Quality Risk Management: Basic Principle

INTRODUCTION

The International Conference of Harmonization (ICH) in their Quality Risk Management document (ICH Q9) state
“The manufacturing and use of drug products, including its components, necessarily entails some degree of risk”

FDA acknowledged in their Task Force of Risk Management “Although medicinal products are required to be safe,
safety does not mean zero risk. A safe product is one that has reasonable risk, given the magnitude of the benefits
expected and the alternative available”

EMEA states in their Action plan to further progress the European Risk Management Strategy “ However, in view
of the increasing and justified demands from patients and the general public for an adequate protection of public
health, resulting in the availability of safe and effective medicine, it is important to re-emphasise that the concept
of “Zero risk” does not apply to medicinal products. The licensing of medicinal products needs to be assessed in the
context of the benefit/risk balance concept, whereby demonstrated benefits must benefits must overweigh known
risk, leading to benefit/risk ratio and the resulting marketing authorization.”

Thus Risk is the most frequent term in today’s Pharma business, manufacturing, regulation & Quality control. Risk
management principles are effectively utilized in many areas of business and government including finance,
insurance, occupational safety, public health, pharmacovigilance and by agencies regulating these industries.
Although there are some examples of the use of quality risk management in the pharmaceutical industry today,
they are limited and do not represent the full contributions that risk management has to offer. In addition, the
importance of quality systems has been recognized in the pharmaceutical industry, and it is becoming evident
that quality risk management is a valuable component of an effective quality system.

RISK

As defined in ICH Q9 (Quality Risk Management) “risk is a combination of the probability of occurrence of harm
and the severity of that harm.” Thus if defined mathematically Risk (R) is an expression with two parameters:
severity (S) and Frequency (F).

The risk is then expressed as: R = S x F.

Risk can further be sub divided in to two other categories

Constants or system risk (Rs): entitles all areas except product which are implemented by the organization
including processes, facilities, equipment & personnel.

Variables or product factors (P): are specific properties of the product that are manufactured in the organization.

Therefore risk can further be expressed as multiplication of

R= Rs x P

Thus while implementing basic principles of Quality Risk Management the organization should verify and qualify
its system risk and assign a acceptable limit of all the risk factors which will reduce their efforts of verifying all
these factors individual product case.

Page |1
 Quality Risk Management: Basic Principle
QUALITY RISK MANAGEMENT

ICH Q9 (Quality Risk Management) defines it as systematic process for the assessment, control, communication
and review of risks to the quality of the drug (medicinal) product across the product lifecycle.

The approach outlined in that guideline can be expressed as a figure

•Risk •Risk Reduction

Identification •Risk Acceptance
•Risk Analysis
•Risk Evaluation
Risk
Risk Manageme
Risk Control
Assessment nt Tools

Risk
Communic Risk Review Output
ation
•Review Events •Result of QRM
Process

Figure: 1.1 Quality Risk Management

With Risk Management Tools and Risk Communication are playing a significant role in the Quality Risk
Management life cycle.

The basic principle as outlined in the ICH Q9 will be discussed throughout the assay.

RISK ASSESSMENT:

Risk assessment consists of the identification of hazards and the analysis and evaluation of risks associated with
exposure to those hazards. As an aid to clearly defining the risk(s) for risk assessment purposes, three
fundamental questions are often helpful:

1. What might go wrong?

2. What is the likelihood (probability) it will go wrong?

3. What are the consequences (severity)?

Page |2
 Quality Risk Management: Basic Principle
Risk assessment can further be divided in to three sub classes as follows

Risk Analysis

Risk Risk
Identification Evaluation

Risk
Assessment

Figure 1.2: Risk Assessment

Risk identification:

Risk identification is a systematic use of information to identify product quality risk or problem description.
Information can include historical data, theoretical analysis, informed opinions, and the concerns of stakeholders.
There will be risks like system risks which can be evaluated by the qualification of the systems involved. The
product factors in the identification stage should be identified in a manner that all parameters related with the
product that will have a significant role in the quality of the product will come in consideration.

There is several assessment tools upon which fishbone analysis is a suitable mean to identify the risks involved in
and during the product life cycle. To explain a fishbone analysis will only broaden the scope of this writing but the
basic principles are to classify the general risk involved as primary risks then to divide the primary risks in to its
contributing factors namely critical process parameters.

