risk analysis
DESCRIPTION
TRANSCRIPT
Guidance on “Risk Analysis”
Dr. Nishodh Saxena
Introduction
Risk
“Probable rate of occurrence of a hazard
causing harm, and the degree of severity of the
harm”
Hazard
“A source of potential harm”
Introduction
ICH Q9 step 4
• Risk Analysis – “Investigation of available information to identify hazards
and estimate risks”
– “Risk analysis is the estimation of the risk associated with the identified hazards. It is qualitative or quantitative process of linking the likelihood of occurrence and severity of harms. In some risk management tools, the ability to detect the harm (detectability) also factors in estimation or risk.”
Introduction
Quality Risk management
“It is a systematic process for the assessment,
control, communication and review of risk to
the quality of the medicinal product across the
product lifecycle”
Introduction
Purpose of “Risk Analysis”
– To identifying, documenting and
quantifying potential risk to product due to
any activity, process, testing or change and
to determine appropriate measures, with the
objective of eliminating or reducing the risk
to patient.
Introduction
Benefits through “Risk Analysis” – Identification of critical parameter
– Improvement in product quality & safety
– To find out the risk of any change in activity, process, testing or change.
– Reduction in validation cost
– Establishes a systematic, well-informed and thorough method of decision making which leads to greater transparency and predictability
– Increased knowledge of exposure to risk
– Fosters quality by design, continuous improvement and new technology introduction, which generally leads to enhanced product quality
Introduction
Scope of “Risk Analysis”
• Risk analysis is conducted for various activity related to manufacturing, testing, handling, and distribution of intermediate, drug substance and drug product.
• Risk analysis aspects include development, manufacturing, distribution, and the inspection and submission/review processes throughout the lifecycle of drug substances, drug product, biological and biotechnological products.
Introduction
Principles for “Risk Analysis”
• “The evaluation of the risk to quality should be
based on scientific knowledge and ultimately link
back to the protection of the patient”
• The level of effort, formality, and documentation
of the quality risk management process should be
commensurate with the level of risk.”
ICH Q9’s Sample Process for “Risk Analysis”
Risk Assessment
Risk Evaluation
Initiate
Risk Management Process
Risk Control
Ris
k M
an
ag
em
en
t to
ols
& s
tati
sti
c t
oo
lba
r(R
esourc
es,
Inte
rfaces &
Lin
e functions)
Output / Results of the
Risk Management Process
Risk Communication
No additional risk
Risk Analysis
Risk Mitigation(incl. elimination and avoidance)
[Severity]
Review(e.g. Inspections/Audits, Complaints)
Risk Acceptance
Risk Reduction[Probability]
Step – 1 [Risk Assessment]
• Risk assessment consist of;
– The identification of Hazard
– Analysis of risk
– Evaluation of risk
• Quality Risk assessment begin with Risk question
– What might go wrong ? (Carry out Risk analysis)
– What is the probability it will go wrong? (Determine probability)
– What are the consequences (Determine severity)
Risk Identification
• Risk identification addresses the “what might
go wrong?” question, including identifying the
possible consequences.
Risk analysis
• Risk analysis is a systematic use of information to
identify specific sources of harm (hazards) and to
estimate the risk.
• Risk analysis is the estimation of the risk associated
with the identified hazards. It is the qualitative or
quantitative process of linking the likelihood of
occurrence and severity of harms. In some risk
management tools, the ability to detect the harm also
factors in the estimation of risk.
Risk evaluation
• Risk evaluation compares the estimated risk
against given risk criteria using a quantitative
or qualitative scale to determine the
significance of the risk.
Step-2 [Risk control]
Risk control describes the actions of implementing risk management decisions.
– What can be done to mitigate and reduce risks?
– What options for controlling risks are available?
– What are the impacts of current risk management decisions on future options for risk management?
• Risk mitigation focuses on a reduction of severity of harm.
• Risk reduction focuses on the reduction of probabilities of occurrence of harm and detection of harm.
• Risk acceptance is a decision to accept risk, i.e., no additional risk control activities are necessary at that time.
Step -3 [Risk communication]
– Risk communication is the exchange or sharing of information about risk and risk management between the decision maker and other stakeholders. The information can relate to the existence, nature, form, probability, severity, acceptability, treatment, detectability or other aspects of risks to quality.
– The communication among stakeholders concerning quality risk management decisions can be made through existing channels
Step - 4 [Risk monitoring and review]
– All risk management processes are
dynamic/iterative. Quality risk management when
applied should benefit from new knowledge with
each decision cycle and used to enhance future
decisions allowing for continuous improvement.
