QC-數(shù)據(jù)完整性風(fēng)險(xiǎn)分析_ISPE-meeting_final課件

1、實(shí)驗(yàn)室數(shù)據(jù)完整性風(fēng)險(xiǎn)評估Regulation 法規(guī)要求作為風(fēng)險(xiǎn)管理系統(tǒng)的一部分，應(yīng)根據(jù)合理的并有文件記錄的計(jì)算機(jī)系統(tǒng) 風(fēng)險(xiǎn)評估來決定驗(yàn)證的范圍和數(shù)據(jù)完整性的控制手段。Regulation 法規(guī)要求MHRA Data Integrity Definitions and Expectations, Revision 1.1 March 2015The data governance system should be integral to the pharmaceutical quality system described in EU GMP chapter 1. The effort and

2、resource assigned to data governance should be commensurate with the risk to product quality, and should also be balanced with other quality assurance resource demands. As such, manufacturers and analytical laboratories are not expected to implement a forensic approach to data checking on a routine

3、basis, but instead design and operate a system which provides an acceptable state of control based on the data integrity risk, and which is fully documented with supporting rationale.數(shù)據(jù)管理體系應(yīng)該與歐盟EU GMP第一章所述的質(zhì)量體系相結(jié)合。投入到數(shù)據(jù)管理的精力和資源應(yīng) 與其產(chǎn)品的風(fēng)險(xiǎn)等級相對應(yīng)，同時(shí)還應(yīng)該權(quán)衡其他質(zhì)量保證工作的資源需求。因此, 生產(chǎn)者和分析 實(shí)驗(yàn)室并不是要刻板地進(jìn)行常規(guī)的數(shù)據(jù)核對，而是要設(shè)計(jì)出

4、并運(yùn)行一套管理體系，來控制數(shù)據(jù)完整 性的風(fēng)險(xiǎn)，而且詳細(xì)記錄這個(gè)體系合理性的支持依據(jù)。Risk Management & Risk AssessmentPlanning & CriteriaID Hazardous Situations Impact/ likelihood/detectable Compare to CriteriaReduce OccurrenceBenefit vs. RiskDocument & ApproveUpdate as Needed風(fēng)險(xiǎn)管理與風(fēng)險(xiǎn)評估計(jì)劃并預(yù)設(shè)可接受標(biāo)準(zhǔn)進(jìn)識別危害嚴(yán)重程度/可能性/可檢測性 與可接受的風(fēng)險(xiǎn)相比及時(shí)更新減少風(fēng)險(xiǎn)發(fā)生風(fēng)險(xiǎn)和收益的均衡記

5、錄并批準(zhǔn)No software 無軟件Simple Software 簡單軟件Complex Software 復(fù)雜的軟件固件(FirmWare)單機(jī)版設(shè)備網(wǎng)絡(luò)版軟件pH 計(jì)紫外分光光度計(jì)液相色譜-質(zhì)譜聯(lián)用LIMS天平紅外光譜儀HPLC系統(tǒng)（網(wǎng)絡(luò)版）實(shí)驗(yàn)室調(diào)查系統(tǒng)SAP系統(tǒng)熔點(diǎn)儀TLC系統(tǒng)紅外光譜儀（網(wǎng)絡(luò)版）CAPA系統(tǒng)ERP系統(tǒng)沸點(diǎn)儀原子吸收光譜儀(卡爾費(fèi)休)滴定儀HPLC系統(tǒng)（單機(jī)版）紫外分光光度計(jì)（網(wǎng)絡(luò)版）QC Data Sources 實(shí)驗(yàn)室數(shù)據(jù)來源簡單復(fù)雜人工觀測后進(jìn)行的紙質(zhì)記錄，從簡單的設(shè)備直至復(fù)雜的高度配置的計(jì)算機(jī)系統(tǒng)產(chǎn)生的圖譜和數(shù)據(jù)；數(shù)據(jù)完整性的內(nèi)在 風(fēng)險(xiǎn)也因此有所不同，這取決

