Tag: ASTM E2500

Maturity Models, Utilizing the Validation Program as an Example

Maturity models offer significant benefits to organizations by providing a structured framework for benchmarking and assessment. Organizations can clearly understand their strengths and weaknesses by evaluating their current performance and maturity level in specific areas or processes. This assessment helps identify areas for improvement and sets a baseline for measuring progress over time. Benchmarking against industry standards or best practices also allows organizations to see how they compare to their peers, fostering a competitive edge.

One of the primary advantages of maturity models is their role in fostering a culture of continuous improvement. They provide a roadmap for growth and development, encouraging organizations to strive for higher maturity levels. This continuous improvement mindset helps organizations stay agile and adaptable in a rapidly changing business environment. By setting clear goals and milestones, maturity models guide organizations in systematically addressing deficiencies and enhancing their capabilities.

Standardization and consistency are also key benefits of maturity models. They help establish standardized practices across teams and departments, ensuring that processes are executed with the same level of quality and precision. This standardization reduces variability and errors, leading to more reliable and predictable outcomes. Maturity models create a common language and framework for communication, fostering collaboration and alignment toward shared organizational goals.

The use of maturity models significantly enhances efficiency and effectiveness. Organizations can increase productivity and use their resources by identifying areas for streamlining operations and optimizing workflows. This leads to reduced errors, minimized rework, and improved process efficiency. The focus on continuous improvement also means that organizations are constantly seeking ways to refine and enhance their operations, leading to sustained gains in efficiency.

Maturity models play a crucial role in risk reduction and compliance. They assist organizations in identifying potential risks and implementing measures to mitigate them, ensuring compliance with relevant regulations and standards. This proactive approach to risk management helps organizations avoid costly penalties and reputational damage. Moreover, maturity models improve strategic planning and decision-making by providing a data-backed foundation for setting priorities and making informed choices.

Finally, maturity models improve communication and transparency within organizations. Providing a common communication framework increases transparency and builds trust among employees. This improved communication fosters a sense of shared purpose and collaboration, essential for achieving organizational goals. Overall, maturity models serve as valuable tools for driving continuous improvement, enhancing efficiency, and fostering a culture of excellence within organizations.

Business Process Maturity Model (BPMM)

A structured framework used to assess and improve the maturity of an organization’s business processes, it provides a systematic methodology to evaluate the effectiveness, efficiency, and adaptability of processes within an organization, guiding continuous improvement efforts.

Key Characteristics of BPMM

Assessment and Classification: BPMM helps organizations understand their current process maturity level and identify areas for improvement. It classifies processes into different maturity levels, each representing a progressive improvement in process management.

Guiding Principles: The model emphasizes a process-centric approach focusing on continuous improvement. Key principles include aligning improvements with business goals, standardization, measurement, stakeholder involvement, documentation, training, technology enablement, and governance.

Incremental Levels

    BPMM typically consists of five levels, each building on the previous one:

    1. Initial: Processes are ad hoc and chaotic, with little control or consistency.
    2. Managed: Basic processes are established and documented, but results may vary.
    3. Standardized: Processes are well-documented, standardized, and consistently executed across the organization.
    4. Predictable: Processes are quantitatively measured and controlled, with data-driven decision-making.
    5. Optimizing: Continuous process improvement is ingrained in the organization’s culture, focusing on innovation and optimization.

    Benefits of BPMM

    • Improved Process Efficiency: By standardizing and optimizing processes, organizations can achieve higher efficiency and consistency, leading to better resource utilization and reduced errors.
    • Enhanced Customer Satisfaction: Mature processes lead to higher product and service quality, which improves customer satisfaction.
    • Better Change Management: Higher process maturity increases an organization’s ability to navigate change and realize project benefits.
    • Readiness for Technology Deployment: BPMM helps ensure organizational readiness for new technology implementations, reducing the risk of failure.

    Usage and Implementation

    1. Assessment: Organizations can conduct BPMM assessments internally or with the help of external appraisers. These assessments involve reviewing process documentation, interviewing employees, and analyzing process outputs to determine maturity levels.
    2. Roadmap for Improvement: Organizations can develop a roadmap for progressing to higher maturity levels based on the assessment results. This roadmap includes specific actions to address identified deficiencies and improve process capabilities.
    3. Continuous monitoring and regular evaluations are crucial to ensure that processes remain effective and improvements are sustained over time.

    A BPMM Example: Validation Program based on ASTM E2500

    To apply the Business Process Maturity Model (BPMM) to a validation program aligned with ASTM E2500, we need to evaluate the program’s maturity across the five levels of BPMM while incorporating the key principles of ASTM E2500. Here’s how this application might look:

    Level 1: Initial

    At this level, the validation program is ad hoc and lacks standardization:

    • Validation activities are performed inconsistently across different projects or departments.
    • There’s limited understanding of ASTM E2500 principles.
    • Risk assessment and scientific rationale for validation activities are not systematically applied.
    • Documentation is inconsistent and often incomplete.

