Deviations Corrective and Preventative Actions April 2015
Deviations Corrective and Preventative Actions April 2015
Deviations Corrective and Preventative Actions April 2015
2
By any other name, it’s still a “Deviation”
• Incident
• Non-conformance, nonconformity
• Discrepancy
• Atypical situation
• Errors
• Out-of-specification
• Out-of-trend
• Failures
• Exceptions
Common “other” definitions (company specific)
Nonconformity
• The nonfulfillment of a specified requirement.
21 CFR 820(q)
Subpart I--Laboratory Controls; • (a) Any deviation from the written specifications, standards, sampling
Sec. 211.160 General plans, test procedures, or other laboratory control mechanisms shall
requirements. be recorded and justified.
Deviation Investigations/Resolution Process
Yes No
Does It
Function?
Don’t change it Yes Did you
try to fix
it???
Panic
You Idiot!!!
Does No
anyone Yes
else know Yes
about it?
You’re in Deep E. coli Will you be in
TROUBLE???
The
events are
Captured
The potential
impact is The
Evaluated across situation is
product lots and Investigated
product lines
The
The cause
occurrence
is
is
Corrected
Reported
The
activities are
Documented
Use of Contractors
• Manufacturers that use contract services
are ultimately responsible for ensuring
that deviations and failures experienced
by contractors are thoroughly
investigated and resolved before the is
batch released and distributed
The Reference Document – a Quality Agreement
Deviations and • Any Deviations from the Process must be
Out of documented as described in Section X:
Specification Deviations and Out of Specification (OOS)
Results and Approved by the Sponsor.
(OOS) Results
14
The Internationalization of CAPA: ICH Q10
15
US: CFR 21 Part 211
• Sec. 211.192 Production record review.
– All drug product production and control records, …
shall be reviewed and approved by the quality
control unit …. Any unexplained discrepancy …. shall
be thoroughly investigated, … The investigation
shall extend to other batches of the same drug
product and other drug products that may have
been associated with the specific failure or
discrepancy. A written record of the investigation
shall be made and shall include the conclusions and
follow up.
16
We have a deviation, how do we “fix” it?
CAPA is a well-known CGMP regulatory concept
that focuses on investigating, understanding, and
correcting discrepancies while attempting to
prevent their recurrence.
Remedial corrections of an identified
problem
19
FDA Guidance on CAPA continued
20
Preventive Actions are the proactive component
of an investigation and is an essential tool in
quality systems management
•include succession planning, training, capturing
institutional knowledge, and planning for
personnel, policy, and process changes are
“Soft” actions preventive actions that will help ensure that
potential problems and root causes are identified,
possible consequences assessed, and appropriate
actions considered.
22
Key Steps
1. Create the team
2. Identify the problem
3. Evaluate the issues
4. Investigate
5. Analyze the issues
6. Create action plans to address the findings
7. Implement
8. Verify effectiveness
9. Follow-up
23
Create the CAPA Team
• Should have a standing Data Integrity Team ready to
function
• Never dismisses a potential major or critical issue without
formalized investigation.
• The Data Integrity Team:
– Quality should always be chair
– Teams should always be expert in the specifics
– Avoid conflicts of interest (specific group or individuals should
not be involved in resolution)
– Identify appropriate witnesses and knowledgeable personnel
– Determine impact of potential data integrity or fraudulent
activities and know a priori what your course of action should
be.
• Periodically activate the team to “keep them fresh” by
conducting an in-depth review of a potentially “suspect”
area.
Identify the problem
Confirm the
source of the
information, e.g.,
deviations, Explain all
process changes, Focus on Document
unscheduled more than observations that the
maintenance, just the issue in great problem, as
audits, personnel at hand = detail but identified,
observations,
requests, data global concisely. really exists.
mining, third-
party reviews,
trend analyses
25
Evaluate the issues
26
Investigate
27
Analyze the issues
Root Cause
Analysis
• Conduct a
root cause
analysis to
determine
Data is primary
Assimilate all Necessary organized
All cause(s) of
results from the data is and the problem.
potential
investigation available formatted
causes are • List all (but
and confirm to drive for human don’t be
each properly evaluation
the confused with
observation identified where
analysis symptoms)
necessary
• List all
possible
interactions
of the
potential root
causes
28
Create action plans to address the findings
29
Create action plans to address the findings
Identify
• Timing
Training Needs
• Documents • Timing and requirements
• SOPs related to identified changes
• Physical equipment or system • Must be comprehensive and
changes
involve all affected
• Processing changes
personnel.
• Computer system controls or
validation
30
Implement
31
Follow-up
Confirm
Verify
• Resolved root cause
• Results
• Any resulting secondary
• Effectiveness of the CAPA situations have been corrected
• All objectives met • Effective controls in place
• Changes completed and verified • No unexpected consequences
• No reoccurrences of the event • Training updated?
32
A Word About Software Based Solutions
• Software programs are not CAPA, just a tool
• All CAPA programs have something to offer
• May be very expensive to install and validate
• Should be adopted across the entire company for
them to be effective, often difficult to do
• Requires an extremely well defined process
• Requires an owner, generally a Quality function
• Requires maintenance
• Will not provide the “answer” regardless of how
hard it is pushed.
33