6、于數(shù)據(jù)（或系統(tǒng)生成的或使用的數(shù)據(jù)）的可配置的程度及 由此而被造假的可能性程度Risk identification 風(fēng)險(xiǎn)識別Does the data has a quality impact in that it affects product quality, safety or compliance with authority GXP regulations?數(shù)據(jù)是否影響到產(chǎn)品質(zhì)量和安全，或者與任何一個(gè)法規(guī)相關(guān)？Non-GxP or Low Risk Requirements are typically then marked NA and think it is low risk d

7、ata or data process.如果和任何一個(gè)GXP法規(guī)都無關(guān)，或者是低風(fēng)險(xiǎn)等級的法規(guī)要求，可以標(biāo)注不適用，認(rèn)為 該數(shù)據(jù)或者處理數(shù)據(jù)的過程為低風(fēng)險(xiǎn);Risk identification 風(fēng)險(xiǎn)識別所有數(shù)據(jù)必須滿足ALCOA+要求AAttributable歸屬性（可追溯的）LLegible可辨性 （清晰可讀的）CContemporaneous (=same time)同時(shí)期（及時(shí)性）OOriginal原始性 （原始的）AAccurate準(zhǔn)確性ALCOA+Enduring持久按數(shù)據(jù)類型保存期限，在數(shù)據(jù)整個(gè)生命周期保存 可檢索數(shù)據(jù)Complete完整包含所有數(shù)據(jù)Available可用數(shù)據(jù)便于

8、隨時(shí)訪問Consistent一致數(shù)據(jù)兼容，無變動和沖突Risk identification 風(fēng)險(xiǎn)識別a Failure Mode and Effects Analysis (FMEA) technique can be used to identify and record the GAP/Risk from: 通常用FMEA來識別并記錄差距/ 風(fēng)險(xiǎn)可采用其它輔助工具識別風(fēng)險(xiǎn)：頭腦風(fēng)暴法 (Brainstorming)魚骨圖 (Fishbone diagram)流程圖（Process flow charts）核查表（Checklist）思考點(diǎn)：紙質(zhì)、電子或混合系統(tǒng)靜態(tài)數(shù)據(jù)或動態(tài)數(shù)據(jù)人工與電子

9、原始數(shù)據(jù)Risk Analysis 風(fēng)險(xiǎn)分析風(fēng)險(xiǎn)識別后，對FMEA清單中的所有風(fēng)險(xiǎn)因素進(jìn)行風(fēng)險(xiǎn)分析，并對每一項(xiàng)風(fēng)險(xiǎn)因素 的得分與預(yù)先在FMEA方法中設(shè)定的風(fēng)險(xiǎn)可接受限度相比較，思考 ALCOA+要求考慮數(shù)據(jù)完整性的關(guān)鍵組成部分：良好文檔規(guī)范數(shù)據(jù)審核檢查有效驗(yàn)證電子系統(tǒng)賬戶管理和安全數(shù)據(jù)保存：存儲、備份和歸檔系統(tǒng)設(shè)計(jì)7. Risk Analysis 風(fēng)險(xiǎn)分析Risk Evaluation 風(fēng)險(xiǎn)評價(jià)CategoryDescriptionAttributable 可追溯Who performed an action and when. If a record is changed who did i

10、t and why. It should be clear whocreated a record and when. Likewise, it should be clear as to who amended a record, when, and why.何時(shí)由誰產(chǎn)生的數(shù)據(jù)，如果改變數(shù)據(jù)，誰更改的，為什么；能明確找到記錄的時(shí)間和由誰生成的。 同樣，能清晰的追溯誰更改了數(shù)據(jù)，什么時(shí)間更改的，為什么更改。Legible 清晰可讀Data must be recorded permanently in a lasting form and easily readable.數(shù)據(jù)應(yīng)記錄永久記錄在一

11、個(gè)專用表格中并易于讀取。Contemporaneous 及時(shí)性The data must be record at the time the work is performed and data/time stamps should follow in order.操作后應(yīng)及時(shí)記錄，數(shù)據(jù)應(yīng)按時(shí)間順序記錄This means the evidence or test results are recorded as they are observed, therefore allowing reconstruction of the events around the data 這要求證據(jù)或者檢驗(yàn)