    Level 2: Managed

    The validation program shows some structure but lacks organization-wide consistency:

    • Basic validation processes are established but may not fully align with ASTM E2500 guidelines.
    • Some risk assessment tools are used, but not consistently across all projects.
    • Subject Matter Experts (SMEs) are involved, but their roles are unclear.
    • There’s increased awareness of the need for scientific justification in validation activities.

    Level 3: Standardized

    The validation program is well-defined and consistently implemented:

    • Validation processes are standardized across the organization and align with ASTM E2500 principles.
    • Risk-based approaches are consistently used to determine the scope and extent of validation activities.
    • SMEs are systematically involved in the design review and verification processes.
    • The concept of “verification” replaces traditional IQ/OQ/PQ, focusing on critical aspects that impact product quality and patient safety.
    • Quality risk management tools (e.g., impact assessments, risk management) are routinely used to identify critical quality attributes and process parameters.

    Level 4: Predictable

    The validation program is quantitatively managed and controlled:

    • Key Performance Indicators (KPIs) for validation activities are established and regularly monitored.
    • Data-driven decision-making is used to continually improve the efficiency and effectiveness of validation processes.
    • Advanced risk management techniques are employed to predict and mitigate potential issues before they occur.
    • There’s a strong focus on leveraging supplier documentation and expertise to streamline validation efforts.
    • Engineering procedures for quality activities (e.g., vendor technical assessments and installation verification) are formalized and consistently applied.

    Level 5: Optimizing

    The validation program is characterized by continuous improvement and innovation:

    • There’s a culture of continuous improvement in validation processes, aligned with the latest industry best practices and regulatory expectations.
    • Innovation in validation approaches is encouraged, always maintaining alignment with ASTM E2500 principles.
    • The organization actively contributes to developing industry standards and best practices in validation.
    • Validation activities are seamless integrated with other quality management systems, supporting a holistic approach to product quality and patient safety.
    • Advanced technologies (e.g., artificial intelligence, machine learning) may be leveraged to enhance risk assessment and validation strategies.

    Key Considerations for Implementation

    1. Risk-Based Approach: At higher maturity levels, the validation program should fully embrace the risk-based approach advocated by ASTM E2500, focusing efforts on aspects critical to product quality and patient safety.
    2. Scientific Rationale: As maturity increases, there should be a stronger emphasis on scientific understanding and justification for validation activities, moving away from a checklist-based approach.
    3. SME Involvement: Higher maturity levels should see increased and earlier involvement of SMEs in the validation process, from equipment selection to verification.
    4. Supplier Integration: More mature programs will leverage supplier expertise and documentation effectively, reducing redundant testing and improving efficiency.
    5. Continuous Improvement: At the highest maturity level, the validation program should have mechanisms in place for continuous evaluation and improvement of processes, always aligned with ASTM E2500 principles and the latest regulatory expectations.

    Process and Enterprise Maturity Model (PEMM),

    The Process and Enterprise Maturity Model (PEMM), developed by Dr. Michael Hammer, is a comprehensive framework designed to help organizations assess and improve their process maturity. It is a corporate roadmap and benchmarking tool for companies aiming to become process-centric enterprises.

    Key Components of PEMM

    PEMM is structured around two main dimensions: Process Enablers and Organizational Capabilities. Each dimension is evaluated on a scale to determine the maturity level.

    Process Enablers

    These elements directly impact the performance and effectiveness of individual processes. They include:

    • Design: The structure and documentation of the process.
    • Performers: The individuals or teams executing the process.
    • Owner: The person responsible for the process.
    • Infrastructure: The tools, systems, and resources supporting the process.
    • Metrics: The measurements used to evaluate process performance.

    Organizational Capabilities

    These capabilities create an environment that supports and sustains high-performance processes. They include:

    • Leadership: The commitment and support from top management.
    • Culture: The organizational values and behaviors that promote process excellence.
    • Expertise: The skills and knowledge required to manage and improve processes.
    • Governance: The mechanisms to oversee and guide process management activities.

    Maturity Levels

    Both Process Enablers and Organizational Capabilities are assessed on a scale from P0 to P4 (for processes) and E0 to E4 (for enterprise capabilities):

    • P0/E0: Non-existent or ad hoc processes and capabilities.
    • P1/E1: Basic, but inconsistent and poorly documented.
    • P2/E2: Defined and documented, but not fully integrated.
    • P3/E3: Managed and measured, with consistent performance.
    • P4/E4: Optimized and continuously improved.

    Benefits of PEMM

    • Self-Assessment: PEMM is designed to be simple enough for organizations to conduct their own assessments without needing external consultants.
    • Empirical Evidence: It encourages the collection of data to support process improvements rather than relying on intuition.
    • Engagement: Involves all levels of the organization in the process journey, turning employees into advocates for change.
    • Roadmap for Improvement: Provides a clear path for organizations to follow in their process improvement efforts.

    Application of PEMM

    PEMM can be applied to any type of process within an organization, whether customer-facing or internal, core or support, transactional or knowledge-intensive. It helps organizations:

    • Assess Current Maturity: Identify the current state of process and enterprise capabilities.
    • Benchmark: Compare against industry standards and best practices.
    • Identify Improvements: Pinpoint areas that need enhancement.
    • Track Progress: Monitor the implementation and effectiveness of process improvements.

