UL REGISTRAR PHARMACEUTICAL DRUG AUDIT TOOL RISK ASSESSMENT

Similar documents
RISK MANAGEMENT and ISO 17025:2017

Defining Risk and Risk Levels

Basics of Quality Risk Management. CBE Pty Ltd

1.0 Scope. 2.0 Program Participation Application

Use of QRM to Quantify Particulate Contamination Risks

LCS International, Inc. PMP Review. Chapter 6 Risk Planning. Presented by David J. Lanners, MBA, PMP

For more information please contact your local UL field representative

RISK ASSESSMENT APPROACH AND ITS APPLICATION IN PHARMACEUTICAL INDUSTRY FOR PRODUCT QUALITY MANAGEMENT

Conducting Effective Annual Product Reviews From: Journal of GXP Compliance, Volume 6 Number 2 January 2002

Challenges of implementation. a regulatory perspective

September 21, Panelists: Scott Soukup, Quality Specialist, RCA Inc. Joan M. Ward, Quality Subject Matter Expert, RCA Inc.

ISO/IEC INTERNATIONAL STANDARD. Information technology Security techniques Information security risk management

PREP Course # 17 Compliance in Human Subject Research: Implementing Quality Systems. Office of Research Compliance. February 16 th, 2016

The Role of Quality Risk Management in the Manufacture of Biological Products CBER Perspective

Streamlining Risk Management Evaluations for New Manufacturing Processes

CRISC. Isaca CRISC Certified in Risk and Information Systems Control Version: 1.0

Certified in Risk and Information Systems Control

How to demonstrate foreign building compliance with drug good manufacturing practices

AN INTRODUCTION TO RISK CONSIDERATION

Risk Assessment for Drug Products with Device Components

Quality Risk Management from Concept to Practical Strategies*

Risk Management Plan for the <Project Name> Prepared by: Title: Address: Phone: Last revised:

Webinar: AS9100C Most Common NCRs. Aaron Troschinetz Technical Manager, Aerospace SAI Global Assurance Services

Understanding Enterprise Risk Management: An Overview

Crowe, Dana, et al "EvaluatingProduct Risks" Design For Reliability Edited by Crowe, Dana et al Boca Raton: CRC Press LLC,2001

AAMI Risk Management Summit Risk Terminology and Expectations: A Regulatory Perspective

Risk Evaluation, Treatment and Reporting

Project Management for the Professional Professional Part 3 - Risk Analysis. Michael Bevis, JD CPPO, CPSM, PMP

Master Class: Construction Health and Safety: ISO 31000, Risk and Hazard Management - Standards

METER PERFORMANCE CERTIFICATION SERVICES SERVICE TERMS AND CONDITIONS

Presented to: Eastern Idaho Chapter Project Management Institute. Presented by: Carl Lovell, PMP Contract and Technical Integration.

RISK MANAGEMENT POLICY October 2015

Risk Management & FMEAs. By Jay P. Patel, ASQ Fellow CEO & President QPS Institute

HEALTH, NUTRITION & LIFESTYLE

UL DQS Inc. Management Systems Solutions Certification Requirements

Managing Project Risk DHY

Contact address: Global Food Safety Initiative Foundation c/o The Consumer Goods Forum 22/24 rue du Gouverneur Général Eboué Issy-les-Moulineaux

Procedure for Address Business Risk and Opportunities

METER PERFORMANCE CERTIFICATION SERVICES SERVICE TERMS

RISK MANAGEMENT POLICY

Risk Management Policy

Project Risk Management

HEALTH, NUTRITION & LIFESTYLE APPLICATION

FOLLOW-UP SERVICE TERMS

Enterprise Risk Management Program

CEN/CENELEC Internal Regulations - Part 4: Internal Regulations Part 4. Certification

Chapter 7: Risk. Incorporating risk management. What is risk and risk management?

46th CIML Meeting DRAFT BASIC PUBLICATION. Draft 2. 46th CIML Meeting. Prague 2011 ORGANISATION INTERNATIONALE INTERNATIONAL ORGANIZATION

We will begin the web conference shortly. When you arrive, please type the phone number from which you are calling into the chat field.

