Quality Management System & Risk Management Management System & Risk Management EUDIPHARM ... ICH Q9...
Transcript of Quality Management System & Risk Management Management System & Risk Management EUDIPHARM ... ICH Q9...
2
Rabia BERTHIER-MARSOU
Content
Quality Management System (QMS)
Risk Management System (RMS)
Quality Risk Management (QRM) - ICH Q9
QRM application – Examples Computerised System Validations
Audits
Conclusion
3
Rabia BERTHIER-MARSOU
Quality Management System (QMS)
What is the QMS?
QMS is an essential function in any successful organization leading to improve profits, reduce costs, and to provide competitive advantages
QMS includes Quality System and Quality Control
QMS background Summary:
1st emerged out of the Industrial Revolution (From the 18th to the 19th century)
Previously goods had been mainly made from start to finish by the same person
Mass production (e.g. flow production, repetitive flow production, etc.) brought huge teams of people together to work on specific stages of production to meet ‘quality criteria’
In the late 19th it was recognized the limitations of the methods being used in mass production
Quality Departments established to oversee the quality of production and rectifying of errors and quality was implemented by inspection of product output to 'catch' defects.
Quality, as a profession and the managerial process associated with the quality function, was introduced during the second-half of the 20th century,
Over this period, few other disciplines have seen as many changes as the quality profession
4
Rabia BERTHIER-MARSOU
Quality Management System (QMS)
Quality control activities were predominant in the 1940s, 1950s, and 1960s
The 1970s were an era of quality engineering
Since at least 1983 Quality System for medical have been internationally recognized as a way to assure product safety and efficacy and customer satisfaction
FDA documented design defects in medical devices that contributed to recalls from 1983 to 1989 that would have been prevented if Quality Systems had been in place
In 1990s quality systems recognised as an emerging field (e.g. medicine).
In 1996, FDA identified the essential elements that a quality system shall embody for design, production and distribution (e.g. personnel training and qualification; traceability
at all stages of production; monitoring non conforming product; instituting corrective and preventive action when errors occur; records; etc.)
In 2010 Update of Pharmacovigilance EU legislation to recognise the QMS as a tool of the patient safety protection
...From QMS to Quality Risk Management
5
Rabia BERTHIER-MARSOU
Risk Management System (RMS)
What is the RMS ?
RMS is process of the risk identification, confirmation, characterization, communication and its minimisation. The risk is defined as the combination of the probability of occurrence of harm and the severity of that harm
RMS includes four steps:
- Risk detection
- Risk assessment
- Risk minimization
- Risk communication
Where the RMS is utilised ?
Risk management principles are utilized in many areas of business and government including but not limited to:
- Finance
- insurance
- Public Health: Pharmaceutical industry (Pharmacovigilance, QMS, etc.)
6
Rabia BERTHIER-MARSOU
Quality Risk Management (QRM) - ICH Q9
What is the QRM ?
Systematic process
designed to
coordinate, facilitate and improve
science-based decision making
with respect to risk to quality
7
Rabia BERTHIER-MARSOU
Quality Risk Management (QRM) - ICH Q9
What is the QRM ?
Risk Review
R i s
k C
o m
m u
n i c
a t i
o n
Risk Assessment
Risk Evaluation unacceptable
Risk Control
Risk Analysis
Risk Reduction
Risk Identification
Review Events
Risk Acceptance
Initiate QRM Process
Output / Result of the QRM Process
R i s k M
a n a g e m
e n t t o o l s
Team approach
8
Rabia BERTHIER-MARSOU
Quality Risk Management (QRM) - ICH Q9
Risk Assessment: 3 fundamental questions
Risk Evaluation
Risk Analysis
Risk Identification
Initiate QRM Process
What might go wrong?
What is the likelihood
(probability)
it will go wrong??
What are the
Consequences (severity)?
9
Rabia BERTHIER-MARSOU
Risk Reduction
Risk Acceptance
Quality Risk Management (QRM) - ICH Q9
Risk Control: Decision making
Initiate QRM Process
How to treat/Ovoid
(minimisation)?
What the level of risk
to be taken
(benefit/Risk balance)?
10
Rabia BERTHIER-MARSOU
Quality Risk Management (QRM) - ICH Q9
Risk Communication
Initiate
QRM Process
Industry - Submissions
Regulators - Reviews
- Inspections
Communication Trust/Understanding
11
Rabia BERTHIER-MARSOU
Quality Risk Management (QRM) - ICH Q9
What are the Principles of QRM ?
Two primary principles:
The risk evaluation should be based on scientific knowledge and ultimately link to the protection of the patient
The level of effort should be commensurate with the level of risk
12
Rabia BERTHIER-MARSOU
QRM application - Examples
Computerised System Validation
Type Level Description
Severity High Lost of the product traceability
Shipment of non conform products
Severity Medium Manufacturing / Consumption of non conform products
Lost of the internal traceability
Purchased items management not controlled
Operations management not controlled
Lack of proof for the realized operations
Responsibilities management not controlled
Severity Low minor regulatory impact
Type Level Description
Occurrenc
e
High Functionality is used every day and gives multiple actions.
Functionality is used several times in a day.
Occurrenc
e
Medium Functionality is used every day and gives a single action.
Functionality is used at least one time per week.
Occurrenc
e
Low Functionality is used only one time per month.
