The end result objective of a corrective and preventative action (CAPA) is, quite simply, a solution to the issue from which the CAPA was generated. If it is not driving toward a solution, a CAPA is a waste of time and resources. For organizations in regulatory environments, CAPA is an overarching umbrella—all control points flow through to the CAPA system.
From the perspective of regulatory agencies like the U.S. Food and Drug Administration (FDA), CAPA is viewed as the central component that affects all control points including design controls, production and process controls, records and documents change controls, material controls, and facility and equipment controls. Since more than half of Form 483 observations and warning letters cite CAPA deficiencies, it is evident that FDA investigators are likely to look first at a company’s CAPA system during their inspections. In recent years the FDA has been promoting the adoption of closed loop CAPA systems where CAPA is the tool that drives reports and keeps management informed.
Some organizations are suffering from “death by CAPA;” their companies are being strangled because too many elements are included in their CAPA systems. In its most basic form, there are just two fundamental ingredients in a CAPA system: The first element is the experience, expertise, and wisdom of the personnel involved with conducting CAPA processes. If personnel do not have a prior track record with CAPA, this may be an area where an organization has less control over CAPA activities. The second core element of CAPA, one where more organizational control can be demonstrated, is process. The CAPA process requires critical thinking and an effective determination of the exact questions that need to be asked in order to come up with proper solutions.
Most companies doing business in regulatory environments could improve their CAPA processes by implementing better methodologies and applying effective risk-based filters.
At minimum, a good closed loop CAPA system is comprised of the following elements:
The first element of a CAPA, of course, is the identified input that opens the CAPA: a customer complaint, a nonconformity report, an out-of-spec finding, an internal audit finding, and so forth. There are four core modules of an open CAPA: issue review, investigation (or failure analysis), effectiveness checks for verification, and preventive action.
Issue review is the evaluation phase, a scoping process where a determination is first made whether or not an investigation is warranted. The three main components of issue review are commonly called CSG: Concern, Specifics, and Gateway.
Issue review specifics are defined by asking the “five W” questions:
An organization’s ability to successfully close a CAPA is directly related to how capably it is able to narrow down these five dimensions and arrive at a defensible decision. Designing and utilizing an issue review worksheet can facilitate CAPA investigations and streamline the gathering information on these specifics.
The “Gateway” component of CAPA revolves around the impact (safety, hazard, severity, visibility, etc.) and magnitude (i.e., frequency and/or size) of the situation. A gateway score chart can hone in on magnitude specifics based on qualitative and/or likelihood compared with descriptions of the input event occurrence (continually, frequently, occasionally, rarely, etc.). Likewise, an impact chart can provide a gateway scorecard for the severity of the event: critical, important, minor, or negligible. Most issues will likely be important or minor events. Specific scores can be assigned according to impact and magnitude scales to determine if the event is acceptable (no action required), undesirable (may or may not be put in the formal CAPA system), or unacceptable (CAPA opened and a resolution is required).
Once CAPA specifics have been defined and impact and magnitude scores have been determined, it is time to take action. Possible actions include:
Approaches to Investigations
As in any problem solving situation, there are three basic approaches to the investigation component of a CAPA:
One valuable investigative tactic is sometimes referred to as the PICCC or PI-cubed methodology: Problem, Investigate, Clues, Compare, and Cause.
At this stage, the Problem Prevention Analysis model (a modified FMEA tool) can be useful for developing mitigation strategies. The model consists of four basic components:
CAPA Verification and Documentation
Every good CAPA process should have a built-in effectiveness checking mechanism to verify and validate that the CAPA system is working. Data tracking is a mandatory component of CAPA so that the organization can insure that all CAPA-related information can be confirmed, monitored, measured, and, if necessary, corrected.
Documenting CAPAs according to regulatory requirements is another vital CAPA factor to take into account. Because CAPA data must be easy to access and analyze, every phase of a CAPA investigation is forms based. Automating forms-based processes like CAPA can not only facilitate regulatory compliance but also save a company time and resources. Commercial off-the-shelf (COTS) software solutions are available that can comprehensively document CAPA investigations and integrate the CAPA process with other processes critical to regulatory compliance such as change control, customer complaints, and audits. An effective CAPA software solution should be configurable and user-friendly and should include features such as:
Read more about corrective action analysis and automation: