Risk Managements in pharmaceutical industry. Includes risk management tools for evalution.

1. Risk Management In
Pharmaceuticals
By,
Mahesh Shinde

2. What will cover
• Objectives
• Scope
• Definitions
• Tools and methodology

3. Identification and mitigation of risks associated with each business unit / function is an important component of
proactive management.
Any threat to product quality across the supply chain needs to be considered in the risk management exercise;
this also includes risk associated with product security, security of supplies as well as compliance to policies /
statutory requirements.
Risk management includes identification of risks, evaluation of each risk, developing risk mitigation plan,
implementation of action plan and review of actions taken to verify their effectiveness.
The objective of this training is to describe the Risk Management Process, to define cases when a risk
assessment needs to be performed, and to facilitate understanding of quality risk management outputs.
OBJECTIVES

4. Applicable to functions that directly or indirectly impacts product quality or security of product & security of supply such
as Quality Assurance, R&D, Regulatory, Business Development, Supply chain, Human Resources, IT, Legal, Contract
Manufacturing and Pharmacovigilance
A quality risk management process may be performed when a decision should be taken or when actions should be
prioritized, especially in these cases
 Deviations
 Change control
 Recalls
 Abnormal restrictions
 Product quality defects
 Pharmacovigilance cases
 Quality Management Review
 New product introduction projects
 All activities with potential quality and/or regulatory impacts on Marketing authorization dossier (Regulatory filing),
validated status, audits, inspection, transportation etc.
SCOPE

5. Definitions (As per ISO )
Physical injury and/or damage to the health of people or damage to
property or the environment
Harm:
Risk:
Combination of the probability of occurrence of harm and the severity of that
harm
- Use of available information to identify hazards and to estimate the risk
- It provides the basis for risk evaluation and decisions about the risk
reduction.
Risk Analysis:

6. Risk Evaluation:
Judgement, on the basis of risk analysis, of whether a risk which is acceptable
has been achieved in a given context based on the current values of society.
Risk Assessment:
Overall process of risk analysis and risk evaluation
Risk Control:
The process through which decisions are reached and implemented for
reducing risks to or maintaining risks within specified levels.
Risk Management:
Systematic application of management policies, procedures and practices to
the tasks of analysing, evaluating and controlling risk
Definitions (As per ISO )

7. Relationship between Risk Analysis
& Other Risk Management Activities
Risk analysis
Intended use
Purpose identification
Hazard identification
Risk estimation (likelihood x consequence)
Risk evaluation:
Risk acceptability decisions
Risk reduction/control
option analysis
implementation
residual risk evaluation
overall risk acceptance
Risk monitoring
external environment
review of risk management
experience
RISK
MANAGEMENT
Risk assessment

8. RISK CONTROL
Safe design:
Build a bridge
Protection measures
Trains at night
Cars in the day
Traffic lights
Warnings
Signals/noise
RISK
ASSESSMENT
Probability that
collision happens
and degree of
severity of the
resulting damage
RISK MONITORING
Check if safety measures work
Risk Management (A practical example )

9. Some examples:
Engineering Design Reviews
Product and Process design
(computer) Validation
Change Management evaluations
Release / Reject / Recall decisions
Cross Contamination evaluations
Investigations & Corrective / preventive actions
GMP impact assessment
Most of the time we are managing risk………
(without realising this?)
Risk Management in P’ceutical Industry

10. Risk Management Process overview

11. Risk Management Tools & Methodology
• Risk Management Facilitation Methods
• FMEA
• FTA
• HACCP
• HAZOP
• PHA
• Risk Ranking and Filtering
• Supporting Statistical Tools

12. Tools Use Scope Risk Steps Risk Controls
FTA Identify causes of an
undesired event
Micro Identification
Analysis
No
Risk Ranking and
Filtering
Rank items following on
criticality level
Macro or Narrow
system
Identification
Analysis
Evaluation
No
PHA Identify potentially
hazardous
Macro or Narrow
system
Identification
Analysis
No
FMEA Identify potential
failures and quote them
in order to rank them
Narrow system Identification
Analysis
Evaluation
Yes
HACCP Appreciate and control
risk contamination
Narrow system Identification
Analysis
Evaluation
Yes

13. Some simple techniques used to structure risk management by
organizing data and facilitating decision-makings are:
Flowcharts
Check Sheets
Process Mapping
Cause and Effect Diagrams
(Ishikawa diagram or fish bone diagram)
Basic Risk Management Facilitation
Methods

14. Failure Mode Effect Analysis (FMEA)
• Allows evaluation of:
 potential failure modes [what might go wrong] for processes
 the likely effect on outcomes and/or product performance
• Once failure modes are established, risk reduction can be used
to eliminate, contain, reduce or control the potential failures
• FMEA relies on product and process understanding
• FMEA methodically breaks down the analysis of complex
processes into manageable steps
• It is a powerful tool for summarizing the important modes of
failure, factors causing these failures and the likely effects of
these failures

