CQV Series
Part 2: Historical Review of C&Q Approaches
It has been five years since ISPE Baseline Guide, Volume 5, Commissioning and Qualification, 2nd Edition (BG5), was published. This update to BG5 represented a significant paradigm shift in incorporation of Quality Risk Management (QRM) into the Commissioning and Qualification (C&Q) process. While the second edition also addressed the integration of the commissioning and qualification processes, primarily through robust application of Good Engineering Practice (GEP), thereby greatly enhancing the efficiency and return on value for the design and delivery process, today I would like to focus instead on QRM. This article will discuss what it means to incorporate QRM into the C&Q process and will review historical approaches to C&Q from the perspective of QRM incorporation.
This article is the second in an open-ended series on topics of interest generally related to Commissioning, Qualification, and Validation (CQV):
Read on to learn more:
?
What is Quality Risk Management (QRM)?
ICH Q9: Quality Risk Management, R1
For the pharmaceutical industry, Quality Risk Management (QRM) is defined by the industry standard ICH Q9 (R1), Quality Risk Management, recently updated in 2023. The medical device industry follows the ISO standard ISO 14971. These standards have similarities and differences, but that discussion is outside the scope of this article.
ICH Q9 defines Quality Risk Management as “a systematic process for the assessment, control, communication and review of risks to the quality of the drug (medicinal) product across the product lifecycle.” ICH Q9 provides an example framework for this process:
The first point to note is that QRM is a lifecycle process, and not merely an activity. For example, risk assessment (RA) is an activity within QRM, but risk assessment does not comprise the full lifecycle process of QRM. That process consists of the following:?
Risk Assessment
Risk assessment is the process of identifying hazards, analyzing risk related to exposure to those hazards, and evaluating the acceptability of that analyzed risk. In Quality Risk Management, hazards, and risk of exposure to those hazards, are defined from the perspective of the patient.
Hazard Identification
Hazard Identification asks, “What might go wrong?” In this context, the assessment identifies what might go wrong with the product that will be taken by the patient: in other words, how might the product not meet its quality requirements or otherwise pose a safety risk to the patient??
Risk Analysis
Risk Analysis builds upon Hazard Identification by asking two questions: What is the likelihood that it will go wrong (i.e. that the hazard will occur)? And: What are the consequences (to the patient)? The first question addresses the probability of occurrence of the hazard and the second question addresses the severity of the harm (to the patient) that results from exposure to the hazard.
Many Risk Analysis efforts and tools also consider the ability to detect the occurrence of the hazard (thereby avoiding patient harm by preventing exposure to the hazard).
These three aspects: severity, probability of occurrence, and likelihood of detection, are assessed quantitatively (a numerical value) or qualitatively (“high”/”medium”/”low”) to determine the level of assessed risk for a given hazard.?
Risk Evaluation
Risk Evaluation compares the level of assessed risk for a given hazard against predetermined criteria for acceptability of the assessed risk. Where assessed risk is evaluated to be unacceptably high, Risk Control must be applied to mitigate risk to an acceptable level.
Since control of risks must ultimately link to protection of the patient, severity of harm is by necessity the most important aspect in decision-making regarding the acceptability of risk.?
Risk Control
Risk Control includes decision-making to reduce and/or to accept risk. Here, the fundamental QRM principle must be applied: effort must be commensurate with risk. Where a hazard is assessed to have a higher degree of risk, commensurately more effort must go into the strategy to reduce that risk.
?
Risk Reduction
Risk Reduction involves the design of strategies to mitigate or eliminate the assessed risk. Such strategies can focus on reducing the probability of occurrence of the hazard, increasing the likelihood of detection of the hazard, or reducing the severity of harm to the patient caused by exposure to the hazard.
In the pharmaceutical industry, Risk Reduction is generally limited to risk mitigation through addressing probability of occurrence and likelihood of detection. This limitation exists for two, practical reasons:
Because risk is linked to the patient, it is generally not possible to reduce the severity of harm to the patient caused by exposure to an identified hazard.
It is often impractical, if not impossible, to eliminate entirely the probability of occurrence of an identified hazard without making fundamental changes to the basis of design of the process used to produce the drug product.
Therefore, when applying QRM to the pharmaceutical process, some degree of residual risk will remain in the output of Risk Reduction.?
Risk Acceptance
Risk Acceptance is the decision to accept (residual) risk. The Risk Reduction process must be iterated until the degree of residual risk is at or below the predetermined criteria for the acceptability of risk.
?
Risk Communication
Risk Communication is an iterative activity throughout the QRM process to communicate information regarding risk and the management of risk among decisionmakers and stakeholders. At a minimum, the output of a QRM process should be appropriately documented and communicated.