    A PEMM Example: Validation Program based on ASTM E2500

    To apply the Process and Enterprise Maturity Model (PEMM) to an ASTM E2500 validation program, we can evaluate the program’s maturity across the five process enablers and four enterprise capabilities defined in PEMM. Here’s how this application might look:

    Process Enablers

    Design:

      • P-1: Basic ASTM E2500 approach implemented, but not consistently across all projects
      • P-2: ASTM E2500 principles applied consistently, with clear definition of requirements, specifications, and verification activities
      • P-3: Risk-based approach fully integrated into design process, with SME involvement from the start
      • P-4: Continuous improvement of ASTM E2500 implementation based on lessons learned and industry best practices

      Performers:

        • P-1: Some staff trained on ASTM E2500 principles
        • P-2: All relevant staff trained and understand their roles in the ASTM E2500 process
        • P-3: Staff proactively apply risk-based thinking and scientific rationale in validation activities
        • P-4: Staff contribute to improving the ASTM E2500 process and mentor others

        Owner:

          • P-1: Validation program has a designated owner, but role is not well-defined
          • P-2: Clear ownership of the ASTM E2500 process with defined responsibilities
          • P-3: Owner actively manages and improves the ASTM E2500 process
          • P-4: Owner collaborates across departments to optimize the validation program

          Infrastructure:

            • P-1: Basic tools in place to support ASTM E2500 activities
            • P-2: Integrated systems for managing requirements, risk assessments, and verification activities
            • P-3: Advanced tools for risk management and data analysis to support decision-making
            • P-4: Cutting-edge technology leveraged to enhance efficiency and effectiveness of the validation program

            Metrics:

              • P-1: Basic metrics tracked for validation activities
              • P-2: Comprehensive set of metrics established to measure ASTM E2500 process performance
              • P-3: Metrics used to drive continuous improvement of the validation program
              • P-4: Predictive analytics used to anticipate and prevent issues in validation activities

              Enterprise Capabilities

              Leadership:

                • E-1: Leadership aware of ASTM E2500 principles
                • E-2: Leadership actively supports ASTM E2500 implementation
                • E-3: Leadership drives cultural change to fully embrace risk-based validation approach
                • E-4: Leadership promotes ASTM E2500 principles beyond the organization, influencing industry standards

                Culture:

                  • E-1: Some recognition of the importance of risk-based validation
                  • E-2: Culture of quality and risk-awareness developing across the organization
                  • E-3: Strong culture of scientific thinking and continuous improvement in validation activities
                  • E-4: Innovation in validation approaches encouraged and rewarded

                  Expertise:

                    • E-1: Basic understanding of ASTM E2500 principles among key staff
                    • E-2: Dedicated team of ASTM E2500 experts established
                    • E-3: Deep expertise in risk-based validation approaches across multiple departments
                    • E-4: Organization recognized as thought leader in ASTM E2500 implementation

                    Governance:

                      • E-1: Basic governance structure for validation activities in place
                      • E-2: Clear governance model aligning ASTM E2500 with overall quality management system
                      • E-3: Cross-functional governance ensuring consistent application of ASTM E2500 principles
                      • E-4: Governance model that adapts to changing regulatory landscape and emerging best practices

                      To use this PEMM assessment:

                      1. Evaluate your validation program against each enabler and capability, determining the current maturity level (P-1 to P-4 for process enablers, E-1 to E-4 for enterprise capabilities).
                      2. Identify areas for improvement based on gaps between current and desired maturity levels.
                      3. Develop action plans to address these gaps, focusing on moving to the next maturity level for each enabler and capability.
                      4. Regularly reassess the program to track progress and adjust improvement efforts as needed.

                      Comparison Table

                      AspectBPMMPEMM
                      CreatorObject Management Group (OMG)Dr. Michael Hammer
                      PurposeAssess and improve business process maturityRoadmap and benchmarking for process-centricity
                      StructureFive levels: Initial, Managed, Standardized, Predictable, OptimizingTwo components: Process Enablers (P0-P4), Organizational Capabilities (E0-E4)
                      FocusProcess-centric, incremental improvementProcess enablers and organizational capabilities
                      Assessment MethodOften requires external appraisersDesigned for self-assessment
                      Guiding PrinciplesStandardization, measurement, continuous improvementEmpirical evidence, simplicity, organizational engagement
                      ApplicationsEnterprise systems, business process improvement, benchmarkingProcess reengineering, organizational engagement, benchmarking

                      In summary, while both BPMM and PEMM aim to improve business processes, BPMM is more structured and detailed, often requiring external appraisers, and focuses on incremental process improvement across organizational boundaries. In contrast, PEMM is designed for simplicity and self-assessment, emphasizing the role of process enablers and organizational capabilities to foster a supportive environment for process improvement. Both have advantages, and keeping both in mind while developing processes is key.

                      The GAMP5 System Owner and Process Owner and Beyond

                      Defining the accountable individuals in a process is critical. In GAMP5, the technical System Owner role is distinct from the business Process Owner role, which focuses more on the system’s business process and compliance aspects.