12、結(jié)果就應(yīng)該與事實(shí)一致，可以根據(jù) 數(shù)據(jù)重現(xiàn)當(dāng)時(shí)的情況Original 原始的The recorded information must be the original data or a certified true copy. Data should not betranscribed from one source to another without justification and control certification processes in place.記錄的信息必須是原始數(shù)據(jù)或者一個(gè)正確的副本。除非有正當(dāng)理由并有受控的過程證明，數(shù)據(jù)不可以從一個(gè)原始地方轉(zhuǎn)錄到另一個(gè)。Accu

13、rate 精確的No errors or editing performed without documented amendments.The information recorded is correct. 數(shù)據(jù)沒有錯(cuò)誤，或者書面記錄更正的情況后才能修改Risk Evaluation 風(fēng)險(xiǎn)評價(jià)Impact 影響LevelCriticality 嚴(yán)重性10Failure affects safety and involves major non-complicance with government regulationsuch as performance, reliability嚴(yán)重影響

14、到產(chǎn)品的安全性和法規(guī)符合性；如功效，可靠性extremely serious impact on the analysis process or product quality attributes;嚴(yán)重影響分析過程和質(zhì)量屬性；100% of product will be discarded based on wrong results;錯(cuò)誤的結(jié)果將導(dǎo)致所有產(chǎn)品的報(bào)廢extremly serious impact on patient safety or on the toxicity assessment of the material .嚴(yán)重的影響病人的安全或物料的毒理評估98Very

15、high degree of patient dissatisfaction and will probably result in patient complaint.極高程度的引起病人的不滿及可能造成病人的投訴major impact on the analysis process or product quality attributes;主要影響分析過程和質(zhì)量屬性；unnecessary reprocessing based on wrong results, portion of the product may have to be scrapped;錯(cuò)誤的結(jié)果導(dǎo)致額外的再處理過程，

16、或部分產(chǎn)品報(bào)廢potential impact on patient safety or on the toxicity assessment of the material.潛在影響病人的安全或物料的毒理評估76Failure causes some dissatisfaction. Patient is made uncomfortable or is annoyed by the failure可能引起一些不滿，病人會感到不舒服或惱火low impact on the analysis process or product quality attributes;較低的影響分析過程和質(zhì)量屬

17、性potential reprocessing based on wrong results, portion of the product may have to be scrapped;錯(cuò)誤的結(jié)果會導(dǎo)致潛在的再處理過程，或可能導(dǎo)致部分產(chǎn)品報(bào)廢no impact on patient safety or on the toxicity assessement of the material.不影響病人的安全或物料的毒理評估543Failure causes only a slight patient annoyance.進(jìn)會造成病患的細(xì)微的不滿。minor impact on the ana

18、lysis process or product quality attributes;輕微的影響分析過程或產(chǎn)品質(zhì)量屬性effect of offset results is easily to overcome;結(jié)果的偏移是很容易克服的no impact on patient safety or on the toxicity assessement of the material.不影響病人的安全或物料的毒理評估21Minimal effect 最小限度的影響absolutely no impact on the analysis process, product quality attr

19、ibutes;絕對不影響分析過程或產(chǎn)品質(zhì)量屬性absolutely no impact on patient safety or on the toxicity assessment of the material.絕對不影響病人的安全或物料的毒理評估Probability可能性LevelProbability 可能性10More than once per day 每天多余1次9One every 3-4 days 每3-4天1次8Once per week 每周1次7Once per month 每月1次6Once every 3 months 每3個(gè)月1次5Once every 6 mo

20、nths 每6個(gè)月1次4Once per year 每年1次3Once every 1-3 years 每1-3年1次2Once every 3-6 years 每3-6年1次1Once every 6-100 years 每6-100年一次Detectability可檢出性LevelDetectability 可檢出性100% likelihood that the potential failure will be detected or prevented before the product is released to the market, 0%發(fā)現(xiàn)缺陷的可能性，及失敗模式缺陷不能

21、被檢測或在上市前阻止9825% likelihood 25%發(fā)現(xiàn)缺陷的可能性7650% likelihood 50%發(fā)現(xiàn)缺陷的可能性5475% likelihood 75%發(fā)現(xiàn)缺陷的可能性3290% likelihood 90%發(fā)現(xiàn)缺陷的可能性1100% likelihood 100%發(fā)現(xiàn)缺陷的可能性Risk Priority Number(RPN) 風(fēng)險(xiǎn)系數(shù)RPN value風(fēng)險(xiǎn)系數(shù)Description描述Corrective actions改進(jìn)措施0-70Tolerable可接受的No corrective action is required but may be still inst

