1.0Purpose
This SOP defines the approach to Quality Risk Management (QRM)of a GMP site and gives practical examples for tools which may be used to facilitate the process and to aid personnel performing the assessment.
2.0Scope
Applicable to any process at a GMP site which requires a Risk Management approach.The applicability of QRM methodology and the corresponding level of documentation may vary depending on the
individual circumstances. Examples of circumstances to which QRM may be applied in conjunction with existing SOPs include but are not limited to:∙Identification and evaluation of the potential quality and compliance impact of product and/or process deviations, including the impact across multiple and/or divergent markets.
∙
胜利油田局域网Evaluation and determination of the scope of internal and external quality assessments such as quality concern investigation systems, complaint handling, out-of-specification investigation, quality control tes
ting etc.
∙Evaluation of design of facilities, equipment, materials of construction, utilities and Preventative Maintenance (PM) programs.
∙Determination of the scope and extent of commissioning, qualification and validation activities for facilities, equipment and production processes.
∙
Risk tools for engineering project evaluation and validation projects are not included in this procedure. References to those tools are made in Appendix 6 and 7 of this procedure.
3.0Responsibility
The extent to which QRM is used and documented shall be consistent with the complexity and/or criticality of the issue to be addressed.
Site Quality Review Team has oversight responsibilities for all QRM activities.
Department Heads, Process and System Owners and Project Leaders are responsible for ensuring that risks to quality, compliance and other site functions are considered,understood and managed to an appropriate level within the GMP site.
They must ensure that a suitable Quality Risk Management process is implemented and that appropriate resources with the necessary competence are involved.They must also ensure the involvement of all stakeholders.
Department Heads, Process and System Owners and Project Leaders are responsible for ensuring that there is a process for reviewing and approving documented quality risk assessments and that appropriate records are retained.
QA Associates and Laboratory Supervisors involved in deviation, complaint and OOS investigation should follow the risk tool “Risk Ranking and Filtering – Method 1” as demonstrated in appendix 1 for a quick turn around in decision making.
QA Associate, Production and Engineering supervisors or anyone who is involved in manufacturing and regulatory change management, in-house rework, supplier quality audit and other analysis of
Department Quality Management Document no QMS-135Title
Quality Risk Management Techniques
Prepared by:Date:Supersedes:Checked by:Date:Date Issued:Approved by:
Date:
Review Date:
4.2Initiating Quality Risk Management(QRM)Process
4.2.1Risks are multi-dimensional and a shared understanding is a prerequisite for the success of
any risk management process.The initiation phase of the QRM process involves
understanding the risk event by defining and agreeing the context, the scope and the
tolerability criteria for the quality risk assessment, together with any underlying assumptions.
4.2.2Initiation of QRM process should involve all the stakeholders.All the relevant information is
assembled and shared, any gaps are identified and analysis tools are selected.
4.2.3The scope of the quality risk assessment must be clearly defined both in business and
technical terms.The scope should clearly establish the boundaries of the process, system,
project or activity being assessed and any inherent assumptions that are made. It should
consider possible interactions outside the boundary and their potential impacts.
4.2.4The risk assessment process evaluates the tolerability of the identified risks against some
defined criteria to determine whether any mitigating actions are required.A common approach
to establishing criteria is to divide risks into five categories:
∙ A very high risk band where adverse risks are intolerable whatever benefits the activity might bring and risk reduction measures are essential, whatever the cost.
∙ A high risk band where the risk would not be generally acceptable unless there were very significant benefits and where reduction measures are expected as the norm.
∙ A medium risk band area where costs and benefits are taken into account and
opportunities are balanced against potential adverse consequences.
∙ A low risk band where positive or negative risks are small and where potential benefits can only be justified at minimum cost.
∙ A very low risk band where positive or negative risks are negligible or so small that no risk treatment measures are necessary.
4.2.5 A team comprising individuals with the education, training and experience relevant to the issue
or situation under evaluation should undertake the risk assessment process.A subject matter
西南票务网expert (SME)should also be consulted or involved to ensure that best practice is followed.
4.2.6Each Risk Assessment is reviewed and approved by appropriate department heads and
胡风反党集团
stakeholders.Consideration should be given to consultation of the EHS team.Quality
Assurance Manager or a delegate should review and approve all compliance related Risk
Assessments.
4.2.7Risk Register
∙For traceability purposes, a reference number is assigned to each Risk Assessment by Quality Assurance personnel.
∙Risk Assessment conducted for deviation, complaint or out of specification
investigations do not need a template to follow due to their adherence with the
investigation. An entry to Risk Register is also not required.
∙Risk Assessment conducted for calibration interval; supplier assessment and external supplier audit frequency; engineering and validation projects do not need a reference
number. Hence, an entry to Risk Register is also not required.
∙All initiated Risk Assessments using the tool “Risk Ranking and Filtering– Method2”
are logged into the Risk Register. The hard copy register is located in the“Risk
Assessment and Quality Investigation” folder kept in QA office.
4.5Risk Control
The number of tools which may be used to document and assess risk are many and varied and an appropriate tool should be used for the individual circumstances.These tools are described in brief the table below. The formal risk assessment steps and methodologies are described in appropriate
Appendices.
4.5.1Risk control describes the actions taken to deal with the identified quality risks and the
acceptance of any residual quality risks. Risk control must address the following questions:∙Is the risk acceptable without further action?
∙What can be done to reduce, control or eliminate risks.
∙What is the appropriate balance among benefits, risks and resources?
