• No results found

Quality Risk Management Plan (2)

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Quality Risk Management Plan (2)"

Copied!
9
0
0

Loading.... (view fulltext now)

Download now ( 9 Page )

Full text

(1)

Quality Risk Management Plan

Quality Risk Management Plan

S

Sttaattuuss:: DDRRAAFFTT VVeerrssiioonnNNuummbbeerr:: 000011

Approals Approals

A

(2)

1" Purpose

This Master Plan defines how our Quality Risk Management (QRM) program will be conducted through integration of knowledge gained from formal risk assessments, operational alerts, change controls and inspections as required by !" Q# Quality Risk   Management $ nformation on higher risks will be communicated to management and the quality unit through a risk register intended to increase %isibility and pro%ide focus in discussions on risk control and mitigation$

#" S$ope

This plan applies to all personnel in%ol%ed in the deli%ery of results in the e%aluation of  quality attributes of starting materials, e&cipients, components, 'P, and drug products intended for in%estigati%e medicine testing$ Risk management will also be applied to the systems used to enable testing, including instruments and equipment qualification and to the design of analytical methods for use in support commercial manufacturing$ The following risk management programs are not in scope of this plan and are addressed by other guidance

• Risk management for T supported applications

• Risk management of spongiform encephalopathies to our 'P and products • afety risk assessments

• Testing acti%ities conducted at contract facilities • Testing of research materials$

%" Roles an! Responsibilities

Roles Responsibilities

Management • Pro%ide the resources necessary to support the implementation of this Master Plan for Quality Risk Management$

(3)

Roles Responsibilities

establishing appropriate controls$

• Re%iew and appro%e risk assessments on acti%ities go%erned by  procedures$

• Perform periodic re%iew of risk register$

Personnel • -tili2e risk tools and perform risk assessments where appropriate$ • f in the role of risk assessment facilitator

3 study the features of the tool to use$

3 identify sub4ect matter e&perts to participate in the assessment$ 3 document the assessment$

• ubmit formal risk assessments to 5unctional 'rea Management and Quality -nit for re%iew and appro%al$

• !omply with this management plan$

(4)

&" 'a$kgroun!

7$0$ The principles of QRM in the preparation of medicinal products are described in !" 8uidance for ndustry Q# 3Quality Risk Management$ n alignment with !" Q# recommendations, this QRM plan is built around the following steps Risk 'ssessment, !ontrol, !ommunication and Re%iew$

7$6$ QRM is a critical component of quality systems and feeds from the in%estigations and inspections program and is le%eraged to guide change management$ Risk management is implemented with practices appropriate to the stage of pro4ect de %elopment$

(" Risk Assessment

9$0$ Risk dentification

9$0$0$ !" Q# defines risk as the combination of the probability of occurrence of harm and the se%erity of that harm for the intended patients$ 's an organi2ation

de%eloping analytical knowledge and methods, another fitting definition for risk is that of the + :0/// Risk Management tandard which defines risk as uncertainty in reaching ob4ecti%es$ This QRM intends to both address potential of harm to  patients and uncertainty in ob4ecti%es$ The primary focus of risk management is to

control the risk to data on product attributes, as this data is used to both determine suitability of products for clinical programs and to propose specifications utili2ed in e%aluation of manufacturing process control$ +ther ob4ecti%es include accurate data for proposal of labeling information; de%elopment and %alidation of robust methods, and testing in support of manufacturing acti%ities (e$g$, water testing)$

9$0$6$ Risks are proacti%ely identified in deli%erables by conducting risk assessments to the type of tests that e%aluate product quality attributes used in the decision for  batch release$ 5ailure modes are identified by e&perts in the technique and ranked$

Multiple sources are used for further identification of risks to be e%aluated as well as to trigger re%iew of processes for risk assessment$ These sources include Quality -nit and regulatory inspections, benchmarking, internal self inspections,

in%estigations on operational alerts, and trend e%aluations$ These risks are analy2ed and e%aluated for inclusion in the Risk Register$

(5)

9$6$ Risk 'nalysis < *%aluation

9$6$0$ Multiple tools will be used for the estimate of risk posed by the ha2ards identified$ ub4ect matter e&perts will consider the risk to be e%alua ted and select a tool

appropriate to the comple&ity of the system or acti%ity under e%aluation$ nformal risk management may be used, including empirical e%aluations where appropriate, flow charts, check lists and procedures$