                      The System Owner

                      The System Owner is responsible for the computerized system’s availability, support, and maintenance throughout its lifecycle. The System owner is the technical side of the equation and is often an IT director/manager or application support manager. Key responsibilities include:

                      • Defining, reviewing, approving, and implementing risk mitigation plans
                      • Ensuring technical requirements are documented
                      • Managing change control for the system
                      • Conducting evaluations for change requests impacting security, maintainability, data integrity, and architecture
                      • Performing system administration tasks like user and privilege maintenance
                      • Handling system patching, documentation of issues, and facilitating vendor support

                      Frankly, I think too many organizations make the system owner too low level. These lower-level individuals may perform system admin tasks and handle systems patching, but the more significant risk questions require extensive experience.

                      The System Owner focuses on the technical aspects of validation and ensures adequate procedural controls are in place after validation to maintain the validated state and protect data integrity.

                      The system owner requires learning and understanding new products and complex system architectures. They are the architect and need to be in charge of the big picture.

                      The Process Owner

                      In the context of GAMP5, a Process Owner plays a crucial role in the lifecycle management of computerized systems used in regulated industries such as pharmaceuticals and biotechnology. The Process Owner is ultimately accountable for the system’s implementation, validation, and ongoing compliant use.

                      I’ve written a lot about Process Owners. This use of process owner is 100% aligned with previous thinking.

                      Key Responsibilities of a Process Owner

                      1. System Implementation and Validation: The Process Owner ensures the system is implemented and validated according to regulatory requirements and company policies. This includes overseeing the creation and maintenance of validation documentation and ensuring the system meets its intended use.
                      2. Ongoing Compliance and Maintenance: The Process Owner must ensure the system remains validated throughout its lifecycle. This involves regular reviews, updates, and maintenance activities to ensure continued compliance with regulatory standards.
                      3. Data Integrity and Quality: As the data owner maintains the system, the Process Owner is responsible for its integrity, administration, operation, maintenance, and decommissioning. They must ensure that data integrity and quality requirements are met and maintained.
                      4. Decision-Making Authority: The Process Owner should be at a level within the organization that allows them to make business and process decisions regarding the system. This often includes roles such as operations director/manager, lab manager, or production manager.
                      5. Collaboration with Other Teams: The Process Owner must collaborate with various teams, including Quality (QA), IT, Computer System Validation (CSV), training, HR, system vendors, and system development teams, to ensure that all necessary compliance activities are performed and documented promptly.

                      Skills and Knowledge Required

                      • Detailed Understanding of the System: The Process Owner should have a comprehensive understanding of the system, its purpose, functions, and use within the organization.
                      • Regulatory Knowledge: A good grasp of regulatory requirements is crucial for ensuring the system complies with all relevant guidelines and standards.
                      • Validation Practices: The Process Owner will sign off on validation documents and ensure that the system is fit for its intended use.

                      Comparison with the Molecule Steward

                      While the Molecule Steward, the ASTM E2500 SME role, is not directly equivalent to the GAMP 5 roles, it shares some similarities with both the system owner and process owner, particularly in terms of specialized knowledge and involvement in critical aspects of the system. It’s best to think of the Molecule Steward as the third part of this triad, ensuring the robustness of the scientific approach.

                      System OwnerProcess OwnerMolecule Steward
                      Primary FocusTechnical aspects and maintenance of the systemBusiness process and compliance aspectsSpecialized knowledge of critical aspects
                      Typical RoleIT director/manager or application support managerHead of functional unit or department using the systemSubject matter expert in specific field
                      Key Responsibilities– System availability, support, and maintenance
                      – Data security
                      – Risk mitigation plans
                      – Technical requirements documentation
                      – Change control management
                      – Evaluating change requests                      		– Overall system integrity and compliance
                      – Data ownership
                      – User requirements definition
                      – SOP development and maintenance
                      – Ensuring GxP compliance
                      – Approving key documentation
                      – User training                      		– Defining system needs
                      – Identifying critical aspects
                      – Leading quality risk management
                      – Developing verification strategies
                      – Reviewing system designs
                      – Executing verification tests
                      ExpertiseStrong technical backgroundBusiness process knowledgeSpecialized technical knowledge
                      AccountabilitySystem performance and securityBusiness use and regulatory complianceCritical aspects impacting product quality and patient safety
                      Involvement in ValidationFocuses on technical validation aspectsEnsures validation meets business needsLeads verification activities
                      Comparison of SO, PO and ASTM E2500 SME

                      Scale of the System

                      People make the system too small here. This isn’t equipment A or computer system X. It’s the entire system that produces result Y. For example, it is the manufacturing process for DS (or upstream DS), not the individual bioreactors. Lower-level assistants can help with wrangling, but there should be overall accountability. The system, process, and ASTM E2500 SME must have the power in the organization to be truly accountable.

                      The Role of Quality

                      The Quality Unit is responsible for ensuring the right process and procedure are in place, that regulatory requirements are met, and that the system is fit for use and fit for purpose. The Quality Unit in GAMP5 is crucial for ensuring the safety, efficacy, and regulatory compliance of pharmaceutical products and computerized systems.