∙Are new risks introduced as a result of the identified risks being controlled?
4.5.2Risk Reduction
Risk Reduction focuses on processes for mitigation or avoidance of quality risk when the risk
exceeds an acceptable level. Risk reduction includes:
∙Actions taken to mitigate the severity and probability of risk; or
∙Processes or methods that improve the ability to detect risk Implementation of risk reduction measures may introduce new risks into the system or increase the
significance of other existing risks. Therefore, the risk assessment must be repeated to
identify and evaluate any possible change in the risk profile.
4.5.3Risk Acceptance
Risk Acceptance is a decision to accept risk. The risk acceptance decision shall be:
∙ A decision to accept known, residual risk;
∙ A decision to accept residual risks, which are partially assessed, based upon limited information; or
∙ A combination of these circumstances.
4.5.4Optimal QRM strategy is designed to reduce risk to an agreed upon acceptable level. This
acceptable level will depend on many parameters, shall be decided on a case-by-case basis
and managed through identified mitigation tasks.
4.6Documentation and Communication of the QRM outcome / result to stakeholders
4.6.1The results of the QRM process must be communicated to the relevant stakeholders, including
保健食品质量与
管理management and those operating the process or system who may be affected by those results. This requires that each step of the risk management process be documented at an appropriate
level. The purpose of the output from the risk management process is:
∙To share and communicate information about the risks and how they are controlled.
∙To obtain the appropriate approval of the decisions taken.
∙To demonstrate to stakeholders that there has been a properly conducted systematic approach.
∙To provide a record of the risks that enables decisions to be reviewed and the process to be audited.
∙To facilitate ongoing monitoring and review and to sustain the process.
4.6.2The output from the risk assessment must specify a risk a person responsible for
ensuring that any actions are entered into CAPA database located in G:\QA\CAPA Database
and all identified corrective actions are implemented in full and that the risk is managed.
4.7Risk Review
4.7.1QRM is an iterative process that must be sustained throughout the life cycle of the product, A
Appendix 1:
Risk Ranking and Filtering – Method 1
Applicable to Risk Events:
Quality concern Investigations such as Deviation, Complaint, Out-of-Specification.The tool can also be used for any other quality and compliance issues where a risk assessment is deemed to be necessary Risk Assessment Tool:Risk Ranking and Filtering – Method 1Entry on Risk Registry:Not Applicable
Assessment Frequency:Each time a Deviation, Complaint or OOS investigation is processed Reference SOPs:
QMS-035 Deviation Management System QMS-055Product Complaint Procedure
LAB-055Laboratory Out Of Specification Investigation Procedure
Template Location:
#:\QA\RISK ASSESSMENTS\Risk Assessment Templates
Following risk matrix can be used effectively to assess risks derived from a quality incident such as Deviation,Complaint or Out of Specification investigation. The matrix is based on two variables. On the vertical axis the variable is the impact of risk event on the product quality and GMP. The horizontal axis represents the probability of recurrence of risk event and delectability of the event if o
ccur again.Risk Matrix:
4
3Level3
2Level2
10
Level10
1
2
3
4
5
6
7
8
9
Risk Levels
For the ease of assessing risk any deviation / complaint / OOS event can be classified into one of the three levels 1, 2 & 3 based on the magnitude and seriousness of an event.
Level 3: Critical (High Risk,shaded by red colour)
A risk event that might creates immediate and significant risk to product quality,user safety or data integrity or a combination/repetition of major deficiencies that indicate a critical failure of systems Level 2: Serious (Medium to high Risk, shaded by yellow colour)
二氢吡啶类钙拮抗剂A risk event that might potentially creates significant risk to product quality,user safety or data integrit
y or could potentially result in significant observations from a regulatory agency or a combination /repetition of “other” deficiencies that indicate a failure of system(s).
I m p a c t o n P r o d u c t Q u a l i t y a n d G M P
Probability = Probability of recurrence + Probability of detection
Appendix2:Risk Ranking and Filtering– Method 2
Applicable to Risk Events:Risk Assessment as part of Change Management.The tool can also be used
for analysing a manufacturing process to identify high risk steps / critical
parameters.
Risk Assessment Tool:Risk Ranking and Filtering– Method2
Entry on Risk Registry:Next available number taken from the Risk Registry
华硕n10jAssessment Frequency:Varied. As required.
Reference SOPs:QMS-065 Manufacturing Rework Procedure
QMS-125Change Management System
Template Location:#:\QA\RISK ASSESSMENTS\Risk Assessment Templates
Risk Overview:
Risk Event Information
Risk Title:[Enter a short title of the risk]
Issue/Event:[Detail the issue / event that necessitates this assessment]
Risk Question:[Formulate the most appropriate risk question for which this assessment is justified. For example “what are the potential risks associated with changing the frequency of weighing device performance verification testing from the current schedule (e.g. daily) to an alternate, longer period” ]
Scope:[Enter the scope of this assessment]
Facts/Arguments Which Form the Basis of this Assessment:
[Enter all background information and arguments associated with this risk event]
Severity Ranking Scale:
Description
Rank
User Safety / Product quality Regulatory Compliance 1No Adverse Event / No quality impact No Action Taken
2Reversible Minor Health Issue / minor quality impact Discussion Point
3Reversible Major Health Issue / difficult to maintain quality Observation / Mandated Recall 4Permanent Health Issue / critical quality compromised Warning Letter
5Death / escalate to recall Consent Decree
豫公网安备41160202000603
站长QQ:729038198
关于我们
投诉建议