Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

An Introduction To Risk Management Professional Societies

1 997 vues

Publié le

FDA recently endorsed the Risk Management approach described in ICH Q9. I presented this a year ago to ASQ Philadelphia. Still relevant today!

  • Login to see the comments

An Introduction To Risk Management Professional Societies

  1. 1. An Introduction to Risk Management Michael D. Kaufer, MBA, MS CGMP Solutions, Inc. 1
  2. 2. Learning Objectives  ICH Q9  What are the basics of Risk?  Risk Tools  Principles of Risk Management 2
  3. 3. Learning Objective #1 ICH Q9 3
  4. 4. What is ICH Q9?  Developed by the Expert Working Group of ICH for Technical Requirements for Registration of Pharmaceuticals for Human Use  Endorsed by the ICH Steering Committee, Nov. 2005.  Issued as a Guidance document June 2006.  Also represents the FDA's current thinking on a topic.  Doesn’t create or confer any rights for or on any company and does not bind FDA or a company.  Alternative approaches are acceptable, if the approach satisfies the requirements of the applicable statutes and regulations. 4
  5. 5. Why Q9?  Risk management practices are inadequate.  Effective quality risk management can:  Control potential quality issues  Improve decision making  Facilitate better and more informed decisions  Provide regulators with greater assurance of a company’s ability to deal with potential risks 5
  6. 6. Risk & the perception of Risk Risk = Probability of harm * Severity of harm * Exposure  Risk Management is the systematic use of available information to identify hazards and to estimate the risk.  Different stakeholders perceive risk differently  Company  Medical Community  Individual physicians  Who else? 6
  7. 7. Figure 1.1: Stakeholders Patient’s Family The Medical The Firm Community The Society FDA Patient The Firm’s Partners Healthcare & Investors Industry Patient 7 Advocacy Grps.
  8. 8. Why Q9, continued  Q9 uses a life-cycle approach  What is a product life cycle?  Administration of a drug product always entails some risk  Manufacturing a drug product always entails some risk  FDA expects firms to manage the risks associated with manufacturing  Product quality should be maintained throughout the product life cycle 8
  9. 9. Figure 1.2: Drug Product Lifecycle Phase of FDA Supplementary Early research Supplemental Submissions reporting & & preclinical reporting review IND Filing NDA 30-day wait Submission Approval Preclinical Phase IV Chemical Phase I Phase II Phase III Phase III Testing & Post- Synthesis Clinical Clinical Clinical (continued) Phase of Pharmacology marketing Development Toxicology Time Required 5.8 7.4 1.5 (Years) 9
  10. 10. ICH Q9, continued  Q9 proposes that firms use a “Systematic Approach” consisting of:  Formalized policies, procedures, tools & models  Support from senior management  What does this entail?  CPGM 7356.002 Compliance Program – Drug Manufacturing Inspections http://www.fda.gov/cder/dmpq/compliance_guide.htm  RMP should be used daily for decision-making! 10
  11. 11. Initiate Quality RMP Risk Assessment Risk ID Risk Analysis Figure 1.3: Risk Management Tools Risk Typical Risk Risk Communication Evaluation Unacceptable Management Risk Control Process Risk Reduction Risk Acceptance Acceptable or Unacceptable Result of Quality RMP Risk Review Review Events 11
  12. 12. Figure 1.4: FDA’s Approach  Sept. ’04 - Risk- based Method for Site Risk Potential Prioritizing CGMP Inspections  FDA convened a Product Process Facility panel of experts  Brainstorming 1997- sessions identified Intrinsic Factors 2003 Recall Process Risk Factors Process Controls History of Violations Inspection History 70 potential risk History factors! Est. Production Output Type of Establish- ment 12