22、alled, if defined and feasible.不要求有改進(jìn)措施，但如果有可執(zhí)行的改進(jìn)措施，那么就去執(zhí)行。71 299ALARP range 安全風(fēng)險(xiǎn)處在最 低合理可行狀態(tài)Corrective actions should be defined, if any are possible.If no corrective actions are possible in this range the remaining risk needs to be justified.如果可能，需要制定改進(jìn)措施。在此階段內(nèi)沒有制定改進(jìn)措施的情況下，需要對殘存的風(fēng)險(xiǎn)進(jìn)行合 理的評估300 1000

23、Intolerable不可接受Corrective actions have to be defined to bring the RPN down to at least the ALARP range.If no corrective actions are possible or the RPN remains in this region the product/method of this particular design should not be used.必須要制定改進(jìn)措施來降低風(fēng)險(xiǎn)系數(shù)，最起碼要打到ALARP的要求。 如果不能制定改進(jìn)措施或風(fēng)險(xiǎn)系數(shù)依舊存在，那么請停用與此相

24、關(guān) 的設(shè)計(jì)或流程。Data lifecycle 數(shù)據(jù)的生命周期Do we review source data是否審核源數(shù)據(jù)Do we review reprocessing events 是否 會注意重新處理的情況How do we manage failures 如何管理失誤Objective reporting客觀報(bào)告Transparency in failures失誤的透明化管理Tracking and trending failure追蹤并分析失誤的 趨勢How do we process our data如何處理數(shù)據(jù)的How do we identity data handing

25、failures 如何識別 數(shù)據(jù)處理失誤The Design of the analytical process and how data is collected 設(shè)計(jì)分析過程和數(shù)據(jù)采 集方案What is the process of data/metadata transfer 數(shù)據(jù)的傳送過程Data Collection數(shù)據(jù)采集Data Processing數(shù)據(jù)處理Data Reviewing 數(shù)據(jù)審核Data Reporting 完成報(bào)告Data Archive 數(shù)據(jù)保留Checklist example核查表舉例ReferenceCommentItem1.11.1 Laborato

26、ry Systems: Quality Control實(shí)驗(yàn)室系統(tǒng)：質(zhì)量控制1.1List existing laboratory equipment. Respond to each question for each unit. Units maybe bundled where appropriate.羅列所有實(shí)驗(yàn)室的儀器。并為每個(gè)儀器回答每一個(gè)問題， 如適用，可以將多個(gè)儀器合并起來回答。1.1Is this unit linked to an electronic lab management system (Yes/No) Describe用YES或No來描述每個(gè)儀器是否與電子實(shí)驗(yàn)室管

27、理系統(tǒng)相關(guān)聯(lián)？1.1Is the unit part 11 compliant?該儀器是否遵循Part 11？1.1How was this determined? Describe why this conclusion was made?怎樣判定的？ 是否描述了為什么做這樣的決定？1.1Are there audit trails for all? Yes/No, describe.是否有所有的歷史記錄？ 用Yes或者No來回答1.1If yes, are audit trails periodically reviewed? Describe what is done.如果Yes， 那么

28、歷史記錄是否進(jìn)行了周期性復(fù)核？ 描述做了什么1.1Is raw data contained with the analytical record and subject to review as part of therelease process原始數(shù)據(jù)是否包含在分析記錄中， 是否是放行過程中復(fù)核的對象？1.1Does each of these have a related log book? Yes/No. Is the logbook audited or verifiedeither periodically or as a routine? If so, please descr

29、ibe what is done.用Yes或者No來說明是否這些都有相應(yīng)的記錄日志？這些記錄日志是否被周期性 地或者規(guī)律性地審查或者確認(rèn)？ 如果是，請描述做了什么？1.1Confirm all units have been qualified, operating under GMP.確認(rèn)所有儀器都經(jīng)過了確認(rèn)，并且按照GMP要求來操作。Checklist example核查表舉例1.11.1 Laboratory Systems: Quality Control實(shí)驗(yàn)室系統(tǒng)：質(zhì)量控制1.11QA Unit: QA部門1.11Is QA involved in QC?QA 是否參與到QC中？1.

