Risk Based EBRS Implementation using GAMP 5

Transcription

1 Risk Based EBRS Implementation using GAMP 5 Gilberto Rossi 1 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

2 Risk management - why do we need it? Taking risk managing risk and mismanaging risk 2 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

3 Risk-based EBRS Implementation using GAMP 5 Based on ICH Q9 and GAMP 5 Key Concepts Business model and URS based on production process with interfaces to SAP, LIMS & Trackwise Electronic Batch Record for manufacturing and packaging Scientific risk assessment using HACCP method Risk mitigation for GMP and the business Review by exception and electronic signatures 3 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

4 5 Key Concept 1. Product & Process Knowledge 2. Integrated Life Cycle Approach in a QMS Environment 3. Flexible & Scalable Life Cycle Activities 4. Quality Risk Management 5. Massimize Supplier Involvment & partecipation 4 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

5 ICH Q9 EU GMP Annex 20 Risk management tools are chosen according to the needs of the project: FMEA -FTA -HACCP - HAZOP We chose the HACCP tool to build on product and process understanding and support identification of critical control points 5 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

6 6 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

7 EBRS Project Life Cycle Overview (GAMP 5 ) Good Practice Business Process GMP Requirements Requirements (URS) Specification, Design & Configuration Verification (IQ & OQ) Acceptance & Release Operation & Continuous Improvement Company QMS Risk Management Design Reviews Change Management 7 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

8 System Life Cycle Phases 8 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

9 EBRS Project General Overview CTP SYSTEM New electronic system, integrated with SAP and LIMS Replacement of current paper based system Intended to improve Process Performances & Compliance Batch Review Process, with Review By Exception Management & Storage of Data from production Includes both Manufacturing and Packaging Single site Approx batches per year, Approx 10 bulk formulations, Approx 1000 packaging presentations 9 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

10 EBR used for Manufacturing and Packaging: Key Point Electronic Master Batch Records (EMBR / MBR) Electronic Batch Records (EBR / ER) ( Dispensing, Production and packaging Material Tracking (ER) Shop floor control and equipment management Deviations, Exceptions and Event Management (ER) Electronic Signatures (ES) Review By Exception (RBE) Key Performance Indicators 10 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

11 Example of Business Flow (& indication of Potential CCP) 11 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

12 Interface SAP / EBRS 12 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

13 Scientific Risk Assessment - HACCP CTP SYSTEM 1. Conduct Hazard analysis for each step of the process 2. Determine critical control points (CCP) 3. Establish target levels and critical limits 4. Establish a monitoring system for each CCP 5. Establish corrective actions when monitoring shows that CCP is out of control 6. Establish verification procedures or methods 7. Establish a record-keeping system 13 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

14 1. Hazard Analysis List hazards at each step of business flow Description of hazard (what could go wrong?) Cause of hazard (What caused the problem?) Reference hazards to Business flow diagrams with Subject Matter Experts from Production, QA, IT URS and intended use of EBRS GMP regulations from EU, FDA, Part ETIF Argentina Risk-based EBRS Implementation using GAMP 5

15 1. Intrinsic risk of hazards CTP SYSTEM Severity Minor Moderate Major High M H H Probability Medium L M H Low L L M Negligible L L L Low: ACCEPTABLE within the context of the project - managed according with procedures Medium: UNACCEPTABLE CORRECTIVE ACTION REQUIRED - reduce risk according to identified control points High: COMPLETELY UNACCEPTABLE RISK MUST BE ELIMINATED using at least two independent control mechanisms 15 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

16 1. Examples of hazard analysis GMP Hazards Hazard Severity Probability Risk Measure Contamination of product from damaged containers Calculated IPC results are outside the defined range in the processing or packaging instructions but no alarm is generated or recorded Business Hazards Major Low M Major Medium H System must be designed to require that damage to containers of materials is followed up by production supervisor and the results of the investigation recorded System must be designed to compare the calculated value of the IPC with the predefined limits, and produce an alarm if there is a discrepancy. System must force an authorising signature from a responsible person in Production if the IPC is outside the acceptable range Hazard Major network failure leads to unavailability of system and production stops Product recipes, MBR and other industrial secrets are compromised Severit y Probability Risk Measure Major Medium H Continious network management. Major Low M System must be closed. 16 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

17 2. Determine critical control points (CCP) Controls to prevent or eliminate a pharmaceutical quality hazard or reduce it to an acceptable level Only for High and Medium risk hazards No CCP for Low risk hazards Controls classified as Critical Control Points (CCP) Good Practice (reference to procedure to be followed) 17 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

18 3. Examples of CCP & Critical Limits GMP Risk CTP SYSTEM GMP Risk Cause CCP Critical Limit Damaged containers not detected and investigated Out of SPEC - IPC NOT DETECTED Software must force supervisor to document and explain damage to product containers if recorded by operator, on receipt into manufacturing System must generate a warning message when calculated IPC result is equal to or more than the quality limit As defined in SOP for the process; check container status Calculated value compared to upper and lower quality limits from MBR Business Risk Cause CCP Critical Limit Inadequate network planning, management or configuration Unauthorized persons have access to EBR functions Ensure adequacy of network design with redundancy and built-in failsafe operational modes. Ensure rigorous system testing and validation of critical network functions and controls Only authorized persons within the organization have access to critical functions Network manager with defined job responsibilities with problem escalation process for the business Security compared to access control list defined by system owners 18 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

19 4. Monitoring system for each CCP CTP SYSTEM Measurement of CCP against critical limits Types of monitoring: operator entries compared to limits input value read from a barcode compared to Expected value ALARM ALARM Results of monitoring recorded and included in batch record Alarms are managed as deviations 19 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

20 5. Corrective actions in case of deviations Determination and correction of the cause of non- compliance Determination of the disposition of the non- compliant product Recording of the corrective actions that have been taken 20 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

21 6. Verification procedures Monitoring of CCP in software development life cycle traceability to FS done by Supplier document results in IQ verify in OQ verify in PQ, including interfaces Residual control, not included in system of system scope will be monitored and managed under SOP 21 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

22 7. Documentation and record keeping Deviations Corrective actions CCP monitoring activity log Changes to process steps Changes to associated hazards Changes to critical limits Verification procedures and schedules 22 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

23 Benefits of HACCP Method Close integration with known business process flows Focus on hazards that lead to risk Feed back to URS and system development Prioritize risks in a systematic manner Reduced validation activity Clear Evidence so, Strong acceptance from management 23 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

24 Residual risk CTP SYSTEM 24 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

25 Review by Exception (RBE) CTP SYSTEM Electronic system allows filtering to Include critical exceptions and deviations to the process Exclude normal operational data Verification of RBE functionality is directly linked to scientific risk assessment as part of system design Regulatory guidelines allow QA review of exception reports for batch records 25 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

26 Regulatory Expectations for Review by Exception (RBE) Functionality is clearly defined in Requirements and specification documents Reference data is retained for the appropriate period The computerized means of review is at least as comprehensive and accurate as the manual review Accuracy and reliability is demonstrated through Qualification and ValidationV 26 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

27 Benefits of Review by Exception (RBE) Production resources and QA are focused on issue resolution and investigation Time consuming verification of complete batch record is not needed, as critical control points are monitored and controlled by validated systems 27 ETIF Argentina Risk-based EBRS Implementation using GAMP 5

28 Tineke Bos Philp Rees +[39] Gilberto Rossi +[39] ETIF Argentina Risk-based EBRS Implementation using GAMP 5