This document provides guidance on applying risk management principles to determine corrective and preventive action (CAPA) decisions. It defines factors for assessing risk, including severity, frequency, and detectability. Risk scores are calculated based on these factors for both product risks and compliance risks. The document provides a risk priority number matrix and guidance on CAPA decisions based on the risk assessment.
6. Product Severity Risk
Category Severity Sever
ity
Score
Very Low No adverse health consequence 1
Low Temporary or reversible impairment (without medical
intervention) / Transient, minor impairment or complaints
2
Medium Necessitates minor medical intervention 3
High Results in permanent impairment of body function or permanent
damage to a body structure / Necessitates surgical intervention
4
Very High Life threatening (death could occur) 5
8/15/16 Tarek Elneil 6
7. Product Frequency Risk
Category Frequency Frequen
cy Score
Remote Very unlikely to occur (less than 1 in 10,000) 1
Rare Unlikely to occur (< 1 in 10,000 and > 1 in 1,000) 2
Occasional Occurring at irregular intervals (<1 in 1,000 and > 1 in 100) 3
Frequent Occurring at short intervals (<1 in 100 and >1 in 10) 4
Regular Occurring often (more than 1 in 10) 5
8/15/16 Tarek Elneil 7
8. Product Detectability Risk
Category Detectability Detect
ability
Score
Very High Verifiable by operator with standard measuring equipment 1
High Verifiable by trained personal with specialized measuring device
or equipment
2
Medium Verifiable by trained personal with subjective measurement or
highly specialized device or equipment
3
Low Requires outside testing to verify 4
Very Low Cannot be detected without destructive testing 5
8/15/16 Tarek Elneil 8
9. Compliance Severity Risk
8/15/16 Tarek Elneil 9
Category Severity Severit
y Score
Very Low The findings is limited to one of the Quality system components
that will not impact the product or the quality system
1
Low Internal Department or Audit finding (Minor) that need Quality
System improvement
2
Medium Internal Audit finding (Critical or Major) that require extensive
improvement for not more than one major component of the
Quality System
3
High Results in a repeat of regulatory violation that can lead to loss of
Business (licensing to a specific region), or limited product recall
4
Very High Can result for a massive recall or Warning letter or Consent
Decry or Shut down the business
5
10. Compliance Frequency Risk
Category Frequency Frequ
ency
Score
Remote Isolated event very unlikely to occur again 1
Rare Unlikely to occur , or can occur under very specific or limited
condition
2
Occasional Occurring at irregular intervals by not following the procedure, or
related to a single department or Unit
3
Frequent Quality system noncompliance start occurring due to recent
changes (< 1 years)
4
Regular Noncompliance was occurring due to Quality system setting or
was not updated to comply with the regulatory requirements
5
8/15/16 Tarek Elneil 10
11. Compliance Detectability Risk
Category Detectability Detectab
ility
Score
Very High (Department Level) noncompliance was identified internally by
the Unit or Department
1
High (Quality System) noncompliance was detected by the QS which
is capable to identify, verify, trend , or monitor the KPI, and
correct the noncompliance
2
Medium The noncompliance was identified by an Internal Audit or
Management Review.
3
Low The noncompliance was identified by Corporate Audit or
External Organization Audit
4
Very low The noncompliance was found by Regulatory Body such as
FDA, or ISO Audit
5
8/15/16 Tarek Elneil 11
14. CAPA Decision
Risk Decision
Product Compliance
High
CriOcal /
Major
Initiate CAPA & HHR Initiate CAPA and evaluate if
HHR is needed
Moderate
Medium
Evaluate if CAPA and or
HHR is needed
Evaluate if CAPA and or
HHR is needed
Low
Minor /
Negligible
No CAPA or HHR are required No CAPA is required
8/15/16 Tarek Elneil 14