Risk management Tools 1. Process mapping 2. Preliminary Hazard Analysis (PHA) 3. Hazard Analysis of Critical Control Points
(HACCP) 4. Hazard Operability Analysis (HAZOP) 5. Fault tree analysis (FTA) 6. Failure Mode Effects Analysis (FMEA) 7. Failure Mode, Effects and Criticality Analysis
(FMECA) 8. Risk Ranking and Filtering 9. Informal Risk Management 10. Taguchi, variation risk management method
Supporting Statistical Tools
• Design of experiments (DOE)
• Process Capability Analysis
• Control charts:
1. acceptance control charts.
2. Shewart control charts.
3.Accumulative sum charts
Integration of Quality Risk Management
into operations
1. Development (e.g. Specification Setting, Test Method Selection and process development).
2. Regulatory scrutiny during pre and post approval.
3. As a component of Quality systems ( e.g. Auditing, Deviations/Discrepancies, Complaints & Recall Management, Change management)
4. Facility systems management ( e.g. Design, Hygiene, Qualification, environmental control, Preventative maintenance and Computerized systems)
5. Materials Management (e.g. Supply chain, Assessment and evaluation of suppliers and contract manufacturers, procurement and release of material)
Integration of Quality Risk Management
into operations (Contd..)
6. Production (e.g. PAT, Validation, in-process sampling, testing, reporting and trending)
7. Laboratory controls (e.g. validation, testing, methods development, stability).
8. Packaging and labeling (e.g. Selection of container closure system and label controls).
9. Regulatory Authority Activities
How to calculate RPN
Index Value Severity Interpretation
3 Critical May cause serious/critical effect. High risk to safety and
efficacy of the product
2 Major May cause adverse effect directly or indirectly
1 Minor No potential of adverse effect
RPN = Risk Priority Number
= Severity index X Frequency Index X Detectability Index
• Estimating severity index
– Severity of the failure shall be estimated based on the effect it may have on the
process/product /patient
– Assign a quantitative value to the possible effect of each hazard according to the scale
show in Table -1
How to calculate RPN (Contd..)
• Estimating frequency index
– Estimate frequency index
based on the frequency of
occurrence of each identified
cause.
– Frequency may be interpreted
as probability of occurrence
whose quantitative value shall
be assigned based on the scale
shown in table -2.
Index
Value
Severity Interpretation
3 High Will occur: Expected to
occur or has occurred
frequently (multiple times)
in the past with similar
product types.
2 Moderate Likely to occur: Has
occurred in past and can be
expected to occur if action
is not taken to correct or
prevent
1 Low Unlikely to occur: No
record of Previous
occurrence and it not
expected to occur
How to calculate RPN (Contd..)
• Estimating detectability
– Assign detectability
index based on ;
• The ability to detect the
event prior to or during its
occurrence and thereby
preventing the hazard of
effect.
• Assign quantitative value
for detectability based on
the scale shown in Table-3
Index
Value
Estimated
Detectability
Risk Interpretation
3 Not detectable High There are no controls in
place designated to detect
the defect or failure mode
2 Moderately
Detectable
Mode
rate
Current method may
identify the failure.
Procedures, tests are
designated to increase the
likelihood of detection.
where the detection
method is test, the test is
well characterized and
validated
1 Readily or
highly
detectable
Low Failure are detected with
high degree of probability
before the product is a
test, the test is well
characterized and
validated
How to calculate RPN (Contd..)
• Review of Risk value
– The calculated risk factor shall be analyzed to
determine the need for mitigation, CA/PA, etc.
– Table-4 describes recommended action based on a
calculated risk factor.
– After mitigation/taking appropriate action to
reduce the risk for a given operation/activity, the
FMEA may be carried out again to calculate the
RPN.
How to calculate RPN (Contd..)
Risk Category Risk Factor (RPN) Interpretation
Unacceptable Risk > 21 Risk too sever to be tolerated. A risk
in this region must be reduced to
ALARP region to implementation of
the activity/product etc.
ALARP region of acceptable risk > 6 -21 Tolerable risk, only if the reduction is
impractical or cost of reduction
grossly disproportionate to
improvement. Acceptable risk
Negligible Risk 1 – 6 Risk is Negligible. Mitigation not
necessary
Thanks
Quality is the responsibility of each and every
individual employee of the organization.