Open access

Quality Risk Analysis: Value for Money in the Pharmaceutical Industry

Written By

Jordi Botet

Submitted: November 25th, 2011 Published: September 12th, 2012

DOI: 10.5772/50450

Chapter metrics overview

6,713 Chapter Downloads

View Full Metrics

1. Introduction

Pharmaceuticals play an important role in keeping people fit, but they can also put live at risk if they don’t have the required quality. Contamination and mix-up may have a great impact on them because of their tiny active doses and because of the often precarious state of health of the patients, not to mention the existence of routes of administration, which skip certain defense barriers of the body.

To cope with this problem “Good Manufacturing Practice” (GMP) was introduced in the 1960s with the intention of providing a kind of common quality baseline for all laboratories. GMP, however, consists of general rules, and as such, it can neither give an answer to every practical situation, nor replace the need to study and understand processes in depth, as some people wanted to believe.

This is why the American FDA initiative on GMP, launched in 2002, underlined the need of taking decisions based on knowledge and science “in [1]”.

The ICH (International conference on harmonization of technical requirements for the registration of pharmaceuticals for human use) has given world-wide diffusion to this initiative and put it into practice by publishing several closely related Q (quality) guidelines “in [2-5]”.

These guidelines have to be applied conjointly in order to ensure that the quality of a product is, first of all, developed and, then, monitored within a quality management system. This pharmaceutical quality system, as defined by ICH guideline Q10, has two “enablers”: knowledge management and quality risk management.

Knowledge management is defined as a systematic approach to acquiring, analyzing, storing, and disseminating information related to products, manufacturing processes and components.

Whereas, quality risk management is described as a systematic process for the assessment, control, communication and review of risks to the quality of the medicinal product across the product lifecycle.

They are called enablers because they constitute a tool or process which provides the means to achieve an objective.

The importance of quality risk management (QRM) is such that a whole ICH guideline, Q9, has been devoted to it.

Thus, QRM combined with GMP and science is a kind of “magical potion”, which we can use to become “wizards” ensuring quality. However, this is only true if we understand what QRM is and use it in the right way.

Unfortunately practice shows that the real role of QRM is not always understood and as it has already happened in the recent past (e.g., with validation) it can become something that is only done, because it is required by the Authorities, but that it does not yield what it might and is just written for the occasion, shown and filed. And this is not something unimportant because resources which are misused here become resources that lack there…

Let us then review some key points for making the most of quality risk management (QRM).


2. Knowledge is the base of everything

QRM is a powerful machine but to move has to be filled with a kind of fuel called “knowledge”. If we don’t know anything about our product or process, we cannot manage risk. Risk, by definition, is the combination of the probability and severity of a hazard. And if we don’t know the hazards, not to say their likelihood and importance, there is no way for QRM.

Figure 1.

Hazard – Risk - Harm

This explains why knowledge management is put beside QRM as an enabler. Experience shows that more often than not information on the products and on the processes is “lost”, either because it is not duly registered and disappears or because it is just kept away by a given person and never diffused within the company. The result is that in many cases there is or there was information but it is not available when needed by the persons of the company who have to take a decision.

And the fact is that if we cannot gather information on the product or process, either in house or outside it (other sites, publications, courses, etc.) it is very unlikely that we might follow a QRM approach. In other words, both enablers are linked and thus, the amount and characteristics of the knowledge at our disposal will be one of the main factors which will dictate how to perform our QRM.

Figure 2.

Quality risk management steps

QRM is the result of a certain number of operations or steps, which can be summarized in different ways differing only slightly one from the other. The first part of QRM is evidently devoted to the quality risk analysis (QRA), that is, to the estimation of the risk associated with the identified hazards, whereas the second one concerns, properly speaking, the administration of this risk. Any QRM process has to start by defining its goal (what is intended) and by gathering information. All other steps are shaped by this first one.

But, speaking in practical terms, what kind of knowledge we need? Let us try to respond to this question by considering three different cases.

2.1. Product

If we are dealing with a product, we might need to be familiar with:

  • Its characteristics and specifications

  • Its CQAs (critical quality attributes), that is physical, chemical, biological or microbiological properties or characteristics that should be within an appropriate limit, range, or distribution to ensure the desired product quality “in [4]”.

  • The factors that might affect its quality

  • The likelihood of these factors and the effects of the loss of quality

And this can only be achieved by people possessing or gathering this knowledge and analyzing it subsequently by means of brainstorming. A table like the following one can be helpful in performing this.

