Interim Controls within a Change Control

The PIC/S recommendation on change control section 5.3 “Change Planning & Implementation” recognizes that changes often address issues that need to be remediated:

Potential risks with the current state (until changes are implemented) and any risks that might be temporarily introduced during the change process are adequately assessed.
Interim controls (short-term measures), as needed, are identified and implemented in a timely manner to monitor/mitigate risks associated with the current situation (until change implementation).

This section also recognizes that changes introduce an interim set of conditions that lead to implementation – from opening a machine through massive construction activities, and just about anything else.

A good change control does not just address what is necessary to implement the desired future state. It also contains interim controls for managing the current state until the future is implemented, and addresses all of the potential risks during the process of implementation.

Change plans address current, interim, and future states

Often the change control stems from an action plan in a CAPA record, where the interim controls are specifically called out and detailed. These may be adequate for a relatively brief period but are not realistically sustainable. Remember that these interim controls must also go through the appropriate change control process. Which may have been a separate change control or be part of this change control. In all cases, the change control should either determine that the CAPA plan is adequate or identify additional risks that were identified during change planning.

Risk assessments for change control should really have three basic risk questions:

What are the risks of the current state as we implement the change?
What are the risks of the implementation process?
What are the risks of the future state?

As discussed elsewhere, these questions are really branching trees.

Interim controls in a change are usually little temporary changes in the change plan that either mitigate occurrence or impact.

Interim Control Type	Mitigate Occurrence	Mitigate Impact
Examples	Every record processed will be reviewed for the event error before completion. Revised preventive maintenance procedure to require vibration test at next preventive maintenance. Increase cleaning frequency of incubator.	Add emergency response steps to address a valve that is malfunctioning. Add engineering check for pump prior to each use. Perform cleaning log review prior to use.

As temporary changes, it is important to determine how they will be implemented, if they require monitoring, and how they will go away. Often the process of implementation of the change removes the temporary changes, but that is not always the case.

Changes that impact multiple product

Dear all, regarding question 20 “Is the effective date of the change (completion date) recorded and when appropriate the first batch manufactured recorded?” we are not sure how to handle it for multi-product changes. At our site we manufacture products of different customers. Sometimes we have changes, where f.e. documents of several products need to be adapted. How are the requirements defined in such cases? Do we need to report the first batch only once or for each product
Correspondent

This request comes from my post “29 questions to ask about your change management/change control system.”

At heart, this requirement is to help meet the regulatory requirement that “After implementation, an evaluation of the change should be undertaken to confirm the change objectives were achieved and that there was no deleterious impact on product quality.” (ICH Q9 part IV.B.3.d)

In order to perform an evaluation, you must be able to know when to start. This evaluation must be able to be performed on each and every product. It is from here we can settle on 1st batch. There are lots of ways to do this. The requirement is, for each and every product, to be able to state definitively when the change was first applied to the product.

We can drill down to the most definitive guidance on GMP Change Control, the PIC/S Recommendation “How to Evaluate and Demonstrate the Effectiveness of a Pharmaceutical Quality System in relation to Risk-based Change Management” which further strengthens the requirement:

Section	Requirement	Means
5.4. Change Review and Effectiveness	Changes are monitored via ongoing monitoring systems to ensure maintenance of a state of control, and lessons learned are captured and shared/communicated. (Note: Activities such as Management Review, Annual Product Quality Review, Continuous Process Verification, Deviation Management and Complaint Monitoring can be useful in this regard.)	Having that definitive point allow all these activities to be effective.

The requirement is clear. We need to be able for any given change identify when it started impacting product.

All of the various Annual Product Review/Product Quality Review requirements also require the ability to evaluate all changes to the product in a given time frame.

There is also the need, for release purposes, to determine if a batch is impacted by a change.

Like many such requirements, there are multiple ways to do this. I think the requirement to capture first batch in a change control really stems from it, in many ways, being the easiest to do as you only have to manage it in the change control workflow. Though, in all honesty, it is also darn annoying with changes potentially being open more than a year to capture all possible products.

Based on our core requirement, there are several factors to consider:

There must be a way for a user to easily determine when a given change impacted a given product and to determine if a given batch was impacted by the changes
The user must be able to link any batch to all the changes that impacted it
The user must be able to run a report of all changes that impacted a product in a time frame

There are multiple ways of solving for this from the put a field in the change control to set of interfaces between the ERP and eQMS (and maybe MES).

Change Management is Bigger than Change Control So Think Beyond Individual Changes

As a pharmaceutical GXP professional with one foot in the GXP Quality camp and another in the organizational change management camp, I have a few pet peeves. And one of my biggest is whenever someone uses a phrase like “Change management may be known by different terminologies (e.g., change control, change requests, change orders).” That’s a reductionist statement that can really lead to a lot of confusion in an organization.