Risk analysis:

Risk analysis is the estimation of the risk associated with the product quality. It is the qualitative or quantitative
process of linking the likelihood of occurrence and severity of harms. In some risk management tools, the ability
to detect the harm (detect ability) also factors in the estimation of risk.

Risk evaluation:

Risk evaluation compares the identified and analyzed risk against given risk criteria. Risk evaluations consider the
strength of evidence for all three of the fundamental questions. The output of a risk assessment is either a
quantitative estimate of risk or a qualitative description of a range of risk. When risk is expressed quantitatively, a
numerical probability is used. Alternatively, risk can be expressed using qualitative descriptors, such as “high”,
“medium”, or “low” (Risk class one, Risk class two or Risk class three) , which should be defined in as much detail
as possible. Sometimes a "risk score" is used to further define descriptors in risk ranking. In quantitative risk
assessments, a risk estimate provides the likelihood of a specific consequence, given a set of risk-generating
circumstances. Thus, quantitative risk estimation is useful for one particular consequence at a time.

Page |3
 Quality Risk Management: Basic Principle
Risk management lifecycle can be best applied if all the system risks are identified and qualified and are in a state
of under control during the risk analysis. If the system risk are under a state of control and are periodically
reevaluated than all they can be assessed under low class risk or even can be discarded from an identified list if
justified. Therefore reduces the effort to control the risk.

RISK CONTROL

Risk control includes decision making to reduce and/or accept risks. The purpose of risk control is to reduce the
risk to an acceptable level. The amount of effort used for risk control should be proportional to the significance of
the risk. Decision makers might use different processes, including benefit-cost analysis, for understanding the
optimal level of risk control. Risk control might focus on the following questions:
• Is the risk above an acceptable level?

• What can be done to reduce or eliminate risks?

• What is the appropriate balance among benefits, risks and resources?

• Are new risks introduced as a result of the identified risks being controlled?

According to ICH Q9 risk control consist of two stages, which can be represented diagrammatically as

Risk Reduction

Risk Control

Risk Acceptance

Figure 1.3: Risk Control

Risk Reduction:

ICH Q9 states that risk reduction is the implementation of control strategy to mitigate or avoid risk .risk reduction
can be achieved by addressing the severity or probability of harm as well as provide improvements in the
detection of the hazard.

Where the results of a risk assessment have identified the need for control strategies to reduce the risk, a
hierarchy for risk reduction should be applied to prioritize all significant task. Each level of hierarchy should be
applied in a way that is appropriate to the activity and consistent with the risk assessment and each should be
implemented only after consideration of the preceding level. A holistic view of the product, process, and facilities
may lead to strategy that includes mitigation at several levels in the hierarchy before overall risk is reduced to
acceptable limit.

Page |4
 Quality Risk Management: Basic Principle
Hierarchy of reduction should include the following

1. Elimination of the risk: There may be practical limitation for elimination a risk. It can only be done if some
processing task can be totally eliminated or if a certain material which is responsible for the risk can be
eliminated.

2. Substitution of the risk element with other suitable material: Changing the physical form, or changing
certain physical characteristic if can be justified will not have a considerable effects on other chemical
property of the product can be applied as a substitution. Also alternative supporting materials can be
applied to reduce the risk.

3. Reduction of risk via engineering controls: In case of hazardous materials handling engineering measures
can be applied to reduce the risk. If system risk are under control than more can be done to reduce risk in
this way.

4. Administrative Control: the proper use of risk control should be described in SOPs. Administrative
procedure should ensure that personnel understand the practical implication of the risk set out in the
SOP, Failure mode procedures that clearly indicate the action to be completed.

A key element of a quality management system is to ensure compliance of personnel with policies, work process
and procedures. The quality culture of an origination generally flits one of the progressive description in following
table:

Stage Measurable behavior

1 Employees do not follow SOPs even when they are being directly supervised
2 Employees follows SOPs only when they are being directly supervised
3 Employees follow SOPs even when not directly supervised
4 An employee will correct the non-compliance behavior of a co-worker in the absence of a
supervisor.
Table: 1.1 Quality Culture

In stage four where peoples truly care for, watch for & understand their accountability a mature interdependent
Behavior Based Quality Culture exists.