30、11What is the role of the QA unit?QA人員是什么樣的角色？1.11Is QA a defined and independent review and approval function?QA是否是擁有規(guī)定的和獨(dú)立的復(fù)核和批準(zhǔn)功能？1.11Describe this process and the standards used for review/approval of documents and go-live process for equipment utilization.描述文件復(fù)核/批準(zhǔn)的過程與標(biāo)準(zhǔn)，以及儀器設(shè)施啟用的流程1.11Is QA ma

31、de aware of changes to data, invalidated data, laboratory investigations? Bespecific with as to what is notified to QA and what they are obligated to take, if any. QA是否能夠察覺到數(shù)據(jù)改變，無效數(shù)據(jù)，實(shí)驗(yàn)室調(diào)查? 如果有任何上述問題， 應(yīng)具體到哪些通知到QA，他們中誰有職責(zé)去做的這些？Describe process and attach relevantprocedure documents1.111.11Describe in

32、stances where raw data is not maintained or reviewed舉例說明哪些原始數(shù)據(jù)沒有被維護(hù)或者復(fù)核Discuss1.11Describe conditions under which data can be altered, updated, changed, etc.描述在哪些情況下，數(shù)據(jù)能夠被篩選，被更新，被改變等Discuss and attach procedure1.11Indicate the number of stability chambers that exist. Confirm that each are qualified

33、andthat alarm conditions exist. Describe what happens in the case of excursions? How is the raw monitoring data collected? Is it available for audit?指明存在的穩(wěn)定性箱體的數(shù)量。 證實(shí)每一個(gè)都經(jīng)過了確認(rèn)和存在報(bào)警系統(tǒng)。 描述超限案例的處置。原始監(jiān)控?cái)?shù)據(jù)如何被收集？ 是否有歷史記錄？DiscussChecklist example核查表舉例ReferenceCommentItem1.11.1 Laboratory Systems: Quality C

34、ontrol實(shí)驗(yàn)室系統(tǒng)：質(zhì)量控制1.12Document management文件管理1.12Availability of Procedures and General Controls:流程和基本控制的有效性：Please describe existing processesand attach relevant procedure1.12Are the relevant SOPs in place for data handling, management, record retention andgood documentation practices?關(guān)于數(shù)據(jù)處理，管理，記錄存檔和

35、良好的文檔規(guī)范的SOPs應(yīng)準(zhǔn)備就緒。1.12For raw data mgt: are printouts kept for all non computerized or hybrid systems (e.g.balances etc)? Are these automatically time- and date-stamped?對于原始數(shù)據(jù)的管理：是否所有非計(jì)算機(jī)化或單一系統(tǒng)的打印條都被保存（如天 平）？這些是否被自動的打印出時(shí)間和日期？1.12Are equipment and system inventories available and kept current?所有儀器和系統(tǒng)

36、的列表是可獲得的，并且被保存至今1.12Is validation documentation up to current standards and involve both periodic and eventbased evaluation?驗(yàn)證文件是否滿足最新的標(biāo)準(zhǔn)的要求，并包含周期性評估或基于事件的評估？1.12Do formal operational processes exit for以下管理是否存在正式的操作流程：1.12Data management?數(shù)據(jù)管理1.12Incident management?事件管理1.12Change management?變更管理1.12

37、User account management?用戶賬號管理1.12Calibration management?校準(zhǔn)管理Checklist example核查表舉例ReferenceCommentItem1.11.1 Laboratory Systems: Quality Control實(shí)驗(yàn)室系統(tǒng)：質(zhì)量控制1.13E-compliance 電子合規(guī)1.13Is ERES (Part11 Electronic records, Electronic Signatures and Audit trails), handledand appropriately managed at the loc

38、al, operational and equipment level?電子記錄和電子報(bào)告是否按照本地水平，操作水平和儀器水平來進(jìn)行處理和適當(dāng) 的管理？Describe procedures and attach.1.13Is the retirement of computerized systems/equipment defined?計(jì)算機(jī)化系統(tǒng)或儀器是否制定了退役流程？Describe and attach proceduredocument1.14User Accounts: 用戶賬戶：Describe and provide proceduredocuments1.14Are passwords controlled and access rights reviewed periodically? Describe process formaintenance of