                      1. Ensuring Compliance and Product Quality: Quality is vital in ensuring that computerized systems used in pharmaceutical manufacturing meet regulatory requirements and consistently produce high-quality products. The Quality Unit helps organizations maintain high-quality standards in the various processes.
                      2. Risk Management: The Quality Unit champions a science-based risk management approach to system validation and qualification. Quality ensures the identification and assessment of potential risks.
                      3. Lifecycle Approach: The Quality Unit ensures that validation activities are conducted throughout the system’s lifecycle, from concept to retirement.
                      4. Documentation and Traceability: The Quality Unit oversees comprehensive documentation and traceability throughout the system’s lifecycle. Detailed records enable transparency, facilitate audits, and demonstrate compliance with regulatory requirements.
                      5. Change Management: The Quality Unit evaluates and controls system changes to ensure that modifications do not compromise product quality or patient safety.
                      6. Data Integrity: Quality is crucial in maintaining data integrity and ensuring records’ accuracy, reliability, and completeness.
                      7. Supplier and Internal Audits: Quality regularly audits suppliers and internal processes to ensure compliance and quality. These audits help identify gaps and areas for improvement in system development, implementation, and maintenance.

                      Beyond GAMP5

                      I consider this the best practice for handling an ASTM E2500 approach.

                      Acountable People

                      We tend to jumble forms of accountability in an organization, often confusing between a people manager and a technical manager. I think its very important to differentiate between the two.

                      People managers deal with human resources and team dynamics, while technical managers deal with managing design, execution, and improvement. They can be the same person, but we need to recognize the differences and resource appropriately. Too often we blur the two roles and as a result neither is done well.

                      I’ve talked on this blog about a few of the technical manager types: Process Owners, the ASTM E2500 SME/Molecule Steward, and Knowledge Owners. There are certainly others out there. In the table below I added two more for comparison:

                      • a qualified person from OSHA, because I think this is a great generic look at the concept
                      • The EU Qualifed Person. Industry relevant and one that often gets confused in execution.
                      AspectQualified Person (OSHA Definition)Qualified Person (EU)Knowledge OwnerASTM E2500 SMEProcess Owner
                      Primary FocusEnsuring compliance with safety standards and solving technical problemsCertifying that each batch of a medicinal product meets all required provisionsManaging and maintaining knowledge within a specific domainEnsuring manufacturing systems meet quality and safety standardsManaging and optimizing a specific business process
                      Key ResponsibilitiesSolve or resolve problems related to the subject matter, work, or projectCertify batches meet GMP and regulatory standardsMaintain and update knowledge baseDefine system needs and identify critical aspectsDefine process goals, purpose, and KPIs
                      Design and install systems to improve safetyEnsure compliance with market authorization requirementsValidate and broadcast new knowledgeDevelop and execute verification strategiesCommunicate with key players and stakeholders
                      Ensure compliance with laws and standardsOversee quality control and assurance processesProvide training and supportReview system designs and manage risksAnalyze process performance and identify improvements
                      May not have the authority to stop workConduct audits and inspectionsMonitor and update knowledge assetsLead quality risk management effortsEnsure process compliance with regulations and standards
                      Skills RequiredTechnical expertise in the areaDegree in pharmacy, biology, chemistry, or related fieldSubject matter expertise in specific knowledge domainTechnical understanding of manufacturing systems and equipmentLeadership and communication skills
                      Certification, degree, or other professional recognitionSeveral years of experience in pharmaceutical manufacturingAnalytical and validation skillsRisk management and verification skillsAnalytical and problem-solving skills
                      Ability to solve technical problemsRegistered with the competent authority in the EU member stateTraining and support skillsContinuous improvement and change management skillsAbility to define and monitor KPIs
                      AuthorityAuthority to design and install safety systemsAuthority to certify batches and ensure complianceAuthority over knowledge management processes and contentAuthority to define and verify critical aspects of systemsAuthority to make decisions and implement changes in the process
                      Interaction with OthersCollaborates with production and quality control teamsWorks with quality control, assurance, and regulatory teamsWorks with various departments to ensure knowledge is shared and utilizedCollaborates with project stakeholders and engineering teamsCommunicates with project leaders, process users, and other stakeholders
                      Examples of ActivitiesReviewing batch documentation and certifying productsCertifying each batch of medicinal products before releaseValidating new knowledge submissionsConducting quality risk analyses and verification testsDefining process objectives and mission statements
                      Ensuring compliance with GMP and regulatory standardsEnsuring compliance with GMP and regulatory standardsProviding training on knowledge management systemsReviewing system designs and managing changesMonitoring process performance and compliance
                      Overseeing investigations related to quality issuesOverseeing quality control and assurance processesUpdating and maintaining knowledge databasesLeading continuous improvement effortsIdentifying and implementing process improvements
                      Industry ContextPrimarily in construction, manufacturing, and safety-critical industriesPharmaceutical and biotechnology industries within the EUApplicable across various industries, especially information-heavy sectorsPrimarily in pharmaceutical and biotechnology industriesApplicable in any industry with defined business processes
                      Comparison table
                      • Qualified Person (OSHA Definition): Focuses on ensuring compliance with safety standards and solving technical problems. They possess technical expertise and professional recognition and are responsible for designing and installing safety systems.
                      • Qualified Person (EU): Ensures that each batch of medicinal products meets all required provisions before release. They are responsible for compliance with GMP and regulatory standards and must be registered with the competent authority in the EU member state.
                      • Knowledge Owner: Manages and disseminates knowledge within an organization. They ensure that knowledge is accurate, up-to-date, and accessible, and they provide training and support to facilitate knowledge sharing.
                      • ASTM E2500 SME: Ensures that manufacturing systems meet quality and safety standards. They define system needs, develop verification strategies, manage risks, and lead continuous improvement efforts.
                      • Process Owner: Manages and optimizes specific business processes. They define process goals, monitor performance, ensure compliance with standards, and implement improvements to enhance efficiency and effectiveness.