The Hierarchy can be presented according to its acceptance can be shown as

Page |5
 Quality Risk Management: Basic Principle

Elimination of
the risk

Substitution of
risk

Reduction of Administrative
risk Control

Figure 1.4: Risk reduction hierarchy

Pharmaceutical research and development and Process & Related technology plays significant role in reducing the
risk and shortens the time for risk management

Risk Acceptance:

Risk acceptance as described in the ICH Q9 is a decision to accept a defined level of risk.

A risk when identified is defined as a Primary risk, which is evaluated in risk evaluation stage and if not accepted
is gone under a risk reduction step. The reduced risk in now termed as a residual risk. The residual risk will now be
identified and justified following its acceptance criteria. This justification should be properly documented and
depends on the confidence of the risk reduction measures taken.

The whole process can be presented diagrammatically as below

Page |6
 Quality Risk Management: Basic Principle

Primary Risk
d f d
Risk

Yes Acceptance

No

Risk reduction

Residual

Acceptance No

Yes

Process
Figure 1.5: Risk Acceptance flow chart

RISK REVIEW:

ICH Q9 states risk management should be an ongoing part of the quality management process. A mechanism to
review internal processes and external events should be implemented.

Periodic reviews should be performed on all aspects of the risk management system to ensure that it is being
applied effectively and that any potential improvements are identified and incorporated in to the process.

Knowledge
Gained Through
Process Periodic review

Figure 1.6: Continuous risk review

RISK MANAGEMENT METHODOLOGY

Quality risk management supports a scientific and practical approach to decision making. It provides documented,
transparent, and reproducible methods to accomplish steps of the quality risk management process based on
current knowledge about assessing the probability, severity, and, sometimes, detect ability of the risk.

Page |7
 Quality Risk Management: Basic Principle
Basic Risk Management Facilitation Methods

Failure Mode effect Analysis (FMEA)

Failure Mode, Effects, and Criticality Analysis (FMECA)

Fault Tree Analysis (FTA)

Hazard Analysis & Critical Control Points (HACCP)

Hazard Operability Analysis (HAZOP)

Preliminary Hazard Analysis(PHA)

Risk Ranking & Filtering

Supporting Statistical Tools

Figure 1.7: Risk Management tools
Quality risk management should be integrated into existing operations and documented appropriately Use of the
quality risk management process might provide information that could then be used in a variety of
pharmaceutical operations. These examples are provided for illustrative purposes only and should not be
considered a definitive or exhaustive list.
• Quality management

• Development

• Facility, equipment, and utilities

• Materials management

• Production

• Laboratory control and stability testing

• Packaging and labeling

Basic Risk Management Facilitation Methods

Some of the simple techniques that are commonly used to structure risk management by organizing data and
facilitating decision making are:

• Flowcharts

• Check Sheets

• Process Mapping

• Cause and Effect Diagrams (also called an Ishikawa diagram or fish bone diagram)

Page |8
 Quality Risk Management: Basic Principle

Figure 1.8: Basic risk management flow chart

Failure Mode Effects Analysis (FMEA)

FMEA (see IEC 60812) provides for an evaluation of potential failure modes for processes and their likely effect on
outcomes and/or product performance. Once failure modes are established, risk reduction can be used to
eliminate, contain, reduce, or control the potential failures. FMEA relies on product and process understanding.
FMEA methodically breaks down the analysis of complex processes into manageable steps. It is a powerful tool for
summarizing the important modes of failure, factors causing these failures, and the likely effects of these failures.

Failure Mode, Effects, and Criticality Analysis (FMECA)

FMEA might be extended to incorporate an investigation of the degree of severity of the consequences, their
respective probabilities of occurrence, and their detect ability, thereby becoming a Failure Mode, Effects, and
Criticality Analysis (FMECA; see IEC 60812). In order for such an analysis to be performed, the product or process
specifications should be established. FMECA can identify places where additional preventive actions might be
appropriate to minimize risks.

Fault Tree Analysis (FTA)

The FTA tool (see IEC 61025) is an approach that assumes failure of the functionality of a product or process. This
tool evaluates system (or subsystem) failures one at a time but can combine multiple causes of failure by
identifying causal chains. The results are represented pictorially in the form of a tree of fault modes. At each level
in the tree, combinations of fault modes are described with logical operators (AND, OR, etc.). FTA relies on the
experts’ process understanding to identify causal factors.

Hazard Analysis and Critical Control Points (HACCP)

HACCP is a systematic, proactive, and preventive tool for assuring product quality, reliability, and safety (see WHO
Technical Report Series No. 908, 2003, Annex 7). It is a structured approach that applies technical and scientific
principles to analyze, evaluate, prevent, and control the risk or adverse consequence(s) of hazard(s) due to the
design, development, production, and use of products.

