nullnullQuality Systems Establishment and Implementation
SFDA inspector workshop
22nd Aug 2009ContentsContents
GMP guidelines re-written in Quality system format – Devices
GMP guidelines re-written in Quality system format – ICH Q10
System-based approach for pharmaceutical products
The Quality Assurance system
US FDA – other 5 systems
Implementation of a quality assurance system
CAPA System (see also Case Study)
Quality Risk Management System (see also Case Study)
Questions & AnswersnullIntroduction – Quality systemsGMP Guidelines in Quality System FormatGMP Guidelines in Quality System FormatDevices
In 1990’s the EU & USA Medical Device GMPs were re-written in a quality system format
ISO:9000 and ISO:13485 (EU)
21 CFR 820 and ISO:13485 (USA)GMP Guidelines in Quality System FormatGMP Guidelines in Quality System FormatThe EU and USA GMP Guidelines / Regulations have remained in “Guideline” format until the advent of ICH Q10 in 2008:
Stage 4 – recommended for adoption in EC, USA, Japan
“Effective quality management system for the pharmaceutical industry”Pharmaceutical Quality SystemPharmaceutical Quality SystemICH Q10 Objectives:
Achieve Product Realization
Establish & Maintain a State of Control
Facilitate Continuous Improvement
Pharmaceutical Quality SystemPharmaceutical Quality SystemScope – product life-cycle approach:
Pharmaceutical development
Technology transfer
Commercial manufacture
Product discontinuation
Pharmaceutical Quality SystemPharmaceutical Quality SystemICH Q10 Enablers:
Knowledge Management
Quality Risk Management Pharmaceutical Quality SystemPharmaceutical Quality SystemICH Q10 Requirements:
MANAGEMENT RESPONSIBILITY
CONTINUAL IMPROVEMENT OF PROCESS PERFORMANCE AND PRODUCT QUALITY
CONTINUAL IMPROVEMENT OF THE PHARMACEUTICAL QUALITY SYSTEMAPI ManufactureAPI ManufactureQuality system and GMP requirements for API development and manufacture are provided by ICH Q7A “Good Manufacturing Practice for Active Pharmaceutical Ingredients”nullUS FDA Systems Approach to Inspection
IntroductionUSA FDA adopted “systems approach” to facility audits in 2002USA FDA adopted “systems approach” to facility audits in 2002Basic strategy: “evaluating through factory inspections, including the collection and analysis of associated samples, the conditions and practices under which drugs and drug products are manufactured, packed, tested and held”
The “systems approach” compliance program is designed to provide guidance for implementing the above strategy.Program based on biennial (2 yearly) factory inspections:Program based on biennial (2 yearly) factory inspections:For a pre-approval inspection, FDA is required to evaluate at least 4 systems:
Quality system + 3 others
For a routine GMP inspection, FDA is required to evaluate at least 2 systems:
Quality system + 1 othernullQuality System inspections Quality system audit itemsQuality system audit itemsAudit of quality system is carried out in 2 phases:-
Has “QC Unit” fulfilled the responsibility to review and approve all procedures related to production, quality control and quality assurance and assure they are adequate for their intended use?
Assess data collected to identify quality problems.Quality system - areas to be covered:Quality system - areas to be covered:Product reviews – at least annually
Complaint reviews (quality and medical); documented, evaluated, investigation in a timely manner; includes corrective action where appropriate
Discrepancy and failure investigations relating to manufacturing and testing
Change control; documented; evaluated; approved; need for revalidation
Product Improvement Projects
Reprocess/rework; evaluation, review & approval; impact on validation and stability
Quality system - areas to be covered: cont’dQuality system - areas to be covered: cont’dReturns/Salvages; assessment; investigation expanded where warranted; disposition
Rejects; investigation expanded where warranted; corrective action where appropriate
Stability failures; investigation expanded where warranted; need for field alerts evaluated; disposition
Quarantine products
Validation; status of required validation/revalidation (e.g. computer, manufacturing process, laboratory methods
Training/qualification of employees in quality control unit functions
nullImplementation of a Quality System
Implementation of a Quality SystemImplementation of a Quality SystemVery often, Corporate QA functions have oversight of, or issue specifications for, site Quality systems
Elements of the Quality System may be:
Derived from Corporate systems/requirements
Global or regional in scope
Local or site specific
Developed and implemented in accordance with Corporate QA-determined schedules
Implementation of a Quality SystemImplementation of a Quality SystemDetermine Scope/prepare URS
Develop system descriptions and process descriptions
“Lean” review
Develop electronic systems/processes if necessary
URS
Develop, test and validate system, train users
Change Control
Prepare and approve high-level system documentation
Prepare and approve System SOPs
Train QA/train all other personnel
Roll out – go-liveEach sub-system requires a separate process/documentationEach sub-system requires a separate process/documentationSub-systems may be rolled out sequentially:
Documentation/control
Change Control
Deviation system
CAPA
Complaints
OthersOther sub-systems to be developedOther sub-systems to be developedThese require development of SOPs and forms, training of personnel:
Management review of quality performance
Product annual reviews
Process and analytical trend reviews
Complaint reviews (product quality and adverse events)
Procedure for re-processing / re-work
Returns, salvages and rejects
Product recall procedure
Validation
Batch review and release
Performance of Quality SystemPerformance of Quality SystemOnce established, monitor the performance of the sub-systems. This is done by collecting and reporting metrics (e.g. monthly):
Number of changes/deviations/CAPAs/ complaints etc processed
Time to close items
Items overdue/extended
Objective is to continually improve the systems and performancenullCorrective and Preventative
Action - CAPACAPA is -CAPA is - The response to a detected GMP non-compliance. As such, it is considered Urgent.