  13. 13. Learning Objective #2 What are the basics of Risk? 13
  14. 14. What is Risk?  Potential loss  Outcomes that make us worse-off  Outcomes that are not as good as some other outcome  Chance  Likelihood, potential, etc.  Probabilistic or Qualitative  Exposure  How much of the risk am I exposed to?  There’s no exposure, if you don’t take the product! FDA is concerned about patients’ exposure!  Severity  What’s going to happen, if the risk materializes? 14
  15. 15. Risk & Perception of Risk  Risk = Probability of harm * Severity of harm  This is the definition given in many standards  Ignores the exposure factor  Different stakeholders perceive risk differently, i.e., view exposure differently  Legal Department  Finance  Purchasing  Manufacturing  Packaging  QA/QC  Project Management 15
  16. 16. Risk Determinants Figure 1.5: Basic Risk Determinants Lack of control  Control  Information  Time Lack of information Lack of time 16
  17. 17. Risk Determinants, cont.  Lack of control  Natural environment  Socio-cultural environment  Political environment  Competitive environment  Internal environment  Actions of individuals 17
  18. 18. Risk Determinants, cont.  Lack of information  In a business environment, what do we need information about?  Lack of time to:  Identify sources of information  Gather information  Analyze information  Evaluate Can we  Current operations “create” time?  Planned operations  Formulate information into meaningful controls 18
  19. 19. Classifying Risk, cont.  Further classification:  Pure (insurable) risk  Business risk  Project risk  Operational risk Life Sciences industry is concerned with these!  Technical risk  Political risk 19
  20. 20. Adjusting Risk, continued  Adjusting risks:  (1) actions that modify the chances of the undesired event occurring or the overall loss if the event does occur  Stolen car  Burglary  Life sciences?  (2) actions that modify the distribution of consequences  Carpooling or using public transit  Keeping valuables in a safe deposit box  Life sciences?  (3) actions that neither reduce the chance of an event or the associated loss  Buying insurance 20
  21. 21. Learning Objective #3 Risk Tools 21
  22. 22. Risk Models  “Academic” models and studies:  MacCrimmon & Wehrung, 1986  Finkel & Golding, 1994  Davies, 1996  Haimes, 1998  Konisky, 1999  Morgan, 2002  Ayub, 2003  Industry standards  ISO 14971:2007(E) Medical Devices – Application of risk management  GAMP 4/5  ICH Q9 22
  23. 23. Tools for Risk Management  Cause-&-Effect  QFD Analysis  FTA  Brainstorming  FMEA  Decision Trees  FMECA  Process Mapping /  HACCP Flowcharts Matrices? 23
  24. 24. Figure 1.6: Cause-and-Effect Diagram for the elements of process validation PP G S Vo E ow De pe lu ni ns c. m La Fi lli ng EN ity e M be ng M EA lin g A Controlled Access VI In Process SU CH RO Packaging IN C H han Te m H um N RE ER r. ge p. id M Stability M aj M M in Y s/ ity EN M A na EN Vessel #1 or or Air T ic ro ly tic T Vessel #2 al Manufacturing Surfaces Release Validation Policies T Approved APIs Pharm Eningeering P R O B VM M PR Y Validation SOPs Approved Excipients Operations G R LS LO E W IA O . . kg fg O R D M P TE P Validation Approach Approved PKG & LBL O N TH A A es QC M M ch E at rix M at ro B al Water ic 3 M tic M ly na A FI ed W ifi ur P 24
  25. 25. Figure 1.7: Brainstorming how do we clean equipment & facilities? No product Combination SIP System residue of methods Automated No detergent System residue CIP System (Not in-place) No micro- organisms How do we What are the criteria Manually clean it? for clean? No dye or flavor residues RISK: CLEANING VALIDATION Facilities Equipment Who is involved? What needs to (Functionally) Supppliers be cleaned? Handtools QA Operations IMTE QC Labs 25
