Hi Everyone

Good evening……..

Today we are going to discuss about Quality Risk Management process

Since a couple of years Quality Risk Management (QRM) has become a mandatory regulatory requirement towards healthcare organizations.

QRM is an overall and continuing process of minimizing risks to product quality throughout its life-cycle in order to optimize its benefit and balance the risk.

It is a systematic process for the evaluation, control, communication and review of risks to the quality of the medicinal product.

It supports science based and practical decisions when integrated into quality systems, examples of quality systems include Validation, Quality Defects – Investigation, Auditing, Inspection, Documentation, Training etc.

Quality Risk Management principles are effectively utilized in many areas including business, insurance, work related safety, public health, pharmacovigilance, and by agencies regulating these industries.

Even though there are some examples of the use of quality risk management in the pharmaceutical industry, today they are limited and do not represent the full contributions that risk management has to offer.

In relation to pharmaceuticals, though there are a variety of stakeholders, including medical practitioners and patients as well as government and industry, the safety of the patient by managing the risk to quality should be considered prime importance.

The manufacturing and use of a drug product, including its components, necessarily involve some degree of risk.

An effective QRM approach can further ensure the high quality of the drug product to the patient by identify and control potential quality issues during development and manufacturing.

Use of QRM can improve the decision making if a quality problem arises. Effective QRM implementation can facilitate better and well- versed decisions which can provide regulators with greater assurance of a company’s ability to deal with possible risks.

Principles of Quality Risk Management

Four primary principles of QRM are:

  1. The assessment of the risk to quality should be based on scientific knowledge and ultimately link to the protection of the  patient.
  2. QRM should be dynamic, iterative and responsive to change.
  3. The level of effort, formality and documentation of the QRM  process should be commensurate with the level of risk
  4. The capability for continual development and enhancement should be embedded in the QRM process.

General Quality Risk Management Process


Quality Risk Management is a systematic process for evaluation, control, communication and review of risks to the quality of the drug product across the product life cycle.

Risk can be defined as the combination of the probability of occurrence of harm and the severity of that harm

Initiating a Quality Risk Management Process

Quality Risk Management should include systematic processes designed to organise, facilitate and improve science-based decision making with respect to risk. Steps used to initiate and plan a quality risk management process might include the following:

  1. Define the problem and/or risk question, including relevant assumptions identify the potential for risk.
  2. Assemble background information and/or data on the potential hazard, harm or human health impact applicable to the risk assessment.
  3. Specify a timeline, and appropriate level of decision making for the risk management process.

Risk Assessment

Risk assessment consists of the identification of hazards and the analysis and evaluation of risks associated with exposure to those hazards.

It includes risk identification, risk analysis and risk evaluation. Three fundamental questions are often helpful.

  1. What might go wrong?
  2. What is the possibility that it will go wrong?
  3. What are the consequences?

Risk identification

Risk identification is a organized use of information to identify hazards referring to the risk.

Information can include historical data, theoretical analysis, and the concerns of stakeholders.

Risk identification addresses the “What might go wrong?” question, including identifying the possible consequences.

This provides the basis for further steps in the quality risk management process.

Risk analysis

Risk analysis is the estimation of the risk associated with the identified hazards.

It is the qualitative or quantitative process of linking the likelihood of occurrence and severity of harms.

In some risk management tools, the ability to detect the harm (detectability) also factors in the estimation of risk.

Risk evaluation

Risk evaluation compares the identified and analysed risk against given risk criteria.

Risk evaluations consider the strength of evidence for all three of the fundamental questions.

Different Steps Involved In the Risk Assessment Are

  1. Collect & organise the information
  2. Formulate the Risk Question
  3. Choose Tool different tools include
  4. Identify Risks Factors and Related Hazards
  5. Define the Risk Components &Scales
  6. Evaluate the risk for each hazard
  7. Determine acceptability of risks
  8. Determine Action Threshold
  9. Apply the tool

Risk control

Risk control includes decision making to reduce and/or accept risks.

The intention of risk control is to reduce the risk to an acceptable level.

The amount of effort used for risk control should be proportional to the significance of the risk

Risk reduction focuses on processes for mitigation or avoidance of quality risk when it exceeds a specified level.

Risk reduction might include actions taken to mitigate the severity and probability of harm.

The implementation of risk reduction measures can introduce new risks into the system or increase the significance of other existing risks.

Hence, it might be appropriate to revisit the risk assessment to identify and evaluate any possible change in risk after implementing a risk reduction process.

Risk acceptance is a decision to accept risk.

For some types of harms, even the best quality risk management practices might not entirely eliminate risk.

In these circumstances, it might be agreed that an appropriate quality risk management strategy has been applied and that quality risk is reduced to a specified (acceptable) level.

This (specified) acceptable level will depend on many parameters and should be decided on a case-by-case basis.

Risk Review is the output/results of the risk management process should be reviewed to take into account new knowledge and experience.

Once a quality risk management process has been initiated, that process should continue to be utilized for events that might impact the original quality risk management decision.

Risk review might include reconsideration of risk acceptance decisions

Risk Communication is the sharing of information about risk and risk management between the decision makers and others.

The output/result of the quality risk management process should be appropriately communicated  and  documented.

The  included  information  might  relate  to  the  existence,  nature,  form, probability, severity, acceptability, control, treatment, detectability or other aspects of risks to quality.


Quality Risk Management is a systematic process for evaluation, control, communication and review of risks to the quality of the drug product across the product lifecycle.

Effective Quality Risk Management can facilitate better and more informed decisions, can provide regulators with greater assurance of a company’s ability to deal with potential risks, and might affect the extent and level of direct regulatory oversight.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s