A defined corrective action plan (in Trackwise)
A plan which identifies deliverables, owners and due dates
A Culture of proactively fixing issues as they arise.CAPA planCAPA planThe CAPA culture depends upon accurate identification of root causes
Effective CAPAs depend on successful CAPA planning
The CAPA Plan identifies deliverables, owners, and effective due dates
Deliverables may be linked to Change Control(s)
Due dates must be planned properly, based on available resources, and timelines allocated realisticallyCAPAs may originate from:CAPAs may originate from:Deviations, OOS investigations
Internal audit findings
Corporate audit findings
Regulatory authority findings
Other observed discrepanciesCAPA Workflow:CAPA Workflow:Problem Statement
Define corrective and preventative actions
Identify all Deliverables (individual action items)
CAPA plan – items, responsible persons, due timelines
GMP evaluation/QA approval
Implementation of the CAPA items – monitor progress of Deliverables
Effectiveness Check
QA review, approval and closure
nullCAPA Effectiveness CheckCAPA Effectiveness CheckBuilt in to the CAPA system should be a procedure for ensuring the review of the continued effectiveness of implemented CAPA actions.CAPA cultureCAPA cultureCAPA is more than a system; it is a Culture.
A CAPA Culture signifies that any GMP discrepancies will be identified and remedial action will be implemented proactively to correct the discrepancy and prevent re-occurrence.
It is an factor in achieving continuous improvement of quality.nullQuality Risk Management
QRMRisk – Different uses of the same term to mean different things !Risk – Different uses of the same term to mean different things !What Quality Risk Management IS:What Quality Risk Management IS:Systematic Approach
Implementable in a variety of ways with different tools or other procedures
A methodology to ensure resources directed to greatest need
What Quality Risk Management IS NOT:What Quality Risk Management IS NOT:Not a new Q system – like Change Control, CAPA etc.
Not a new set of Regulatory expectations
Not a methodology to allow a company avoid existing regulations
ICH Q9 Quality Risk ManagementICH Q9 Quality Risk ManagementICH Regional Regulators:- FDA: 21st Century GMP initiative EMEA: Revised EU directives MHLW: Revised Japanese law (rPAL)
EU & Japan became involved at ICH GMP Workshop in July 2003: 5 year vision agreed: “Develop a harmonised pharmaceutical quality system applicable across the life cycle of the product emphasizing an integrated approach to quality risk management and science”
Consequent ICH Expert Working Groups (EWG): ICH Q8 Pharmaceutical Development, approved 2005 ICH Q9 Quality Risk Management, approved 2005 ICH Q10 Quality Systems, topic accepted 2005 ICH Q9 Link back to patient riskQ10Q8ICH Q9 Link back to patient riskProcessMaterialsDesignManufacturingDistributionPatientFacilitiesOpportunities to impact risk using quality risk managementQ9DefinitionsDefinitionsQualityRiskDegree to which a set of inherent properties of a product, system or process fulfills requirementscombination of the probability of occurrence of harm and the severity of that harm Systematic process for the assessment, control, communication and review of risks to the quality of the drug (medicinal) product across the product lifecycle ManagementQRMICH Q9 – Core pointsICH Q9 – Core pointsSystematic approach
No new regulatory expectations beyond current ones
Does not allow circumventing of existing regulatory expectations.