  26. 26. Figure 1.8: Decision Tree - do I look for another job or start-up my own firm? $150K/year Look for another job? Partners agree to buy-back? $150K/year +110K cash ? $150K/year Sign with the +220K cash $150K/year Start-up? $135K/year ? ? $150K/year Stay with Start- $138K/year ? up or leave? $142K/year YEAR 1 YEAR 2 YEAR 3 26
  27. 27. S ta r t/E n d P r o c e s s Figure 1.9 Basic Flowchart S u b r o u tin e s P rocess Shapes D e c is io n P o in t P rocess A lte r n a te P r o c e s s M a n u a l O p e r a tio n P rocess D e la y D e c is io n P o in t O ff-p a g e P r o c e s s Buy SmartDraw !- purchased copies print this document without a watermark . 27 S ta r t/E n d P r o c e s s Visit www.smartdraw.com or call 1-800-768-3729.
  28. 28. Table 1.1 Example of a Matrix (using risk rankings or weightings) Criteria Factors-to-be-considered Points No. of APIs Score I. Type of product A. Non-sterile solutions 1 1 2 ≥ 3 being developed or B. Non-sterile suspensions 2 1 2 ≥ transferred 3 C. Semi-solids 3 1 2 ≥ 3 D. Solid dosage (tablets) 4 1 2 ≥ 3 E. Solid dosage (capsules) 5 1 2 ≥ 3 F. Solid dosage (lozenges) 6 1 2 ≥ 3 G. Drug coated patches 7 1 2 ≥ 3 H. Terminally sterilized products 8 1 2 ≥ 3 I. Injectable drug (aseptically produced) 9 1 2 ≥ 3 J. Injectable drug (aseptically produced and lyophilized) 10 1 2 ≥ 3 K. Implantable device with drug component(s) 11 1 2 ≥ 3 Criteria Factors-to-be-considered Points Weight Score II. Non-API-related A. Changes are those that are unlikely to have any detectable impact on formulation quality and performance. 1 Multiply by changes to B. Changes are those that could have a significant impact on 2 score from Section I components & formulation quality and performance. C. Changes are those that are likely to have a significant impact on 3 28 composition formulation quality and performance.
  29. 29. The Problems with Tools  Relevant examples  Medical Device Industry  Healthcare Industry  Not everyone knows how to use them  Facilitators?  SOPs?  Must be adapted to the industry  Some are too complex (now)  Some have simplified nomenclature 29
  30. 30. Table No. 1.2: Failure Severity Rating Effect Severity Criteria Rating No effect 1 Failure would have no effect on the customer Slight effect 2 Customer is dissatisfied; still uses product Moderate effect 4 Customer complains Significant effect 6 Customer declines further use Major effect 8 Adverse event Extreme effect 10 Serious adverse event 30
  31. 31. Table No. 1.4: Failure Occurrence Rating Occurrence Rating Failure Criteria Rate Remote 1 1 in 10,000 Process deviation very unlikely Very slight 2 1 in 4,000 Very few process deviations Slight 3 1 in 2,000 Few process deviations Low 4 1 in 400 Occasional process deviation Medium 5 1 in 80 Moderate number of process deviations Moderately high 6 1 in 20 Frequent process deviations High 7 1 in 10 High number of process deviations Very high 8 1 in 5 Very high number of process deviations 31
  32. 32. Table No. 1.5: Detection Rating (for failure modes) Detection Rating Criteria for Controls in Place Ability Almost certain 1 Detection is certain; validated on-line PAT controls Very high 2 Detection is likely; heavy use of inspection between & during process steps (with some automation) High 3 Detection is very likely; validated lab methods Moderately high 4 Moderate likelihood of detection; heavy use of inspection during process steps Medium 5 Medium likelihood of detection; heavy use of inspection between process steps Low 6 Low likelihood of detection; low usage of inspection and testing; inspections & tests are not optimal Slight 7 Controls being concurrently validated Very slight 8 Controls are experimental Remote 9 Controls not aligned to critical quality attributes 32 Impossible 10 No controls in place
  33. 33. Learning Objective #4 Principles of Risk Management 33