METHODOLOGY For Risk Assessment and Management of PPP Projects

Risk assessment and the choice of conformity assessment procedures in the EU. Nike Bönnen European Commission TBT Committee, Geneva, 13 June 2017

Final Report Evaluation of the Canadian General Standards Board. Office of Audit and Evaluation

Best Practices in Applying Medical Device Risk. Management Terminology

Comparison of Risk Analysis Methods: Mehari, Magerit, NIST and Microsoft s Security Management Guide

Job Safety Analysis Preparation And Risk Assessment

Best Practices in Applying Medical Device Risk Management Terminology

Fundamentals of Project Risk Management

EA Policy For Conformity Assessment Schemes

Preliminary Regulatory Impact Analysis for the proposed rules on Foreign Supplier

A Cross-Functional Perspective of Key Issues Facing New Product Introductions

HAZARD MANAGEMENT POLICY Page 1 of 7 Reviewed: October 2018

Submitted Electronically via and Faxed

Progress of the East African Community Medicines Registration Harmonization (EAC - MRH) Project

Questions and Answers on the Pakistan Tax Administration Reform Project

Ind AS Impact on the pharmaceutical sector

Planning the Risk Management File Audit

HEALTH RESEARCH CAPACITY STRENGTHENING INITIATIVE. Program Risk Management Policy. September Imperial : +265 (0)

For the PMP Exam using PMBOK Guide 5 th Edition. PMI, PMP, PMBOK Guide are registered trade marks of Project Management Institute, Inc.

Section Defining Risk Management. 11. Principles of Risk Management

RISK MANAGEMENT. Co-X/QHS/SOP03

RISK MANAGEMENT POLICY

CEN GUIDE 414. Safety of machinery Rules for the drafting and presentation of safety standards. Edition 3,

UL s Quality Management System Program Requirements

INTERNAL REGULATIONS PART 4 CERTIFICATION (Aussi disponible en français) (Auch in deutscher Fassung erhältlich)

0470_022817_03_chap01.fm Page 11 Wednesday, September 8, :29 PM. Part I The basics of project risk management

EITF ABSTRACTS. Issue No Title: Revenue Arrangements with Multiple Deliverables

Applicant Contract Information

Letters for Underwriters and Certain Other Requesting Parties: Auditing Interpretations of Section 634

IAF Mandatory Document. Control of Entities Operating on Behalf of Accredited Management Systems Certification Bodies

Policy Number Functional Field. Governance and Management. Related Policies. Policy of Making University Policies.

Current MFRPS State Implementation Status

IEC System of Conformity Assessment Schemes for Electrotechnical Equipment and Components (IECEE System)

Risk Analysis and Management. May 2011 ISO 14971

U.S. Consumer Product Safety Commission

Risk Management Policy

Thirty-Second Board Meeting Risk Management Policy

FATIGUE TECHNOLOGY INC. PURCHASE ORDER TERMS AND CONDITIONS DATED JANUARY 4, 2006

THE ROLE OF NATIONAL REGULATOR FOR COMPULSORY SPECIFICATIONS (NCRS) IN TERMS OF CONFORMITY ASSESSMENT. Speaker / Author: T Scriven Principal-author

Risk-Based Compliance Handbook INTRODUCTION

DRAFT SAINT LUCIA NATIONAL STANDARD DNS/ISO 31000: 2009 RISK MANAGEMENT PRINCIPLES AND GUIDELINES (ISO 31000: 2009, IDT) Stage 40 Enquiry Stage

A8-0148/ AMENDMENTS by the Committee on the Internal Market and Consumer Protection

What Makes Risk Management Work?

OVERVIEW OF RISK ANALYSIS. APEC workshop: Hot Issues in Risk Analysis August 1, Singapore

INSE 6230 Total Quality Project Management

Risk Management and Assessment Overview Alistair Nairn

Project Risk Management. Prof. Dr. Daning Hu Department of Informatics University of Zurich

RISK AND CONTROL ASSESSMENT SCDOT Indirect Cost Recovery

D7 Risk Management Policy

GS Mark Services Service Terms

Advanced Operational Risk Modelling

Transcription:

