Documente Academic
Documente Profesional
Documente Cultură
INTRODUCTION
Self-inspection is a well-established part of the pharmaceutical quality system. Companies have traditionally been using it as a method for monitoring the
implementation and compliance with good manufacturing practice (GMP) principles, as well as for introducing appropriate corrective measures. This role
of self-inspection is promoted by the current GMP
legislation and guidance (1). Development of the International Conference on Harmonisations (ICH)
Q10 guide has expanded the role of self-inspection to
that of an important performance indicator used for
monitoring the effectiveness of processes and activities within the pharmaceutical quality system. ICH
Q10 promotes the use of self-inspection results as
an important input for periodic management review
performed to manage, evaluate, and continually improve the quality systems performance (1, 2).
An interview with a senior GMP inspector at the
22 Special Edition: A Roadmap to GMP Compliance Part 2
Barbara Jeroncic
rently undergoing revision to incorporate the principles and concepts of the quality risk management,
such as chapters one, three, and five. There is a similar opportunity with respect to chapter nine (Selfinspection). ICH Q9 is already taking initiative in its
drive to define the frequency and scope of inspections
by taking into account various risk indicators. ICH Q9
also provides guidelines for the application of quality
risk management to regulatory inspections aimed to
assist with: resource allocation including inspection
planning, frequency, and intensity; evaluation of quality defect significance, recalls, and inspection findings; assessment of the scope and type of post-inspection follow-up; and identification of risks that should
be communicated between inspectors and assessors to
facilitate better understanding of risk control (4).
ICH Q9 states, quality risk management is a systematic process comprising of assessment, control,
communication, and review of risks impacting the
drug (medicinal) product quality across the product
lifecycle. Organizations manage risk through identification, analysis, and evaluation of the most suitable
risk mitigation strategy. This process further encompasses risk monitoring and review aided by communication and consultation with stakeholders in order
to ensure that no further risk control/treatment is required (4, 5).
There is a potential to apply a quality risk management approach to the area of self-inspection that can
be integrated into the organizations quality risk management framework. The purpose is two-fold as follows:
To design self-inspection as a quality risk managment tool that can provide the objective evidence to
the management about whether or not the current
and potential risks to quality are effectively managed to acceptable levels. Management then can
judge the effectiveness of processes and functions
within the quality system
Efficient inspection workload and resource management focusing on those areas within the quality
system that present higher risk to the quality of
medicinal product, with aim of meeting the quality objectives.
Benefits Of The Application Of Quality Risk
Management To Self-Inspection Programs
ICH Q9 lists the following main benefits of the application of an effective quality risk management approach to various processes and activities within the
quality system, including self-inspection (4):
Ensuring high quality of the medicinal product by
proactively identifying and controlling potential
quality issues
Improving decision making if a quality issue arises
Facilitation of better and more informed decisions
that can provide the regulators with greater assurance of a companys ability to deal with potential
risks and can beneficially affect the extent and level
of direct regulatory oversight.
ISO 31000 standard entitled Risk Management
Principles and Guidelines provides even further detail of benefits of the application of effective quality
risk management (5), as follows:
Increasing the likelihood of achieving quality
objectives
Encouraging proactive management
Awareness of the need to identify and treat risks
throughout the organization
Improving the identification of opportunities and
threats
Improving compliance with legal and regulatory
requirements and international norms
Improving governance
Improving stakeholders confidence and trust
Establishing a reliable basis for decision making
and planning
Improving controls
Effectively allocating and use of resources
Improving operational effectiveness
and efficiency
Improving loss prevention and
incident management
Minimizing losses.
Elements Of Quality Risk Management
The following are elements of quality risk management.
Risk assessment. Risk assessment is the process of
risk identification, analysis, and evaluation (4, 5). Its
application within the self-inspection program can be
tailored to the risk assessment output purpose, the desired level of detail, and the available information. For
example, the estimate of risk associated with an area
within the quality system, for the purpose of defining a scope and frequency of self-inspections, can be
based on the general evaluation of risk factors, without
a detailed risk assessment, as this will be performed
during self inspections. ISO 31010 standard describes
different methods and tools that could be used when
performing risk assessment. Examples of the methods
and tools are provided in the following sections.
Risk identification. The purpose of the risk identification process is to identify the causes and sources of
hazards, events, situations or circumstances that could
have an impact upon the quality of the medicinal product, the quality objectives, and the nature of that impact
(4, 5, 6). There is a variety of tools and techniques that
could be chosen for risk identification, such as: reviews
of historical data, checklists, theoretical analysis, systematic team approaches (e.g., structured what-if technique
[SWIFT]), primary hazard analysis, hazard operability
Special Edition: A Roadmap to GMP Compliance Part 2
23
Barbara Jeroncic
analysis (HAZOP), fault tree analysis (FTA), cause and effect analysis, and supporting techniques (e.g., brainstorming, Delphi method) (4, 6).
