I’m reviewing the status of cleaning validation. Here is the list I’m currently going through, just in case it helps others.
Develop a comprehensive cleaning validation master plan that outlines your overall approach, policies, and procedures for cleaning validation at your facility. This should cover all aspects of the cleaning validation lifecycle.
Ensure you have written standard operating procedures (SOPs) for equipment cleaning processes that address different scenarios (e.g., cleaning between batches, between product changes, etc.).
Have written cleaning validation protocols for each piece of equipment that cover common issues like sampling procedures and analytical methods.
Maintain thorough documentation of your cleaning validation studies, including the protocols, results, and final reports stating whether the cleaning process for each piece of equipment is valid.
Implement a continuous verification program for routine residue monitoring after initial cleaning validation.
Be prepared to demonstrate that your cleaning procedures can consistently clean equipment to predetermined standards using scientifically sound sampling and analytical test methods.
Have data available to support your rationale for residue limits, which should be logical, practical, achievable, and verifiable.
Be ready to explain your approach for different types of equipment (dedicated vs. multi-use) and how you handle potent compounds or other high-risk materials.
Review your cleaning agent selection process and be able to justify the cleaning methods and agents used.
Ensure you have a system in place for equipment maintenance and cleaning records.
Be prepared to discuss how you handle manual vs. automated cleaning processes and any associated validation differences.
Review past audits or inspections and ensure any previous findings related to cleaning validation have been addressed.
I’ve always been clear to folks when I describe my blogging that I do this for a few reasons:
As a way to clarify my thoughts on a topic, usually before or after a difficult conversation on the topic
To rant about something that is on my mind without causing folks at work to start scurrying to address my ideas as requests for immediate action (has happened more than I would like to admit)
As a way to give back to the profession that has been so good to me
As a way to push the conversation in a direction and help further the profession.
While it is often good for 1+2, I don’t get enough comments and feedback to know about 3+4.
Additionally, my writing is often linked to my mental health and happiness at work. Miserable? I disappear for months. Feeling good about things? I write a ton.
I set myself a goal this month to write a little every day. The funny thing is, it didn’t move the needle in metrics at all.
I don’t have any comparisons, so I have no idea if this number of views is good. But seriously, a blogpost I wrote 3 years ago (that needs to be cleaned up) is my most viewed post month after month.
I’m considering what to do after my little month-long experiment wraps up soon. No matter what, I think the blog’s public-thinking nature will continue. But I am asking myself, “Do I want more out of the blog?”
ICH Q9(r1) can be reviewed as a revision that addresses long-standing issues of subjectivity in risk management. Subjectivity is a widespread problem throughout the quality sphere, posing significant challenges because it introduces personal biases, emotions, and opinions into decision-making processes that should ideally be driven by objective data and facts.
Inconsistent Decision-Making: Subjective decision-making can lead to inconsistencies because different individuals may have varying opinions and biases. This inconsistency can result in unpredictable outcomes and make it challenging to establish standardized processes. For example, one manager might prioritize customer satisfaction based on personal experiences, while another might focus on cost-cutting, leading to conflicting strategies within the same organization.
Bias and Emotional Influence: Subjectivity often involves emotional influence, which can cloud judgment and lead to decisions not in the organization’s best interest. For instance, a business owner might make decisions based on a personal attachment to a product or service rather than its market performance or profitability. This emotional bias can prevent the business from making necessary changes or investments, ultimately harming its growth and sustainability.
Risk Management Issues: In risk assessments, subjectivity can significantly impact the identification and evaluation of risks. Subjective assessments may overlook critical risks or overemphasize less significant ones, leading to inadequate risk management strategies. Objective, data-driven risk assessments are essential to accurately identify and mitigate potential threats to the business. See ICHQ9(r1).
Difficulty in Measuring Performance: Subjective criteria are often more complicated to quantify and measure, making it challenging to track performance and progress accurately. Objective metrics, such as key performance indicators (KPIs), provide clear, measurable data that can be used to assess the effectiveness of business processes and make informed decisions.
Potential for Misalignment: Subjective decision-making can lead to misalignment between business goals and outcomes. For example, if subjective opinions drive project management decisions, the project may deviate from its original scope, timeline, or budget, resulting in unmet objectives and dissatisfied stakeholders.
Impact on Team Dynamics: Subjectivity can also affect team dynamics and morale. Decisions perceived as biased or unfair can lead to dissatisfaction and conflict among team members. Objective decision-making, based on transparent criteria and data, helps build trust and ensures that all team members are aligned with the business’s goals.
Every organization I’ve been in has a huge problem with subjectivity, and I’m confident in asserting none of us are doing enough to deal with the lack of objectivity, and we mostly rely on our intuition instead of on objective guidelines that will create unambiguous, holistic, and universally usable models.
Understand the Decisions We Make
Every day, we make many decisions, sometimes without even noticing it. These decisions fall into four categories:
Acceptances: It is a binary choice between accepting or rejecting;
Choices: Opting for a subset from a group of alternatives;
Constructions: Creating an ideal solution given accessible resources;
Evaluations: Here, commitments back up the statements of worth to act
These decisions can be simple or complex, with manifold criteria and several perspectives. Decision-making is the process of choosing an option among manifold alternatives.
The Fallacy of Expert Immunity is a Major Source of Subjectivity
There is a widely incorrect belief that experts are impartial and immune to biases. However, the truth is that no one is immune to bias, not even experts. In many ways, experts are more susceptible to certain biases. The very making of expertise creates and underpins many of the biases. For example, experience and training make experts engage in more selective attention, use chunking and schemas (typical activities and their sequence), and rely on heuristics and expectations arising from past base rate experiences, utilizing a whole range of top-down cognitive processes that create a priori assumptions and expectations.
These cognitive processes often enable experts to make quick and accurate decisions. However, these mechanisms also create bias that can lead them in the wrong direction. Regardless of the utilities (and vulnerability) of such cognitive processing in experts, they do not make experts immune from bias, and indeed, expertise and experience may actually increase (or even cause) certain biases. Experts across domains are subject to cognitive vulnerabilities.
Even when experts are made aware of and acknowledge their biases, they nevertheless think they can overcome them by mere willpower. This is the illusion of control. Combating and countering these biases requires taking specific steps—willpower alone is inadequate to deal with the various manifestations of bias.
In fact, trying to deal with bias through the illusion of control may actually increase the bias due to “ironic processing” or “ironic rebound.” Hence, trying to minimize bias by willpower makes you think of it more and increases its effect. This is similar to a judge instructing jurors to disregard specific evidence. By doing so, the judge makes the jurors notice this evidence even more.
Such fallacies’ beliefs prevent dealing with biases because they dismiss their powers and existence. We need to acknowledge the impact of biases and understand their sources to take appropriate measures when needed and when possible to combat their effects.
Fallacy
Incorrect Belief
Ethical Issues
It only happens to corrupt and unscrupulous individuals, an issue of morals and personal integrity, a question of personal character.
Bad Apples
It only happens to corrupt and unscrupulous individuals. It is an issue of morals and personal integrity, a question of personal character.
Expert Immunity
Experts are impartial and are not affected because bias does not impact competent experts doing their job with integrity.
Technological Protection
Using technology, instrumentation, automation, or artificial intelligence guarantees protection from human biases.
Blind Spot
Other experts are affected by bias, but not me. I am not biased; it is the other experts who are biased.
Illusion of Control
I am aware that bias impacts me, and therefore, I can control and counter its affect. I can overcome bias by mere willpower.
Six Fallacies that Increase Subjectivity
Mitigating Subjectivity
There are four basic strategies to mitigate the impact of subjectivity.
Data-Driven Decision Making
Utilize data and analytics to inform decisions, reducing reliance on personal opinions and biases.
Establish clear metrics with key performance indicators (KPI), key behavior indicators (KBI), and key risk indicators (KRI) that are aligned with objectives.
Implement robust data collection and analysis systems to gather relevant, high-quality data.
Use data visualization tools to present information in an easily digestible format.
Train employees on data literacy and interpretation to ensure proper use of data insights.
Regularly review and update data sources to maintain relevance and accuracy.
Standardized Processes
Implement standardized processes and procedures to ensure consistency and fairness in decision-making.
Document and formalize decision-making procedures across the organization.
Create standardized templates, checklists, and rubrics for evaluating options and making decisions.
Implement a consistent review and approval process for major decisions.
Regularly audit and update standardized processes to ensure they remain effective and relevant.
Education, Training, and Awareness
Educate and train employees and managers on the importance of objective decision-making and recognizing and minimizing personal biases.
Conduct regular training sessions on cognitive biases and their impact on decision-making.
Provide resources and tools to help employees recognize and mitigate their own biases.
Encourage a culture of open discussion and constructive challenge to promote diverse perspectives.
Implement mentoring programs to share knowledge and best practices for objective decision-making.
Digital Tools
Leverage digital tools and software to automate and streamline processes, reducing the potential for subjective influence. The last two is still more aspiration than reality.