?
Risk Review
Since QRM is a lifecycle process, the QRM process does not end with the identification of the risk control strategy (the output of the Risk Control process). The QRM process should iterate to include new knowledge and information about the process, the product, and adverse impact to the patient.
Review Events
Risk Review generally takes place as part of addressing any events that occur related to the process, the product, or the patient. Such events may be planned or unplanned, and may include product reviews, audits/inspections, change control, failures, deviations, OOS occurrences, patient adverse event reports, and similar. Risk Review should evaluate the original answers to the questions asked as part of the QRM process, to determine if the answers remain appropriate with respect to the scope of hazards that may occur, the severity of patient harm caused by exposure to those hazards, the probability of occurrence of those hazards, and the likelihood of detection of those hazards.
Where original answers to these questions are determined no longer to be appropriate, the QRM process must be iterated again, as necessary, to identify, assess, and mitigate unacceptably high risks of harm to the patient.
?
Incorporation of QRM into the C&Q Process
The second point to note is that application of QRM must consider two critical principles:
These principles must be demonstrated when incorporating QRM into the C&Q process:
?
Based on Scientific Knowledge: Product and Process Knowledge (PPK)
Critical Quality Attributes (CQAs) / Critical Process Parameters (CPPs) as Inputs
Product and Process Knowledge (PPK) must be an input to a QRM-based C&Q process. For the purposes of C&Q, PPK consists of the definition of product quality and patient safety – Critical Quality Attributes (CQAs) – the basis of design (BoD) of the process used to manufacture the product, and the parameters of the process that directly provide or impact product CQAs – Critical Process Parameters (CPPs).
For a QRM-based C&Q process, CQAs and their associated CPPs must be identified/documented as an input to the process.?
Link to Protection of the Patient: Risk Assessment
Identifying Process Risks to Product Quality
A QRM-based C&Q process must identify specific process hazards that pose a risk of harm to the patient. These process hazards must be linked explicitly to their impact to defined product quality and patient safety (product CQAs).?
Risk Analysis and Evaluation
A QRM-based C&Q process must quantitatively or qualitatively analyze, and subsequently evaluate, identified risks to product quality against predetermined criteria for acceptability of risk of harm to the patient. This evaluation must be documented.
?
Level of Effort Commensurate with Risk: Risk Control and Risk Review
领英推荐
Risk Reduction/Acceptance
A QRM-based C&Q process must demonstrate that the degree of effort, formality, and documentation of the design of risk mitigation strategy is commensurate with the degree of analyzed risk. The design of engineered systems that support the pharmaceutical manufacturing process should demonstrate incorporation of QRM through identification of Critical Aspects (CAs) of those systems: the functions and features of those systems that are designed to mitigate identified process hazards.
Thus, a QRM-based C&Q process will support demonstration of incorporation of Quality by Design (QbD) principles into the design and delivery of engineered systems, through incorporation of CQA/CPP-based risks and risk controls into the design of the system and demonstration that the design of those risk controls is fit for their intended purpose to mitigate risks to product quality.
A QRM-based C&Q process must demonstrate that the degree of effort, formality, and documentation of the implementation of the risk mitigation strategy is commensurate with the degree of analyzed risk. This application of QRM must be demonstrated in the degree of rigor of the verification testing and documentation that demonstrates that installation and operation of the risk control strategy is fit for intended use.?
Risk Review
The design process should identify the specific design elements that implement the Critical Aspects of engineered systems: the Critical Design Elements (CDEs) of the systems. This identification should take place as part of the Design Review (DR) process for the system. Thus, Design Review is a form of QRM Risk Review: ensuring that the system design acceptably incorporates the risk control strategy (Critical Aspects). Further, Design Review should ensure that the design of the system does not introduce new hazards.
The QRM-based C&Q process should also incorporate Risk Review as part of Periodic Review of the manufacturing process and the engineered systems that support it. Thus, the QRM-based C&Q process itself must be implemented as a lifecycle process for each system.
?
Review of C&Q Approaches
With that background, this article will now review the three most common C&Q approaches applied in the pharmaceutical industry over the past several decades, beginning with the most-recent industry approach and progressing back through historical approaches.?
QRM-Based Integrated C&Q (ISPE Baseline Guide 5, 2nd Edition)
With the 2019 publication of ISPE Baseline Guide, Volume 5, Commissioning and Qualification, 2nd Edition, the industry formally established the process called QRM-Based Integrated C&Q as the gold-standard and best-in-class approach to C&Q. This process was designed intentionally and explicitly to incorporate QRM principles.?
