basic application of quality risk management in … · 2019. 2. 3. · basic application of quality...

BASIC APPLICATION OF QUALITY RISK

MANAGEMENT IN PHARMACEUTICAL

INDUSTRY

Aksari Dewi

Annual Scientific Meeting – Indonesian Pharmacist’ Association (IAI)

April 20th, 2018

Pekanbaru, Riau.

DISAMPAIKAN PADA PIT IAI 2018

Outline

• Introduction

• QRM Definition

• QRM Process

• QRM Tools

• QRM Tools: FMEA Implementation

2


➢ Risk management is not new – we

do it informally all the time

➢ Risk management has been used

in the medical device,

telecommunications, aerospace

and car industries for many years.

➢ Pharmaceutical industry?

Introduction

3


4

© 2017 USP

Risk management has also been part of the

pharmaceutical industry for many years:

– GMP requirements are designed to address risk.

For example, the specific GMP requirements for

sterile products are designed to mitigate the risk of

sterility failure

– In some cases, GMP specifies a risk based

approach. For example, "a risk assessment

approach should be used to determine the scope

and extent of validation required" (WHO TRS 937

Annex 4, 5.2.10)

– Specifications in pharmacopoeia monographs

include tests for known potential contaminants

– QRM from GMP point of view: the management

of any risks associated with quality, safety and

efficacy throughout the lifecycle of the product.

Introduction


Pharmaceutical Product’s Lifecycle

Introduction

5

Q10Q8

Process

Materials

Design

Manufacturing

Distribution

Patient

Facilities

Q9

Opportunities to address risk using

quality risk management


Introduction

Quality Risk Management

Guidelines

The International Council for

Harmonization of Technical

Requirements for Pharmaceuticals for

Human Use (ICH) ICH Q9: Quality

Risk Management Developed by the

appropriate ICH Expert Working Group &

recommended for adoption to the

regulatory bodies of the European Union,

Japan and USA.

WHO TRS No.981 Annex 2: WHO

guidelines on quality risk management

CPOB 2012: inclusion of QRM in Annex

146

© 2017 USP


Quality Risk ManagementDefinition

"Quality Risk Management is a systematic process for the assessment, control, communication

and review of risks to the quality of the medicinal product across the product lifecycle." (ICH Q9)

Primary Principles:

• The evaluation of the risk to quality should be based on scientific knowledge & ultimately link

to the protection of the patient and

• The level of effort, formality & documentation of the quality risk management process should

be commensurate with the level of risk

In addition to the two principles above, the following principles are also part of the QRM

methodology:

• When applied, processes using QRM methodologies should be dynamic, iterative and

responsive to change.

• The capability for continual improvement should be embedded in the QRM process.

7


8

© 2017 USP

QRM Process

Risk Review

Ris

kC

om

mu

ni c

ati

on

Risk Assessment

Risk Evaluation

unacceptable

Risk Control

Risk Analysis

Risk Reduction

Risk Identification

Review Events

Risk Acceptance

Initiate

Quality Risk Management Process

Output / Result of the


Ris

kM

an

ag

em

en

tto

ol s


9

© 2017 USP

QRM activities should be performed using systematic

processes designed to coordinate, facilitate and improve

science-based decision-making with respect to risk.

Possible steps used to initiate and plan a QRM process

might include the following:

Define the problem and/or risk question, including

pertinent assumption identifying the potential for risk

Assemble background information and/or data on the

potential hazard, harm or human health impact relevant

to the risk assessment

Identify a leader and the necessary resources

Specify a timeline, the deliverables, and an appropriate

level of decision-making for the risk management

process.

QRM Process

Initiate QRM Process

Risk Review

Ris

kC

om

mu

nic

at i

on

Risk Assessment

Risk Evaluation

unacceptable

Risk Control

Risk Analysis

Risk Reduction

Risk Identification

Review Events

Risk Acceptance

Initiate




Ris

kM

an

ag

em

en

tto

ols


10

© 2017 USP

"A systematic process of organizing information to support a

risk decision to be made within a risk management process.