Problems (what can affect its quality?)Causes (what might provoke this problem?)Likeness (is that likely to happen?)Preventive measures (what could we do to control or mitigate this problem?)
Particle sizeInadequate particle sizeYesProvide the supplier with detailed specifications
Contamination (bioburden / pesticides)Product of natural originMaybeTight control of the sources of product
DegradationToo high temperatureProbableDetermine acceptable temperature range

Table 1.

Table for product brainstorming

Several approaches have been proposed to facilitate this brainstorming, such as,

  • Imagine different situations (e.g. change of supplier, lack of electricity, flood, error, mix-up, etc.) and then answering to “what would happen”?

  • Ask people working or having worked in this situation.

  • Inquire regulatory authorities.

  • Review technical literature and attend congresses.

2.2. Process

If we are dealing with a process we might need to be aware of:

  • Its flow-chart;

  • Its equipment;

  • Its CPPs (critical process parameters), that is process parameters whose variability has an impact on a critical quality attribute and therefore should be monitored or controlled to ensure the process produces the desired quality “in [4]”.

  • The factors which can affect them and the ways for doing this;

  • The likeness and the consequences of these deviations.

Exactly as said above, this has to be done by people possessing or gathering this knowledge.

In this case, the table might appear like this one.

The approach to be followed is the same that was mentioned before.

Process stageProblems (Deviations from the normal situation?)Causes (what might provoke this problem?)Likeness (is that likely to happen?)Preventive measures (what could we do to control or mitigate this problem?)
1Wrong weight of starting materialErrorMaybeScales will be provided with a printer
3Irregular dosage of vials because dose is very lowFiller has not enough capacityYesQualify filler and organize a monitoring system for filled vials
8Lack of leafletLeaflet fell outside the boxNoA weighing machine controls each box

Table 2.

Table for process brainstorming

2.3. Comparison

And finally, if we are comparing two different situations, then we should identify:

  • Their characteristics (their main attributes and sub-attributes);

  • The elements likely to influence them;

  • Our needs / requirements.

AttributesSub-attributesInfluence (which role they may play?)Preventive measures (what could we do to control or mitigate this problem?)
PremisesHVAC configurationRisk of cross-contaminationDedicated HVAC system without recycling
Pressure differentialsProtection of the environmentContainment of the product by negative differential pressure surrounded by positive differential pressure
PersonnelTrainingHigh risk of error / confusionEnsure adequate training
ProtectionManipulation of active productsIntroduce isolators where product is exposed

Table 3.

Table for comparing two different situations / elements

In this case brainstorming can be facilitated by:

  • Carefully analyzing the attributes and sub-attributes (e.g., the factors which intervene in the constitution of this situation / element).

  • Ask people about their experience on this.

  • Inquiring regulatory authorities.

  • Reviewing technical literature and attending congresses.


3. GMP and QRM

An interesting question that might arise as a consequence of the application of QRM is about precedence. What is more important a GMP statement or the result of a QRA? This is however a completely false question because if GMP can be considered the logic baseline in pharmaceutical production, then how can QRA be anything different?

Figure 3.

Problem management

In fact QRM is complementary to GMP because it provides the frame for taking a decision, whereas GMP proposes us some practical and well known solutions. It is important to understand that “good manufacturing practice” has been, and still is, accompanied by some amount of “bad practice”. And this is the result of seeing in GMP as a kind of oracle which will provide us with magical solutions.

No solution for a problem should be looked for, before having defined it perfectly. This assertion might seem surprising but experience shows that analysis is often left aside because all attention is eagerly focused on the quick search of a solution.

Once the problem is well understood and its causes and likely effects have been determined is when the search for a solution can be started. In any case this requires, as said before, possessing knowledge. It is evident that GMP has to be taken into account, but only when the problem has been analyzed and understood in depth. Then, an answer to the problem can be found and it is evident that it will be science and knowledge-based and GMP compliant.


4. Selection of tools

There are different tools which can be used in QRM, both unspecific and specific for this task “in [2, 6]”. In reality, and very unpleasantly for some people, tools just organize in a more or less sophisticated way the information that we have. They will neither provide us with the knowledge that we don’t have nor liberate us from the task of thinking about the question. Brainstorming will always be inevitable.

According to their function QRM tools can be classified in three main groups: risk analysis, risk comparison and statistical support.

Risk analysis tools are either inductive or deductive. The first, starting with the normal operation, try to detect possible problems. The second, starting with the problem, try to find the chain of events that led to it. It is also very common to talk about formal and informal tools. In fact the former have really been devised for this purpose, whereas the latter are just data given in a certain way and they can be only considered “tools” in a loose sense.