Critical Quality Attributes (CQAs) / Critical Process Parameters (CPPs) as Inputs
In QRM-Based Integrated C&Q, CQAs and their associated CPPs are identified/documented and are required as an input to the process, through System Classification (SC), System Risk Assessment (SRA), and Design Qualification (DQ).?
Identifying Process Risks to Product Quality
In the QRM-Based Integrated C&Q process, specific process hazards that pose a risk of harm to the patient are defined, with identified correlation to CQAs and CPPs, through System Risk Assessment (SRA).?
Risk Analysis and Evaluation
The QRM-Based Integrated C&Q process analyzes identified hazards, either qualitatively through the System Risk Assessment (SRA) or quantitatively through an appropriate risk tool such as Process Failure Modes and Effects Analysis (pFMEA). That qualitative/quantitative analysis is procedurally linked to evaluation of acceptability of identified hazards. This evaluation is documented, based on documented criteria in a Validation Master Plan (VMP) or similar policy.?
Risk Reduction/Acceptance
The QRM-Based Integrated C&Q process demonstrates and documents that the degree of effort, formality, and documentation of the design of the risk mitigation strategy is commensurate with the degree of analyzed risk, through Design Qualification (DQ), which explicitly identifies Critical Aspects (CAs) and Critical Design Elements (CDEs). Thus, the risk control strategy is directly linked to protection of the patient through the SRA, that links CQAs, CPPs, process risks, and Critical Aspects, and the DQ, that links CAs to CDEs.
The QRM-Based Integrated C&Q process supports demonstration of incorporation of Quality by Design (QbD) principles through Design Qualification (DQ), which demonstrates incorporation of CQA/CPP-based risks and risk controls into the design of the system and documents that the design of those risk controls is fit for their intended purpose to mitigate risks to product quality.
The QRM-Based Integrated C&Q process demonstrates and documents that the degree of effort, formality, and documentation of the implementation of the risk mitigation strategy is commensurate with the degree of analyzed risk, through the C&Q Plan that defines the verification strategy. This strategy incorporates the DQ to define the scope and acceptance criteria for installation and operation of CAs and CDEs and incorporates the SRA to define the required rigor.?
Risk Review
In the QRM-Based Integrated C&Q process, the design process explicitly identifies CDEs and associates them with Critical Aspects of the system, and ensures that the design does not introduce new hazards, through Design Review (DR). Design Qualification (DQ), an output of the final, approved design, documents that the system design acceptably incorporates the risk control strategy (Critical Aspects).
The QRM-Based Integrated C&Q process is a lifecycle process that includes system design, delivery, and operation through decommissioning/end of life (EOL), and incorporates Risk Review as part of Periodic Review of qualified systems.
Verdict: Full QRM Incorporation
The QRM-Based Integrated C&Q process is designed intentionally to incorporate QRM principles and lifecycle process.
?
Legacy C&Q (ISPE Baseline Guide 5, 1st Edition
The 2001 publication of ISPE Baseline Guide, Volume 5, Commissioning and Qualification, 1st Edition introduced the first iteration of the industry’s definition of a process called “Commissioning and Qualification” – an approach that this article refers to as “Legacy C&Q”. This approach attempted to differentiate systems and their components based on an assessment of their impact on or criticality to product quality. Direct Impact systems and their Critical Components would undergo Commissioning and Qualification. Non-Critical Components of Direct Impact systems and all Indirect and No Impact systems, and their components, would undergo Commissioning only.?
Critical Quality Attributes (CQAs) / Critical Process Parameters (CPPs) as Inputs
In the Legacy C&Q approach, CQAs and their associated CPPs must be identified, since they are referenced in the first question of the System Level Impact Assessment (SLIA) deliverable. However, specific CQAs and CPPs do not need to be documented and are not used for further risk assessment.?
Identifying Process Risks to Product Quality
In the Legacy C&Q approach, specific process hazards that pose a risk of harm to the patient are not defined. The process uses System Level Impact Assessment (SLIA) to determine a system’s directness of impact to product quality (Direct, Indirect, No Impact) based on a predefined set of yes-no questions. Similarly, the process uses Component Criticality Assessment (CCA) to determine the criticality (Critical, Non-Critical) of each of a system’s components based on a predefined set of yes-no questions. No specific process hazards are identified, nor are specific process hazards linked to the system’s CPPs or associated product CQAs.?
Risk Analysis and Evaluation
The Legacy C&Q approach does not analyze or evaluate the risk associated with process hazards. Systems and their associated components are identified in a binary manner regarding their impact on, and criticality to, product quality, respectively. Systems either do or do not impact product quality. System components either are or are not critical to product quality.