                      Common Themes

                      Subject Matter Expertise

                      • All roles require a high level of subject matter expertise in their respective domains, whether it’s technical knowledge, regulatory compliance, manufacturing processes, or business processes.
                      • This expertise is typically gained through formal education, certifications, extensive training, and practical experience.

                      Ensuring Compliance and Quality

                      • A key responsibility across these roles is ensuring compliance with relevant laws, regulations, standards, and quality requirements.

                      Risk Identification and Management

                      • These roles are all responsible for identifying potential risks, hazards, or process inefficiencies.
                      • They are expected to develop and implement strategies to mitigate or eliminate these risks, ensuring the safety of operations and the quality of products or processes.

                      Continuous Improvement and Change Management

                      • They are involved in continuous improvement efforts, identifying areas for optimization and implementing changes to enhance efficiency, quality, and knowledge sharing.
                      • They are responsible for managing change processes, ensuring smooth transitions, and minimizing disruptions.

                      Authority and Decision-Making

                      • Most of these roles have a certain level of authority and decision-making power within their respective domains.

                      Collaboration and Knowledge Sharing

                      • Effective collaboration and knowledge sharing are essential for these roles to succeed.

                      While these roles have distinct responsibilities and focus areas, they share common goals of ensuring compliance, managing risks, driving continuous improvement, and leveraging subject matter expertise to achieve organizational objectives and maintain high standards of quality and safety. They are more similar than dissimilar and should be looked at holistically within the organization.

                      Subject Matter Expert in Validation

                      In ASTM E2500, a Subject Matter Expert (SME) is an individual with specialized knowledge and technical understanding of critical aspects of manufacturing systems and equipment. The SME plays a crucial role throughout the project lifecycle, from defining needs to verifying and accepting systems. They are responsible for identifying critical aspects, reviewing system designs, developing verification strategies, and leading quality risk management efforts. SMEs ensure manufacturing systems are designed and verified to meet product quality and patient safety requirements.

                      In the ASTM E2500 process, the Subject Matter Experts (SME) has several key responsibilities critical to successfully implementing the standard. These responsibilities include:

                      1. Definition of Needs: SMEs define the system’s needs and identify critical aspects that impact product quality and patient safety.
                      2. Risk Management: SMEs participate in risk management activities, helping to identify, assess, and manage risks throughout the project lifecycle. This includes conducting quality risk analyses and consistently applying risk management principles.
                      3. Verification Strategy Development: SMEs are responsible for planning and defining verification strategies. This involves selecting appropriate test methods, defining acceptance criteria, and ensuring that verification activities are aligned with the project’s critical aspects.
                      4. System Design Review: SMEs review system designs to ensure they meet specified requirements and address identified risks. This includes participating in design reviews and providing technical input to optimize system functionality and compliance.
                      5. Execution of Verification Tests: SMEs lead the execution of verification tests, ensuring that tests are conducted accurately and that results are thoroughly reviewed. They may also leverage vendor documentation and test results as part of the verification process, provided the vendor’s quality system and technical capabilities are deemed acceptable.
                      6. Change Management: SMEs play a crucial role in change management, ensuring that any modifications to the system are properly evaluated, documented, and implemented. This helps maintain the system’s validated state and ensures continuous compliance with regulatory requirements.
                      7. Continuous Improvement: SMEs are involved in continuous process improvement efforts, using operational and performance data to identify opportunities for enhancements. They also conduct root-cause analyses of failures and implement technically sound improvements based on gained product knowledge and understanding.

                      These responsibilities highlight the SME’s integral role in ensuring that manufacturing systems are designed, verified, and maintained to meet the highest standards of quality and safety, as outlined in ASTM E2500.

                      The ASTM E2500 SME is a Process Owner

                      ASTM E2500 uses the term SME in the same way we discuss process owners, or what is sometimes called product or molecule stewards. The term should probably be changed to reflect the special role of the SME and the relationship with other stakeholders.