It might seem surprising to explain that there are QRM tools that do not consider risk, but hazard. Although this is discussed in more detail below, here we need only point out that “risk analysis or management” is a general concept which can consider just hazards or their associated risk too.

Tools for risk analysisInductive / single factorsBasic / InformalSimple organization of dataFlowchart / Process map / Checklist/ Ishikawa diagram (fishbone), etc.
FormalIdentification of hazards and their potential effectsRisk is not estimatedPHA (Preliminary Hazard Analysis)
Risk is estimatedPRA (Preliminary Risk Analysis)
Evaluation of failure modes and of their potential effectsRisk is not estimatedFMEA (Failure Mode Effects Analysis)
Risk is estimatedFMECA (Failure Mode, Effects and Criticality Analysis)
Evaluation and monitoring of hazardHACCP (Hazard Analysis and Critical Control Points)
Analysis of deviations by means of “key words”HAZOP (Hazard Operability Analysis)
Deductive / multiple factorsIdentification of real or potential problemsFTA (Fault Tree Analysis)
Tools for risk comparisonRisk Ranking and Filtering
Supporting statistical toolsControl charts / Design of experiments / Histograms / Pareto charts / Process capability analysis

Table 4.

Basic classification of tools used in QRM

Even if it is true that specific tools have been developed with an intended objective, and this somewhat restricts their scope of use, there is often overseen that they can have a wider utility. In fact tools are at our service and we should use them to organize information in order to get the most of it. Except in those cases when there is a need for coordination, e. g., different sites of the same group, or a requirement by the Authorities we should feel free in the way we use QRM tools.

In practice, it is possible to distinguish six basic cases in QRM:

  1. As it has been indicated before the presentation of data is a basic need in QRM, hence informal tools, such as flow charts are necessary.

  2. A first task in any QRM is hazard assessment and for doing this PHA is the right tool.

  3. If risk assessment is desired, then FMECA is what we need.

  4. HACCP is an appropriate tool for the monitoring of processes by means of their parameters.

  5. When the search for the root cause of an event is required then FTA will do.

  6. RRF allows for comparisons.

These six cases will cover practically all the needs regarding QRM. Understanding and using them can thus be considered a must.

QRM toolPractical utilization
Check lists, reports, graphs, etc.
Diagrams (flow, Pareto, Ishikawa), histograms, etc.
Basic data presentation
PHA (Primary hazard analysis)Basic hazard assessment
FMECA (Failure Mode, Effects & Criticality Analysis)Risk assessment
HACCP (Hazard Analysis and Critical Control Points)Process monitoring
FTA (Fault Tree Analysis)Root cause identification
RRF (Risk ranking and filtering)Comparison

Table 5.

QRM most common tools and their practical utilization

4.1. Basic data presentation

Any system may be used to gather and present data and further on we provide some examples. Ishikawa and Pareto diagrams not only show data but the first organizes them at a certain level and the second treats them statistically. This is why they are also mentioned for the root cause identification.

4.2. Basic hazard assessment

In every situation (product, process, etc.) there is a period of time, in the beginning, when knowledge is very limited and unsure. Suppositions count more than facts. Then, there is a very simple tool, perfectly adapted to this situation: PHA (Primary hazard analysis) “in [2, 6]”.

It is developed by using a table, which might vary slightly according to specific needs or requirements, but which considers basically these items: hazards, causes, effects and preventive measures. Note that often it is not necessary to consider the “effects”, as they are either evident or are already somewhat included in the “hazard”.

The hazards which put the quality of the products at risk during their manufacturing may belong to five categories:

  • Contamination (external): Any contamination of a material or of a product not related to other materials or products manufactured in the factory (e. g., pollen, sand, hair, scales, dandruff, fibers, microorganisms, etc.)

  • Cross-contamination: Contamination of a material or of a product with another material or product.

  • Environmental contamination: Contamination of the production rooms, the operators or the surroundings of the pharmaceutical unit because of the voluntary or accidental liberation of materials or products

  • Mix up / error: Operation inadequately performed (error) or where one thing is taken by another one (mix up)

  • Degradation: Loss of quality of the product because of inadequate conditions

The following table uses this approach:

HazardCausePreventive measuresComments
Contamination (outer)Inflow of dirty airSeparation of production areas and air controlAirlock doors are interlocked. Air is filtered.
Cross-contaminationInadequate CIP cleaningVessel is dirtyCleaning is validated.
Dust liberationDust extraction systemEffectiveness of extraction is verified
Mix up / ErrorTransfer of wrong materialInadequate productDouble verification.
Materials are controlled and registered while entering and while being used.
Environmental contaminationIsolator is not kept at depressionRoom and people contaminatedIsolator is provided with a pressure gauge.
Isolator has an alarm system for pressure.
DegradationInadequate temperatureAir conditioningTemperature is controlled
Inadequate humidityAir conditioning with control of humidityRelative humidity is kept ≤ 30%

Table 6.

