Learn everything you need to know about quality risk management: why it’s important, the process, and tools to use for implementation
Published 16 May 2023
Quality risk management is a systematic, risk-based approach to quality management. The process is composed of the assessment, control, communication, and review of quality risks. It is especially critical in the pharmaceutical industry, where product quality can greatly affect consumer health and safety.
According to the International Council for Harmonisation of Technical Requirements for Pharmaceuticals for Human Use (ICH), quality risk management has two primary principles, which are:
These principles can be seen in the examples provided below by the European Commission in its Good Distribution Practice (GDP) Guidelines for Medicinal Products:
Quality risk management is important because it can facilitate better and more informed decisions. With QRM, decision-making has the following qualities:
Another benefit is that companies can use risk level as the basis for prioritization, leading to a more efficient use of resources. Moreover, it helps build a culture of trust and transparency among companies and regulatory authorities.
Quality risk management is also a requirement of GDP, an internationally recognized set of standards for ensuring the quality of medicines throughout the supply chain. While GDP is primarily enforced in Europe, there has been an increase in its use in the United States and other countries.
Solid arrow – Required, Broken arrow – Optional; If risk control is unacceptable or ineffective, perform risk assessment again.
The following steps are based on ICH Q9, a guideline developed by the organization to standardize quality risk management:
Form a cross-functional team and choose a leader. Example QRM team:
Each member of this team will be responsible for coordinating quality risk management across various functions and departments in the company.
To quantify the expression of risk, assign a numeric value to each likelihood and severity category. The formula for calculating the risk level based on these values is up to you.
The output of the risk assessment will either be a numeric value or qualitative description expressing the overall level of risk posed by the problem.
The key focus of this step is choosing between risk reduction and risk acceptance. Answer and discuss the guide questions below with other QRM team members before making a decision:
Also keep in mind that the amount of effort used for risk control should be equal to the significance of the risk/s. If needed, refer to the output of the risk assessment in Step 2 or conduct a cost-benefit analysis to help determine the appropriate risk control.
Once risk control has been implemented, establish a system for monitoring its effectiveness. Quality risk management should be continuously reviewed, especially when:
Meanwhile, risk communication involves sharing information on the entire process with stakeholders who are not part of the QRM team. It also includes documenting the QRM team’s thought process at each step and the results they were able to achieve after completing a step.
Eliminate manual tasks and streamline your operations.
While following the steps of the quality risk management process above is sufficient for starting with QRM, certain industries or companies may need the help of recognized tools to fully deploy their strategy. Below are 3 quality risk management tools, their descriptions, and templates to help get you started:
Failure Mode Effects Analysis (FMEA) is a systematic method of anticipating potential failures in a process, product, or design and mitigating the negative impact of those failures on consumers. Key elements of this tool are mechanism of failure, risk priority number (RPN), and follow-up corrective actions.
Download for Free
Hazard Analysis Critical Control Points (HACCP) is a monitoring system for identifying and controlling hazards. First, a hazard analysis is performed on each step in the production process. If there is an opportunity to prevent, mitigate, or eliminate a hazard, the step is considered a critical control point.
Hazard Operability Analysis (HAZOP) is a risk management technique used to determine functional flaws in manufacturing systems. Similar to FMEA, it involves exploring different scenarios where a process, design, or procedure could deviate from its intended function.
SafetyCulture (formerly iAuditor) provides thousands of free templates (such as the FMEA, HACCP, and HAZOP templates above) which quality managers can use to complete checks, conduct inspections, perform audits, and more.
Create and implement your entire QRM program using the SafetyCulture app. Here’s how:
Download SafetyCulture for free.
You can use SafetyCulture (iAuditor) for free and add up to 9 people to your account. Included in the free plan are the Templates, Inspections, Issues, and Actions features. The premium plan starts at $19/month and has a 30-day free trial available.
Featured in Capterra’s 2021 Shortlist of the Best Quality Management Software
GetApp Category Leader in Quality Management Software
Software Advice 2021 FrontRunner for Top Risk Management Software
Winner of Best SaaS Award 2020 for Risk Management
Erick Brent Francisco
Erick Brent Francisco is a content writer and researcher for SafetyCulture since 2018. As a content specialist, he is interested in learning and sharing how technology can improve work processes and workplace safety. His experience in logistics, banking and financial services, and retail helps enrich the quality of information in his articles.
The MDSAP audit overviews a manufacturer’s quality system and processes to ensure products ...
Benefits Since the primary purpose of gathering and maximizing the Voice of the Customer data is to ...
SATs are important because they help to ensure that the system works as expected and that the ...