  34. 34. Principles of Risk Management 1. Risk management is a process that occurs throughout a product’s lifecycle  Risks change as the product moves through the life cycle  Our level of understanding progresses along a learning curve  The level of control we can achieve varies with technology  Who is privy to risk communication changes 34
  35. 35. Principles of Risk Management, cont. 1. Safety-by-design is the preferred option for managing risks  Is the design inherently safe?  Preclinical studies  Clinical studies  Protective measures built into the manufacturing process  Manufacturing  Packaging  Protective measures built-into the product  Can this be done with drug products?  Is labeling information all we can do? 35
  36. 36. Principles of Risk Management, cont. 1. Risk management models & tools must be modified to account for:  The patients’ conditions  The dosage form  Maturity of the firm’s RMS  Can I use RM tools without a RM model?  Maturity of the firm’s QMS  Can I use a RMS without a QMS?  The firm’s culture 36
  37. 37. Principles of Risk Management, cont. 1. Risk management is an iterative process.  How often does it need to be done?  Annual Product Review?  Change?  Deviation Investigations?  Project basis?  sNDA?  How often it is done dictates what part of the organization does it, and the resources available.  Knowledge is transferable from one product to another 37
  38. 38. Principles of Risk Management, cont. 1. Top management commitment is critical for effective risk management  Without adequate resources, RM is ineffective  RM requires the involvement of trained individuals  Each company’s top management must also establish a policy on how “acceptable” risks will be determined  Can this be done “universally”?  RM is a new and evolving process requiring periodic review & improvement 38
  39. 39. Principles of Risk Management, cont. 1. Risk management activities must be documented.  Policies and procedures  What about the output document the 5 essential from risk management questions: activities? Where does  Who that get documented?  What  Annual Product Reports?  When  Deviation Investigations?  Where  IQ//OQ/PQ?  How  Other?  Training records 39
  40. 40. Thank you! Questions? 40
  41. 41. Bibliography  Akao, Yoji, ed. Quality Function Deployment Integrating Customer Requirements into Product Design, Cambridge: Productivity Press, 1990, p. 27.  Berry, Ira R. and Nash, Robert A., eds., Pharmaceutical Process Validation, 2nd ed., Marcel Dekker: New York, 1993.  Butler, Shawn A., Fischbeck, Paul, “Multi-Attribute Risk Assessment” Carnegie Mellon University.  FDA, Guidance for Industry Q9 Quality Risk Management, GPO, June 2006.  FDA, Guidance for Industry Quality Systems Approach to Pharmaceutical CGMP Regulations, GPO, September 2006.  FDA, Risk-Based Method for Prioritizing CGMP Inspections of Pharmaceutical Manufacturing Sites – A Risk Ranking Model, GPO, September 2004.  Frame, J. Davidson, Managing Risk in Organizations A Guide for Managers, Josey-Bass: San Francisco, 2003.  Franceschini, Fiorenzo, Advanced Quality Function Deployment, New York: St. Lucie Press, 2002.  Gitlow, Oppenheim & Oppenheim, Quality Management: Tools and Methods for Improvement, 2nd ed., Irwin: Boston, 1995.  Ishikawa, Kaoru, Guide to Quality Control, Quality Resources: White Plains, New York, 1982.  ISPE, GAMP 4 Guide Validation of Automated Systems, ISPE: Orlando, Florida, 2001, Appendix M3, p. 2.  MacCrimmon, Kenneth R. and Wehrung, Donald A., Taking Risks the Management of Uncertainty, The Free Press: New York, 1986.  Project Management Institute, A Guide to the Project Management Body of Knowledge, 3rd edition, Project Management Institute: Newtown Square, Pennsylvania, 2004.  Russell, J.P., The Process Auditing Techniques Guide, Quality Press: Milwaukee, Wisconsin, 2003. 41