PHA table

4.3. Risk assessment

In order to analyze quality risks in the operations, when there is a significant amount of operator participation, the choice tool is FMECA (failure mode, effects and criticality analysis) “in [2, 6, 7]”. It is performed by using a table possessing these main headings:

  • Failure mode: the way an element can have a potential failure (in relation to specifications) or do not develop its functions. They are detected as an answer to the question “what might go wrong? It has to be pointed out that a simple function may have several failure modes.

  • Cause: the grounds which provoke a failure.

  • Effect: the results which appear when the failure mode comes out.

Operation / Process stageFailure modeS (Severity)CauseP (Probability)Existing controlsD
(Difficulty of detection)
Risk priorisation
(PR = S x P x D)
Risk accepted?
3AgitationSpeed < 1.400 rpm2Failure1Monitoring by computer12Yes (a tachymeter is in place; speed can vary without sensible effect)
5DissolutionDegradation3Temperature "/> 80ºC1Monitoring by computer13Yes (T is controlled and materials are not affected)
9FillingInadequate dosage3Failure / wrong adjustment1Every tube is weighed after filling13Yes (equipment is qualified and scales are calibrated)

Table 7.

FMECA table

This table may include risk reduction and be used as an instrument of risk management.

Operation / Process stageFailure modeSCausePControl in placeDRPRisk accepted?ActionsReevaluationRisk accepted?

Table 8.

FMECA table for risk reduction

4.4. Process monitoring

It is evident that if a process is well understood it is possible to identify its CPPs and if we can keep them under control by a process monitoring system then the quality of the products will be ensured.

Figure 4.

HACCP rationale

HACCP (hazard analysis and critical control points) is a method that detects the hazards for the quality of the products (or for the safety) and then their “critical control points” (CCP) “in [2, 6, 8]”. The rational of HACCP is exposed in the annexed figure.

The flow chart is studied to identify potential hazards, which might affect the quality of the product. Then these hazards have to be assessed. Do they have to be controlled?

Seriousness of harm
Probability of harmAlwaysHigh risk
Frequently (probable)
SometimesMedium risk
Rare (improbable)
Non observableLow risk

Table 9.

Example of risk evaluation

This leads to the determination of the CCPs.

Operation / Process stagePotential hazardIs risk significant?Why?Preventive measuresIs it a CCP?
Test for endotoxin in waterPresence of endotoxin in waterYesEndotoxin is not allowedMonitoringYes
Measure of pHpH outside rangeYesPrecipitationVerify pHYes
Filter sterilizationViable microbes in the filterYesProduct not sterileProcess validation and monitoringYes

Table 10.

HACCP – I: CCP establishment

The rationale for the establishment of CCP can be summarized as follows.

Figure 5.

Rationale for the establishment of a CCP

Then, for each CCP are defined alert and acceptance limits. As a consequence, monitoring procedures are established and they are accompanied by the set up of corrective actions in case of deviation. Finally as in any monitoring system it is necessary to define how it will be managed and periodically reviewed to verify that it performs as expected.

Note: The contents of this table are just given as an example; they don’t intend to represent any real situation
CCPAcceptable rangeMonitoringCorrective actions
Test for endotoxin in water< 0,25 U.QC technicianLAL testBefore starting the productionStop production and call the supervisor
Measure of pHpH = 6-7Production supervisorpH-meterIn processCall the supervisor. Add more sodium hydroxide
Filter sterilizationSterileProduction technicianControl process parameters (P, T and t)After sterilizationStop production and call the supervisor

Table 11.

HACCP – II: CCP monitoring

4.5. Root cause identification

When a deviation is detected it is necessary to implement corrective and preventive actions (CAPA system), But this is only possible if the root cause has been identified. To do this we can use several tools, both unspecific (such as Ishikawa or Pareto diagrams) and specific (FTA).

Figure 6.

Diagrams of Ishikawa and Pareto

Two simple tools can be used for a primary analysis of causes.

The first one is the diagram of Ishikawa, also known as cause-effect or fishbone diagram, which shows in a graphical way cause relations and their interaction to provoke an effect.