Change management is the how of change – assess, handle and release. Change control is the what, the execution steps. Change management is a big picture system that looks systematically at people, technology, process, and organization. Change control is the set of mechanisms for controlling the introduction of that change to the organization.

A lot of different systems and processes have change control elements. As many of these processes are supported with specific technologies, it can be very important to think about how they fit together like a puzzle.

This puzzle is usually made up of core requirements. Based on how much the change impacts them decides the rigor of the change control process.

Take for example a pharmaceutical manufacturing site. It is fairly typical to have one process for maintenance, another for IT, another for documents, etc. And then you have a change control system for things that impact established conditions, including validated state and regulatory submissions. Maybe you work at some technological utopia with a single system that manages all changes with all the deliverables, but at most places, you are trying to balance efficiency with effectiveness, and have a real need to avoid unnecessary duplication.

ICH Q12 helps by giving a nice breakdown of the major families of changes.

This helps somewhat, but for the average user it is not very specific. We need to translate it. First, we establish that only one system will be used for regulatory impact (“Tell and Do”, “Do and Tell” “Do and Report” and some of “Do and Record”), then we put the major activities that go into it. This breakdown might look like:

We are utilizing a few major criteria:

Impact of regulated state
Impact of validated state
Risk level of change
Scale of change to the organization

Using these criteria we can even drill down further, for example:

It is usually a good idea to go down to an even deeper level to help the end-user.

Requires CCR	Does Not Require CCR
Any change that impacts the integrity of controlled classified areas, including all room and equipment surfaces	Changes that do not impact integrity of controlled classified areas by meeting the following criteria: · Does not change airflow · Does not impact structural integrity and maintains a smooth cleanable surface · Does not change means of ingress/egress · Does not impact current sampling sites from the Environmental Monitoring Program · Materials used are resistant to cleaning agents used in the area as defined in the building specifications · Materials are included in disinfectant effectiveness study
Any change that impacts air balancing	Work that is part of routine or preventive maintenance or calibration
Changes to equipment or replacements with a functional equivalent or different component	Changes to equipment with an exact component
Changes to facility floor layout	Instrument calibration including adjustments to field instrumentation
Changes to equipment operating and control parameters	Removal/storage of portable equipment
Changes to equipment, material and personnel ingress, egress and flow procedures	Replacement of system instrument hardware with exact components (hardware)
Changes to room classifications	Engineering studies that do not change the validated state or change anything requiring a CCR per this procedure
Changes that impact the environmental integrity of a room	Alarm set point changes that return to the previous qualified/validated state
Replacement and/or decommissioning of equipment, utilities or facilities	Remediation work (such as mechanical polishing, weld repairs, electro-polishing, filling of pits, de-rouging and chemical cleaning with already approved material)
Alarm set point or classification changes	Addition, modification or deletion to Potable Water, Plant Steam, Chilled Water, Cogeneration System, or pre-treatment reverse-osmosis
Changes in intended use of a room or area	Modification to piping tied to Potable Water, Plant Steam, Chilled Water, Cogeneration System, or pre-treatment reverse-osmosis
Changes to Preventive Maintenance that includes: · Decreasing frequency of preventive maintenance (i.e. making less frequent) · Change in intent of a preventive maintenance task · Adding or removing tasks	Changes to Preventive Maintenance that include: · Increasing frequency of preventative maintenance (i.e. making more frequent) · Administrative changes · Adding clarity to a task (e.g. changing instructions on how to execute a task without altering the intent of the task) · Reordering task(s) without changing intent of the task(s) · Changes of tools needed to execute a task; room dedicated tools must remain in the designated area · Changes to quantity of materials
Changes that decrease the calibration frequency (i.e. make less frequent) for GMP Critical equipment (e.g. directly related to operational control of the product)	· Changes that increase calibration frequency (i.e. make more frequent) for GMP Non-Critical equipment (e.g. indirectly related to operational control of the product)
Tuning parameter, adjustment to the gain, reset and rate of a PID controller	New or replacement analytical equipment or instruments identified as Category A or Category B-Calibration Only with an exact component
Changes to the calibration frequency of GMP critical equipment (e.g. directly related to operational control of the product)	Changes to manufacturing report properties
Changes to the Environmental Monitoring Program, including addition, deletion or change to a sample location	Changes to alarm paging/notification recipients
Changes to the program for disinfection of a facility or equipment exterior	Creating/modifying individual user accounts
Change of materials of construction or class of polymeric materials (e.g. elastomers, tubing, gaskets and diaphragms)	Add an instrument to the calibration system during pre-commissioning
Changes to hardware or infrastructure associated with a validated system, equipment or utility	Changes to requalification frequency that do not change the intended use or validated state of the equipment or utility
Upgrade of application software or operating system for validated systems, equipment or utility	Corrective changes to an SOP to align it to the validated state
Changes to an SOP to align it to the validated state with impact to one or more regulatory filings	A corrective change to alarm set points to align with the validated state
Creating user groups and/or modifying user group privileges as part of a larger process change associated with validated systems, equipment, or utilities	Addition of a new calibration standard to be used with a new type of instrument at the Alachua site
Creating user groups and/or modifying user group privileges associated with validated systems, equipment, or utilities	Changes to alarm paging/notification recipients
Addition of a new calibration standard to be used with a new type of instrument at the Cambridge and Lexington sites
Modifying a phase prompt or message associated with validated systems, equipment, or utilities
Addition / change of a graphic associated with validated systems, equipment, or utilities
Addition or changing an interlock/permissive trigger
Addition/removal of I/O of validated systems
Changes to the Environmental Monitoring Program, including addition, deletion or change to a sample location
Changes to alarm paging/notification functionality
Historical data collection configuration
Change of equipment and spare parts storage site, including transfers between facilities and transfers to a contracted third party