Risk analysis. Risk analysis is an estimate of the
risk associated with an identified hazard. It consists
of linking the consequences and their likelihoods for
the identified hazard (can also link detectability of the
hazard) to determine the level of risk. The purpose
of the risk analysis is to develop risk understanding
(4, 6).
The analysis of consequences determines the nature
and type of impact that could occur (6).
It can involve the following (6):
Relating the consequence to the achievement of
the quality objectives
Taking into consideration existing controls to
mitigate the consequence, together with all relevant contributory factors
Considering both immediate consequences and
those that may arise after a certain time has
elapsed, if this is consistent with the scope of
assessment
Considering secondary consequences (i.e., those
impacting on associated processes, activities,
equipment, etc.).
Barbara Jeroncic
tions quality risk management framework. It can further ensure that the interests of stakeholders are understood and considered when developing self-inspection
programs; bring together different areas of expertise
to ensure that the risks are adequately identified and
analyzed through the use of risk assessment methods
and techniques; ensure that different views are appropriately considered when defining risk criteria and in
evaluating risks; and can help to secure endorsement
and support for a mitigation plan (5, 6).
Risk review and monitoring. Regular review of the
quality risk management ensures that any new knowledge and experience is taken into account (4, 5, 6).
For example, it ensures verifying that the assumptions
about risks remain valid, obtaining further information to improve risk assessment, analyzing and learning
from events, including near-misses, changes, trends,
successes and failures, verifying that risk assessments
are properly applied, verifying that risk treatments are
effective, detecting changes which could influence risk
criteria and upon which risk treatments need to be revised, identifying emerging risks, etc. (5, 6).
Application Of Quality Risk Management To The Activities Within The Self-Inspection Program
The following sections discuss quality risk management applications to main activities. Examples of
quality risk management within the self-inspection
program include the following:
Self-inspection planningdefining the scope
(inspection units), frequency, and level of selfinspections, and allocation of the inspectors
Detailed plan preparation for self-inspections of the
individual inspection units
Conducting self-inspections
Adequate response to self-inspection resultsdetermining the type of actions for the issues identified
within self-inspections, determining the timeframe
for the implementation of actions, and assessing the
associated risks.
Planning Of Self-Inspections
Risk management can be applied to self-inspection
planning with the intent to direct the inspection effort
to the areas within the quality system that represent
higher risk to the quality of the medicinal product and
the achievement of the quality objectives. The application of the quality risk management allows the estimation of the risk associated with areas within the quality
system and determining the scope (inspection units),
frequency and level (time, number of inspectors) of
self-inspections, and allocation of inspectors to particular self-inspections (considering their experience and
skills) based on the estimated levels of risk. This forms
the basis for a risk-based inspection planning and enables better utilization of available resources.
25
Barbara Jeroncic
Table I: Example of categories for a risk factor and their numeric values.
Risk factor
Results of previous
self-inspections
Value
< 20 minor deviations not affecting the number of released batches
> 20 minor deviations not affecting the number of released batches per month
Are those controls suitable for adequate risk mitigation, resulting in a tolerable risk levels?
In practice, are the controls operating in the intended manner and can they be demonstrated to be
effective when required?
For example, during the assessment of the inspection unit production process A, it was identified that
there were several occasions of the delays in the process A as the purified water was not available due to
out-of-specification test results. Table II provides an
example of how risk associated with this hazard could
be assessed.
The assessed risk increased from Category 3 to Category 4 in a given time period, thus it was decided that
purified water system would be inspected more frequently and new potential controls would be assessed.
The output of the risk assessment performed during
the preparation of detailed plans for self-inspections of the
inspection unit could include the following elements to
help ensure the effectiveness of self-inspections:
A process map of the inspection unit providing visibility of the inspection unit elements and their interaction, and the interaction with other areas of the quality
system
A list of identified hazards coupled with description of
methods and type of data used for hazard identification
An analysis of consequences of those hazards and their
likelihood, including a description of methods and
type of data used for this analysis
Estimated levels of risk associated with the inspection
unit elements
Criteria for risk evaluation based on the management
tolerance of risk
Objectives for self-inspections of the inspection unit
(or their recommendation) to direct inspection effort
to those elements that represent higher risk for the
Barbara Jeroncic
Table II: Example of the initial risk analysis of one of the identified hazards associated with an inspection unit.
Identified hazard: Purified water (PW) not available due to out-of-specification
results of conductivity, TOC, microbial content or endotoxin
Impact factors:
Number of days PW was out of use in a given time period
Impact on batch releasedelay, reject, or reprocessing
Impact categories:
1
Likelihood factors:
Number of out-of-specification results in a given time periodconductivity, TOC, microbial content, endotoxin
Existing controls: UV disinfection system, series of water filters (purified water system map)
Risk analysis:
Risk category
Impact X Likelihood
27
Barbara Jeroncic
Figure 1.