The second one is the diagram of Pareto, which orders the data in relation to their importance and this allows for the distinction among frequent and infrequent causes of failures. It is prepared by listing all the elements and determining their frequencies. Then, the elements are classified in relation to their cumulative frequency.

FTA (fault tree analysis) is a deductive tool which uses a pictogram to represent in an organized way the factors (causes) which produce or contribute to the production of an undesirable event “in [2, 6, 9]”.

The tree is started by placing the top event. Then the events which contributed to it are analyzed. Events are united by gates, which show the relation amongst them.

Gates can be very varied, but the most common ones are the “and” and “or” gates. Although there are specific gate symbols defined by an international standard, in practice for most cases it would suffice to represent them by a circle and write inside to which type they belong.

Figure 7.

FTA diagram

Figure 8.

FTA: Examples of “and” and “or” gates

Figure 9.

RRF: Example of hazard or problem decomposition (factors intervening in cleaning)

4.6. Comparison

RRF (Risk ranking and filtering) is a tool specifically devised for the comparison of different sets (units, processes, companies, etc.) possessing varied levels of risks “in [2, 6, 10]”. Once they are reduced to a common denominator they can be compared and this allows for the establishment of priorities.

As in any method, it is necessary to individualize first the hazards or problems and then the different attributes, components or elements, which contribute to them.

Then each attribute, component or element is evaluated in terms of risk.

Figure 10.

RRF: Risk estimation

It is possible to get a comprehensive evaluation taking into account all the intervening elements. This allows for the ranking of the problems or hazards, which can be filtered.

Figure 11.

Hazard – Risk - Harm

It is also possible to rank and filter risks by using tables combining the three well-known factors (probability, severity and difficulty of detection).

Figure 12.

RRF: Combination of the risk factors


5. Is it really necessary to determine risk in QRM?

This is not the kind of stupid question that, at first sight, might seem. And in fact this is not a question, but two. The first one might be related to the fact that in everyday’s life we somehow tend to mix-up hazard and risk. As the latter is the consequence of the former, we tend to consider both practically as synonymous. The second one comes out because of the fact that identification of hazards is a prerequisite for the determination of their risk, and risk allows for an assessment of hazard. Thus, why to limit ourselves to something of “low level” like hazard when we can get something “better” like risk? Unfortunately this is not correct. By definition, to determine risk we have to start by knowing the probability of occurrence of the hazard. And this is often very difficult and in the end it turns to be just an inference. Then, we should know the seriousness of the harm and, although this is usually clearer, it is neither an easy task and often requires some degree of imagination. Consequently, in many cases, risk is not more than an estimation, that has to be improved along the time as more experience is collected. The case might be that hazard, usually a concrete thing, is substituted by risk, an estimated value and this can hardly be something better.

In practice, our first aim should be to determine hazard and then, only if there is an objective possibility of estimating risk, do it. Speaking in general terms the evolution should be hazard detection > qualitative risk estimation > quantitative risk estimation. In projects or new processes we would move towards the left (hazard), whereas as we gain process knowledge we might move towards the right (risk).

Summarizing, although we talk about QRM it is perfectly acceptable just to determine hazard and manage it in terms of making the appearance of harm an unluckily event by applying corrective measures. It is better to limit a QRA to the hazards that trying to estimate risk without having enough information for doing it.


6. How to determine risk?

Risk is determined by the combination of the two already mentioned factors, probability and severity, to which a third one, detection, can be added when a system of detection is in place. This gives us the classical formula:

Risk = Probability of occurrence of the harm x Severity of the harm x Detection of the harm.

Instead of probability it is often used the term frequency, pointing out that most of times what we really know is how often it happened in a well established process. It is evident that even if we don’t know how to estimate probability, if we really do know that harm never happened in our process we can affirm that probability is very low.

Severity is easier to understand because we are only asked to assess the importance of harm.

The capacity of detection of harm is linked to the existence of a system for its detection. Thus, its assessment tends to be more objective, as it is related to the equipment. This factor, however, has a marked particularity: risk increases when the capacity of detection decreases; it is an inverse factor. This is not a problem if we bear in mind this fact, but it can be easily overcome by changing the way we express it, for instance, instead of talking about “detection of the harm” we could say “difficulty of detection of the harm”, thus turning it a direct factor like the other two.


7. How to better evaluate risk?

All three risk factors can be evaluated either qualitatively or quantitatively. Again, a quantitative estimation of risk (e.g. of 45 over 50, say) might appear much more satisfactory than a qualitative one (e.g. middle), but this might be too, and often is, misleading, because it provides a false sensation of precision.