Page |9
 Quality Risk Management: Basic Principle
Hazard Operability Analysis (HAZOP)

HAZOP (see IEC 61882) is based on a theory that assumes that risk events are caused by deviations from the
design or operating intentions. It is a systematic brainstorming technique for identifying hazards using so-called
guide words. Guide words (e.g., No, More, Other Than, Part of) are applied to relevant parameters (e.g.,
contamination, temperature) to help identify potential deviations from normal use or design intentions. HAZOP
often uses a team of people with expertise covering the design of the process or product and its application.

Preliminary Hazard Analysis (PHA)

PHA is a tool of analysis based on applying prior experience or knowledge of a hazard or failure to identify future
hazards, hazardous situations and events that might cause harm, as well as to estimate their probability of
occurrence for a given activity, facility, product, or system. The tool consists of: (1) the identification of the
possibilities that the risk event happens, (2) the qualitative evaluation of the extent of possible injury or damage
to health that could result, (3) a relative ranking of the hazard using a combination of severity and likelihood of
occurrence, and (4) the identification of possible remedial measures.

Risk Ranking and Filtering

Risk ranking and filtering is a tool for comparing and ranking risks. Risk ranking of complex systems typically
involves evaluation of multiple diverse quantitative and qualitative factors for each risk. The tool involves breaking
down a basic risk question into as many components as needed to capture factors involved in the risk. These
factors are combined into a single relative risk score that can then be used for ranking risks. “Filters,” in the form
of weighting factors or cut-offs for risk scores, can be used to scale or fit the risk ranking to management or policy
objectives.

Supporting Statistical Tools

Statistical tools can support and facilitate quality risk management. They can enable effective data assessment,
aid in determining the significance of the data set(s), and facilitate more reliable decision making. A listing of
some of the principal statistical tools commonly used in the pharmaceutical industry is provided:

Control charts, for example:

— Acceptance control charts (see ISO 7966)

— Control charts with arithmetic average and warning limits (see ISO 7873)

— Cumulative sum charts (see ISO 7871)

— Shewhart control charts (see ISO 8258)

— Weighted moving average

󲐀 Design of experiments (DOE)

󲐀 Histograms

󲐀 Pareto charts

P a g e | 10
 Quality Risk Management: Basic Principle
󲐀 Process capability analysis

HOW TO MANAGE A RISK IN A PHARMACEUTICALS COMPANY?

A risk is managed by using the Risk Management tools if the following criteria are met –

1. The risk has been described accurately

2. The root cause(s) has (have) been identified
3. A solution specification is in place
4. Remedial, corrective and preventive actions have been identified
5. The actions are assessed as effective to address the root cause (ie the auditor believes that the
plans will be reduce the risk)
6. Actions have owners and target dates
7. The status of the plan is monitored routinely
8. Actions will reduce the risk in an acceptable timeframe and are progressing to schedule
9. There is a process to assess the impact of any changes to the plan (including date extensions) and
approve those changes

A Checklist of Sources of Quality and Compliance Risk

A variety of external and internal factors can give rise to quality and compliance risks. These risks could affect the
organization and its implementation of strategy or achievement of objectives. Potential sources of risk have been
grouped into categories. Try to identify the categories that are relevant to the scope and objectives of your
specific risk management exercise. Remember the sources of quality and compliance risk listed are not
comprehensive and consideration should be given to all possible risks not just those included in this checklist.

Use this checklist as a guide.

I. Business Strategy, Plans and Objectives

 No quality plan element to the overall business plan

 Non-alignment of strategy, operational plans and objectives
 Unrealistic plan, too many objectives/activities/projects
 Insufficient resource to deliver the plan

Potential consequences:-

• No driver for quality improvement

• Overall strategic business objectives are not met
• Failure to deliver operational and quality improvement commitments

II. Change Control

 Product quality, safety, efficacy

 The quality management system and GMP

P a g e | 11
 Quality Risk Management: Basic Principle
 Regulatory conformance
 Other departments, functions, sites
 Supply chain
(N.B. Remember not to consider changes in isolation. Consider the wider impact of a change and also consider
the potential cumulative impact of several changes.)