Implement workflow management tools to ensure consistent application of standardized processes.
Use collaboration platforms to facilitate transparent and inclusive decision-making processes.
Adopt decision support systems that use algorithms and machine learning to provide recommendations based on data analysis.
Leverage artificial intelligence and predictive analytics to identify patterns and trends that may not be apparent to human decision-makers.
Defining the accountable individuals in a process is critical. In GAMP5, the technical System Owner role is distinct from the business Process Owner role, which focuses more on the system’s business process and compliance aspects.
The System Owner
The System Owner is responsible for the computerized system’s availability, support, and maintenance throughout its lifecycle. The System owner is the technical side of the equation and is often an IT director/manager or application support manager. Key responsibilities include:
Defining, reviewing, approving, and implementing risk mitigation plans
Ensuring technical requirements are documented
Managing change control for the system
Conducting evaluations for change requests impacting security, maintainability, data integrity, and architecture
Performing system administration tasks like user and privilege maintenance
Handling system patching, documentation of issues, and facilitating vendor support
Frankly, I think too many organizations make the system owner too low level. These lower-level individuals may perform system admin tasks and handle systems patching, but the more significant risk questions require extensive experience.
The System Owner focuses on the technical aspects of validation and ensures adequate procedural controls are in place after validation to maintain the validated state and protect data integrity.
The system owner requires learning and understanding new products and complex system architectures. They are the architect and need to be in charge of the big picture.
The Process Owner
In the context of GAMP5, a Process Owner plays a crucial role in the lifecycle management of computerized systems used in regulated industries such as pharmaceuticals and biotechnology. The Process Owner is ultimately accountable for the system’s implementation, validation, and ongoing compliant use.
I’ve written a lot about Process Owners. This use of process owner is 100% aligned with previous thinking.
Key Responsibilities of a Process Owner
System Implementation and Validation: The Process Owner ensures the system is implemented and validated according to regulatory requirements and company policies. This includes overseeing the creation and maintenance of validation documentation and ensuring the system meets its intended use.
Ongoing Compliance and Maintenance: The Process Owner must ensure the system remains validated throughout its lifecycle. This involves regular reviews, updates, and maintenance activities to ensure continued compliance with regulatory standards.
Data Integrity and Quality: As the data owner maintains the system, the Process Owner is responsible for its integrity, administration, operation, maintenance, and decommissioning. They must ensure that data integrity and quality requirements are met and maintained.
Decision-Making Authority: The Process Owner should be at a level within the organization that allows them to make business and process decisions regarding the system. This often includes roles such as operations director/manager, lab manager, or production manager.
Collaboration with Other Teams: The Process Owner must collaborate with various teams, including Quality (QA), IT, Computer System Validation (CSV), training, HR, system vendors, and system development teams, to ensure that all necessary compliance activities are performed and documented promptly.
Skills and Knowledge Required
Detailed Understanding of the System: The Process Owner should have a comprehensive understanding of the system, its purpose, functions, and use within the organization.
Regulatory Knowledge: A good grasp of regulatory requirements is crucial for ensuring the system complies with all relevant guidelines and standards.
Validation Practices: The Process Owner will sign off on validation documents and ensure that the system is fit for its intended use.
While the Molecule Steward, the ASTM E2500 SME role, is not directly equivalent to the GAMP 5 roles, it shares some similarities with both the system owner and process owner, particularly in terms of specialized knowledge and involvement in critical aspects of the system. It’s best to think of the Molecule Steward as the third part of this triad, ensuring the robustness of the scientific approach.
System Owner
Process Owner
Molecule Steward
Primary Focus
Technical aspects and maintenance of the system
Business process and compliance aspects
Specialized knowledge of critical aspects
Typical Role
IT director/manager or application support manager
Head of functional unit or department using the system
Subject matter expert in specific field
Key Responsibilities
– System availability, support, and maintenance – Data security – Risk mitigation plans – Technical requirements documentation – Change control management – Evaluating change requests
– Overall system integrity and compliance – Data ownership – User requirements definition – SOP development and maintenance – Ensuring GxP compliance – Approving key documentation – User training
– Defining system needs – Identifying critical aspects – Leading quality risk management – Developing verification strategies – Reviewing system designs – Executing verification tests
Expertise
Strong technical background
Business process knowledge
Specialized technical knowledge
Accountability
System performance and security
Business use and regulatory compliance
Critical aspects impacting product quality and patient safety
Involvement in Validation
Focuses on technical validation aspects
Ensures validation meets business needs
Leads verification activities
Comparison of SO, PO and ASTM E2500 SME
Scale of the System
People make the system too small here. This isn’t equipment A or computer system X. It’s the entire system that produces result Y. For example, it is the manufacturing process for DS (or upstream DS), not the individual bioreactors. Lower-level assistants can help with wrangling, but there should be overall accountability. The system, process, and ASTM E2500 SME must have the power in the organization to be truly accountable.