As it was discussed above, the main objection one can do regarding risk is that its determination is too subjective and this makes it unreliable. Although there is some amount of truth in this, we may, however, counterattack by explaining that the objective of assessing risk is not getting a faithful estimate of it, but obtaining a risk baseline to be used as an indicator for future improvement. This is why what really matters is providing a good deal of information on the rationale which led to the estimation of the factors of risk.

Independently from that, it is necessary to determine how many risk levels will be estimated for each hazard. The simplest case and maybe the commonest too is the utilization of three levels, a very intuitive approach, as we are talking about “a lot” (high), “medium” (middle) and “little” (low). More levels allow for a better classification, but they turn more complicate the assessment.

Another point that needs to be discussed, when using quantitative evaluation, is the relation between these levels. Beside the normal series of values (1, 2, 3, etc.), we might use other with wider gaps between the levels, either regular (e. g., 1, 3, 5, 7) or even irregular (e. g., 1, 3, 7, 12). These last cases would give more weight to the higher levels, thus increasing the sensation of higher risk. It is not necessary to insist on the fact that any type of characterization of the levels is acceptable, provided that it is clearly defined and indicated and that it is not used to take false conclusions regarding higher evaluations of risk.

7.1. Qualitative evaluation

For instance in three levels:

HighThe failure /accident occurs frequentlyThe consequences of the failure /accident are importantThe failure /accident will very likely not be detected
MediumThe failure /accident occurs periodicallyThe consequences of the failure /accident are moderateThe failure /accident might be detected
LowThe failure /accident occurs rarelyThe consequences of the failure /accident are lowThe failure /accident will very likely be detected

Table 12.

Example of qualitative evaluation in three levels

More than three levels:

Very highAlwaysCatastrophicIt cannot be detected
HighOften (probable)CriticalIt can only be detected when the process is already finished
MediumSometimesSeriousIt can be detected during one of the stages of the process
LowRare (improbable)MinorIt can be detected during the stage in process
Very lowNon observableInsignificantIt can be detected instantaneously

Table 13.

Example of qualitative evaluation in five levels

An important inconvenient of the qualitative evaluation of the factors appears when determining risk. Everybody would agree that low x medium x high = medium, but the score of low x low x high is not so evident (medium?). And this becomes even more unclear if we consider more than three levels.

This is however less important that it might seem at first sight. As we have seen above, risk estimation, and particularly the qualitative one, is likely to be more a rough approximation than a very exact value. Thus, adding some more roughness should not be considered critical. In any case, this inconvenient can be overcome by using a complementary table which would provide a homogeneous estimation.

Risk = Low x Low x Low = LowRisk = Medium x Medium x Medium = Medium
Risk = Low x Low x Medium = Low-MediumRisk = Medium x Medium x High = Medium-High
Risk = Low x Medium x Medium = Medium-LowRisk = Medium x High x High = High-Medium
Risk = Low x Medium x High = MediumRisk = High x High x High = High
Risk = Low x High x High = Medium-High----

Table 14.

Example of table for the qualitative estimation of risk

It is evident that if the risk factors are estimated by using more than three levels, then the table becomes more complicated.

7.2. Quantitative evaluation

If it is done in three levels, then the approach might be exactly the same that shown above for the qualitative estimation, but instead of low, medium and high there will be used numbers (1, 2, 3) and this will facilitate calculation (e. g., 3 x 1 x 2 = 6).

The next table provides an example of quantitative evaluation in five levels, both following the natural series of numbers and an irregular (or “enhanced”) one. Both are, of course, acceptable, but it is necessary to bear in mind that the final risk quantification will depend on the system which has been chosen and thus comparisons have to take this into account.

11Expected "/>80% of times.Batch is OOS and it is rejected.No detection.
23Expected between "/>50% and ≤80% of timesThere are deviations and batch is investigated and rejected.Detection but only when the process is finished
35Expected between "/>10% and ≤50% of times.There are deviations and batch is investigated but accepted.Detection during a stage of the process, before finishing it.
4)7Expected between "/>1% and ≤10% of times.A trend is detected, but limits are not exceeded and the batch is not investigated.Detection during the stage in process.
59Expected ≤1% of times.There is no trend and limits are not exceeded. Batch is not investigated.Instantaneous detection.

Table 15.

Example of quantitative evaluation of the factors of risk in five levels


8. How to introduce QRM in a company?

One might tend to think that what matters is to teach people how to use QRA tools and how to evaluate risk. Although this is something that has to be done, it is necessary to bear in mind that this is only second to the understanding of the purpose and practical utility of QRM.

