Jan 31, 2011 | Free Downloads | |Share This Article
Note: Though this article references 21 CFR Part 820, it is applicable to any company that is striving for more quality-system input and involvement from management.
We've all heard of the recent FDA decision to increase the focus of inspections on management with executive responsibility. There have been at least two warning letters issued this year with observations targeted in this area. While there are 26 references to the role of executive management within the Quality System Regulations (QSR 21 CFR820) these warning letters address two very basic requirements of quality systems:
These examples are obviously blatant and send a strong message: Now is the time to step back and re-evaluate the role your executive management team is playing in your own quality system.
21 CFR 820 defines management with executive responsibility as "those senior employees of a manufacturer who have the authority to establish or make changes to the manufacturer's quality policy and quality system." What does this really mean and how can you as a Quality Professional help your executive management team meet these requirements in the course of every-day business practice?
In most organizations, the company quality policy is derived by the executive management team and signed by the CEO or president of the company along with the head of quality. The quality policy is then widely distributed to all employees with appropriate explanation to understand the intent and purpose of the policy. Additionally, the quality policy must be measurable and reviewed for adequacy as part of the management review.
The responsibilities for management with executive responsibility can be distributed into four key areas of focus:
The executive management team is responsible and accountable for providing clear direction and a definition of the business structure and its related vision. The organizational structure and interrelationships—whether hierarchical or matrix—must be documented with defined core competencies and skill sets. Core competencies lead to well-defined skill sets and job descriptions for employees. A gap assessment of competencies and required skills versus current employees identifies areas of concern or weakness within the quality system.
The documentation of core competencies and skill sets should be integrated into the overall business plan and managed by the executive team. The quality manual can effectively achieve this daunting task when written and implemented as a roadmap to compliance. All employees, especially those with executive responsibility, should be familiar with this document as it is the master quality plan for the organization.
We live in a world of matrixed organizations and operations. The silo approach to business process and quality system management is not an effective means of achieving the overall business and quality plan. The internal auditors must look at the interfaces between processes as well as the individual function or process. Process failures and breakdowns are often found at the point of a handoff or a transfer to another process. A strong auditor will follow the threads through the individual process as well as through the interfaces.
The data from the internal audit program should be presented to executive management in a format that demonstrates the effectiveness of the quality system structure and business process. Just because the number of non-conformances decreases from audit to audit or the non-conformances are being addressed individually in a timely manner, that does not mean the internal audit program is good or the quality system is effective. The data analysis should look across the core competencies, functions, and processes to determine any potential systemic issues.
The most common approach to keeping executive management involved is through Quality System Management Review (QSMR). These reviews are regularly scheduled with the executive management team based on the organization's needs and requirements. There is no requirement for the number of management reviews that must be held during the course of the year. This is usually determined based on the maturity of the quality system. A very robust system may require that a QSMR team meet twice each year, while for a new system (or one in remediation) the QSMR may need to meet on a quarterly basis (or even more frequently if necessary). While the primary focus of the QSMR is to review quality performance, it is most effective to present the information based on its overall impact to the business.
The CAPA (corrective action preventive action) system is one of the most effective tools in the quality system, and it is a major source of data for the QSMR. The CAPA system should integrate all of the elements of the quality system into one central focus point. While there are many feeders or contributors to the CAPA system, the internal audit program is a major contributor to the process. Non-conformances and opportunities are identified from all feeder systems and require prioritization with the other business priorities. An executive oversight committee is strongly recommended to ensure that CAPA activity is properly resourced and projects are moving forward. This committee should assess appropriate risk and ensure CAPA projects and activities receive equal (if not greater) focus than new product research when appropriate.
The key to successful management review is to present meaningful data rather than to present data just for data's sake. When the QSMR focuses on the significant (though few) metrics rather than trivial information, a much more compelling story is presented for the executive management team. While there are many guidance documents outlining what to include in the management review, it's important to present information that has the biggest impact on the business from a quality and/or financial perspective. Each chart presented should tell a story and speak for itself. This approach sets a stronger foundation for risk-based decisions.
The executive management team should make risk-based decisions a part of their routine business activities; it's a core responsibility of their job! Risk management extends beyond the product risk preparations and analyses as required by the regulations. Risk management also covers process and project risk. In most companies, resources are limited and priorities must be evaluated and set to drive the business to success and high customer satisfaction. There are many tools available to evaluate risk, prioritize activities, and reduce the potential for failure. These tools should be included in the everyday decision making process for the management team. When the quality management system and the business plan are integrated at the executive level there is a strong foundation for the organization to make good decisions—business decisions as well as product quality decisions.
Here are some points to consider:
Take a few minutes and evaluate your own system now. It may save you the agony of a warning letter in the future. Quality is not hard—it's just good business.
Christine Park is a seasoned quality assurance professional with a wealth of experience in establishing and remediating quality systems of all sizes. Using a pragmatic approach to compliance and quality assurance, Ms. Park has successfully focused on results-oriented solutions that integrate quality into the daily business activities of organizations. Her experience in R&D and general manufacturing for medical devices, IVDs, and biotech/pharmaceuticals provides a well-balanced background for her work in compliance.
Whether working on a full quality system or on key quality components (CAPA, complaints, audits, supplier quality, management controls), Ms. Park provides employees and management not only with adequate direction and the tools to maintain compliance, but also with the understanding of why they must comply with specific requirements.
Ms. Park has played an active role in the generation and review of technical documentation in support of regulatory submissions. Her direct experience includes facilitating product and process risk assessments, change management (design as well as manufacturing), product and process validation plans and protocols. She has developed strong relationships with manufacturing as well as design/development organizations. She can be reached at email@example.com.
Watch Related Videos