Q. Can you offer any best practices for change management?
Impact assessment: In many cases, proposed changes are not properly and thoroughly assessed for risk. Appropriate departments should always evaluate changes to determine their potential impact on a validated process, critical equipment, and product quality, as well as the potential regulatory impact.Documentation of the change: When a change is being considered, the topic is often widely and frequently discussed, and is clearly understood among the site staff. When it comes to the documentation, the scope of the change, rationale, and justification for the change, as well as other details, little is written since "everyone knows what is going on." Then, when a third party (read: FDA Investigator) reviews the documentation package, it lacks details, which gives the impression that the evaluation or risk assessment is inadequate or incomplete. The documentation package should tell the complete story such that the third party can reach the same conclusion without provoking many questions.
Do not use "planned deviations." Many companies use the erroneous concept of "planned deviations," which are not deviations at all, but rather, changes. These changes are often temporary and handled within the deviation management system or similar program. Deviations are unexpected events wherein some control is lost and the product quality impact of the event must be evaluated retrospectively. No one wants to "plan to deviate" and deviations raise a red flag to regulators.
Changes on the other hand, are planned events where the potential impact is evaluated prospectively. This holds true even for a temporary change where the change is for one batch–the potential impact of the change on that one batch must be evaluated prior to the change being implemented, even if immediately before the batch is to be manufactured. Therefore, changes that are referred to as "planned deviations" should be managed under a change-control program, which should provide for emergency and temporary changes.
Avoid unauthorized changes. Individuals sometimes implement a change outside of the change control mechanism. Such changes may be well-intentioned "good ideas," but nonetheless are unauthorized and undocumented. A common example of an unauthorized, "good-idea" change may occur with respect to modification when "like-for-like" parts are not available and a repair is made with a nonequivalent part. In other cases, some change-control processes may be so cumbersome that changes cannot be approved on short notice. Implementing a change prior to a full evaluation and approval, however, constitutes an unauthorized change.
Limit the number of change management SOPs. Many companies have an excessive number of SOPs that relate to changes. Sometimes, each department has its own change control procedure or each topic (e.g., processes, analytical methods, facilities, equipment, materials, documents, computer systems) is managed under a separate SOP. These situations cause confusion, inconsistencies, overlap, and gaps. One company had 27 SOPs that addressed changes in one way or another, such that it was unclear where to even begin the change process.
Watch for cumulative changes. Companies must consider that multiple individual changes categorized as "minor" on their own merit may have a cumulative effect on product quality and the impact of multiple changes should be evaluated.
Follow-up and closure. Companies often fail to follow-up after a change to verify that it was implemented as approved, provided the intended outcome, is effective, and has not caused other "unintended" changes. The follow-up should provide for closure in a timely manner. The appropriate timeframe for follow-up and closure can vary dependent of the type of change, but should be verified before product affected by the change is released. Changes should not be left "open" for an excessive length of time.