QRM is not just a kind of new task in a company. It is, in fact, a new way of looking at things, a new approach in analyzing the problems and in proposing solutions to them. This is why the most important and basic task is to make up the mind of people.

Figure 13.

Introduction of QRM in a company

To simplify matters it is generally agreed that a good practice is to prepare a detailed protocol describing how the company intends to develop and to apply QRM.


9. Is there a way to facilitate QRA?

Everybody can have a personal approach towards QRA, but experience shows that there are no simple ways. As said above a good knowledge of the subject is essential, then some dose of experience is helpful and a big amount of patience is necessary.

It has already been described the paramount importance of getting information on the subject and how this can be done. It has also been explained how to choose and use the more common (and practical) tools. Thus, getting an adequate QRA is just a question of work. Get a first draft, review it and improve it little by little until getting something satisfactory. There are no rules, but the approach of working by progressive “retouches” is certainly very appropriate.

It is worth to mention that while working on QRA one of the most puzzling aspects is the frequent confusion that one tends to experience regarding “hazard”, “cause” and “effect”. This can be overcome in two complementary ways. Firstly by understanding well the meaning of these terms and applying them carefully to the elements being analyzed and secondly by reviewing the draft after a few hours of rest. Normally what is not seen clear now, it will be later.


10. Why QRA is worthy?

QRA provides us with a systematic and deep knowledge of the problems faced by the process under study. In this sense QRA can help us to overcome one of the main troubles derived of the application of GMP, their being seen as a kind of “tables of the law”. The consideration of GMP as the golden principles supposed to provide the answer for every problem, has often led to a passive attitude. We had a problem and then we looked up in GMP. Now, QRA means that we analyze and understand well our problem. It is not necessary to say that this is extremely important and worthy.

QRA is also a key element in the introduction of improvement in the pharmaceutical industry. Without the concept of QRA, improvement would not be understood. In the past improvement didn’t exist, because we didn’t accept risk. Now when we recognize risk and accept that it is inevitable we can also say that improvement exists and that it consists of the reduction of this risk.

11. Some common problems solved by using QRA

QRA is a powerful instrument, which may help to solve typical problems faced by the technicians working in a pharmaceutical laboratory and in this sense the ICH Q9 guideline provides many examples regarding the potential applications of QRA “in [4]”. It is however worthwhile to study in detail three very common problems: documentation, inspections/audits and handling of active products.

11.1. Documentation

“Which documents do I need?” or “tell me which documents I have to prepare and I will do it” are much heard questions. And this is so because GMP does not provide an answer. An impossible answer, anyway, because documentation is closely related to every particular situation and this is why GMP just mentions the documents directly associated with the products (specifications, formulae, processing instructions, etc.) and some general documents (sampling, testing, release, etc.). Documents have to be established on a case by case base, even if in the end all laboratories finish by having about the same documents and the basic difference relies on their extension and on how information is organized and grouped.

Documentation is used to attain two basic goals, information on how to perform operations, in general, and confidence in the control of critical operations, in particular. The first determines basically the number of documents to be written, whereas the second focuses on their contents.

Write a list of the processes of your company and then prepare flow charts for each of them. By doing this a number of operations will appear. Procedures have to describe these operations. There is no rule of thumb about how many are needed. Neither very long nor very short procedures are practical. Consequently a certain level of grouping is necessary and each company has to decide how to do it. Factors which might help in this decision are basically related to logistics, organization and personnel.

Once you have these flow charts perform on them QRA using a very basic tool such as PHA. This will allow detecting hazards and will oblige thinking of the related control measures. And then, these control measures will have to appear in the documents describing the operations.

Figure 14.

The documentation virtuous circle

11.2. Inspections / Audits

Inspections and audits worry always personnel. They remind them of the student days and consequently they ask themselves again “how can I pass them successfully”? In the school the obvious answer would have been “learn well the lessons of the program”, but in the pharmaceutical industry the program is less obvious and “lessons” are not so clearly stated. They have to take into account GMP, of course, but also other things (GLP, regulations, guidelines, unwritten expectations, company standards, etc.). Here again QRA can help us. As summarized in the figure below our approach should focus in showing that we know our hazards and we keep them mastered.

Figure 15.

How to face an inspection/audit

11.3. Handling of active products

GMP establishes the need for dedicated facilities in some cases (production of penicillin or live microorganisms) or requires separation for certain products (antibiotics, hormones, cytotoxics, etc.). Most products are however manufactured in multiproduct facilities, where products share utilities and equipment, after performing the required validations. As products and processes can be very varied it is evident that the orientation provided by GMP can’t be very detailed. This is why a QRA approach is very useful.