Type Level Description
Detection Low No control, checking or system security
Detection Medium Organizational control (SOP or SOP associated to control system)
Detection High Control, checking and system security
13
Rabia BERTHIER-MARSOU
QRM application - Examples
Computerised System Validation
High and Medium impact: stress tests
Low or No impact: users tests
14
Rabia BERTHIER-MARSOU
QRM application - Examples
– Audits: Audit program
List of candidates to be audited
Method combining the risk estimation for several risk factors: -Organisation (knowledge of the site/actors, change in organisation, issue on organisation)
-Previous audit (date of last previous audit)
-Previous inspection (date of last previous inspection)
-Previous audit / inspection outcome
-Compliance (audit and/or process review, metrics, feedback from the field)
-Business (turn over or contribution to business)
-Regulatory / pharmaceutical impact (Regulatory activities, Reporter, Co-reporter location / Type of procedure)
-Contract (MAH, date of the end of the contract)
15
Rabia BERTHIER-MARSOU
QRM application - Examples
– Audits: Audit program
Risk factor (i.e. triggers) R Site
R1 Organisation Knowledge of the site organisation
1 No issue/change in organisation
2 Minor change/issue in organisation
3 Major change/issue in organisation or unknown
R2 Previous audit received Previous audit received
1 ≤ 1 year
2 ]1-2] years or ≤ 1 partial scope
3 ]2-3] years or [1-2] partial scope
4 never or > 3 years
R3 Previous inspection Previous inspection
1 ≤ 1 year
2 ]1-2] years or ≤ 1 partial scope
3 ]2-3] years or [1-2] partial scope
4 never or > 3 years
R4 Previous audit / inspection outcome Previous audit / inspection outcome
1 0 critical finding and [0-10[ major findings
2 0 critical finding and [10-20[ major findings
3 ≥ 1 critical finding or ≥ 20 major findings
16
Rabia BERTHIER-MARSOU
QRM application - Examples
– Audits: Audit program
Risk factor (i.e. triggers) R Site
R5 Compliance GxP KPI or Process/Audit review (if several data, consider worse case)
1 KPI> 95% / Few other non-compliance
2 KPI=[85-95[ / Several other non-compliance
3 KPI=[80-85[ or partial KPI data / major non-compliance
4 KPI < 80% or Critical non-compliance or Unknown data
R6 Business Turn over or Budget or % contribution to overall SPMSD activity/project
1 < 5% or low
2 [5-20]% or medium
3 > 20% or high
R7 Regulatory or Pharmaceutical Impact Impact of the site for SPMSD pharmaceutical status / reliability of regulatory data
1 low
2 supportive
3 pivotal
R8 Contract Contract
1 if SPMSD not MAH
2 if SPMSD MAH
17
Rabia BERTHIER-MARSOU
QRM application - Examples
– Audits: Audit program
List of the candidates to be identified
For each candidate the value of the 8 risk factors is to be assessed: -R1 Organisation
-R2 Previous audit received
-R3 Previous inspection
-R4 Previous audit / inspection outcome
-R5 Compliance
-R6 Business
-R7 Regulatory or pharmaceutical impact
-R8 Contract
18
Rabia BERTHIER-MARSOU
QRM application - Examples
By multiplying together all the risk factors, a score for each candidate is obtained: R1 * R2 * R3 * R4 * R5 * R6 * R7 * R8 = score
For obtaining the percentile as a percentage of maximum risk, the score is divided by the sum of all scores of a process and multiplying by 100.
Assignment of rank:
The ranks are assigned in inverse order based on increasing percentile. The more a candidate has a high percentile, the more it will have a rank low. The rank number 1 is attributed to the candidate with the greatest percentile.
The column priorities:
-The numbers 1 or 2 are attributed: – Priority 1: should be part of the audit program correspond to smaller
ranks.
– Priority 2: can be part of the audit program (depending on the budget & resources).
19
Rabia BERTHIER-MARSOU
QRM application - Examples
Audits: Findings Grading
Critical finding: A critical audit finding is a serious deviation in system practices or processes that:
-directly compromises the assurance of product quality, and or,
-represents a serious violation of applicable legislation and guidelines,
-adversely affects the rights, safety or well-being of patients or that poses a potential risk to public health and or,
-adversely affects the quality and integrity of data, documentation, or other materials or information addressed in the audi
-a missing Quality system is a critical audit finding.
Immediate Corrective action by auditee is required. A critical observation may require to stop the concerned process until corrective actions have been effectively implemented.
20
Rabia BERTHIER-MARSOU
QRM application - Examples
Audits: Findings Grading
Major finding: A major audit finding is a deviation in system practices or processes that:
-might compromise the assurance of product quality, and or,
-has or may produce a product, which does not comply with its marketing authorisation,
-represents a violation of applicable legislation and guidelines,
-might adversely affect the rights, safety or well-being of patients or that might pose a potential risk to public health and or,
-might adversely affect the quality and integrity of data, documentation, or other materials or information addressed in the audit.
Prompt Corrective Action by auditee is required.
21
Rabia BERTHIER-MARSOU
QRM application - Examples
Audits: Findings Grading
Other finding: Deviation, which cannot be classified as either critical or major, but which indicates a deviation from good practices. This deviation is not yet serious but could become a problem if not corrected in a timely manner. Corrective action by auditee is required. A combination of several “other” deficiencies, none of which on their own may be major, but which may together represent a major deficiency and should be explained and reported as such.
Remark: Advice to attract the attention of the auditee towards possible risks and possible or desirable improvements.