a risk-based approach to supplier selection v04

8/2/2019 A Risk-Based Approach to Supplier Selection v04

1/21

A Risk-basedApproach to SupplierSelection

Dr Siegfried SchmittPrincipal Consultant

PAREXEL


2/21

2

Agenda Suppliers - selection criteria

Selecting suppliers - how?

Managing Risks - ICH Q9

The Competence Maturity Model How (not) to do it


3/21

3

Selection Criteria


4/21

4

Supplier Ratings


5/21

5

Real Life Facts Not every supplier will also become a partner

Time pressures could lead to wrong and costlydecisions

Limited resources for assessing suppliers

www.contractpharma.com


6/21

6

RequirementsIt all starts with well defined Business

Requirements (your shopping list): Clear

Unambiguous

Verifiable Prioritised if possible (Must have, Nice to have)

At an appropriate level of detail (too vague and

anything will do, too detailed and you will spendyears looking and nothing will fit - the hardestpart)


7/21

7

Understand & Manage Risks


8/21

8

ICH Q9

www.ich.org


9/21

9

Risk Management

Audits?


10/21

10

Example: Outsourcing


11/21

11

Matching Capabilities

www.pda.org/bookstore


12/21

12

How not to select a CMOWhat the company needed

Supply of material for Clinical Trial Phases I and II forUSA and EU

Development of lyophilisation process (no in-houseexpertise)

All process and analytical validation data for thesubmissions

What the company did

Selected supplier based on friendly

recommendation Outsourced all activities, including project

management to the CMO


13/21

13

How not to select a CMOWhat the supplier delivered

One formulation, one batch of product

Batch Record Documentation

What the supplier didnt deliver

Rationale for selected formulation or any

development documentation Rationale for extreme lyophilisation cycle

Analytical validation protocols or data

Supplier had passed many FDA inspections andhad to shut down following an EMEA inspection

CMO became unresponsive


14/21

14

How not to select a CMOWhat the company should have done

Seek the help of experts in the field (e.g. consultancy) Understand and document all expectations and

requirements

Perform a Supplier Audit

Enter into a contract that details all the deliverablesby milestones and link payments to these

Have an alternative supplier evaluated

Retain certain project management activities in-house


15/21

15

When to trust and when to auditWhat the company needed

Supplier and host for a pharmacovigilance system Computerised system validation support


Selected supplier based on price and referencescited by supplier

What the company did not ask for

A service level agreement (SLA)

Computer System Validation (CSV)Documentation


16/21

16

When to trust and when to auditWhat the supplier delivered

Hosting of its proprietary pharmacovigilance system Help desk support

What happened next

An EMEA pharmacovigilance inspection of thecompany identified lack of CSV evidence:

The company had no documentation concerning the validationof the XYZ system (e.g. traceability matrices, validation

summary report or user acceptance tests). The companytherefore had no assurance the system had been adequatelyvalidated.


17/21

17

When to trust and when to auditWhat the company should have done

Understand and document all expectationsand requirements

Perform a Supplier Audit (especially with a

hosting company) Have an acceptable Service Level Agreement

in place and test it

Seek the help of experts in the field (e.g.consultancy)


18/21

18

Avoid Prejudice - Establish FactsWhat the company needed

CMO for an API (chemical synthesis) Material for Clinical Trials in USA, Europe and Asia


Selected a Chinese supplier based onrecommendations and price

Performed a supplier audit

Hired subject matter expert for the audit

Supplied translators during the audit


19/21

19

Avoid Prejudice - Establish FactsWhat the audit revealed

Supplier has a Quality Management System in placethat meets US and EU regulatory expectations

Personnel has excellent understanding of GMP andthe right mindset

Adequate facilities and operations

Impressive analytical setup

Almost flawless documentation

Validation documentation is part of the package


20/21

20

Worth the risk? Impact to business operations and

strategy Impact to product and patient

Impact to regulatory and qualitycompliance


21/21

21

Disclaimer

The views and opinions expressed in the following PowerPointslides are those of the individual presenter and should not beattributed to Drug Information Association, Inc. (DIA), its

directors, officers, employees, volunteers, members, chapters,councils, Special Interest Area Communities or affiliates, or anyorganization with which the presenter is employed or affiliated.

These PowerPoint slides are the intellectual property of theindividual presenter and are protected under the copyright laws ofthe United States of America and other countries. Used bypermission. All rights reserved. Drug Information Association, DIAand DIA logo are registered trademarks or trademarks of DrugInformation Association Inc. All other trademarks are the propertyof their respective owners.

a risk-based approach to supplier selection v04

Documents