As with other ICH, not binding, but elements of it are beginning to appear in EU regs (Chap1, Annex 15, …)
Process – does not always need to be done via a formal tool
ICH Q9 – Core points cont’d…ICH Q9 – Core points cont’d…Primary principles
The evaluation of risk should be based on scientific knowledge and ultimately link to the protection of the patient
The level of effort, formality and documentation of the quality risk management process should be commensurate with the level of the risk.
Note these principles are explicitly adopted in new draft EU GMP Guide Vol. 4 Chapter 1 Quality Management
null Quality Risk Management ProcessTeam approachOverview of typical QRM processOverview of typical QRM processPhase 1 -Initiation
Define the problem
Define an appropriate team
Assemble the data
Identify the leader & required resources
Specify timeline, deliverables, decision making
Overview of typical QRM processOverview of typical QRM processPhase 2 Risk Assessment
Risk Identification - What might go wrong ?
Risk Analysis
What is the probability of it going wrong?
What are the consequences / severity ?
Risk Evaluation – compares the identified and analyzed risks against given risk criteria. Considers the strength of evidence for the three questions above. Output of a risk evaluation is either a number or a qualitative description- e.g. High, Medium, LowOverview of typical QRM processOverview of typical QRM processPhase 3 Risk Control
Risk Control
Is the risk above an acceptable level
What can be done to reduce or eliminate the risk
What is the appropriate balance among benefits, risks and resources
Are new risks introduced as a result of the identified risks being controlled
Risk Reduction - Could severity/probability of the risk be reduced or its detectability increased ?
Risk Acceptance – Accept / Reject the risk
Overview of typical QRM processOverview of typical QRM processPhase 4 Risk Communication
Shares information about the risk and its management between the decision makers and others
Can be done at any stage but must be done for final outcome of the QRM process (after Risk Control)
Can use existing processes for such communication – e.g. change control process
Overview of typical QRM processOverview of typical QRM processPhase 5 Risk Review
Risk management should be an ongoing part of the quality management process. A mechanism to review or monitor events should be implemented.
Should take account of new developments, knowledge & experience
Risk review may involve reconsidering earlier risk acceptance decisionsRisk Management Methodology / ToolsRisk Management Methodology / ToolsBasic e.g. flowchart, check sheet
Failure Mode Effects Analysis FMEA
Failure Mode Effects Criticality Analysis (FMECA)
Fault Tree Analysis
Hazard Analysis and Critical Control Points (HACCP)
Hazard Operability Analysis (HAZOP)
Preliminary hazard Analysis (PHA)
Risk Ranking & Filtering
Statistical Tools
Empirical / Internal Procedures
Integration of Quality Risk Management into existing systemsIntegration of Quality Risk Management into existing systemsSome Suggested Examples in ICH Q9
Defining Scope & Frequency of Audits
To review current interpretations and application of regulatory expectations
Identifying, evaluating and communicating the potential quality impact of a suspected defect
To manage changes
Product design
Extent of Validation
Determining calibration / maintenance schedules
Etc.Integration of Quality Risk Management into existing systemsIntegration of Quality Risk Management into existing systemsExamples of areas of application quoted in one PDA case study:
Audit Program
Batch Record Review
Change Control
RM Testing
RM Changes
Validation of lab equipment
Non-Conformance Handling
Environmental Monitoring
Animal-Derived Raw materialsWhere to apply a risk management approachWhere to apply a risk management approachTo achieve the quality objective reliably there must be a comprehensively
designed and correctly implemented system of Quality Assurance incorporating Good Manufacturing Practice, Quality Control and Quality Risk Management. …. (Draft new EU Vol. 4 Chapter 1 Quality Management)
A risk assessment approach should be used to determine the scope & extent of validation. .. The likely impact of changes …should be evaluated including risk analysis. (EU Vol 4 Annex 15 Qualification & Validation)
The potential impact of any proposed change on the quality of the intermediate or API should be evaluated. A classification procedure may help in determining the level of testing, validation, and documentation needed to justify changes to a validated process. Changes can be classified (e.g. as minor or major) depending on the nature and extent of the changes, and the effects these changes may impart on the process.
Scientific judgment should determine what additional testing and validation studies are appropriate to justify a change in a validated process.
(EU Vol 4 Part 2 Section 13)
Where to apply a risk management approach cont’d…Where to apply a risk management approach cont’d…A risk analysis of the sterility assurance system focused on an evaluation of possibility of releasing non-sterilised products should be performed.
(EU Vol 4 Annex 17 Parametric release)
Environmental impact of drugs & biologics in clinical use.
