The slides will be looking at the principles of risk management in the context of the European Pharma regulatory framework. This will include the regulatory framework, problems we face in the Pharma supply chain, the definition of risk and how it can be managed.
3. GDP MASTERCLASS: RISK MANAGEMENT
Dr Stephen Mitchell FCQI CQP
QA and Compliance Manager, Global Logistics
GlaxoSmithKline
University of Leuven Sept 15th 2016
4. Outline and Content
• General Background and Considerations
• Regulatory Environment- Considerations from the EU GDP
• What is Risk & How is it Managed?
5. General Background and Considerations-1
Do you know your supply chain and how can performance be
improved? Consider the following:
supply chain qualification & temperature management, capacity,
facility standards, destination and final use conditions
What do we expect of supply chain partners from a quality viewpoint ?
Is this achievable?
Delivery of the agreed service including management of all
subcontractors in the process - collaboration or dictation?
Understand the role and limitations of KPIs & audits, quality
agreements / SLRs, data quality and integrity
6. General Background and Considerations -2
Expectations of customers- pharmacies & medical treatment centres
Online medication and supplies
Patient priority- no out of stocks problems due to supply chain?
Contingency planning and crisis management- shared information
Current supply chain capability – available service provision,
resources, controls
Falsified Medicines Directive & Supply chain integrity – are we
including security of data as well as product?
Expectations from Regulators- how do we cope with differences in
these?
increasing expectations for supply chain temperature management,
security and data controls.
EU GDP now baseline standard
?
7. Considerations from the EU GDP 2013/C 68/01
Requirement to have a Quality System
The system for managing quality should encompass the organisational structure,
procedures, processes and resources, as well as activities necessary to ensure confidence
that the product delivered maintains its quality and integrity and remains within the legal
supply chain during storage and/or transportation.
The quality system should extend to the control and review of any outsourced activities
related to the procurement, holding, supply or export of medicinal products. These
processes should incorporate quality risk management...
• Scope: Applicable to Wholesale Distributors- not me then!
Compliance with the guidelines will ensure control of the distribution chain and consequently
maintain the quality and the integrity of medicinal products.
wholesale distribution of medicinal products is all activities consisting of procuring, holding,
supplying or exporting medicinal products, apart from supplying medicinal products to the
public. Such activities are carried out with manufacturers or their depositories,
importers, other wholesale distributors or with pharmacists and persons authorized or
entitled to supply medicinal products to the public in the Member State concerned.
8. Considerations from the EU GDP- 2
• Quality Risk Management
Quality risk management is a systematic process for the assessment,
control, communication and review of risks to the quality of medicinal
products. It can be applied both proactively and retrospectively.
Quality risk management should ensure that the evaluation of the risk to
quality is based on scientific knowledge, experience with the process
and ultimately links to the protection of the patient.
The level of effort, formality and documentation of the process should
be commensurate with the level of risk. Examples of the processes and
applications of quality risk management can be found in guideline Q9 of
the International Conference on Harmonisation (ICH).
9. So what is Quality Risk Management?
• What is Risk?
Risk is defined in ISO 73 as the ‘effect of uncertainty on objectives’
Assumes that organisational objectives are clear
Risks have implications across an organisation- risk appetite
The impact of risk when inadequately managed can reach to the smallest organisation or
part of it- ripple effect
Risk identification, recording and assessment. Consider:
Origin- brainstorming, audits, surveys, internal, external
Reputational (Brand), Market, Technology, Financial, Infrastructure
Focus on the real problems
Be succinct
Ownership
Ranking- likelihood and consequence if they occur
Existing controls
Mitigation plans- tracking, review and Escalation
Tolerate
Manage
Transfer
10. Considerations from the EU GDP- 3
Other sections cover:
Personnel, training and Hygiene
Premises and Equipment
Temperature and Environmental Control
Equipment
Computerised systems- validation requirements
Qualification and Validation of Equipment
Documentation
Operations, including traceability, storage, qualification of suppliers and customers
Complaints, returns and recalls
Outsourced activities
Transportation- packaging and temperature requirements
11. Final Take Home Points
• Thank- you for listening
ISO 31000
The Association of Insurance and Risk Managers
The Public Risk Management Association
Specific resource well worth reading:
“A Structured Approach to Risk Management and the Requirements of ISO 31000”-
downloadable as a pdf from the IRM
Resilient Risk Management (GT Nexus) Resilient to Risk
http://www.theirm.org/ISO31000guide.htm
“A Guide to Supply Chain Risk Management for the Pharmaceutical and Medical Device
Industries and their Suppliers”, PQG & CQI Monograph, 2010
“Risky Business”- article published in ‘Quality World’ , June 2012, by Lyndon Bird
Recently updated ISO 9000 has introduced a risk management requirement