21 CFR Part 11 A Risk Management Perspective - PowerPoint PPT Presentation

About This Presentation

Title:

21 CFR Part 11 A Risk Management Perspective

Description:

Analyze Business Process. Understand Quality Related Objectives ... Re-examine your approach in light of the new guidance. Don't over complicate the process ... – PowerPoint PPT presentation

Number of Views:90

Avg rating:3.0/5.0

Slides: 20

Provided by: ehc6

Category:

more less

Transcript and Presenter's Notes

Title: 21 CFR Part 11 A Risk Management Perspective

1
21 CFR Part 11 A Risk Management Perspective
Patrick D. Roche 07 March 2003, Washington D.C.
2
Proposed Agenda

Recent 21 CFR Part 11 Developments
Risk Management Perspective
Potential Integration with other Legislation
Examples
Conclusion

3
Recent Developments

CDER is now responsible for enforcement of 21 CFR
Part 11
All previous Part 11 guidance has been withdrawn
New draft guidance has been provided
Draft guidance acknowledges that
Statements made by agency staff may have been
misinterpreted as policy
The use of technology has been restricted,
contrary to the agencys intent
The cost of compliance far exceeds the agencys
expectations
Part 11 has discouraged innovation without a
significant public health benefit

4
Recent Developments

Part 11 is being re-examined and may be revised
Certain areas will be subject to enforcement
discretion (validation, audit trails, record
retention and record copying)
All other areas will continue to be enforced

5
Recent Developments

Narrow Scope Part 11 applies when persons
choose to use records in electronic format in
place of paper records
Decisions to rely on paper or electronic records
should be documented
Audit Trail
A risk-based approach should be followed where
audit trails are not required by predicate rules
Focus on adds, changes or deletions of records
that impact quality, safety and efficacy
Validation
A risk-based approach should be followed where
validation is not required by predicate rules
Word processing software that is used to create
paper-based SOPs would likely not require
validation
Copies of records
Record Retention - Risk Assessment driven

6
Recent Developments

There are wide ranging opinions regarding what
these changes mean
Key messages
Part 11 is not going to go away
The changes should not significantly modify your
approach
One size does not fit all
Focus on risk management an effective internal
control structure that protects product safety,
quality and efficacy

7
Risk Management Perspective

Everything is not important only those things
that impact quality, safety or efficacy
Risk anything that can prevent an objective
from being met
Consider an ORCA Approach
Analyze Business Process
Understand Quality Related Objectives
What are the Risks that could impact the
objectives?
What Controls must be established to mitigate the
risks?
Validation provides evidence that the controls
are in place and Aligned with objectives and
risks
If system based controls are not in place, what
other mitigating controls can be established?
Document risk assessment and decision process

8
Linkage of 21 CFR Part 11 with COSO and Sarbanes
Oxley
COSO Structure
COSO Component
Business Process
Transaction
Transaction
Control Objective
Control Objective
Risk
Issue
Risk
Control Activity
Action Plan
Control Activities
Testing
9
Examples

Business Process Procurement
IT Infrastructure

10
Procurement - Example
11
Procurement Vendor Qualification
Vendor Evaluation and Qualification
Vendor Master Maintenance
Vendor Confirmation
Create Purchase Requisitions and Purchase Order
(PO)
Goods Receipt and Reconciliation
Material or Service Master Maintenance
Return to Vendor
Material Qualification
NO
YES
Contracts and Pricing
MT
Payment to Vendor
MT Material Traceability must be defined
after a material is accepted and qualified. This
includes the assignment of unique lot numbers
after receipt at a manufacturing site.
12
People, Process and Technology
Processes
People
Technology
Vendor Setup in system
New Vendors are selected
Purchasing Personnel
SOP
System records Vendor Qualification details
New Vendors are Qualified by QM Personnel
Quality Management Personnel
Procurement of Raw Materials
Purchasing Personnel
Receipt of Goods
Warehouse Personnel
SOP
Material Qualification
Quality Management Personnel
System records Material Qualification details
SOP
Material Traceability- Assign Lot Numbers
Warehouse or Operations Personnel
Material lot numbers and tracking recorded in
the system
Purchasing Personnel
Payment generated from system
Vendor Payments
13
Procurement Vendor Qualification

Vendor Evaluation Qualification Controls
Audit Trails for Vendor Qualification are
established, including appropriate electronic
record and signature requirements to meet 21 CFR
Part 11
Vendor Qualification policies and procedures have
been established and implemented
Vendor Qualifications are restricted to
authorized personnel
Materials must be procured only from qualified
vendors
Quality procedures are distributed to approved
vendors on a regular basis and are included as
part of the negotiations for new external
sourcing arrangements
Associated Risk/Consideration
Unauthorized vendors may be found in the Master
Vendor File
Materials may be procured from unqualified
vendors
Approved vendors may not meet FDA requirements
Regulatory exposure
Records of vendor qualification reviews and
results may be inappropriate or not exist

14
Address Book Controls

Vendor Address Book Maintenance Controls
Restricted access to Vendor Master File
Vendor Master File changes are tracked via an
associated audit trail
Electronic signatures and records are maintained
as appropriate for all Vendor Master Changes in
accordance 21 CFR Part 11
Associated Risk/Consideration
Unauthorized purchases may result
Unauthorized payments to vendors may occur
Duplicate Vendor Master records may exist
Changes to vendor Master files may not be cGMP
compliant as accurate, traceable and approved
Regulatory exposure