15. • To prioritize risks and monitor the effectiveness of risk
control activities
• FMEA can be applied to equipment and facilities and
might be used to analyse a manufacturing operation
and its effect on product or process
• It identifies elements/operations within the system
that render it vulnerable
• The output/ results of FMEA can be used as a basis
for design or further analysis or to guide resource
deployment
Areas of use of FMEA

17. Fault Tree Analysis (FTA)
• An approach that assumes failure of the functionality
of a product or process
• This tool evaluates system (or sub-system) failures one
at a time but can combine multiple causes of failure
by identifying causal chains
• The results are represented pictorially in the form of a
tree of fault modes
• At each level in the tree, combinations of fault modes
are described with logical operators (AND, OR, etc).
The method relies on expert process understanding to
identify causal factors

19. • FTA can be used to:
 establish the pathway to the root cause of the failure
 investigate complaints or deviations in order to fully understand their
root cause
 ensure that intended improvements will fully resolve the issue and not
solve one problem yet cause another (different) problem
• FTA is an effective tool for evaluating how multiple factors affect
a given issue
• The output of an FTA includes a visual representation of failure
modes
• It is useful both for risk assessment and in developing
monitoring programs
Areas of use of FTA

20. • A tool of analysis based on applying prior experience or knowledge of a
hazard or failure to identify future hazards, hazardous situations and
events that might cause harm, as well as to estimate their probability of
occurrence for a given activity, facility, product or system
• It involves following steps:
1.List the expected events for each process step
2.Define the dangerous situations (opposite expected events)
3.Enumerate the different causes of each dangerous situation
4. List consequences of each dangerous situation
5. List detection, prevention and control measures already in place.
6. Determine if the dangerous situation is acceptable or not.
7. If the answer is ‘No’, implement actions and /or do complementary analysis
Preliminary Hazard Analysis (PHA)

21. • Useful when analyzing existing systems or prioritizing hazards
where circumstances prevent a more extensive technique from
being used
• It can be used for product, process and facility design as well as
to evaluate the types of hazards for the general product type,
then the product class, and finally the specific product
• PHA is most commonly used early in the development of a
project when there is little information on design details or
operating procedures
• It will often be a precursor to further studies
• Hazards identified in the PHA are further assessed with other
risk management tools such as those in this section
Potential Uses of PHA

22. Hazard Analysis & Critical Control Points
(HACCP)
• HACCP is a systematic, proactive, and preventive tool for assuring product
quality, reliability, and safety
• It is a structured approach that applies technical and scientific principles to
analyze, evaluate, prevent, and control the risk or adverse consequence(s) of
hazard(s) due to the design, development, production, and use of products
• It consists of following steps:
 Assemble a multidisciplinary team with a leader
 Describe all the detailed steps of the process
 List all potential hazards associated with each step
 Determine Critical Control Points (CCPs)
 Establish critical limits for each CCP
 Create a monitoring of critical control points
 Establish corrective actions when CCP are not under control by the monitoring system
 Establish verification system to confirm that the HACCP system is effective
 Establish documentation and record keeping

24. Potential Uses of HACCP
• To identify and manage risks associated with physical,
chemical and biological hazards (including microbiological
contamination)
• Most useful when product and process understanding is
sufficiently comprehensive to support identification of
critical control points
• The output of a HACCP analysis is risk management
information that facilitates monitoring of critical points not
only in the manufacturing process but also in other life
cycle phases

26. • A tool for comparing and ranking risks
• Risk ranking of complex systems typically requires
evaluation of multiple diverse quantitative and qualitative
factors for each risk. This tool breaks down a basic risk
question into as many components as needed to capture
factors involved in the risk
• The factors are combined into a single relative risk score
that can then be used for ranking risks
• Filters in the form of weighting factors or cut-offs for risk
scores, can be used to scale or fit the risk ranking to
management or policy objectives
Risk Ranking & Filtering

27. • To prioritize manufacturing sites for inspection/audit by
regulators or industry
• Particularly helpful in situations in which the portfolio of
risks and the underlying consequences to be managed are
diverse and difficult to compare using a single tool
• Risk ranking is useful when management needs to
evaluate both quantitatively-assessed and qualitatively-
assessed risks within the same organizational framework
Potential Uses of Risk Ranking & Filtering

28. Relative Risk Ranking System
Risk Index
Value
Level of Risk Action
1 to 8 Low Risk Broadly acceptable risk. No further investigation is needed
9 to 16 Medium Risk
Risk is acceptable. Further Investigation may be needed in order
to reduce the risk
17 to 25 High Risk
Risk is unacceptable. Further Investigation is needed to reduce the
risk

29. Consequence & Likehood Categories &
Scoring
Likelihood

Consequences 
Insignificant
1
Minor
2
Moderate
3
Major
4
Catastrophic
5
Almost certain
5 5 10 15 20 25
Likely
4 4 8 12 16 20
Possible
3 3 6 9 12 15
Unlikely
2 2 4 6 8 10
Rare
1 1 2 3 4 5