1 / 82

APPLICATION OF QUALITY RISK MANAGEMENT IN PHARMACEUTICAL MANUFACTURING (ICH Q9)

APPLICATION OF QUALITY RISK MANAGEMENT IN PHARMACEUTICAL MANUFACTURING (ICH Q9). Pharm (Mrs). Uche Sonny- Afoekelu , M.Sc .(PH), MPCPharm Assistant Director, Compliance Division Drug Evaluation and Research Directorate, NAFDAC. OUTLINE. Regulatory requirements Definition

Download Presentation

APPLICATION OF QUALITY RISK MANAGEMENT IN PHARMACEUTICAL MANUFACTURING (ICH Q9)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. APPLICATION OF QUALITY RISK MANAGEMENT IN PHARMACEUTICAL MANUFACTURING(ICH Q9) Pharm (Mrs). Uche Sonny-Afoekelu, M.Sc.(PH), MPCPharm Assistant Director, Compliance Division Drug Evaluation and Research Directorate, NAFDAC US-A

  2. OUTLINE • Regulatory requirements • Definition • Introduction to Quality Risk Management (QRM) • Concept of QRM • Principles of QRM • Proactive and Reactive QRM • QRM Process • Risk Management Methodology • Potential Applications of QRM US-A

  3. Regulatory requirements • Quality Risk Management should be an integral element of the Pharmaceutical Quality System (NAFDAC cGMP guidelines 2016 1.23) • ICH Q9

  4. Definition: • Quality Risk Management (QRM) is a systematic process for the assessment, control, communication and review of risks to the quality of a drug product across the product lifecycle • It can be applied both proactively and reactively (retrospectively). US-A

  5. Introduction • QRM is an enabler- • Together with knowledge management, it enables a company to implement ICH Q10 effectively and successfully. • These enablers will facilitate the achievement of the quality objectives by providing the means for science and risk based decisions related to product quality. US-A

  6. CONCEPT OF QRM • IS QRM A NEW REGULATORY REQUIREMENT? • YES OR NO? US-A

  7. NO, QRM is not a new concept • QRM is not a new concept for manufacturers and Regulatory Authorities. • Informal QRM-related activities have been taking place for many years. • Change control, self-inspection, supplier approvals, temperature mapping, ..… are informal QRM-related activities.

  8. NO, QRM is not a new concept • GMP requirements are designed to address risks eg: The specific GMP requirements for sterile products are designed to mitigate the risk of sterility failure • In some cases GMP specifies a risk based approach eg “ a risk assessment approach should be used to determine the scope and extent of validation required”(WHO Annex 4, 5.2.10)

  9. NO, QRM is not a new concept • Specifications in Pharmacopoeial monographs include tests for known potential contaminants • From a GMP point of view, we are only concerned with risks associated with quality, safety, and efficacy-Quality risk management. • Some organizations use risk approaches in other areas eg to ensure resources are utilized in the most efficient way. • This is also applicable to inspectorates • Risk management is also applied in the medical, telecom, aviation, aerospace and car industries

  10. So what is new? • A deliberate effort to formally and systematically apply QRM Principles

  11. CONCEPT OF QRM • Effective QRM can facilitate better and more informed decisions • It can provide regulators with greater assurance of the company’s ability to deal with potential risks • It can beneficially affect the level of direct regulatory oversight. US-A

  12. DANGER! • The principles of QRM can be incorrectly applied in pharmaceutical operations example • QRM is not an excuse to violate cGMPs • Release of a contaminated lot because of a low QRM score • Use of QRM to replace root cause analysis • I don’t need an SOP for that because of the QRM score US-A

  13. DANGER…2 • QRM is NOT a shortcut for avoiding the hard work of cGMP compliance • Use of QRM to inappropriately reduce process validation studies • Use of QRM to justify minimal on-the-job training • Use of QRM to justify cGMP compliance failures US-A

  14. DANGER..3 • There is a desired outcome and risk management is used to justify it • Invalid assumptions- suit the desired outcome • Cost reduction (increased profits) is often the real reason why many risk assessments are done • Cost reduction may be a secondary outcome • Variable tolerance of risk (risk appetite)