Potential consequences:-

• Product quality issues resulting from implementation of uncontrolled change(s)

• Supply problems
• Product recall
• Regulatory action

III. Personnel

 Quality errors and deviations due to human error

 Succession problems
 Loss of key quality personnel
 Training not delivered in line with plan (includes GMP training)
 Poor standard of training
 Gowning and hygiene practices
 Shortage of competent staff
 High staff turnover
 Organizational change/redesign

Potential consequences:-

• Insufficient competent staff to ensure compliance with GMP, manufacture of conforming product or
supply of quality service
• Poor staff performance
• Lack of staff motivation and commitment
• Resistance to change

IV. Suppliers and Contractors

 New material/ new supplier or contractor

 New material but from a supplier currently approved for other types of material
 Existing material/change of supplier
 Sole supplier
 Supplier/Contractor performance review
 Supplier certification
 Supplier/contractor change control procedures
 GMP compliance profile

Potential consequences:-

• Product manufacturing problems

• Poor supply performance/interruption to supply of material
• Failure to supply product to customer/poor customer service levels

P a g e | 12
 Quality Risk Management: Basic Principle
• Inadvertent use of batches of material that fail specification
• Unauthorized change to material resulting in manufacturing/product quality problems
• Non-compliance by supplier/contractor with terms of technical agreement/GMP

V. Facility Design and Qualification

 Facility/equipment/system impact on product quality- is it direct or indirect?

 Instrument/device criticality
 Implementation of new technology
 Competence of project managers/team
 Impact on current operations
 Availability of spares for critical items

Potential consequences:-

• Facility fails to meet acceptance criteria

• Facility not completed on time
• Facility not completed within budget
• Contaminated product
• Cross contamination
• Product fails to meet specification
• Facility breakdown and out of commission for extended periods of time

VI. Facility Maintenance, Monitoring and Control

 Frequency of scheduled maintenance

 Calibration frequency
 Changes to maintenance and calibration programmes/practices
 Out of calibration trends
 Cleaning procedures and practices
 Sources of contamination - physical( gaskets, seals O-rings etc), chemical(including cleaning agents,
disinfectants, lubricants etc) and microbiological
 Return to use procedures and practices
 Equipment breakdown
 Availability of spares
 Frequency of facility monitoring
 Environmental action and alert limits

Potential consequences:-

• Product quality problems/deviations due to facility/equipment/utility operating outside of validated

control limits
• Cross contamination
• Contaminated product
• Facility breakdown
• Supply problems
• Product rejected because critical instrumentation out of calibration

P a g e | 13
 Quality Risk Management: Basic Principle
• Defective product released as acceptable due to erroneous test results caused by out of calibration
testing or process control equipment

VII. Process Control

 HACCP outcomes
 Definition of process controls
 Process control limits
 Trends
 Parametric release

Potential consequences:-

• Quality critical parameters and control points not defined

• Poor process capability
• High incidence of product failures
• Failed product not detected by either in-process or quality control testing and batches released to market

VIII. Technology Transfer

New product introduction to first commercial site of manufacture or existing product transfer to or from
another site

 Technical capability
 Analytical capability
 Equipment reliability
 Production and analytical capacity
 Materials and components
 Artwork
 Recall and customer complaint history
 Product review report conclusions and actions
 Product performance indicators e.g. RFT, CpK
 Technical changes
 Supply chain implications
 Regulatory inspection and approval
 Validation batches
 Cleaning/contamination potential

Potential consequences:-

• Validation batches fail to meet acceptance criteria

• Inability to perform analysis of materials and product
• Failure to gain regulatory approval to manufacture
• Change in product quality, safety or efficacy profile
• Interruption to product supply
• Delays to product launch
• Adverse impact on customer service levels for existing products

P a g e | 14
 Quality Risk Management: Basic Principle
IX. Process Validation

 Validation approach i.e. retrospective, concurrent, prospective

 Definition of quality critical variables
 Control of variables
 Critical cleaning parameters, process stages and equipment
 Cleaning acceptance criteria
 Number of replicate runs/batches
 Matrixing and bracketing
 Process capability
 Level of sampling
 Accuracy and robustness of analytical methods
 Validation batch failure
 Release of validation batches
 Process changes
 Frequency of revalidation/re-qualification and number of replicate batches

Potential consequences:-

• Validation batches fail to meet acceptance criteria

• Quality critical attributes and associated operating ranges poorly or incorrectly defined
• Product reliability and robustness cannot be demonstrated
• Batches released prior to gaining regulatory approval
• Validated status not maintained over time
• High validation costs

