10-13 April 2018
Frank Behnisch, CSL Behring GmbH
Yves Samson, Kereon
Dr Robert Stephenson, Rob Stephenson Consultancy
Introduction to Risk Management
Introduction – What do you want from this day?
An Introduction to Risk Management (including ICH Q9)
- Capturing delegates expectations
- Sharing and reducing to key points in groups
- Sharing with all delegates and tutors
Risk Management the GAMP® 5 Way
- Definition of “Quality Risk Management”
- Principles of Quality Risk Management
- Application of the principles in validation
- Methods of assessing and controlling risk
- Regulatory expectations for risk management
An Introduction to Risk Ranking
- The GAMP methodology for risk management
- Where to apply risk management in validation
- Methods of assessing risk
Assessing and Selecting a Supplier
- What is risk ranking
- How is it carried out
- How is it documented?
- A few useful applications
Workshop 1: Risk Assessment in Validation
- What are the criteria to use to select a supplier?
- Why does supplier selection matter?
- How should the selection process be conducted?
- Risk management applied to a computer system
- Evaluating identified risks
- Classification of risks into H, M, L
- Controls to mitigate unacceptable risks
- Links to the validation plan and protocols
In this workshop, delegates will use the GAMP methodology. The participants will work on a case study in which the risks associated with a computer system are assessed and managed to reduce the testing workload in validation.
Workshop 2: Risk Management in Validation
- Risk management applied to a control system
- What are the conclusions from the risk assessment?
- What options do you have to mitigate (reduce) the higher risks?
- How will the output affect the protocol?
Based on a real case study, delegates will use the same risk assessment techniques to determine where to focus the qualification of a packaging line.
Workshop 3: Applying Risk Ranking to determine periodic review priorities
- How is severity determined?
- How can scales be created?
- Ranking the risks
- Developing a risk-based action plan.
Delegates will apply the techniques of risk ranking to determine which systems present the highest risk to the patient and should therefore be reviewed first.
Workshop 4: Assessing and Selecting a supplier
- What factors influence supplier assessment?
- What risks are associated with supplier selection?
Delegates will assess supplier selection information to choose between two possible suppliers for an application.
The GAMP 5 Approach
Introduction –What the Participants Expect
Laws, Regulations and Guidelines for Computer Validation
- An open session capturing the expectations of the delegates
Electronic Records and Signatures
- The historical perspective
- Current regulations and regulatory guidelines from US
- New regulatory guidance (GAMP® 5, GAMP® Good Practice Guides, ASTM)
- New industry guidance
- Regulatory training
The EU Annex 11 “Computerised Systems”
- What Part 11 means – Now!
- Identify e-records in predicate rules
- Identify risks to records
- Identify appropriate controls for records
The GAMP® 5 Approach to Computer Validation
- What is new?
- What are the important points?
- How can you implement it?
Risk Management – A Key Point Review
- Validation needs structure
- The GAMP® approach
- What is new in GAMP® 5
- General validation activities
- The GAMP® Categorisation System
- Life Cycle cost reduction
- How to use the FMEA tool to reach better risk-based decisions?
- Risk registers
- Documenting risk
- How to make use of risk information
Programme 2nd Day
Specifications, Design Review and Traceability
- Why is a validation plan important?
- Definitions and regulatory expectations
- Building risk management into planning phase
- Structure and contents of validation plans
- Discussion of best approach
- The impact of scaleability
Protocols, Test Scripts and Deviation Management
- What sorts of specifications are needed?
- How are they constructed?
- Can they be combined?
- How to carry out a design review?
- How to construct a traceability matrix?
- Principles of Risk-Based Qualification
- Leveraging the Supplier
- Commissioning vs Qualification
- Test Script Design
- Deviation Management
- Regulatory requirements
- Configuration management
- Planned/unplanned changes
- Sources of changes
Programme 3rd Day
Validation Reporting & Presentation to Inspectors
- System Overview
- GAMP® and risk analysis
- Qualification / Validation
Introduction to IT-Infrastructure Qualification
- The link between the plan and the report
- Key documents
- Validation summary reports
- Style and emphasis
- Managing the inspection
- The qualification lifecycle
- How to deal with user requirements
- Qualification documentation
- Critical issues
- Qualification summery report
- Recent general trends
- Highlights from Warning Letters and 483s
- Lessons we must learn
Self Evaluation of Compliance with Annex 11
Review of User Requirements Specifications
A short review of the URS and how to write specifications, as a prelude to a workshop in which delegates will evaluate a real requirements specification.
What is a URS?
Why is it important?
Contents of a URS
Characteristics of good specifications
Based on considerations of the type of application, knowledge of the supplier and how it will be used, delegates will work out the best approach to delivering the benefits of a GxP system
What are the risks associated with delivering the system?
What options do you have to manage the most critical risks?
How can they best be managed?
What are the key issues to monitor to ensure delivery of the project benefits?
Risk Management in Protocol Planning
Based on a real case study, delegates will use the same risk assessment techniques as in Workshop 2 to determine where to focus the qualification of a packaging line.
Risk management applied to a control system
Using FMEA to assess risks to be managed and controlled in validation
Identifying options to mitigate (reduce) the higher risks Using the output in creating the testing protocol
The participants will work on a number of case studies and define the change control activities needed.
Change Control forms
In this workshop examples of deviations will be examined and methods of resolution discussed. The examples are based on real-life protocol
Manage the deviations