  15. QRM- From an inspector’s perspective • Be prepared so that the process is understood • Have sufficient knowledge to understand what has been done and challenge assumptions, omissions etc • Be clear about when QRM is not appropriate • Be flexible and accept the outcome of a scientifically sound QRM exercise • If done properly, there should be increased assurance of quality (and possibly cost savings)

  16. PRINCIPLES OF QRM Two primary principles of QRM are: • The evaluation of the risk to quality should be based on scientific knowledge and ultimately link to the protection of the patient. • The level of effort , formality and documentation of the quality risk management process should be commensurate with the level of risk US-A

  17. PRINCIPLES OF QRM…2 • QRM is a tool to facilitate cGMP compliance, not replace it. • QRM can be a strong documented ally in demonstrating that we operate in a state of control US-A

  18. PRINCIPLES OF QRM…3 • Why is the management of risk important in today’s world of Pharmaceutical manufacturing? • Not all risks can be eliminated- thus we must manage and mitigate those risks that do exist • Not all risks deserve equal attention-by having a process that ranks and prioritizes risks, we can better utilize our resources and efforts • Not all risks are readily apparent- a hidden risk can often pose a greater threat to our business than those we know and can manage US-A

  19. PROACTIVE AND REACTIVE USES OF QRM • REACTIVE- QRM can be used as a reactive tool to assess potential quality issues that have already occurred eg • Assessment of post marketing issues • Complaints • Stability issues • Assessment of manufacturing issues • Potential contamination issue • Incorrect label US-A

  20. PROACTIVE AND REACTIVE USES OF QRM • PROACTIVE: • Assessment of proposed changes • Line speed change • Addition of a third shift • Assessment of new operations • New tablet press • Additional automated inspection system US-A

  21. Proactive uses of QRM -contd • Assessment of adverse trends • Water results • Environmental results • Assess the breadth of an investigation- • Extend to other batches or products

  22. Proactive QRM contd; Assessment of regulatory actions of experience of others on your own operation • Warning letter from another regulatory body • Proposed new regulatory requirements or expectations Tool for continuous improvement • Lab flow re-design • Batch record review/release processes US-A

  23. Tips- proactive and reactive QRM • In reactive events, containment of the issue becomes a key component of the risk assessment. • The less contained the issue, the higher the risk potential. Thus, there is greater need for mitigation • A comprehensive proactive use of QRM always includes the open-ended question: ‘what can possibly go wrong?’ Each possibility represents a risk that must be listed, assessed, and mitigated if needed. US-A

  24. THE QRM PROCESS • RISK ASSESSMENT • RISK CONTROL • RISK COMMUNICATION • RISK REVIEW US-A

  25. THE QRM PROCESS THE QRM PROCESS

  26. RISK ASSESSMENT Risk assessment consists of: • Hazard identification • Risk analysis • Evaluation of risk associated with exposure to those hazards • Three fundamental questions are often helpful… US-A

  27. RISK ASSESSMENT…2 • Hazard- Any potential source of harm • Harm- Anything that can cause damage to health including loss of product quality or availability • Risk-The combination of the probability of occurrence of harm and the severity of that harm US-A

  28. RISK ASSESSMENT …3 QUESTIONS: • For Risk (Hazard) Identification – What might go wrong or has gone wrong? (O) • For Risk Analysis- What is the likelihood or probability that it will go wrong and what is the detectability? (D) • For Risk Evaluation- What are the consequences (severity?) (S) US-A

  29. RISK ASSESSMENT…4 Hazard (Risk) Identification: • It is a systematic use of information to identify hazards. • Information can include historical data, theoretical analysis, informed opinion, concerns from stakeholders, expert opinion and brainstorming.- • This underscores the need for a multidisciplinary QRM Team • It answers the “what might go wrong?” question including identifying possible consequences • Provides the basis for further steps in the QRM process US-A

  30. RISK ASSESSMENT…5 • Risk Analysis • This is the estimation of the risk associated with the identified hazard. • qualitative or quantitative • links the likelihood of occurrence (probability) with severity • In some risk management tools, it includes detectability US-A

  31. Risk analysis- probability:A simple qualitative tool P- Probability of occurrence interpretation Likely to occur May occur Unlikely to occur Very unlikely to occur • High • Medium • Low • Remote