UL REGISTRAR PHARMACEUTICAL DRUG AUDIT TOOL RISK ASSESSMENT

UL GMP CERTIFICATION PROGRAM Accreditation BENEFITS Globally, UL Registrar LLC (UL) is Accredited by the American National Standards Institute (ANSI) and the ANSI-ASQ National Accreditation Board (ANAB) to provide the ANSI and ANAB Symbols for a variety of audit schemes, which highlights UL Registrar s technical competence to perform scheme related audits and inspections. Marks UL Expertise Satisfy Multiple Customer Needs Reduce Annual Audit Fatigue and Cost Commitment to Integrity Continuous Improvement UL is permitted to use the UL Process/Management System Certification Marks and Badges, The Natural Products Association (NPA) Mark, the ANSI/ANAB Mark, and, when permitted, the ILAC MRA Mark and the IAF-MLA Mark. The purpose of these Marks is to highlight technical competence and increase customer confidence. UL has been a trusted partner in consumer and product safety for 120 years. UL has produced talented auditors with years of industry experience and technical knowledge. The expertise of the UL Auditor is specialized by industry and the type of product produced. Multiple retailers/brands accept UL Registrar s GMP Reports and accredited certificates. Four separate audits for four separate customers may all be included in one audit report. Since the GMP Audit Report can satisfy multiple annual stakeholder requirements, the number of annual audits for a facility may be reduced, thus reducing annual audit cost. UL carries out services with the highest level of integrity and has been doing so for 120 years. UL aims to boost confidence and foster trust in the marketplace as well as accredited certification. With each audit, a facility has the opportunity to improve, and every corrective action is a chance to show customers that an organization is moving towards a higher level of continual improvement and quality. Quality and Consistency AUDIT BASIS The UL Registrar Pharmaceutical Drug Audit Tool mirrors the Food and Drug Administration s Code of Federal Regulations 21 CFR Part 210/211. The improved audit tool and report have built in responses and sample sizes so that UL Auditors share a consistent approach. The UL Pharmaceutical Drug Audit Tool is based strictly on the requirements of FDA s 21 CFR Parts 210/211. The audit tool was created around the following six elements: Quality System, Facilities & Equipment System, Materials System, Production System, Packaging System, and Laboratory System. This approach mirrors the FDA s Guidance for Industry Quality Systems Approach to Pharmaceutical cgmp Regulations (dtd. Sept. 2006). The FDA Guidance for Industry is intended to help organizations implement modern quality systems and page 2 risk management approaches to meet the requirements of the FDA s current good manufacturing practice (cgmp) regulations (21 CFR parts 210 and 211). Hence, the FDA Guidance for Industry forms the core structure under which UL s Audit Tool was based. This audit approach establishes the audit tool s consistency with the 21 CFR Part 210/211 regulatory requirements for manufacturing human and veterinary drugs, including biological drug products.

AUDIT SCOPE UL Registrar LLC offers Good Manufacturing Practices audits for Finished Pharmaceuticals, Pharmaceutical Ingredients and Ophthalmics. UL certifies manufacturers, packagers, warehouses, distribution centers and contract facilities of pharmaceutical drugs. The Report/Audit Findings will be created through visual observation, employee and management interviews, and documentation review conducted by the auditor on site. AUDIT PROCESS The audit process begins when the audit is confirmed and scheduled. The auditor arrives on site, conducts an opening meeting, performs the audit and ends with a closing meeting. Following the audit, any Corrective Actions (CAPA) that may have been issued must be answered before certification can be awarded. Finally, the process ends in a final report, Certificate, Certification Mark and Certification Badge. Facilities Opening Meeting Quality Materials Closing Meeting Lab Production Packaging AUDIT REPORTING PROVIDED TO DOCUMENT FACILITY CLIENT PURPOSE Audit Summary Corrective Action Form Final Report (if requested) This Document is used as a brief summary of the audit. The Audit Summary is received by the audited organization at the closing meeting and left on site. NOTE: Stakeholders do not accept the Audit Summary Report The Corrective Action (CAPA) Form is used to document audit findings, factory responses, approval of factory responses, and to track closure of nonconformity. The CAPA Form is left on site with the audited organization. The auditee/audit client receives the audit report. It is not UL s responsibility to pass on reports to customers or the contract facility. page 3