(FDA Guidance for industry on environmental Assessment of Human Drugs and Biologics Applications CDER/ CBER 1998)
Environmental Risk assessment Report in Module 1 of MAA. Note performed by PCS Biology on behalf of RA
(CHMP/SWP/4447/00 draft guideline on environmental risk assessment of medicinal products for human use EMEA 2005)
Where to apply a risk management approach cont’d…Where to apply a risk management approach cont’d…Risk assessment should be triggered when:-
a) There is new product, process, facility, system, component, material or equipment
b) There is a change to product, process, facility, system, component, material or equipment
The purpose of implementing risk management is to ensure that for a given process / product the scope and purpose of the risk management activity clearly identifies individual and collective risks against which appropriate mitigating or remedial actions can be implemented to reduce, remove or stabilize the risk
Individuals participating in the risk management process must have appropriate documented training in the principles and practices of risk management
nullWhen to apply Quality Risk ManagementWhere to apply a risk management approachWhere to apply a risk management approach
In many cases risk assessments may be done already informally or undocumented. The expectation is that a systematic approach is to be adopted and documented for decisions such as :
Defining audit programs
Defining environmental monitoring or QC sampling plans
Defining limits and controls for products / processes
Selection and use of materials and components
Defining residue limits following cleaning
Choosing what parameters to include in validation protocols
Assessing the impact of change
Such quality risk assessments need not always use a ‘formal’ risk assessment tool, but should apply a documented systematic approach to reach a decision
Further opportunities to benefit from QRMFurther opportunities to benefit from QRMUse anywhere to decide how best to use finite resources to achieve maximum impact on quality e.g. documentation review, definition of test plans, training plans etc. etc.
The process and product quality monitoring system should ... use quality risk management to identify and establish monitoring frequencies of key performance indicators that reflect product quality and/or process capability. The monitoring frequency for each key performance indicator should facilitate timely feedback / feed forward and action, commensurate with the lifecycle stage. (ICH Q10)
The above implies that quality indicators being monitored, should be categorized using QRM techniques and then resources deployed proportional to the risk and lifecycle stage.
Thus QRM becomes part of a continuous quality improvement process.
Typical Approach when applying Risk Assessment forTypical Approach when applying Risk Assessment forSelect the process
Assemble multi disciplinary team
Define Probability of Occurrence levels
Define Severity levels
Define risk acceptability table
Example of probability of occurrence tableExample of probability of occurrence tableExample of severity tableExample of severity tableRisk Acceptability TableRisk Acceptability TableDefine based on RPN cutoff point
Or
Define based on qualitative assessment of probability, severity, detectability into Acceptable / Unacceptable
Or
Division into three qualitative categories
acceptable
unacceptable (must reduce)
intolerable (must eliminate) Typical Approach when applying Risk AssessmentTypical Approach when applying Risk AssessmentSelect the process to be assessed
Assemble multi disciplinary team
Define Probability of Occurrence levels
Define Severity levels
Define risk acceptability table
Define detection levels
Map the process
Assess each step in a risk assessment worksheet
Implement actions and communicate
null
Example – Assessment of Risk using FMEAnullnullnullCaution – Qualitative vs QuantitativeCaution – Qualitative vs QuantitativeWhen multiplying probability x severity x detectability to obtain RPN – be cautious. It is inadvisable to place too much faith in precise numbers.
For example a severity of 4 is more severe than a severity of 2 but not necessarily twice as severe! Some experts prefer to use words (high, medium, low) to force a good qualitative assessment of RPN rather than a poor quantitative one.
This is not an exact science and common sense still needs to apply when defining the RPNnull
Examples of Risk Assessment on a system
how to apply QRM to audit schedules
Example 1Example 1Potential Risk Factors were identified.
Product risks
Type of material supplied 0 - 3
Amount of material supplied 0 - 3
Control level of material before use 1 - 5
Process / Facility risks
Experience with supplier 1 - 5
Certification of supplier 1 -
本文档为【Quality_Systems_Establishment_and_Implementation_-_FINAL】,请使用软件OFFICE或WPS软件打开。作品中的文字与图均可以修改和编辑,
图片更改请在作品中右键图片并更换,文字修改请直接点击文字进行修改,也可以新增和删除文档中的内容。
该文档来自用户分享,如有侵权行为请发邮件ishare@vip.sina.com联系网站客服,我们会及时删除。
[版权声明] 本站所有资料为用户分享产生,若发现您的权利被侵害,请联系客服邮件isharekefu@iask.cn,我们尽快处理。
本作品所展示的图片、画像、字体、音乐的版权可能需版权方额外授权,请谨慎使用。
网站提供的党政主题相关内容(国旗、国徽、党徽..)目的在于配合国家政策宣传,仅限个人学习分享使用,禁止用于任何广告和商用目的。