inglasiasupporting global quality in the
manufacture and distribution of medicine


Principles of risk-based approach in the assessment of quality systems in pharmaceutical companies – by Dr Judy Wu

Recent rapid growth of pharmaceutical companies, and the industry has resulted in the need for more efficient management tools and less complex processes to control their activities.  This would ensure compliance with best practice at all levels, whilst promoting business continuity.

As a result, the concept of “risk management ” has become increasingly popular in all areas Web of business including pharmaceutical companies in line with the implementation of robust and sustainable quality systems.

In general, risk is defined as any situation that may cause a negative impact on the safety, quality and continuity of a company. Risk is measured based on the likelihood of occurrence and severity of the impact. It is therefore expected that risk assessments should be molded to the characteristics of each entity, company or industry – as risk levels can be perceived in different ways in different forums. In pharmaceutical companies, perhaps more than in any other area, the risk management process takes center stage. It wholesale nfl jerseys is a tool to monitor and control manufacturing processes of drugs, and ultimately, safeguards the integrity and safety of consumers.

So how has the risk management system evolved in the pharmaceutical industry?

The structure of quality systems (QMS) in the industry is well known. The QMS begins with quality control processes, feeding through to quality assurance, resulting in total quality as cheap nba jerseys the culmination of effective QMS implementation. However, it is now practically mandatory to incorporate risk management within the total quality concept. Generally, the current systems, including inspection and audit processes, are solely focused on: compliance and processes, how we manage these processes; how we measure compliance.

But rarely included is the question: what would happen if…?

Certainly, every company has an emergency and business Walk continuity plan to mitigate the impact of these “what if…” situations, but how effectively can they ensure that all risks are covered and have a mitigation plan?

Here, a dynamic and interdisciplinary committee comes into play to review, evaluate and effectively manage risk following a few basic steps:

  1. Defining a risk management process.This involves identifying:
  2. Representatives from different areas of your organization to comprise the risk analysis forum;
  3. Communication channels to escalate or cascade down information (to managers and from managers to teams);
  4. Definition of responsibilities;
  5. And importantly, the creation of a written procedure to capture this.

It is necessary to follow up on training provided for all areas to ensure that the importance of risk management is clear and appreciated.

  1. Establishment of a continuous process of risk identification. Once the training process and awareness of risk management is finished, the organization should now able to properly identify and communicate potential risks that may affect the flow and continuity of an the company’s processes. Nevertheless, additionally, it is vital to define regular meetings in which these risks are exposed. Management team participation is necessary for an adequate analysis of the risk(s), mitigation plans definition, resources allocation, identification of responsibilities and setting Spicy deadlines.
  1. Risk analysis. A risk must be analyzed from different angles in order to ensure that the final action plan is suitable, be it risk-elimination or mitigation. The following questions should be asked:
    1. What could go wrong?
    2. What is the likelihood of something going wrong?
    3. What is the expected impact if something goes wholesale mlb jerseys wrong?
    4. What is, most likely, the cause (root cause) for the occurrence of this situation?
  1. Risk mitigation plans. Knowing the root cause of a possible risk makes it easier to identify an effective action plan. The actions identified and defined will directly attack the initial stages of a risk developing. In this step it is important to emphasize two aspects:


  1. There is not always one single root cause – in most situations a combination of several possible cause elements are observed. Improper handling of these can lead to a consecutive chain of events, allowing the risk to occur. The identification and monitoring of these elements is one of the critical aspects of risk management. For example, Ishikawa[1] included in his tool the most likely areas of error on a process risk analysis.
  1. The root cause may not always be obvious to the naked eye – hence, the importance of analysis tools involving multidisciplinary teams to implement dynamics such as Ishikawa model or the 5 whys. The “5 whys” model establishes that with at least 5 why question we may be able to determine the most probable root cause, of course, as in many techniques, there are drawbacks but this provides a useful framework to start with. For example, note how the analysis of the following situation takes us to a conclusion that was not obvious initially.
  1. Monitoring and controlling risks.As with all continuous processes, the mere implementation of a risk mitigation plan does suffice. Periodic review and monitoring is required to ensure that actions are still valid through time, including re-assessments during management meetings that may provide answers to questions like:
    1. Is this risk at an acceptable level?
    2. What further actions can I take to reduce or eliminate this risk?
    3. What is the appropriate balance cheap jerseys online of risk, benefit and resources that should Lovers exist?
    4. Are new risks created as a result of actions taken to control a particular risk?

The performance of audits and certain performance indicators are important parts of the control and monitoring process. These tools also help provide a picture of the evolution of processes within a company.

  1. Audits – should not be restricted to ensuring the proper enforcement of standards and that processes are in place. Audits should further verify the existence of a risk management plan that can predict and anticipate the occurrence of future risks.  Existing processes or activities should be challenged during questioning using hypothetical situations based on “what would happen if…?”


  1. Performance Indicators – elements such as the tendency of deviations, complaints, incidents, change controls and other statistics can clearly illustrate whether the organization is at an important turning point. An increase in any of these indicators should alert the management team as these may be the first signs of a risk developing.

Risks have always existed and no company is exempt from them. Traditionally risk has been handled throughout history in different ways, either through observation or reactive actions. More recently, the concept of risk has been incorporated into quality systems to be studied in a more proactive way. A risk management program should aim to act as a tool for continuous improvement, building knowledge and experience for companies. When used correctly as part of the daily function of any organization, success is achieved, despite the threats that arise with the accelerated growth of the world economies. Anticipating, identifying, and eliminating or controlling a risk effectively, can transform the risk into an opportunity.


Guidance for Industry Quality Risk Management. US Department of Health and Human Services. FDA.

Kondo, Yoshio (July 1994). “Kaoru Ishikawa: What He thought and Achieved, A Basis for Further Research”. Quality Management Journal 1 (4): 86–91. ISSN 1068-6967

Kaoru Ishikawa (1915 – 1989) was a Japanese university professor and influential quality management innovator best known for the Ishikawa or cause and effect diagram used in the analysis of industrial process.

Dr. Judy Wu (San José, Costa Rica 1983) Married. Originally from Taiwan, has a Pharmacist Degree from University of Costa Rica (UCR) and Master Degree in Project Management from Interamerican University (today Latin University) currently works as Quality Assurance Manager for Commercial Operations in Central America and Caribbean at GlaxoSmithKline and supports the UCR by teaching in the Pharmaceutical Industrial Technology Department. Enjoys Sanjay volunteer cheap mlb jerseys work and is currently an active collaborator of the United Nations Online Volunteer Service and other local development projects.

Click here to read the spanish translation