UL REGISTRAR LLC PROCESS EVALUATION ASSESSMENT OF RISK (PEAR) The Process Evaluation Assessment of Risk (PEAR) UL Registrar LLC is the first ANAB and ANSI accredited audit body to introduce risk assessment along with the use of rsik tools into 21 CFR Part 210/211 audit requirements. Risk can be defined as the combination of the probability of an event and its consequences (ISO/IEC Guide 73). Over many months of careful study, evaluation, and analysis of the existing UL audit tools as well as the process for scoring audit results, UL has engaged industry experts, field auditors, retailers and other interested stakeholders in the development of an Audit Tool which is based solely on Risk. The "audit scoring" criteria for this risk based audit tool is predicated on a risk assessment model known as the UL Process Evaluation Assessment of Risk or PEAR. This risk analysis concept revolves around two fundamental factors of risk: 1) the Probability of Nonconformance occurring during UL's audit or an unannounced visit from the FDA and, 2) the Severity of Risk to the consumer and/or end user of the UL Audit Report. THE PEAR PROCESS Risk Assessment 1. Context 2. Identification 3. Analysis 4. Evaluation 5. Response Understand organizational objectives and the external and internal environment. Find recognize, and describe risks. Write a risk statement that includes sources, events, causes, and consequences. Comprehend the nature of risk and determine the level of a risk. Determine the risk s potential impact and likelihood. Compare the results of risk analysis with risk criteria to determine whether the risk is acceptable. Prioritize risks. Modify the risk by mitigating, avoiding, transferring, or accepting the risk. 6. Monitoring Continually check the status of a risk to identify change from the performance level required or expected. 7. Reporting & Communication Inform and engage in dialogue with stakeholders regarding the current state of risks and their management. page 4

The Process Evaluation Assessment of Risk (PEAR) Description The UL Risk Assessment is defined as a systematic process of organizing information to support a risk decision (Risk Priority Number (RPN) and Level of Risk Determination) to be made during the audit process. Risk assessment consists of the identification of hazards and the analysis and evaluation of risks associated with exposure to those hazards (ICH Q9). UL's proprietary PEAR model uses a combination of risk based criteria generated from a detailed analysis matrix. The risk matrix takes into account the probability of nonconformance occurring and the likelihood and severity of risk to consumers and other stakeholders. These criteria were selected in order to establish a Risk Priority Number (RPN) for each specific CFR Clause or Paragraph specific to the Pharmaceutical audit and/or Standard under assessment. A mathematical equation is used to generate a Final Risk Priority Number (FRPN) at the conclusion of the assessment. The PEAR and the Pharmaceutical Audit Tool take into account many factors, including but not limited to: FDA 483s FDA Warning Letters FDA Current Hot Spots Previous UL OTC CAPAs Recalls UL Technical Knowledge Personal Industry Experience Stakeholder Concerns page 5

SCORING CRITERIA Based on the enhanced Risk Based Pharmaceutical Audit Tool and the resulting PEAR, the "scoring" or risk criteria has changed from three colors: Green/Compliant (100-80), Yellow/Marginal (79-60) and Red/Noncompliant (59-0) to a new risk model, noted below. The new approach now has five risk ranges. The New UL Registrar Pharmaceutical GMP Risk Model FINAL RISK PRIORITY NUMBER RISK LEVEL 100 to 96 Reasonable Risk 95.99 to 89.99 Limited Risk 89.98 to 80.99 Average Risk 80.98 to 71.99 Medium Risk 71.98 and below High Risk Each audited facility will fall into one of the above risk levels and will receive an overall Final Risk Priority Number at the conclusion of an audit. The risk levels can be defined as: Reasonable Risk: With all types of activities, there is assumed risk, but no current threats or exposed risks were identified during the assessment. Limited Risk: An observed departure from specific SOP Requirements was noted and where no exposed risk was identified during the assessment. More likely than not the finding would have resulted in no FDA 483 s being raised minor departure from GMP/GCP Requirements. Average Risk: A minor departure from GMP/GLP/ SOP Requirements where objective evidence gathered during the audit may conclude that limited or no health risk to the consumer or the stakeholder using the report was observed. An FDA 483 would probably be issued by FDA. A warning letter may be raised but it is unlikely. Medium Risk: A Deviation from GMP/GLP (i.e. departure from Regulations and Requirements) or for which an FDA 483 and/or warning letters would most likely be issued and where it could be concluded that there may be some health risk to the consumer. High Risk: Potential risk of harm/death to the user/ warning letter would be issued by the FDA. Additionally, the Final Risk Priority Number (FRPN) correlates to the level of risk deemed at the audited organization. Though this FRPN will look like a numerical score on the final report, it will simply express the level of risk based on a mathematical calculation associated with the level of risk noted on the PEAR. The audit tool and final report will not contain an overall numerical score like previous reports. This tool is strictly risk-based, so the outcome of the audit is also strictly risk-based. Requirements will be weighted based on the risk severity and probability of occurrence. Corrective Actions will be defined as Critical, Major and Minor. Any Critical or Major CAPAs will require a follow-up assessment, as will falling within the Medium and High Risk Levels. All follow-up assessments will be conducted as determined and deemed necessary by the UL Registrar Certification Committee. In terms of PEAR and our research on risk, we have updated our definitions of Minor and Major Nonconformances and, at the request of stakeholder feedback, added Critical Nonconformance. Nonconformance types can be defined as: Minor Nonconformance Objective evidence gathered during the audit would conclude an insignificant health risk to the consumer. Major Nonconformance Objective evidence gathered during the audit would conclude that a systemic failure of any system, procedure, process or failure to comply with required regulations was identified to have occurred. Critical Nonconformance Will or may result in a significant risk of producing an Over-the-Counter Drug, Pharmaceutical, etc. that when used in a finished product, is harmful to the user. The nonconformance types above were selected based on the severity of risk and the likelihood of occurrence. page 6