The Role of Quality
The Quality Unit is responsible for ensuring the right process and procedure are in place, that regulatory requirements are met, and that the system is fit for use and fit for purpose. The Quality Unit in GAMP5 is crucial for ensuring the safety, efficacy, and regulatory compliance of pharmaceutical products and computerized systems.
Ensuring Compliance and Product Quality: Quality is vital in ensuring that computerized systems used in pharmaceutical manufacturing meet regulatory requirements and consistently produce high-quality products. The Quality Unit helps organizations maintain high-quality standards in the various processes.
Risk Management: The Quality Unit champions a science-based risk management approach to system validation and qualification. Quality ensures the identification and assessment of potential risks.
Lifecycle Approach: The Quality Unit ensures that validation activities are conducted throughout the system’s lifecycle, from concept to retirement.
Documentation and Traceability: The Quality Unit oversees comprehensive documentation and traceability throughout the system’s lifecycle. Detailed records enable transparency, facilitate audits, and demonstrate compliance with regulatory requirements.
Change Management: The Quality Unit evaluates and controls system changes to ensure that modifications do not compromise product quality or patient safety.
Data Integrity: Quality is crucial in maintaining data integrity and ensuring records’ accuracy, reliability, and completeness.
Supplier and Internal Audits: Quality regularly audits suppliers and internal processes to ensure compliance and quality. These audits help identify gaps and areas for improvement in system development, implementation, and maintenance.
Beyond GAMP5
I consider this the best practice for handling an ASTM E2500 approach.
Compassionate accountability involves maintaining a balance between showing empathy and understanding toward employees while holding them responsible for their tasks and performance. This approach fosters a supportive yet results-driven work environment.
Key Principles
Clear Expectations: Establishing clear expectations is foundational. Ensure that each team member understands their role, responsibilities, and goals. This clarity fosters a sense of direction and purpose, promoting accountability.
Compassionate Coaching: Provide frequent, low-impact coaching and feedback to help team members overcome challenges and grow. This approach allows leaders to offer support without taking away the team members’ ownership of responsibility.
Psychological Safety: Create an environment where team members feel safe taking risks, admitting mistakes, and learning from them. This fosters a culture of trust and collaboration, ultimately leading to better business outcomes.
Empathy and Understanding: Understand each team member’s unique needs, challenges, and aspirations. Use one-on-one meetings to build rapport and tailor your management approach to accommodate individual differences.
Constructive Feedback: Provide feedback constructively, focusing on growth rather than blame. This promotes a learning mindset and helps employees see mistakes as opportunities for development.
Lead by Example: Demonstrate the values and behaviors you expect from your team. In your actions, model compassion and accountability, showing that these qualities are not mutually exclusive but complementary.
Practical Strategies
Setting Clear Expectations
Communicate Goals and Roles: Clearly communicate goals, roles, and responsibilities to prevent misunderstandings and ensure that everyone knows what is expected of them.
Transparent Communication: Be transparent about the challenges and obstacles the team might face. Work together to brainstorm solutions and anticipate challenges.
Providing Support and Feedback
Regular Check-ins: Conduct regular check-ins to understand your team members’ challenges and provide timely feedback. This helps in addressing issues before they escalate.
Celebrate Efforts and Results: Recognize and celebrate both efforts and results. This helps maintain motivation and reinforce positive behaviors.
Fostering a Collaborative Environment
Encourage Collaboration: Foster a culture of collaboration and support among team members. Encourage them to help each other and share knowledge.
Joint Accountability: Create an environment of joint accountability where team members can rely on each other for help and show care for one another instead of blaming.
Balancing Compassion and Accountability
Empathy as a Foundation: Use empathy to understand your team’s strengths and guide them toward growth. Empathy helps build trust and makes difficult conversations easier.
Accountability with Compassion: Hold team members accountable in a way that demonstrates care and support. This involves being honest about performance issues while providing the necessary support to overcome them.
Continuous Improvement
Reflect and Adapt: Continuously reflect on your approach’s outcomes and adapt as necessary. Seek feedback from your team and be open to making changes that enhance compassion and accountability.
Investigations of a Dog 