It consists of the identification of hazards and the analysis

and evaluation of risks associated with exposure to those

hazards." (ICH Q9)

Risk Identification

– Use of information to identify hazards or potential risks

– Historical data, theoretical analysis, informed opinions

Risk Analysis

– Estimation of risk associated with identified hazards

– Qualitative or quantitative

– Links probability and severity

– In some tools, includes detectability

QRM Process

Risk Assessment

Risk Review

Ris

kC

om

mu

ni c

at i

on

Risk Assessment

Risk Evaluation

unacceptable

Risk Control

Risk Analysis

Risk Reduction

Risk Identification

Review Events

Risk Acceptance

Initiate




Ris

kM

an

ag

em

en

tt o

ol s


11

© 2017 USP

Risk Analysis – Probability

▪ A simple qualitative tools:

QRM Process

Risk Assessment (cont.)

P – Probability of Occurrence

High Likely to occur

Medium May occur

Low Unlikely to occur

Remote Very unlikely to occur

Risk Analysis - Severity

▪ A simple qualitative tools:

S – severity level if event occurs

Critical Serious GMP non-compliance

Patient injury possible

Moderate Significant GMP non-

compliance

Impact on patient possible

Minor Minor GMP non-compliance

No patient impact


12

© 2017 USP

Risk evaluation

– Compares identified and analysed risk against criteria

– Considers probability, severity (and detectability)

– Output can be qualitative (high, medium or low) or quantitative (probability x severity x detectability)

– Quantitative provides a relative ranking – prioritises risk

A simple risk table with risk acceptability criteria:

QRM Process


Risk = Probability x Severity

CriticalModerateMinorSeverity

Probability

Intolerable riskIntolerable riskUnacceptable riskHigh

Intolerable riskUnacceptable riskAcceptable riskMedium

Unacceptable riskAcceptable riskAcceptable riskLow

Acceptable riskAcceptable riskAcceptable riskRemote


13

© 2017 USP

Risk Criteria Definition:

▪ Intolerable – work to eliminate the negative event or introduce detection controls is required

as a priority

▪ Unacceptable – work to reduce the risk or control the risk to an acceptable level is required

▪ Acceptable – the risk is acceptable and no risk reduction or detection controls are required

QRM Process



14

© 2017 USP

"Actions implementing risk management

decisions“ (ICH Q9)Includes risk reduction (if applicable) and risk acceptance

– Risk Reduction

• Actions taken to lessen the probability of occurrence of harm

and the severity of that harm

• Typically CAPA and change control

– Risk Acceptance

• The decision to accept risk

• If risk reduction action taken, follows re-analysis and

evaluation

QRM Process

Risk Control

Risk Review

Ris

kC

om

mu

ni c

at i

on

Risk Assessment

Risk Evaluation

unacceptable

Risk Control

Risk Analysis

Risk Reduction

Risk Identification

Review Events

Risk Acceptance

Initiate




Ris

kM

an

ag

em

en

tt o

ol s


15

© 2017 USP

Risk control can conclude:

– Not proceeding with the risky activity

– Taking the risk

– Removing the risk source

– Changing the likelihood of the risk

– Changing the consequences of the risk

– Sharing the risk with another party

QRM Process

Risk Control (cont.)

Risk Review

Ris

kC

om

mu

ni c

at i

on

Risk Assessment

Risk Evaluation

unacceptable

Risk Control

Risk Analysis

Risk Reduction

Risk Identification

Review Events

Risk Acceptance

Initiate




Ris

kM

an

ag

em

en

tt o

ol s


16

© 2017 USP

Appropriate systems should be in place to

ensure that the output of the QRM process is

periodically monitored and reviewed, as

appropriate, to assess new information that may

impact on the original QRM decision.

