledge and experience. To ensure that there is no drift in the controlled state, the Product Quality risk assessment shall be reviewed at defined frequency (once in two years).
Tools for QRM • Basic risk management facilitation methods - flowcharts, check sheets • Failure Mode Effects Analysis (FMEA) • Failure Mode, Effects and Criticality Analysis (FMECA) • Fault Tree Analysis (FTA) • Hazard Analysis and Critical Control Points (HACCP) • Hazard Operability Analysis (HAZOP) • Preliminary Hazard Analysis (PHA) • Risk ranking and filtering • Supporting statistical tools
History of FMEA • FMEA was formally introduced in the late 1940s for military usage by the US Armed Forces In 1960s, FMEA used for developing the means to put a man on the moon and return him safely to earth In the late 1970s the Ford Motor Company introduced FMEA to the automotive industry for safety and regulatory consideration. • It is integrated into Advanced Product Quality Planning (APQP) to provide primary risk mitigation tools and timing in the prevention strategy, in both design and process formats. • Proactive method of RCA • Extensively used in the Quality Risk Management • Based on scientific knowledge and shall be linked to the protection of the patient ( ICH Q9)
FAILURE MODE & EFFECT ANALYSIS
Applications – Quality Management Documentation: • Handling of master documents • Distribution of documents • Storage • Retrieval and retention Training and education: • Role and Job description • Training – induction, on the job, continuous learning Quality Defects • OOS • Critical market complaints Auditing and Inspection • Frequency of the audit Change management and control: • Facility changes • Process changes Periodic reviews: • QRM ( Quality review) frequency
Applications – Facility, Equipment & Utilities Flow of material and Personnel : • Containment Minimize contamination : • Personnel • Design • Preventing ingress • Facilitating egress • Managing the residual contamination Prevention of mix up: • Material handling • Personnel Dedication of facility • Type of molecules to be handled Contact materials for equipment and containers • MOC Utilities • Quality attributes • Controls Preventive maintenance • Schedule • Frequency Hygiene aspects • Cleaning Qualification • Scope and extent of qualification Calibration
Applications – Material management • Supplier evaluation • Starting materials • Storage • Distribution condition
Applications – Production & Lab QRM - Production • Validation • In process sampling QRM – Lab controls • OOS • OOT • Retest Period • Expiration date
Applications – Development • Design • Product performance over the material attributes such as particle size, flow properties • Critical Process parameters • Manufacturing controls