Failure mode and effects analysis.
Failure mode and effects analysis (FMEA) is one of the most commonly used methods for pharmaceutical risk assessment. It is
a team-based structured risk assessment method that can assign a numerical risk priority number based on relative perceived
risk. A FMEA is dependent on the expertise of the team members (see Table I).
Table I: Sample FMEA for fill line change over.
Hazard analysis and critical control points.
Hazard analysis and critical control points (HACCP) is a tool mandated by FDA's Center for Food Safety and Applied Nutrition
for use in the seafood industry and other food processing industries. Its use in the pharmaceutical industry was described
in detail by the World Health Organization (WHO) in 2003 (5). The seven principles of HACCP include:
- Conduct a hazard analysis
- Determine the critical control points (CCPs)
- Establish critical limits
- Establish a system to monitor control of the CCP
- Establish the corrective action to be taken when monitoring indicates that a particular CCP is not under control
- Establish procedures for verification to confirm that the HACCP system is working effectively
- Establish documentation concerning all procedures and records appropriate to these principles and their application.
Table II illustrates an HACCP worksheet for the filling of product into vials for a hypothetical biotech company.
Table II: HACCP worksheet (adapted from FDA CFSAN website).
Fault tree analysis.
Fault tree analysis (FTA) is a risk-assessment method that begins with a failure event, and uses logic diagrams to determine
the sequence of events required to cause the failure. FTA is frequently used as a design tool for critical systems. FTA can
be used with other tools such as FMEA to ensure all failure modes are included and to develop estimates of the frequency of
a particular failure mode.
This tool is excellent for equipment design and commissioning, for determining procedural controls needed to prevent a failure
event, and for determining qualification and control strategies. With modification, it can also be used to assign probabilities
to each failure mode.
The limitation of this tool is that it requires a large amount of time and effort to construct properly; it can expand rapidly
as more detail is added. It is more suitable for large, complex systems than for simple systems because of the time and effort
FTA involves the following steps:
- Define the failure (undesired event) to study
- Gain knowledge of the system—gather a team of experts to analyze the system
- Construct the fault tree
- Evaluate the fault tree
- Develop control strategies for the identified hazards.
Figure 3 shows a partial fault tree diagram for a critical failure—cross-contamination between two products. The top event
represents the failure. Each subsequent level is connected by a logic gate (AND, OR, etc.). As shown in this figure, a fault
tree diagram can grow rapidly and can become quite complex.
Figure 3: Fault tree analysis diagram. (FIGURE 3 IS COURTESY OF THE AUTHOR)