UL has elected to remove words of merit, such as Pass, Fail, Compliant, Marginal, etc. UL has also decided to remove the numerical, percentage score as the score can be interpreted differently by UL customers and end users of the report. Therefore, a Final Risk Priority Rating will be identified on the report. UL is confident that by identifying and reporting the Risk Rating on the report, the end user has far greater understanding of the impact, and that risk has more weight and meaning to interested parties than a mere score or words of merit. The UL risk evaluation of a factory and reporting on the level of risk observed at the factory during the audit allows stakeholders and report end users to make reasonable decisions about the factory based on the level of risk they are comfortable accepting, instead of basing such a decision on an arbitrary score. FAQs Last year I had a score and this year I have a risk level. Where is my score this year? The enhanced Pharmaceutical GMP Audit Tool is solely risk based. The outcome of the audit is a risk level, not a numerical percentage score. The Final Risk Priority Number (FPRN) is NOT a score or a percentage from 1% to 100%, but a mathematical calculation tied to the level of risk assigned to the associated RPN. Have the UL GMP Requirements changed that were found in the Previous Final Report? Yes. All UL-specific Requirements and Implementation Guidelines have been removed. The Audit Tool is strictly based on FDA 21 CFR Parts 210/211 along with corresponding risk levels. I need a follow-up audit, but did not receive a new audit report and new FRPN/risk level. Why? With the enhanced Pharmaceutical GMP Audit Tool, follow-up audits will be conducted to strictly close out the prior CAPAs. A follow-up report will not be generated, nor a new risk level/score issued. The closed/verified CAPA forms will be the output of the follow-up audit. References: ISO/IEC Guide 73 Risk Management Vocabulary Guidelines for Use In Standards. ISO/IEC 31000:2009 Risk Management. The Institute of Risk Management s Standard. The World Health Organization. FDA ONDC s Risk-Based Pharmaceutical Quality Assessment System. FDA Guidance for Industry Q9 Quality Risk Management. ICH Q9 Guideline for Risk Management and Q10 Pharmaceutical Quality Systems International Conference On Harmonization Of Technical Requirements For Registration Of Pharmaceuticals For Human Use. Have you added Critical Nonconformances to the audit report? Yes, the nonconformance levels are now Minor, Major and Critical. I have received corrective actions, how do I respond? Please respond to corrective actions and send the form to LST.ENF.CAPA@ul.com. Please refer to the Procedure for Certification for further CAPA information. What should I do with the UL Management System Certification Mark and UL Management System Certification Badge? After successful completion of a GMP Certification audit, you will receive your final report, UL Certificate of Conformance and UL Certification Mark and Badge.* The UL Management System/Process Certification Mark will be placed on your Certificate. The UL Management System/Process Certification Badge may be used on your website, on your marketing materials, on your tradeshow booth, etc. The UL Certification Marks and Badges must be used properly and according to the Use of the UL Mark/Badge Document. *Certification Badges are not available for Cosmetic and Non-Regulated Audits at this time. page 7

For more information on the UL Registrar Pharmaceutical Drug Audit Tool Risk Assessment, please contact us at ULRinfo@ul.com UL and the UL logo are trademarks of UL LLC 2017 Rev. 2.23.2017 page 8

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback