risk analysis pat new
DESCRIPTION
TRANSCRIPT
How to Use Risk Management for PAT Implementation
Agenda
Risk Analysis Background
Various Protocols
FTA, FMEA/FMECA, HACCP, GAMP 4, ISO 14791, ISO 17799
Risk Analysis and PAT
Understanding & controlling variability
Summary
Why Do Risk Analysis?
For Regulatory Compliance….
Measure and rank of compliance effort
Regulatory submissions checklists (PMA and 510k) used by the FDA now call for inclusion of risk analysis
FDA Requires risk analysis for software within medical devices
Determine Extent of Validation
ID Process Weaknesses Early to Reduce Cost
Reduce Product Liability
Identification of device design problems prior to distribution eliminates costs associated with recalls
It is the Right Thing to Do!
Methodologies
Risk Management Protocols
FTA
– Fault Tree Analysis
Use first FMEA
– Failure Mode Effects Analysis
What could go wrongFMECA-
Failure Mode Effects & Criticality Analysis
Adds probability of occurrence and severity of failure to the FMEA process
HACCP – Hazard Analysis and Critical Control Points
How to keep the ‘wrong’ from happeningISO 14971GAMP (appendix M3)BS/ISO 17799
Risk Management is a ProcessID Processes
ID Use and Potential Misuse
ID Potential Hazards
Quantify Consequences and Probabilities
Determine Risk Index
Risk Acceptable?
Develop Controls for Risk
ReductionDoc Eval
and Resulting Risk
StopNO YES
Impact on Cost and
ComplianceTeam & Defs
Fault Tree Analysis Steps
Top Down Approach to Risk Analysis
Look at Hazards and Work Back to Failures that Cause Hazards
List the Possible Hazards
What Failures, or Combination of Failures, Will Lead to the Named Hazards?
Diagram the Fault Tree
Tool to Intercept or Design Out Unacceptable Consequences
Process Fault Tree Analysis
FMECA or FMEA Approaches
Bottom Up Approach to Risk Analysis
Look at Hazards of System Components
Process Pre-Production Possible Component Defects
Determine Undesired Events
Corrective Actions
FMEA
There are Two Main Types of FMEA:
Design FMEA which focuses on what could go wrong with a product in both manufacturing operation and in service as a result of a weakness in the design
Process FMEA which concentrates on the reasons for potential failure during manufacturing and in service
This is a result of non-compliance to specification and/or design intent
FMEA Protocol
Define the Product Function(s)
ID All Potential Failures
Determine Failure Causes
Determine Failure Effects
Assign a Risk Index to Each Failure Type
Develop Appropriate CAPA
Ensure that the CAPA Has the Desired Effect
Format for FMEA Table
Function or Component
Failure Mode
Effect on System
Possible Hazard
Risk Index
User Detection Means
Acceptable Controls
Filter; T1 Valve; Pump
Plugge d Filter;Short circuit
Dilute water;Concentrat e solute
Dirty water;Contami nated product;Bad conc.
5 Alarm;Warnin g Light;Flow Meter
Surge Tank
Hazard Analysis & Critical Control Points
A Comprehensive, Methodical, Systematic Review
from Design to Development, Manufacture and Use
for Identifying, Evaluating and Controlling Hazards.
HACCP
Based on the Following Seven Principles:
Principle 1: Conduct a hazard analysis
Principle 2: Determine the critical control points (CCPs)
Principle 3: Establish critical limits
Principle 4: Establish monitoring procedures
Principle 5: Establish corrective actions
Principle 6: Establish verification procedures
Principle 7: Establish record-keeping and documentation procedures
Critical Control Points
A Point, Step or Procedure at Which a Control Can be Applied to Eliminate or Reduce a Hazard to an Acceptable Level
Set a Max/Min Value of Risk to Which a Safety Parameter Must Be Controlled at a CCP
Established by:
Regulatory standards
Scientific publications
Industry standards
Experts
Experimental studies
ISO 14971
Defines Risk Management as a 13-Step Process:
State intended use and ID characteristics of safety of product
ID known foreseeable hazards
Estimate the risks for each hazard
Evaluate risk
Analyze options
Implement risk control measures
Evaluate residual risk
Analyze risk/benefit
ID other generated hazards
Complete risk evaluation
Evaluate overall residual risk
Complete risk management report
Provide post-production data
GAMP 4 Functional Risk Assessment Methodology
Mechanism for Assessing and Ranking the Risks Arising from Computerized Systems
Links Degree of Validation to Overall System Vulnerability to Develop Risk- appropriate Validation Strategies
First, ID the Functional Criticality of an Automated System
Second, Analyze the System’s Vulnerability to Deficient Operation
Third, Determine a Validation Strategy
Validation must address any e-record/signature requirements
GAMP Risk ClassificationsLikelihood
Low Med High
High
Med
Seve
rity
of Im
pact
Low
Infr
astr
uctu
re
CO
TS
Cus
tom
Softw
are
Key:GAMP Risk Level 1 SystemGAMP Risk Level 2 SystemGAMP Risk Level 3 System
Risk and PAT
What is PAT?
A System
to…..
Design, analyze, and control a process…..
….based on timely measurements of
….critical quality parameters
and…
….performance attributes….
….of raw and in-process materials
Processes to Assure End Product Quality
“Analytical“ Includes:
Chemical, physical, microbiological, mathematical and risk analysis….
…..conducted in an integrated
manner
PAT Approach: Quality by Design
Focus on Process Understanding
What Parameters are Critical to Product Quality?
How Do We Assess these Parameters?
Risk Assessment / Risk Management
How Do We Control these Parameters Throughout the Process?
Increased amount of in-process testing
Verification and residual risk control
Integrate Multi-variate Data
‘Reactive’ to ‘Proactive’
PAT = Process Understanding
Process Understanding…..
Inversely proportional to risk
of poor product quality
Facilitates risk-managed
regulatory decisions and innovation
A Process is Well Understood When:
Identify all critical sources of variability
Manage variability by the process
Predict product quality attributes accurately and reliably
Process Understanding Controlling Variability → Less Restrictive Regulatory
Approaches to Manage Change
PAT Guidance (September 29, 2004)
Scientific Principles and Tools Supporting Innovation
PAT Tools:
Multivariate data acquisition & analysis tools
Process analyzers
Process control systems
Process Understanding
Risk-Based Approach
Integrated Approach
FDA Strategy for Innovation
PAT Team approach to Review and Inspection
Joint training/certification of staff
PAT: Risk-Managed Approach to Regulatory Scrutiny
Use a Risk Management Protocol to Determine the PAT Implementation Points
Use a Risk Management Protocol to Select a PAT Technology
Use Risk Management to ID and Control Parameters that Impact Product Quality
Well Understood Process Less Restrictive Regulatory Approaches to Manage Change
Process Understanding Facilitates Risk-managed Regulatory Decisions and Innovation
Tying It All Together
Real Time Release
Integrated Systems Approach
Risk-Based Approach
Process Understanding
PAT Elements
Process Optimization
Process Analysis
Process Understanding
Risk Management
PAT Strategy
Real-Time Release
Integrated Systems Approach
Risk-Based Approach
Process Understanding
• Multivariate Data Acqu & Anal Tools
• Continuous Improvement & KM
•
• Modern Process Analyzers
•
• Process & Endpoint Monitoring & Control Tools
•
•
PAT Tools Process Optimization
Process Analysis
Process Understanding
Risk Management
PAT Strategy
• Identify Critical Attributes
• Define Mitigation Strategy
•
Strategies
Implement Test
•
• Optimize Process
•
Implement Optimization Points
•
Apply Technology
•
•
ID Automation Attributes •
Identify Monitoring & Control Elements
•
Obtain Knowledge of Product & Process Requirements
•
Understand QS Interfaces•
Analyze Risk Process& QS Perspective
•
•
• Provide Risk Based Decisions
•
•
•
-
Provide Framework to Execute RiskBased Strategies
•
• Rationale on Where to Apply Technology
• Framework to Facilitate Process Understanding & Decision Making
•
-
PAT, cGMP, and the Critical Path
Process Analytical
Technology
Encourage Innovation
New TechnologiescGMP’s for the 21st Century
Critical Path Initiative
Risk-Management
Broad Cooperation:Industry, Academia, FDA
Summary
Develop an SOP
for Risk Assessment
Risk Management as Part of Quality System
PAT Implementation Requires Deep Process Understanding
‘RM’ and PAT Assures Quality
Use ‘RM’ and ‘PU’ to Develop Meaningful Specifications
Use RM and PAT to Replace Existing Methods with Predictive / Proactive
Ones
References
GAMP 4 (2001) Appendix M3- Guideline for Risk Assessment
ISO 14971 – Application of Risk Management to Medical Devices
ISO 17799 (BS 7799) – Guide to Risk Assessment and Risk Management
ISPE White Paper – www.ispe.org
February 2003, FDA Draft Guidance for Industry: Part 11, ERES – Scope and Application”
GAMP Forum (2003), “Risk Assessment for Use of Automated Systems Supporting Manufacturing”, Part 1&2, Pharmaceutical Engineering
Computer Systems Validation: Quality Assurance, Risk Management & Regulatory Compliance, CRC Press (2003)
FDA Concept Paper – Draft Pre-marketing Risk Assessment (3/3/03)
NIST Computer Security Document
Thank You For Your Attention!
Questions……………………?