X. Deviations and Non-conformances

 Customer complaints
 Learning’s from recall investigations
 Learning’s from recalls at other sites/markets
 Trends in deviations
 Trends in out of specification results
 Rework rates
 Reject rates

Potential consequences:-

• Recurring recalls and complaints

• Loss of customers
• Litigation
• Brand reputation suffers
• Increasing levels of waste
• Deviations and adverse trends result in actual product failures or regulatory findings

XI. Regulatory

 Upcoming legislation

P a g e | 15
 Quality Risk Management: Basic Principle
 Changes to legislation
 Pharmacopoeial changes
 Development of Risk based GMPs
 Systems Based Inspections
 High priority topics with the Regulators e.g.
- Sterile Manufacture
- Process Analytical Technology
- The Quality System
- The Quality Control Laboratory

Potential consequences:-

• Non-compliance with regulatory requirements

• Regulatory censure, Warning Letters, adverse regulatory inspections
• Loss of reputation
• Poor compliance profile with the regulators

XII. Audits

 Critical and major findings from all level audits at site, function etc
 Resources and resource capability to manage regulatory (Level 4) inspections
 Findings from other sites, functions etc
 Inspection trends within the company
 Inspection trends within the industry
 Inspection readiness status

Potential consequences:-

• Non-compliance with regulatory requirements, Company policy and standards

• Adverse regulatory inspections
• Non-approval of a new product application
• Internal audit findings and trends become actual regulatory findings
• Poor compliance profile with the regulators
• Adverse impact on share value

XIII. Corrective and Preventive Action (CAPA)

 Overdue external CAPA commitments

 Overdue internal CAPA commitments
 Number of CAPA commitments outstanding
 Significance of outstanding CAPA commitments
 Lack of resource to complete CAPA
 Lack of funds
 Quality of the CAPA response to regulatory findings

Potential consequences:-

• Incur additional regulatory criticism and action

P a g e | 16
 Quality Risk Management: Basic Principle
• Suspension of regulatory approval to manufacture
• Non-approval of a new product application
• Escalation of overdue commitment to Company’s senior management
• Adverse impact on share value

XIV. Product Review

 Poor process capability (CpK values)

 Recommendations from product review approved for action
 Recommendations from product review not approved for action

Potential consequences:-

• Lack of quality improvement

• Missed improvement opportunities
• No reduction in levels of waste
• Product failures
• Incur regulatory criticism

XV. Storage and Distribution

 Incorrect storage
 Incorrect transportation conditions
 Adverse environmental/climatic conditions
 Contamination- chemical, physical, microbiological
 Pest infestation
 Damage to labelling
 Tampering or theft
 Counterfeiting

Potential consequences:-

• Defective product
• Recalls, returned goods and customer complaints
• Loss of customers
• Loss of brand reputation

CONCLUSION:

The above discussion was just an introductory conceptual description of Quality Risk Management.
Implementation of the risk management principles in different issues related to manufacturing, Quality Control,
Development, Engineering even marketing & Distribution will evolve different Risk and numerous management
option remaining the basic principle same. All necessary measures are taken to be accurate & practical, although
any discussion and suggestion regarding this issue is appreciable.

P a g e | 17
 Quality Risk Management: Basic Principle
REFERENCES:

1. ICH Q9 “Quality Risk Management”

2. Quality Risk Management: PICS/ PS/INF 1/2010
3. Pharmaceutical CGMPs for the 21st Century: A risk based approach; Final report; USFDA 2004
4. WHO working document no QAS/10.376, 2010; Quality Risk Management
5. Volume 4 : EU Guidelines to Good Manufacturing Practice, Medicinal Products for Human and Veterinary Use ;Annex 20; Quality Risk Management
6. Australian regulatory guidelines for biologicals; appendix 11: Risk management.
7. ISPE baseline guide: Volume 7; Risk based manufacture of Pharmaceutical Products
8. ICH Q9 briefing pack: http://www.ich.org/products/guidelines/quality/q9-briefing-pack/briefing-pack.html
9. ICH Q8/Q9/Q10 Training materials: http://www.ich.org/products/guidelines/quality/training-programme-for-q8q9q10/presentations.html
10. ICH Q8 R2 “Pharmaceutical Development”
11. ICH Q10 “ Pharmaceutical Quality system”

P a g e | 18