QC department 1
Producon Process 3
Producon Process 2
Producon Process 1
Warehouse
Deviaon
Invesgaon
Vercal self-inspecon approach: Example,
self-inspecon of acvies within a QC department.
Horizontal self-inspecon approach: Example,
self-inspecon of deviaon invesgaons in the
producon area.
or non-conformances
Evaluation of risks against established risk criteria
A self-inspection report including the findings and
conclusions that allow the management to judge the
adequacy and effectiveness of the inspected unit risk
management, recommended actions for identified
issues, and identified opportunities for improvement
of risk management and efficiency of the inspected
unit elements.
The common approach that can be used when evaluating analyzed risks against the established risk criteria is to
divide risks into the following tree bands (6):
An upper band, where the level of risk is regarded
as intolerable and risk treatment is essential
A middle band, where the management can decide,
based on the established treatment criteria (e.g.,
As low as reasonably practicable [ALARP] criteria
system), as to whether or not take any actions
A lower band, where the level of risk is regarded
as negligible, or so small that no risk treatment
measures are needed.
The results of risk assessment of the inspection unit
should be appropriately communicated to the responsible management, enabling appropriate actions. They
should also be communicated to those responsible
for planning of self-inspections to allow review of the
risk levels associated with the inspection unit. Risk
28 Special Edition: A Roadmap to GMP Compliance Part 2
Barbara Jeroncic
solution will solve the problem, or that improvement solution will improve the effectiveness of the
inspection unit and will not adversely affect the
quality of the medicinal product and achievement
of the quality objectives
Defining the project plan for the implementation of
the selected risk treatment or improvement solution,
including the following:
Project goal and responsibilities (e.g., specific, measurable, attainable, relevant, time-specific [SMART]
criteria can be used to define a project goal)
Verification. How will the effectiveness of the selected
risk treatment solution/improvement solution be
verified? How frequently and for how long before
the implementation?
Implementation. How will the risk treatment solution or improvement solution be implemented and
in what timeframe?
How will the effectiveness of the implemented
risk treatment solution or improvement solution
be monitored, how frequently and for how long?
Implementation of the selected risk treatment solution/improvement solution
Monitoring and assessment of the risk treatment
solution and improvement solution (i.e., including
through subsequent self-inspection) effectiveness.
It is important that the outcomes of the risk control/
treatment process are appropriately communicated to
the interested parties; including those responsible for
planning of self-inspections and those responsible for
planning and conducting self-inspections of the inspection unit; as any actions taken can influence the
risks associated with the inspection unit. The output
of risk control/treatment process should also be input
into the periodic senior management review.
SURVEY OF PHARMACEUTICAL MANUFACTURING
COMPANIES IN IRELAND ON THE QUALITY RISK MANAGEMENT APPLICATION IN SELF-INSPECTIONS
A survey was sent to the quality assurance managers
or audit managers of 40 pharmaceutical manufacturing companies based in Ireland with the intent to explore whether and how the pharmaceutical companies
apply quality risk management to their self-inspection
programs. The survey also assessed the companies
understanding of, and their interest in, reduced level
of direct regulatory oversight in the area of regulatory
inspections. The survey included drug product manufacturers and manufacturers of active pharmaceutical
ingredients. Eighteen companies responded to the
survey (45%), and the results are presented as follows.
The Role Of Self-Inspection Within The Quality
System
In 50% of the companies who responded to the sur-
29
Barbara Jeroncic
gram. Fifty-six percent of the companies who responded to the survey do not have documented guidance
for different types of self-inspections (e.g., horizontal,
vertical, systems-based, process-based, departmentalbased, etc.). Only half of the respondents review results
of self-inspection as a part of the periodic management
review.
The Potential For Reduced Level Of Direct Regulatory
Oversight In The Area Of Regulatory Inspections
ICH Q9 and Q10 promote the potential for reduced
regulatory oversight. There is an opportunity to increase the use of risk-based approaches for regulatory
inspections for companies that can demonstrate an effective quality system is being in place, including effective use of quality risk management principles. In
the inspection area, reduced regulatory oversight can
take a form of less frequent or less intensive regulatory
inspections, or inspections where some areas are not
inspected or are less thoroughly inspected based on
the risk considerations (2, 3).
Of the companies who responded to the survey,
56% are familiar with the potential opportunities for
a reduction in the level of direct regulatory oversight
that may be applied as envisaged by the ICH Q8, Q9,
and Q10 guidelines. Further 38% are partially familiar
and only 6% are not familiar at all. Importantly, 44% of
the companies are interested in seeking some level of
reduced regulatory oversight from the Irish Medicines
Board, and the same percentage of the companies are
not interested. The remaining 12% of the respondents
have not answered this question.