9$6$6$ 5or the analysis and e%aluation of data for batch release, 5ailure Mode and *ffect 'nalysis was chosen as it can guide e%aluation of numerous failure modes,

summari2ing the effect and quantitati%e ranking for guiding control efforts$ 5or the 5M*' risk analysis of tests for the release testing a cti%ity, the table presented below outlines the starting point$ ' team using this tool can further refine this table to suit the risk question and should capture the analysis table in the documentation of the risk assessment$

S$ore S)V)R*T+ ,--.RR)N-) D)T)-T*,N

10

Passing a failing product, can result

in release of adulterated product 5requent

!annot be detected

/

 =ot used to ensure the assessment of 

se%erity is most conser%ati%e$> Moderate, occasional .ery ?ow

%

'dditional introduction of error, e&panding the uncertainty of the method but still meeting

specification

nfrequent or has

occurred>> Moderate

1

@ata representati%e of product

attribute Remote or unlikely 'lmost !ertain >5alse ++A++' were not included in 4udgment of se%erity as these are in%estigated and resol%ed without impact to the product release timeline and consequently no impact to product a%ailability to patients

>>n an effort to address the uncertainty on failure mode occurrence, any obser%ation of a failure mode was gi%en a raised %alue occurrence %alue (:) recogni2ing limitations in detecting some failure modes$

(6)

9$6$:$ *ach failure mode is assigned a Risk Priority =umber (RP=) B e%erity C +ccurrence C @etectability$ 5or e&ample for e%erityB0/, +ccurrenceB:, and @etectabilityB0/ the calculated RP= is ://$ These RP= are then categori2ed as ?ow 030//, Medium 0/039// and "igh 9/0 30///$

" Risk -ontrol

D$0$ The purpose of a risk management program is to decide, for the ha2ards identified, what controls are possible and when they should be sought and implemented$ *%aluation of risk controls will consider the following questions

• s the risk currently managed at an acceptable le%elE • hat can be done to reduce or eliminate the riskE

• s there other data that helps manage the process, e%aluation and can be used in lieu of a controlE

• hat is the appropriate balance among benefits, risks and resourcesE • @oes implementation of the control introduce new risksE

Final Risk eel

De$ision 2ui!an$e (0/)

3ig4 Risk is una$$eptable an! a$tion to re!u$e risk is re5uire!" Design Ne6 -ontrols: 'cti%ely work to mitigate these through design, systems, procedures and other controls$

Me!ium De$ision re5uire! a$$epting risk or taking a$tion to re!u$e risk" Take a$tion: f detectability of risk is poor (e$g, 130/), consider

whether action is required and seek to de%elop clear understanding on how to recogni2e when this failure mode occurs$ 'ction might include awarenessAtraining or de%elopment of new controls$

,bsere7A$$ept: f detectability of risk is good (e$g$, 03:) or se%erity is low (03:), maintain %igilance (operational alerts program)$

o6 Resi!ual risk is a$$eptable8 risk is !ete$table an! o9 lo6 seerity8 no 9urt4er a$tion is re5uire!" Fnowledge of the actual process is well understood$

(7)

/" Risk -ommuni$ation

1$0$ The goal of a risk communication is to, by way of sharing information on risks identified and their controls, increase risk awareness and promote controls that support quality$ This means that personnel in different roles ha%e different needs regarding

communication of risk$

1$6$ Personnel conducting acti%ities will need to be informed of risks so that they maintain  beha%iors that support best practices sustain %igilance and understand process so as to help control risk$ This communications is achie%ed through training, method details, formal procedures and aides such as check lists to enhance their ability to control risk$ 1$:$ Management is responsible to allocate resources for acti%ities; therefore, they must

support identification of risk and stay informed of risks that require additional controls$ Management is also responsible to commit resources to the de%elopment of those

controls or accept residual risk$ This communication will be achie%ed and documented through their appro%al of plans, procedures, formal chan ge controls and of the risk register$

1$7$ @ocumentation of Risk 'ssessments

1$7$0$ 5ormal documentation of risk assessment and other risk management acti%ities will be at the discretion of management and the Quality -nit obser%ing the guiding  principle of documentation effort commensurate with the impact of the risk $ 5ormal risks assessments will utili2e a template which will include the following elements 0) !ontain a unique number  