Thus, the Legacy C&Q approach identifies systems that directly impact product quality and system components that are critical to product quality, but does not qualitatively or qualitatively analyze, or evaluate, risk to product quality or patient safety associated with a given system.?
Risk Reduction/Acceptance
The Legacy C&Q approach implicitly implements an increased degree of rigor of documentation associated with direct impact systems and critical components, through the concept of “Enhanced” documentation, and the differentiation of activities and documentation as being either “Commissioning” or “Qualification” – again, with the implication that “Qualification” documentation and activities will be more rigorous that “Commissioning” documentation and activities. This degree of rigor is often documented through a Validation Master Plan (VMP), C&Q Plan, C&Q procedures (SOPs), or similar. However, this enhanced rigor is not linked to the level of assessed process risk or to the degree of risk control applied.?
Risk Review
In the Legacy C&Q approach, critical components are identified through Design Review (DR). Design Qualification (DQ) or “Enhanced Design Review” (EDR) documents identified critical components and verifies design meets requirements for direct impact systems. However, Design Review does not verify the incorporation of the mitigation strategy for identified process hazards.
The Legacy C&Q approach was not designed or contemplated as a lifecycle process, effectively ending at the completion of Performance Qualification (PQ), though the Guide does touch on revalidation.
Verdict: Partial QRM Incorporation
The Legacy C&Q approach incorporates some elements of QRM, through differentiation of systems, activities, and level of effort based on a system’s impact to product quality and a system component’s criticality. However, the Legacy C&Q approach does not identify specific process hazards, define a specific risk control strategy tied to identified process hazards, or demonstrate that such a risk control strategy is in place.
?
V-Model (GAMP)
Prior to the publication of ISPE Baseline Guide, Volume 5, Commissioning and Qualification, 1st Edition in 2001, the standard industry approach was the V-Model – an approach borrowed and adapted from the original GAMP Guide (and subsequent ISPE GAMP4 Guide). ?This approach was based on activities involved to Design, Build, and Verify systems, with specific user requirement and design specification documents tied directly to specific testing documents: Installation Qualification (IQ) verified the Detailed Design Specification, Operational Qualification (OQ) verified the Functional Specification, and Performance Qualification (PQ) verified the User Requirements Specification (URS).?
Critical Quality Attributes (CQAs) / Critical Process Parameters (CPPs) as Inputs
In the V-Model approach, CQAs and their associated CPPs are not required to be identified/documented. The approach does not depend on identification of CQAs or CPPs.?
Identifying Process Risks to Product Quality
In the V-Model approach, specific process hazards that pose a risk of harm to the patient are not defined. The approach does not depend on identification of process hazards.?
Risk Analysis and Evaluation
The V-Model approach does not analyze or evaluate risks associated with process hazards. The approach does not depend on analysis or evaluation of risk.?
Risk Reduction/Acceptance
The V-Model approach incorporates documentation rigor only through differentiation of pre-qualification documentation and through implied increase in rigor from IQ to OQ to PQ. The V-Model approach is a “test everything” approach: if a requirement is in a specification document, then the requirement is tested in the associated protocol. No rationale or strategy for rigor of testing or documentation effort is required to implement the V-Model approach.?
Risk Review
In the V-Model approach, Design Review (DR) is not required. All engineering verification testing and documentation activities are essentially invisible to the approach, considered to be part of the Build phase and not incorporated into the testing and documentation activities in the subsequent Verify phase. Therefore, no Risk Review is performed as part of the V-Model approach.
The V-Model approach is not designed as a lifecycle process. It includes only the Design, Build, and Verify lifecycle phases of a system lifecycle. Therefore, the V-Model approach does not support lifecycle Risk Review through periodic review or otherwise.
Verdict: No QRM Incorporation
The V-Model approach does not incorporate any aspects or principles of the QRM process. For this reason, the industry formally deprecated the V-Model approach with the publication of the ISPE Baseline Guide, Volume 5, Commissioning & Qualification, 2nd Edition, in 2019. In so doing, the industry states that the V-Model, absent incorporation of the elements and principles of QRM, is not a valid approach to C&Q.
Conclusion
This article is the second in an open-ended series on topics related generally to Commissioning, Qualification, and Validation (CQV):
Project Farma (PF), a Precision For Medicine company, can help you implement a modern, compliant, QRM-based C&Q approach to support your efforts to deliver life-saving therapies to patients. If you are looking for project support, please contact us!
CEO at BPM Associates - Biotech, Pharma, Med Device
1 个月Hi Chip. How will AI change CQV approaches over the next few years?