A significant majority, 81%, of the companies think
that the best way to demonstrate to the regulatory inspectors that an effective quality management system
is in place within the company is proactive discussion
of the companys quality management system elements
with the regulatory inspectors. Furthermore, 75% of
the companies consider a good regulatory inspection
outcome (e.g., no major or critical deficiencies) an important factor in demonstration of an effective management system; 50% assign equal significance to no
recalls and a low number of complaints over a certain
period, whilst 44% are satisfied with no for-cause regulatory inspections carried out at their company.
The majority of respondents, 63%, would like to see
a formal program of communications with regulators
with respect to the potential applications of regulatory
flexibility and reduced regulatory oversight. A considerable 31% are not interested in this, and 6% did not
answer this question. The majority of the respondents,
88%, are willing to consider open sharing of self-inspection reports with a regulatory inspector in some
way, in order to demonstrate that an effective quality
management system is in place within their company,
whilst 12% of the companies would not be willing to
30 Special Edition: A Roadmap to GMP Compliance Part 2
do so.
CONCLUSION
ICH Q10 and ISO 9000 standard series view selfinspection as a vital and integral part of the quality
system, providing an independent tool for monitoring and assessment of the effectiveness of the activities
and processes within the quality system, and for driving forward their continual improvement. In order to
be efficient and complete, this process should include
the evaluation of the risks hindering the achievement of
the quality objectives placed on activities and processes
potentially affecting the quality of the medicinal product. There is an opportunity to design self-inspection
as a quality risk management tool identifying and assessing risks associated with areas of the quality system
and providing objective evidence on the effectiveness of
their management. Self-inspection designed in this way
could potentially identify issues and non-conformances before they occur by allowing the management to
take the appropriate risk-reducing actions; and further
recognise the opportunities for improvement of risk
management and effectiveness of the quality system areas. Application of principles and concepts of quality
risk management also enables more efficient organization and planning of self-inspections by directing the
inspection effort to those areas of the quality system
that represent higher risk to the quality of the medicinal
product and the achievement of the quality objectives.
The application of quality risk management in different
areas of the pharmaceutical industry, including self-inspection, is strongly supported by ICH Q9. This article
presents innovative approaches to self-inspection as a
quality risk management tool, with the potential for introduction of a risk-based approach to self-inspection
planning in pharmaceutical manufacturing.
The results of the survey of the pharmaceutical manufacturing companies in Ireland demonstrate that the
companies have started to apply quality risk management to their self-inspection programs. Whilst half of
the companies still view self-inspection as an isolated
and independent component of the quality system used
to monitor compliance with current GMP regulations
and standard operating procedures, the remaining respondents have structured it as a part of the quality
risk management used to identify and manage current
and potential risks to quality and non-compliances, at
least to some extent. The majority of the companies estimated that their self-inspection program was based
on the assessed risk at least to some extent. The most
frequently used factors for determining the frequency
and scope of self-inspections envisaged by ICH Q9 are
the results of previous self-inspections and regulatory
inspections, and the number and significance of quality
defects associated with an activity or process. The survey identified three main areas of self-inspection pro-
Barbara Jeroncic
gram improvement within the pharmaceutical companies: structuring self-inspection as an integral and vital part of the companys
quality system and risk quality management strategy; designing
self-inspection in a way it could be used as one of the main activities for identifying the opportunities for continual improvement;
and including self-inspection results as an input into periodic management review.
With respect to the potential for reduced level of direct regulatory oversight in the area of regulatory inspection promoted by ICH
Q10, the results of the survey showed that the majority of companies are interested in this idea and would welcome a formal program of communications with regulators. The surveyed companies
consider proactive discussion of the companys quality management system elements with the regulatory inspectors to be the best
way to demonstrate that an effective quality management system
is in place within the company. The majority of the companies are
willing to consider some form of open sharing of self-inspection
reports with regulatory inspectors in order to demonstrate that an
effective quality management system is in place. The survey identified a need for further regulatory guidance and recommendation in
the area of the reduced regulatory oversight, as envisaged by ICH
Q8, Q9, and Q10.
REFERENCES
1. EudraLex, GMP Directive 2003/94/EU, Good Manufacturing Practice
(GMP) Guidelines, Vol. 4, Part I-Basic Requirements for Medicinal Products, Chapter 9-Self-inspection. Retrieved from: http://ec.europa.eu/enterprise/sectors/pharmaceuticals/files/eudralex/vol-4/pdfs-en/cap9_en.pdf.
2. ICH Q10 Pharmaceutical Quality System, 2008.
3. ODonnell K., Self-Inspection and its Potential Benefits via ICH Q9, Journal of GXP Compliance, Summer 2008, Vol.12 No. 4.
31