  32. Risk analysis- Severity:A simple qualitative tool S- Severity level if event occurs interpretation Serious GMP non-compliance. Patient injury possible Significant GMP non-compliance; impact on patient possible Minor GMP non-compliance No patient impact • Critical • Moderate • Minor

  33. Risk Analysis • Detectability: High- The control is likely to detect the negative event or its effect • Medium- The control may detect the negative event or its effects • Low- the control is not likely to detect the negative event or its effects • Zero- no detection control in place

  34. Risk Evaluation • This compares the identified and analyzed risk against given risk criteria. • Risk evaluations consider the strength of evidence for all three of the fundamental questions (probability, severity and detectability) US-A

  35. Output/result of Risk Assessment • Output can be qualitative (high, medium, low) • Output can be quantitative (probability x severity x detectability) • Quantitative provides a relative ranking- prioritizes risk US-A

  36. Simple risk table with risk acceptability criteria

  37. Risk definitions • Intolerable- action to eliminate the negative event or introduce detection controls is required as a priority • Unacceptable- action to reduce the risk or control the risk to an acceptable level is required • Acceptable-the risk is acceptable and no risk reduction or detection controls are required

  38. Quality risk assessment – using FMEA • The identify critical manufacturing steps that will require validation: • Acceptance criteria: RPN= 3X3X3= 27 (JUST AN EXAMPLE!)

  39. Quality risk assessment – using FMEA • An RPN value below 27 indicates that this parameter/process step is not critical and does not require validation whereas as one with an RPN value of 27 and above require validation/investigation. • Only a risk with no significant impact on product quality shall be accepted.

  40. Caution! • Scale can be from 1 to 5 or from 1 to 10 as long as it remains proportional. • Assessing RiskSome words of caution when using the RPN value to assess risk - RPNs have no value or meaning in themselves. • Although it is true that larger RPN values normally  indicate more critical failure modes, this is not always the case. • For example, belowwe have three cases where the RPNs are identical, but clearly the second case would warrant the most attention. WHY? US-A

  41. Same RPN • CASE 1: US-A

  42. Points to note As a general rule, any failure mode that has an effect resulting in a severity value of 4 or 5 (on a scale of 1-5) or 9 or 10 (on a scale of 1-10) would have top priority. Severity is given the most weight when assessing risk. Why? Next the severity and occurrence (SXO) combination would be considered, since this in effect, represents the criticality. US-A

  43. caution • Below is another RPN example reminding us that we need to be careful not to assess risk purely based on the RPN values. • Here, the failure modes with the lowest RPN values are actually the most critical. • Be careful not to just establish “threshold values” for RPNs when assessing risks as this could lead you to making costly mistakes. • Below we see that No 1 is the most critical even though it has the lowest RPN, then no 2, and then no 3. . US-A

  44. Lowest RPN? • Case 2: US-A

  45. CAUTION • In summary, always address high severity failure modes regardless of their overall RPN values. US-A

  46. Risk Control • Risk control includes decision making to either reduce or accept risks. • The purpose of risk control is to reduce the risk to an acceptable level. • The amount of effort used in risk control should be proportional to the significance of the risk US-A

  47. Risk control…2 Questions • Is the risk above an acceptable level? • What can be done to reduce risks? • What is the appropriate balance among benefits, risks, and resources? • Are new risks introduced as a result of the identified risk being controlled? US-A

  48. Risk control…3 • Risk Reduction (If applicable) • Actions taken to lessen the probability of occurrence of harm and severity of that harm • Typically CAPA and Change control • Processes that improve the detectability of hazards and quality risks might also be used as part of a risk control strategy US-A

  49. Risk control…4 • Risk reduction • The implementation of risk reduction measures can introduce new risks into the system or increase the significance of other existing risks. • It might be appropriate to revisit the risk assessment to identify and evaluate any possible change in risk after implementing a risk reduction process US-A

  50. Risk control…5 • Risk acceptance • Is a decision to accept risk. • It can be a formal decision to accept the residual risk. • The best risk management principles may not be able to entirely eliminate risk • The acceptable (specified) level will depend on many parameters and will be decided on a case by case basis US-A

More Related