6) @efine the risk assessment method Atool and rationale for selection :) !onducted by appropriately trained personnel

7) @iscuss controls and risk acceptance (if appropriate) 9) @efine periodic re%iew cycle

D) nclude appro%al by the Quality -nit when analy2ing a process for purpose of  buildup of the risk register or used to 4ustify changes to procedures$

(8)

1$7$6$ ?ow impact risk assessments for easily understood or specific

situationsAprocesses may be analy2ed and documented by an M*$ These will be managed informally, documented in the process tools (e$g$ Trackise record, instrument qualification document, notebook record) or incorporated into a

 procedure

1$9$ *stablishment of a Risk Register 

1$9$0$ ' risk register(s) will be maintained to be comprised of a ranking of risks identified through risk assessment of the ma4or deli%erables and processes$ The Gusiness -nit and the Quality -nit will re%iew the risks identified and decide which risks should be managed through the risk register based on the potential impact to  patients and the quality of deli%erables$

1$9$6$ *ach risk listed in the register will

0) "a%e a number assigned as per the following scheme a) *Q-*=T'? =-MG*R A T*

 b) *Q-*=T'? =-MG*R B 0, 6, : etc (indi%idual risk within the risk assessment)

6) T*

:) !lassify the risk listed qualitati%ely (e$g$, Medium or "igh)$ 7) 'ddress how the risk is managed or controlled$

9) @ocument the decision on whether the risk is accepted under current controls or new controls should be de%eloped$

D) !ontain a reference to an issued risk assessment or other reference

1$9$:$ t is intended that the register will list high risks and can include medium risks agreed during the re%iew as requiring remediation$

1$9$7$ The risk register will be appro%ed by Management and the Quality -nit$

" Risk Reie6

To remain effecti%e, the risk register re%iew will consider the impact of trends in quality e%ents, change controls and lessons learned from auditsA inspections and its re%iew documented at a

(9)

References

Download now ( PDF - 9 Page - 350.12 KB )

Related documents

Detection of DOM-based Cross-Site Scripting by Analyzing Dynamically Extracted Scripts

For instance, if any URL request parameter is accessed to write its information in the HTML body or perform any DOM-based operation without validating, a DOM-based XSS hole will

The Cell Phone and the Future of Mobile Computing

The limitations of a phone ’ ’ s display and keyboard s display and keyboard can be mitigated by wireless access to nearby. can be mitigated by wireless access to nearby

a. Cadet Command Policy Memorandum 9 - Serious Incident Reporting, 3 September See Enclosure 3.

CATEGORY C: (REPORT THROUGH THE CHAIN OF COMMAND BY E-MAIL, ATTACHMENT TO REGION HEADQUARTERS WITHIN 24 HOURS OF THE INCIDENT, USING ENCLOSURE 2 FORMAT.) Category C Incidents

TRAINING ACADEMY. Certificate IV in Risk Management Essentials PALADIN RISK MANAGEMENT. Creating Risk Gladiators ($2,000 FOR NON-ACCREDITED OPTION)

RMERSK401A Design and implement a plan for the integration of risk management principles into a business unit RMERSK402A Respond to the findings of a risk management audit

Chaperonin-Inspired pH Protection by Mesoporous Silica SBA-15 on Myoglobin and Lysozyme

To further investigate the relationship between pH and immobi- lized enzyme activity, and probe for possible protective e ffects of SBA-15, lysozyme is also immobilized on SBA-15 of

About IER. HARDWARE MAINTENANCE and support services. PROFESSIONALISM and experience

• Hardware support • Software maintenance • Software support (expert level) • Cuss applications acceptance • On-site support &amp; deployment • Training IER CUSTOMER SERVICE

Insurance Product Information Document. Canadian Psychological Association (CPA) & Council of Professional Associations of Psychology (CPAP)

Any change material to the risk and within the control and knowledge of the insured avoids the contract as to the part affected thereby, unless the change is promptly notified

CISCO CATALYST 4948 SERIES SWITCH

CCSP, CCVP, the Cisco Square Bridge logo, Follow Me Browsing, and StackWise are trademarks of Cisco Systems, Inc.; Changing the Way We Work, Live, Play, and Learn,