Embracing Risk

Dec. 5, 2007
As we move ahead as an industry, transforming our concept of quality to align with the latest FDA and international regulations, we find ourselves in uncharted waters. The dilemma of implementing Quality by Design (QbD), Risk-Based Validation (RBV) and Process Analytical Technology (PAT) has challenged traditional quality thinking.

What is driving the confusion? I believe it is the concept of risk. As an industry we have built our quality thought processes on the notion of eliminating risk. Quality programs like supplier qualification, incoming inspection, documentation control, etc. are designed to minimize the possibility of making a bad decision. We have hedged our bets by adding more and more infrastructure to ensure that the proper oversight and decision-making personnel are involved in our quality practices.

On one hand, embracing risk would seem, at best, a slight detour in our way of approaching product and quality because implicitly minimizing risk is the foundation of our current quality systems. On the other hand, the concept of embracing risk could be perceived as a complete shift in thinking in how we make drugs. So, what constitutes a good risk?

Risk in our industry can be defined as “the combination of the probability of occurrence of harm and the severity of that harm to all stakeholders in the drug development process.” Stakeholders include the pharmaceutical company and its shareholders (the business), employees, country-specific regulatory bodies, the medical community, and most importantly, the public. The tools for quantifying this risk are tried and true. Tools such as Fault Tolerance Analysis (FTA), Failure Modes and Effects Analysis (FMEA), Hazard Analysis and Critical Control Point (HACCP) have been used by industry for years.

However, historically we have used these tools in supportive roles, focusing on engineering or technical risks. The difference is that we now find ourselves using these tools to evaluate program and business risks.

Let’s look at FMEAs as an example. When companies bring their products through the development pipeline program, management tracks the development process to clinical milestones. Key development decisions often get lumped into broad buckets, such as process development, validation and PAI readiness. The truth is each one of these categories involves hundreds of trade-off decisions that will have an impact on the success of the program and potentially the overall business. Integrating risk assessment milestones typically are not part of the program management thought process.

So how do we catalyze this shift in thinking? One approach is to integrate a risk assessment as part of the go/no-go decision early in a product’s development. Evaluating factors such as competitive pressures in the market place, manufacturing capacity and capability, supply chain considerations and standard cost targets early in a program will help elevate the visibility of risk management in the thinking of the CMC program manager. Conducting a product hazard analysis from a patient or platform perspective at the outset of the development program will allow companies to focus their characterization and validation efforts on those items that have the greatest potential for risk to the program and the public. Leveraging simple quality tools from approaches such as lean manufacturing, Six Sigma, QFD, Kepner-Tregoe and TRIZ provide an objective framework for standardizing risk evaluation during the development of a product.

Knowing which tool to use at the right time is part of the barrier to integrating risk management as part of a normal quality process. Applying rules around this evaluation and providing training in the application of these tools can go a long way to reducing the anxiety around integrating risk in our normal quality thinking. The danger in not providing this type of education is the improper application of the analysis tools with the potential for paralyzing a development organization as they evaluate non-value added risks. How many of us have lived through an FMEA with several thousand risks identified, several hundred of which are deemed critical threats to the program?

The benefits of simplifying and standardizing risk within the development process are numerous. Conducting a risk assessment at the outset of a program allows an organization to frame and contain the tangible risk to the public and to the business. Rather than taking a shot gun approach to all potential risks, you can focus on critical elements, thereby reducing time-to-market delays and positioning the organization to concentrate its validation and quality efforts on only those elements that matter. When we identify these risks early, we minimize the potential for downstream program hiccups. Supply chain, quality agreements and process capability questions can all be ironed out before they have timeline and cost implications. In particular, outsourcing strategies can be the bane of any execution plan. Integrating risk management tools as part of the evaluation process can streamline and stabilize the overall selection process, minimizing the incidence of unwelcome surprises at the end of the development lifecycle.

Ultimately, shifting our concept of quality to embrace risk will move our quality focus upstream in the development process. This enables us to ask the tough questions before their consequences cause our programs to stumble. Leveraging the pieces of our existing quality structure and complementing them with prescribed analytical tools for risk assessment will position our industry to be more effective from a business and shareholder perspective as we increase the quality of our products and reduce the risk to our customers.

About the Author

Bikash Chatterjee | President