QRM Process

Risk Review

Risk Review

Ris

kC

om

mu

nic

at i

on

Risk Assessment

Risk Evaluation

unacceptable

Risk Control

Risk Analysis

Risk Reduction

Risk Identification

Review Events

Risk Acceptance

Initiate




Ris

kM

an

ag

em

en

tt o

ols


• Basic risk management facilitation methods (flowcharts, check sheets etc.);

• Failure Mode Effects Analysis (FMEA);

• Failure Mode, Effects and Criticality Analysis (FMECA);

• Fault Tree Analysis (FTA);

• Hazard Analysis and Critical Control Points (HACCP);

• Hazard Operability Analysis (HAZOP);

• Preliminary Hazard Analysis (PHA);

• Risk ranking and filtering;

• Supporting statistical tools.

• Etc

llet or other media

QRM Tools

17


QRM Tools

Five Whys

Why the first problem occurred?

Why cause #1 resulted in the problem?

What caused cause #1? etc.

– Apply this until the reason for the cause

is identified (the cause may be found in

less than or more than five whys)

• 1st Why

• 2nd Why

• 3rd Why

• 4th Why

• 5th Why

18

© 2017 USP


QRM ToolsThe Five Whys to RCA

19

Why did this

occur?

(1st Why)

• Why did high rate of rejection observed for the yield reconciliation for ampoule manufacturing?

• Because of visible glass particles reported after visual inspection following filling operation before terminal sterilization

Why did this

occur?

(2nd Why)

• Why did visible glass particles observed during visual inspection?

• Because of broken glass coming from the ampoules during filling and sealing operation

Why did this

occur?

(3rd Why)

• Why did the ampoule break during filling and sealing operation?

• Because of the high thermal variation outside the ampoules specification

Why did this

occur?

(4th Why)

• Why did the filling operation thermal condition exceeds that of the ampoule?

• Because the change for ampoule specification

Why did this

occur?

(5th Why)

• Why did the ampoule specification changed?

• Previous ampoule supplier discontinued

Filling machine operation condition doesn’t match the ampoule specification


QRM Tools

20

Fishbone (Ishikawa) Diagram


QRM ToolsFailure Mode and Effect Analysis (FMEA) Failure mode = how a process step can fail

Failure effect = what is the impact if the process fails

FMEA determination:

– Critical Process step

– Potential failure

– Severity

– Occurrence

– Detection

– Risk Priority Number-RPN

21


Failure Mode and Effect Analysis (FMEA)

10 Process on implementing FMEA

1. Process Review

2. Brainstorming

3. Make a list of impact for every failure

4. Determination of severity

5. Determination of Occurrence

6. Determination of Detectability

7. Risk Priority Number (RPN) calculation

8. Sort Priorities of Failure

9. Mitigation process

10. Re-calculate RPN to see the result of follow up action

22


23

© 2017 USP

Process Review

Review the business processes using the map, flow chart, or if possible conduct a process walk-through

to improve understanding of the process being analyzed. If the process or flow chart does not exist then

the team must arrange the process or flow chart before starting the FMEA process.

Brainstorming

Brainstorming process can take place more than once to find a comprehensive list for all the possibilities

that can occur. The results of brainstorming are then grouped into several causes of errors such as

humans, machinery / equipment, materials, working methods and work environment. Common tools used

for this process: Fishbone (Ishikawa) Diagram.

FMEA Implementation Process


24

© 2017 USP

Make a list of impact for every failure

For each mistake, the effect that occurs can only be one, but may also be more than one.

Determination of severity



26

© 2017 USP

Risk Priority Number (RPN) calculation

RPN= [Value of Severity] X [Value of Probability] X [Value of Detection]

The total RPN value is calculated for each possible error.

Sort the priorities that require further handling based on RPN value

After calculating RPN for each potential error then it can be prioritized based on the value of

the RPN.

Mitigation process

Ideally all errors that cause high impact should be eliminated completely. Handling is done

simultaneously for all three aspects, namely improving the ability to detect errors, reduce the

impact of errors when they occur.



27

© 2017 USP

Re-calculate RPN to see the result of follow up action

The result of the re-calculated should result in a significant decrease of the RPN value to a fairly safe

level. If not achieved then still need to do further corrective action.

Bagan FMEA



Questions?


Thank You


basic application of quality risk management in … · 2019. 2. 3. · basic application of quality...

Documents