background image for GxP Lifeline
GxP Lifeline

Webinar: What You Need to Know About Quality Risk Management

Peter Harris, MastgerControl’s senior product manager, presenting at the webinar on quality risk management solutions for life science companies.

MasterControl recently offered a 30-minute webinar titled “Best Practices for Life Sciences Quality Leaders to Manage and Mitigate Risk” to discuss the challenges and benefits of effective risk management in quality organizations. Peter Harris, a senior product manager working on advanced products at MasterControl, shared what he has learned about risk management throughout his career : first as a product designer and safety inspector tasked with ensuring safe and compliant playground equipment for children, then performing internal audits and risk assessments for a medical device manufacturer, and also navigating risk for a venture capital company that invests in the highly unregulated space of blockchain technologies.

He continues to develop a deeper understanding of the complexity of quality risk management through his current work with advanced risk management software solutions. Coming from his past experiences, as well as his sense of what the future holds, Harris identified the crucial role that a digital quality management system (QMS) plays in managing risk in a variety of contexts today.

"If you aren't using a robust QMS system that helps manage your processes,” he said, “you can create risk trying to manage the process on your own."

He also outlined other essential quality risk management tools, including relevant standards and best practices.

Priorities in Quality Risk Management

Harris pointed to the ISO 14971 standard, one quality risk management tool, which was developed to help medical device manufacturers take a risk-based approach to quality. (ISO 14971 can also be applied to products that are not necessarily medical devices.) A risk-based approach entails effectively identifying, mitigating, and preventing risk. The gold standard for effective risk management controls, which is not to introduce risk in the first place, ideally leads to the elimination of risk altogether. Although this may not be practically possible, the standard identifies risk management and establishing acceptable risk levels as integral parts of a QMS.1

Harris summarized the three main tenets of risk-based thinking from the ISO 14971 standard:

  • Inherent safety by design that eliminates human error.
  • Protective measures in the device or process itself for operators.
  • Information about safety for end users.

Quality Risk Management Challenges

Supply chain risks continue to rank at the top of risk management concerns. Harris cited a McKinsey report where 50% of respondents cited sole sourcing as a critical vulnerability and 25% point to lack of visibility into supplier risks.2 But there are also more localized concerns within quality and manufacturing processes themselves.

These challenges include:

  • Inherent subjectivity in risk assessment.
  • Inconsistent mitigation.
  • Complexity of identifying sources and designing mitigation strategies.

Harris illustrated the “infancy” of some of the practices that led to a warning letter from the U.S. Food and Drug Administration (FDA) at one of the companies he worked at in the past. Through his review and remediation efforts, he discovered that in some instances the risk sections of the design history file (DHF) were left empty, or the risk was identified with no indication of the likelihood or impact of the risk. Even more concerning, the records lacked descriptions of mitigative and preventive activities related to known risks. There was no documentation in the DHF to answer the warning letter effectively. These failures pointed to a lack of oversight that could have been prevented had the company used quality risk management software.

A Digital QMS Is an Essential Quality Risk Management Solution

Harris noted that a digital QMS helps organizations establish control of risk management and take the human error out of the equation. Risk management software offers a very effective way to do this because automated workflows, templates, and preset thresholds help to overcome the inherent challenges of risk management listed above.

An effective quality risk management solution for life sciences that is built upon a standardized risk management matrix can address the following common areas to keep risk acceptability levels under control – and adequately mitigate risk as it develops:

  • Document control.
  • Proper training.
  • Preventing and effectively managing quality events (QE).
  • Taking a risk-based approach to validation.
  • Integrated data management for tracking and compliance.

Harris went into greater detail to outline specifically how features of MasterControl’s risk management software solutions directly address the challenges of quality risk management. One of the key ways he mentioned is that the software can automatically share data and publish events and mitigation outcomes across the organization using signal communications. In this way, risk management is built directly into quality and manufacturing workflows and contributes to a risk-based culture.

The Future of Quality Risk Management Solutions

“Mitigate what you can’t eliminate,” Harris reiterated, but he didn’t stop there. He talked about the future of quality risk management, specifically in the context of the FDA’s efforts to promote risk redundancy plans and advanced risk-based practices. He outlined several emergent technologies as part of Quality 4.0 that are in line with these efforts. He made connections between risk management best practices, including internal audits, modern digital solutions, and each organization’s ability to successfully deliver products that can benefit their customers. Even when risks cannot be eliminated, life-saving products can reach the market and the people they serve – as long as companies can demonstrate their firm grip on risk management with advanced risk management software.



Ave Love is a professional mom of six and content writer for MasterControl. She brings a technical perspective, focused on the usability and accessibility of working solutions. Previously she worked as a technical writer and documentation manager for software development companies that support community infrastructure. She holds a bachelor's degree in comparative literature from Brigham Young University.

Free Resource
ISO 14971 Medical Device Risk Management

Enjoying this blog? Learn More.

ISO 14971 Medical Device Risk Management

Download Now
[ { "key": "fid#1", "value": ["GxP Lifeline Blog"] } ]