Editor’s Note: This is part 4 of a 7 part series on Process Risk Assessments.
Last week we explored how the concepts we’ve been discussing in our series line up with FMEA/FMECA methodologies. We showed that criticality is driven by impact (severity) and uncertainty (likelihood) and is not improved by a reduction in capability risk (occurrence) or detectability risk.
This week, we’ll explore the two impostors, uncertainty and detectability risk, a little bit further. While not as widely used, these two categories are important to creating clarity while assessing risk. We’ll discuss their usage and importance.
In the previous discussion, we have introduced the concepts of uncertainty and detectability risk, the former an alternate definition and the latter an additional layer or risk not specifically defined in ISO 14971. ICH Q9 discusses the idea of uncertainty in its discussion of risk assessment. Specifically, ICH Q9 states that:
In doing an effective risk assessment, the robustness of the data set is important because it determines the quality of the output. Revealing assumptions and reasonable sources of uncertainty will enhance confidence in this output and/or help identify its limitations. Uncertainty is due to the combination of incomplete knowledge about a process and its expected or unexpected variability. Typical sources of uncertainty include gaps in knowledge, gaps in pharmaceutical science and process understanding, sources of harm (e.g., failure modes of a process, sources of variability), and the probability of detection of problems.
For this reason, the uncertainty layer of risk can serve a dual purpose where it may describe the gaps in knowledge about how the variability of a parameter impacts patient safety/efficacy or the downstream process. Or, it may describe the likelihood of harm in the event of a hazardous situation. In practice, we see that the uncertainty layer is used for final quality attributes (FQAs) of the drug substance or drug product to describe how well the impact of variability in the FQA is understood. For example, if the impact or severity of harm level is based on literature references, the uncertainty may be medium or high. However, if the level is based on data from clinical studies that directly studied the impact, the uncertainty will be low. The Impact-Uncertainty construct is prevalent in some of the ICH guidances, the guidance on analytical comparability of biosimilars, and the A-Vax and A-mAb case studies.
If the uncertainty is low because the defined impact has been confirmed with direct data, but the likelihood of the harm remains high, then the value of the uncertainty may remain unchanged. In the case of other variables such as material attributes and process parameters, the uncertainty layer is not used because it is often assumed that if the variable is out of specification, it will certainly have the defined impact. For this reason, QbDVision allows the uncertainty layer to be turned on or off depending on the variable type.
Detectability risk presents its own set of challenges and not everyone uses this layer of risk in their risk assessments. In some cases, regulatory agencies frown on the use or over-reliance on detectability risk to manage RPN. The concern is rooted in the idea that the capability risk of a critical process parameter may be high because the process is not well controlled, but the manufacturer says this is okay because they can detect when the process is out of control. This is the equivalent of testing quality into the product. Regulatory agencies prefer that the process be developed so that the capability is better thereby minimizing process risk. Detectability is then used to manage residual risk, which should never be high. QbDVision also allows the detectability risk layer to be turned on or off depending on the variable type and whether the organization uses this layer.
From the discussion above, you can see how capturing uncertainty and detectability risk brings clarity and dimension while assessing risk. These elements are especially important when creating a data-driven risk assessment approach, like those enabled in QbDVision. And while we encourage the evaluation and ultimate usage of these “impostors,” we allow you, the user, the flexibility of deciding if they are appropriate for your risk assessment approach and manufacturing process.
Next week, we’ll discuss one of the most critical aspects of your Risk Management Plan design and execution: People! So far, our discussion has focused on the structural elements of quality risk management. However, it is important to acknowledge that analyzing risk is collaborative in nature. And, therefore, people and intended use must be taken into account.
This post is part 4 of 7 in a series on practical risk management for pharmaceutical process development. Tune in next week for a discussion on the human element.