                      A Molecule Steward has a specialized role within pharmaceutical and biotechnology companies and oversees the lifecycle of a specific molecule or drug product. This role involves a range of responsibilities, including:

                      1. Technical Expertise: Acting as the subject matter expert per ASTM E2500.
                      2. Product Control Strategies: Implementing appropriate product control strategies across development and manufacturing sites based on anticipated needs.
                      3. Lifecycle Management: Providing end-to-end accountability for a given molecule, from development to late-stage lifecycle management.

                      A Molecule Steward ensures a drug product’s successful development, manufacturing, and lifecycle management, maintaining high standards of quality and compliance throughout the process.

                      The ASTM E2500 SME (Molecule Steward) and Stakeholders

                      In the ASTM E2500 approach, the Subject Matter Expert (Molecule Steward) collaborates closely with various project players to ensure the successful implementation of manufacturing systems.

                      Definition of Needs and Requirements

                      • Collaboration with Project Teams: SMEs work with project teams from the beginning to define the system’s needs and requirements. This involves identifying critical aspects that impact product quality and patient safety.
                      • Input from Multiple Departments: SMEs gather input from different departments, including product/process development, engineering, automation, and validation, to ensure that all critical quality attributes (CQAs) and critical process parameters (CPPs) are considered.

                      Risk Management

                      • Quality Risk Analysis: SMEs lead the quality risk analysis process, collaborating with QA and other stakeholders to identify and assess risks. This helps focus on critical aspects and consistently apply risk management principles.
                      • Vendor Collaboration: SMEs often work with vendors to leverage their expertise in conducting risk assessments and ensuring that vendor documentation meets quality requirements.

                      System Design Review

                      • Design Review Meetings: SMEs participate in design review meetings with suppliers and project teams to ensure the system design meets the defined needs and critical aspects. This collaborative effort helps in reducing the need for modifications and repeat tests.
                      • Supplier Engagement: SMEs engage with suppliers to ensure their design solutions are understood and integrated into the project. This includes reviewing supplier documentation and ensuring compliance with regulatory requirements.

                      Verification Strategy Development

                      • Developing Verification Plans: SMEs collaborate with QA and engineering teams to develop verification strategies and plans. This involves selecting appropriate test methods, defining acceptance criteria, and ensuring verification activities align with project goals.
                      • Execution of Verification Tests: SMEs may work with suppliers to conduct verification tests at the supplier’s site, ensuring that tests are performed accurately and efficiently. This collaboration helps achieve the “right test” at the “right time” objective.

                      Change Management

                      • Managing Changes: SMEs play a crucial role in the change management process, working with project teams to evaluate, document, and implement changes. This ensures that the system remains in a validated state and continues to meet regulatory requirements.
                      • Continuous Improvement: SMEs collaborate with other stakeholders to identify opportunities for process improvements and implement changes based on operational and performance data.

                      Documentation and Communication

                      • Clear Communication: SMEs ensure clear communication and documentation of all verification activities and acceptance criteria. This involves working closely with QA to validate all critical aspects and ensure compliance with regulatory standards.

                      ASTM E2500 Approach to Validation

                      ASTM E2500, the Standard Guide for Specification, Design, and Verification of Pharmaceutical and Biopharmaceutical Manufacturing Systems and Equipment, is intended to “satisfy international regulatory expectations in ensuring that manufacturing systems and equipment are fit for the intended use and to satisfy requirements for design, installation, operation, and performance.”

                      The ASTM E2500 approach is a comprehensive framework for specification setting, design, and verification of pharmaceutical and biopharmaceutical manufacturing systems and equipment. It emphasizes a risk- and science-based methodology to ensure that systems are fit for their intended use, ultimately aiming to enhance product quality and patient safety.

                      Despite its 17-year history, it is fair to say it is not the best-implemented standard. There are still many unrealized opportunities and some major challenges. I don’t think a single organization I’ve been in has fully aligned, and ASTM E2500 can feel aspirational.

                      Key Principles

                      1. Risk Management: The approach integrates risk management principles from ICH Q8, Q9, and Q10, focusing on identifying and mitigating risks to product quality and patient safety throughout the lifecycle of the manufacturing system.
                      2. Good Engineering Practices (GEP): It incorporates GEP to ensure systems are correctly designed, installed, and operated.
                      3. Flexibility and Efficiency: It strives for a more flexible and efficient organization of verification activities that can be adapted to each project’s specific context.

                      Know your Process

                      Regulatory agencies expect drugmakers to persuade them that we know our processes and that our facilities, equipment, systems, utilities, and procedures have been established based on concrete data and a thorough risk assessment. The ASTM E2500 standard provides a means of demonstrating that all of these factors have been validated in consideration of carefully evaluated risks.

                      What the Standard Calls for

                      Four Main Steps

                      1. Requirements: Define the system’s needs and critical aspects. Subject Matter Experts (SMEs) play a crucial role in this phase by defining needs, identifying critical aspects, and developing the verification strategy.
                      2. Specification & Design: Develop detailed specifications and design the system to meet the requirements. This step involves thorough design reviews and risk assessments to ensure the system functions as intended.
                      3. Verification: Conduct verification activities to confirm that the system meets all specified requirements. This step replaces the traditional FAT/SAT/IQ/OQ/PQ sequence with a more streamlined verification process that can be tailored to the project’s needs.
                      4. Acceptance & Release: Finalize the verification process and release the system for operational use. This step includes the final review and approval of all verification activities and documentation.