Among both extremes, a dedicated building (with separated equipment and utilities) and a multiproduct facility, there are less radical solutions, such as, for instance, separated areas (rooms or set of rooms with their own air-locks and changing rooms), provided with separate equipment and utilities, within a multiproduct unit. Also, when this is feasible, a simpler way of preventing cross-contamination might be the use of specific parts of equipment (e.g., filters, sieves), instead of dedicated equipment.

Another approach would be segregating the process from its environment by using isolation technology (i.e. production equipment within isolators or closed equipment instead of separating the rooms).

Campaign manufacturing, which certainly requires appropriate validation, is also a way to prevent cross-contamination.

The application of quality risk assessment to the products and to the processes to be performed within a pharmaceutical unit, allows for their rational design.

Figure 16.

Handling of active products: QRA approach

The appraisal of the hazard can be performed by using primary hazard analysis (PHA) as it was previously described. In this case from the five categories of hazards mentioned only two have to be taken into account: environmental contamination and cross-contamination.

HazardCausePreventive measureComments
Environmental contaminationRelease of dust, particles, droplets, aerosols, effluents and wasteManufacturing areas are isolatedClean-rooms are isolated from the environment
Products are isolatedProduct containment inside closed systems
Air handlingHEPA-filtered air
Pressure differentialsNegative pressure impedes the diffusion of particles
Effluent treatmentCleaning effluents are treated before being released to the sewer
Waste controlWastes are disposed of in an adequate manner
Control of dustRelease of dust is kept under control (closed systems / dust extraction)
Personal protective equipment (PPE)

Table 16.

Handling of active products – QRA – Environmental contamination

Although in both cases the causes are similar, the array of control measures is very varied and concerns different systems.

HazardCausePreventive measureComments
Cross-contaminationRelease of dust, droplets, particles, aerosols, during operationsManufacturing areas are separatedDifferent pharmaceutical forms are completely separated
Products are physically separatedOnly one product at a time
Environments are separatedHVAC system provides environment cleanliness (classification) and separation (pressure differentials)
Access of personnel across specific changing roomsThere is an specific change room for each area
Transfers across air-locksAll materials and products are transferred across air-locks
Air treatmentHEPA-filtered air
Differential pressure / AirflowsHVAC system provides environment cleanliness (classification) and separation (pressure differentials)
Use of closed systemsProduction is performed in closed systems.
Temporal separation of productsCampaign working allows for a simplification in cleaning.
Residues on equipment“Sanitary” design and constructionClean-rooms follow GMP-design
Cleaning / sanitationValidated cleaning procedures
Dust / particles on clothingUse of specific clothingClothing is related to the type of operation, which is carried out

Table 17.

Handling of active products – QRA – Cross-contamination


  1. 1. FDA2004Pharmaceutical CGMPS for the 21st century- A risk-based approach. Final report.
  2. 2. ICH2005Quality risk management. ICH Harmonised Tripartite GuidelineGuideline Q9.
  3. 3. ICH (2008) Pharmaceutical quality system. ICH Harmonised Tripartite GuidelineQ10.
  4. 4. ICH (2009) Pharmaceutical development. ICH Harmonised Tripartite GuidelineQ8 (R2).
  5. 5. ICH2011Development and Manufacture of Drug Substances (Chemic al Entities and Biotechnological/Biological Entities). Draft Consensus Guideline Q11.
  6. 6. VesperJ. L.2006Quality Risk Analysis: Value for Money in the Pharmaceutical IndustryPDA/DHI.
  7. 7. CEI/IEC1985Techniques d’analyse de la fiabilité des systèmes. Procédure d’analyse des modes de défaillance et de leurs effets (AMDE) / Analysis techniques for system reliability. Procedure for failure mode and effects analysis (FMEA). Norme internationale / International standard 608121985.
  8. 8. WHO2003Hazard and risk analysis in pharmaceutical products. Technical Report Series, 908Annex 7.
  9. 9. CEI/IEC1990Analyse par arbre de panne (AAP) / Fault tree analysis (FTA). Norme internationale / International standard 1025
  10. 10. FDA2004Risk-Based Method for Prioritizing CGMP Inspections of Pharmaceutical Manufacturing Sites- A Pilot Risk Ranking Model.

Written By

Jordi Botet

Submitted: November 25th, 2011 Published: September 12th, 2012