In an industry environment that is under constant scrutiny by the FDA, Life Sciences companies must carefully consider their specific processes when it comes to risk management and reporting. Failure to monitor risk profiles, especially in an industry that has direct impacts on human lives, can lead to significant consequences – financial losses, negative public image, FDA warnings and bans, and in the worst cases – harm to patients. This highlights the need for a comprehensive enterprise risk management program at all Life Science companies.
In the market, there are currently two major ways to approach risk management. The first is to use external contracting. This can be impactful but often does not provide the tool that will enable highly efficient processes. The second is technological solutions, such as integrated risk management systems which provide the tool, but do not provide any structure or processes to maximize the use of the tool.
The Ideal solution to developing and implementing a risk management program follows a simple methodology to ensure compliance, instill a risk aware culture, and do so in a lean manner. This methodology is:
1. Diagnose issues with the current state
2. Design the future state including the plan that gets the company there
3. Implementation of culture, processes, and systems
4. Sustain and improve people, processes, and systems on an ongoing basis
Risks in the Life Sciences industry are more significant than most, because these are products that will be used on humans to cure diseases. This leads most to believe that spending on risk management should be massive. However, while no expense should be spared when it comes to risk management, there is no reason that the program should not be efficient.
By Tom Ambrogio and Adit Babureddy
In the Life Sciences industry enterprise risk management is one of the key issues keeping leaders up at night. The Life Sciences industry is one where no one can afford to make a mistake, and with human life on the line the risks are far too high. This is why the FDA’s mission is “protecting the public health by assuring the safety, efficacy and security of human and veterinary drugs, biological products, medical devices…”1 The FDA is unwavering in its commitment to ensure that this goal is met, which has led to the very strict and voluminous amount of regulations on the Life Sciences industry. In addition, the industry is facing challenges that “are unprecedented in its history. Perhaps foremost among these are the industry's lower revenue growth, poor stock performance, the lowest number of new chemical entity (NCE) approvals and the poor late-stage R&D pipelines prevalent throughout the industry.”2
Not only is the Life Sciences industry heavily regulated, but competition is fierce as more drugs come off patent while fewer new drugs are being approved. This is in addition to the criticality of the product as it is used as the primary means to heal sick patients. There can be no short cuts in this industry, and executives must constantly be aware of risks and quality and compliance issues:
These are just a few of the top risks that executives at all levels of a Life Sciences companies must be aware of during their day to day processes. Failure to address these risks in a systematic and comprehensive manner can have dire repercussions, so it is the responsibility of executives to make sure that all of these risks can be managed, especially since regardless of their direct or indirect involvement, they are accountable by the regulatory agencies.
In general, risk management concepts and methodologies have been around for centuries. On the other hand, enterprise risk management (ERM) solutions are more of a recent development. As technology has developed over the past decade, more and more ERM solutions have been developed across the board. In the current market, solutions usually fall into two major categories:
External contracting/consulting – Firms that specialize in teaching executives how to quantify and manage risks in their industry. They offer help in ensuring that a Life Sciences company will meet all regulatory standards, and offer insights of how to maintain compliance for years to come. What they will not provide is a fully integrated system, that enables very efficient real-time reporting on metrics to identify risks before they become concerns. Additionally, the focus tends to be at the executive level rather than inclusive of the entire organization; risk management is not a top-down activity but rather one where everyone plays a crucial role.
ERM and other compliance & quality systems – In Life Sciences, many companies rely on multiple different systems for different areas of the business. The ERM manages risk, the quality manager provides timely updates on quality metrics, and the compliance software keeps them abreast of potential compliance concerns. These systems rarely are integrated to provide the leadership team with a single portal to understand how risks are impacting product quality or compliance. A fully integrated system that can connect all areas is the most effective way to manage the complex risks in the Life Sciences industry. However, it is important to note that the system is just a tool; it is equally important to design processes that will make optimal use of the tool. Without the proper processes in place, the tool will end up costing the company rather than benefiting it.
The FDA’s definition of a risk management program is “a strategic safety program designed to decrease product risk by using one or more interventions or tools.” Unfortunately, there is no magic bullet for comprehensive enterprise risk management. It needs to be addressed by the entire organization and not a few individuals at the top. Coordinating these efforts will be extensive, but that only highlights the need to be efficient considering the industry pressures to reduce costs. There is, however, a way to build a Lean Risk Management Program that will not only ensure that risks are identified comprehensively but will operate with the least amount of waste possible.
Diagnosing the problem – The first and most critical step is understanding where an organization is in its current state compared to where it needs to be, or would like to be in the future. During this phase it is critical to:
Designing the solution – Using gap analysis and future state goals, the organization must come up with a roadmap of how they will reach the future state. Activities should include the identification and detailed implementation plans of:
Implementing and embedding – Following the plan developed in the design phase, it is now time to begin putting that plan into action. Defined timelines and priorities should be followed in order to always achieve the maximum benefits. During this phase it is key to:
Sustaining and improving – The last piece in the puzzle is an ongoing effort that begins once the highest priority initiatives are completed. In this phase the goal is to never accept complacency and to always strive for more effective and efficient processes and solutions. At this point metrics should be mature and performance gaps should be easier to identify. Ideally a system will be operational if it replaces prior reporting methods and eliminates the need for more formal reviews in place of real time reporting. Continued training of staff is a must, and ensuring that risk management becomes engrained into the culture rather than being a “flavor of the month” initiative.
Companies operating in Life Sciences must be able to implement effective processes in tandem with the changing regulations imposed by the FDA, CDER, and OPQ. Industries which involve the risk of human lives, must make every attempt to mitigate as much risk as possible when it comes to manufacturing products such as drugs. We foresee the importance of risk management and reporting to only continue to increase as time goes by. When efficient risk processes are effectively implemented, Life Science companies have the ability to adjust their operations in a timely manner.
Consider this methodology and the significant advantage it will bring to facilities during increasingly competitive times. If you would like to learn more about this approach and the work of Tefen Management Consulting or you are interested in a complimentary 1-hour consultation, please email our Director, Adrienne Trangle-Pelleg, at Apelleg@tefen.com.
Monopoly Building, Operational Excellence, Change Management & Supply Chain Expert