Professional Documents
Culture Documents
RISK MANAGEMENT
(QRM)
-Arijit Dasgupta
ICH REQULATORS: USFDA, EMEA and MHLW
Agreed on a GMP Workshop in July 2003 (5 years vision)
To develop a Harmonised Pharmaceutical Quality System based
upon Risk Based Concept and Principles Across Lifecycle of
Product.
ICH Q8 on Pharmaceutical Development
ICH Q9 on Quality Risk Management
ICH Q10 on Quality Systems
ISO/ IEC GUIDE 73:2002 related to Risk Management Guideline for Use in
Standards
ISO/IEC GUIDE 51:1999 related to Safety Aspects Guideline for their inclusion
in Standards
WHO Technical Report Series No. 908, 2003 Annex 7 Application of Hazard
Analysis and Critical Control Point (HACCP)
GAMP Good Practice Guide ISPE 2005 related to Risk Based Approach for
Electronic Records and Electronic Signatures
ISO 14971:2000 related to Application of Risk Management to Medical Devices
A systematic process for the assessment,
control, communication and review of risks to
the quality of the drug (medicinal) product
across the product lifecycle.
Risk assessment process shall be initiated with problem and
/or risk question description along with its background to
identify the potential for risk.
Very Low The non-conformance caused by the failure is not Not detected 5
detectable. e.g. No recording (manual and/or auto)
and no standards.
Low Non-conformance is detected but the assurance of High 4
detection is not 100% e.g. Only manual recording but
no standard or check by Use of "tick mark” without
actual observation recording.
Moderate Statistical control is used and there is immediate Moderate 3
reaction to out-of-control conditions. e.g. Standard
with manual recording and check.
High Risk identified is 100% inspected. e.g. Auto detection/ Low 2
Auto recording and print or Standard with manual
recording, check and cross check by competent
person.
Very High 100% detectable and sufficient measures are available Almost certain 1
to control the risk e.g. Auto Prevention/ Auto control,
recording and print.
Likelihood Description Qualitative Risk Quantitative Risk
of Parameter Parameter
Occurrence
Very High Expected to happen frequently Almost Certain 5
e.g. Monthly failures
High Happening at a low frequency Likely 4
e.g. Quarterly failures
Moderate Expected to happen Possible 3
infrequently e.g. Half yearly
failures
Low Rare to occur e.g. Yearly Rare 2
failures
Very Low Unlikely to happen. e.g. No Unlikely 1
failure or one failure in three
year
Based upon Risk Priority Number (RPN) which is a product of Severity
(S), Detectability (D) and Likelihood of Occurrence (L) for Identified Risks
i.e. RPN=SxDxL
Risk associated with each variable shall be categorized as High / Medium
/ Low as described in the tables below:
Parameter Rating
Parameter Rating
Chances of existing data S 2 Low as to control data loss, mitigation plan is already in
loss while performing place. Electronic data and Audit Trail is being backed up
upgraded software at defined frequency and existing computer system
installation and shall be preserved with I.T without deletion or removal
computer system of any data/ software.
replacement. In case of any requirement, it can be referred for
future use.
D 1 Almost certain as sufficient measures are available to
control risk. Data available on existing computer, back
up on server shall be transferred to new computer
system for verification of completeness by I.T
L 1 Unlikely to happen as electronic data & audit trail are
backed up by I.T Administrator as per Site SOP. In case
of any loss it can be restored from final back up data
server.
Parameter Risk Analysis Justification for Risk Analysis Ranking
Parameter Rating