                      Four Cross-Functional Processes

                      1. Good Engineering Practices (GEP): Ensure all engineering activities adhere to industry standards and best practices.
                      2. Quality Risk Management: Continuously assess and manage risks to product quality and patient safety throughout the project.
                      3. Design Review: Regularly reviews the system design to ensure it meets all requirements and addresses identified risks.
                      4. Change Management: Implement a structured process for managing system changes to ensure that all modifications are appropriately evaluated and documented.

                      Applications and Benefits

                      • Applicability: The ASTM E2500 approach can be applied to new and existing manufacturing systems, including laboratory, information, and medical device manufacturing systems.
                      • Lifecycle Coverage: It applies throughout the manufacturing system’s lifecycle, from concept to retirement.
                      • Regulatory Compliance: The approach is designed to conform with FDA, EU, and other international regulations, ensuring that systems are qualified and meet all regulatory expectations.
                      • Efficiency and Cost Management: By focusing on critical aspects and leveraging risk management tools, the ASTM E2500 approach can streamline project execution, reduce time to market, and optimize resource utilization.

                      The ASTM E2500 approach provides a structured, risk-based framework for specifying, designing, and verifying pharmaceutical and biopharmaceutical manufacturing systems. It emphasizes flexibility, efficiency, and regulatory compliance, making it a valuable tool for ensuring product quality and patient safety.

                      What Makes it Different?

                      ASTM E2500The more traditional approach
                      Testing ApproachIt emphasizes a risk-based approach, focusing on identifying and managing risks to product quality and patient safety throughout the manufacturing system’s lifecycle. This approach allows for flexibility in organizing verification activities based on the specific context and critical aspects of the system.Typically follows a prescriptive sequence of tests (FAT, SAT, IQ, OQ, PQ) as outlined in guidelines like EU GMP Annex 15. This method is more rigid and less adaptable to the specific needs and risks of each project.
                      Verification vs QualificationThe term “verification” encompasses all testing activities, which can be organized more freely and rationally to optimize efficiency. Verification activities are tailored to the project’s needs and focus on critical aspects.Follows a structured qualification process (Installation Qualification, Operational Qualification, Performance Qualification) with predefined steps and documentation requirements.
                      Role of Subject Matter ExpertsSMEs play a crucial role from the start of the project, contributing to the definition of needs, identification of critical aspects, system design review, and development of the verification strategy. They are involved throughout the project lifecycle.SMEs are typically involved at specific points in the project lifecycle, primarily during the qualification phases, and may not have as continuous a role as in the ASTM E2500 approach.
                      Integration of Good Engineering PracticesOffers greater flexibility in organizing verification activities, allowing for a more efficient and streamlined process. This can lead to reduced time to market and optimized resource utilization.While GEP is also important, the focus is more on the qualification steps rather than integrating GEP throughout the entire project lifecycle.
                      Change ManagementIt emphasizes early and continuous change management, starting from the supplier’s site, to avoid test duplication and ensure that changes are properly evaluated and documented.It emphasizes early and continuous change management, starting from the supplier’s site, to avoid test duplication and ensure that changes are properly evaluated and documented.
                      DocumentationDocumentation is focused on risk management and verification activities, ensuring compliance with international regulations (FDA, EU, ICH Q8, Q9, Q10). The approach is designed to meet regulatory expectations while allowing for flexibility in documentation.quires extensive documentation for each qualification step, which can be more cumbersome and less adaptable to specific project needs.

                      Opinion

                      I’m watching to see what the upcoming update to Annex 15 will do to address the difficulties some see between an ATSM E2500 approach and the European regulations. I also hope we will see an update to ISPE Baseline® Guide Volume 5: Commissioning and Qualification to align an approach.

                      ISPE Baseline® Guide Volume 5ATSM E2500
                      Design inputs
                      Impact assessment
                      Design Qualification
                      Commissioning
                      Multiple trial runs to get things right
                      IQ, OQ, PQ, and acceptance criteria
                      GEP Scope and QA Scope overlapped
                      Focused on Documentation Deliverables
                      Change Management                      		Design inputs
                      Design Review
                      Risk Mitigation
                      Critical Control Parameters define Acceptance Criteria
                      Verification Testing
                      Performance Testing
                      GEP Scope and QA Scope have a clear boundary
                      Process, Product Quality and Patient Safety
                      Quality by Design, Design Space, and Continuous Improvement

                      To be honest I don’t think ATSM E2500, ISPE Guide 5, or anything else has the balance just right. And your program ends up being a triangulation between these and the regulations. And don’t even bring in trying to align GAMP5 or USP <1058> or…or…or…

                      And yes, I do consider this part of my 3-year plan. I look forward to the challenges of a culture shift, increased SME involvement, formalization of GEPs (and teaching engineers how to write), effective change management, timely risk assessments, and comprehensive implementation planning.