All of this is change management. We utilize multiple change control mechanisms to manage the change.

Also, don’t forget that change controls can nest. For example a change to the EQMS has IT changes, document changes, training changes, and probably more.

Change Strategies for Accelerating Changes

The five change strategies that leaders can utilize:

Directive strategy – the manager uses his authority and imposes change with little or no involvement of other people.
Expert strategy – usually involves expertise to manage and solve technical problems that result from the change.
Negotiating strategy – manager shows willingness to negotiate and bargain in order to effect change with timely adjustments and concessions.
Educative strategy – when the manager plans to change peoples’ values and beliefs.
Participative strategy – when the manager stresses the full involvement of all of those involved and affected by the anticipated changes.

These are not mutually exclusive. It is not uncommon to use 2 or 3 or even all five on larger, more complicated changes.

Vision and Psychology Safety Enable Change

Professor Amy Edmondson in 2016 wrote “Wicked-Problem Solvers” in HBR that laid out four leadership levers for collaboration that fit nicely into quality culture and nestle nicely with Kotter’s Eight Accelerators. Together they help define the leadership behaviors necessary to build quality culture, all informed by the enabler of knowledge management.

Professor Edmondson in this article is discussing cross-industry collaboration, but the central four levers apply in any organization.

Having a vision that strives for a True North of Quality is critical. Make it align to individual needs. Remember that vision grows and adapts as you go, and as others get the opportunity to shape. Vision has six criteria:

Stimulus: Vision needs to include actual benefits for those affected by it. String vision brings people together as community, not as strangers. Stimulus means people see themselves in the vision and understand how they will benefit.
Scale: Vision should be of great breadth and depth with potential for extension at later stages. Vision never leads to or accepts a dead end. It shows multiple potentials for expansion.
Spotlight: Vision assumes responsibility, immediate and extended. The greater the vision, then the greater the responsibility for its impact on people’s lives and the legacy that will be left afterwards. This responsibility needs to bring opportunity for people who are involved. This is part of the vision that will drive the volunteer army.
Scanning: A visionary sees the signs on the way to success. Pay attention to to pain points, spot trends and see where and how value can be added. Gemba walks are critical here.
Simplicity: Vision is elegant thinking about complicated and complex things. A vision is not a vision unless it’s understood. Simplicity lets people believe in vision. If the vision is complicated most people will ignore it. Vision operates and makes execution possible from its simplicity. The simpler the vision in its core meaning, the easier it can be shared with employees, customers and partners and thus, easier to scale inside and outside an organization.
Passion: Vision provokes strong emotions. A strong vision is always accompanied by excitement and passion. Excitement equals passion that gives an emotional power to a vision. A strong vision brings strong excitement that is difficult to contain. Strong excitement and passion are highly contagious. A simple and compelling vision excites more passion than any mere goal.

Psychological safety is the state where employees feel that there is safety in taking risks at work setting. In this safe environment employees will engage in risk-taking actions that are inherent to creative endeavors and if they perceive safety, then they are more comfortable to voice their opinions. This safety makes them more willing to take the chances to own the vision and try to experiment with making that vision a reality which motivates them to develop, promote, and implement new ideas.

This safety will enable knowledge sharing, which can come in many different styles, including combination which creates something new.

Through inclusive, democratic leaders who value the inclusion of employees in a particular work process, employees have the chance to raise their voice for generating, promoting, and implementing useful ideas
Through leveraging vision these inclusive leaders exhibit openness attributes that communicates the importance of taking innovative actions and gives employees the guarantee that in case of negative consequences they will not be punished, experiencing greater psychological safety.

Employees experience non-defensive behavior, and feel high levels of self-worth and self-identity, motivating employees not only to generate new ideas, but also to promote and implement new ideas in the organization.

The organization that is structured to accept these ideas will continue to drive iterative cycles of improvement.