A small change is making a big impact on the FDA’s PAI process.
In the world of drug development, it’s not uncommon for regulatory changes to have significant ripple effects. Big waves can sometimes start with seemingly small updates – even as small as 6 new words in the FDA’s “Compliance Program Guidance Manual” (CPGM) 7346.832.
All the way back in October 2022 – remember your 7th booster? – the FDA slipped these words into its guidelines for navigating its pre-approval authorization inspection (PAI) process. “With little fanfare,” as former FDA inspector Peter Baker put it, there was a brand new Objective #4.
“Commitment to Quality in Pharmaceutical Development.”
And if you were paying attention, you didn’t just start to feel the ripples: You felt a tranquil pond transform into a jet-laiden jacuzzi. By now, we’re already seeing and feeling the waves of change – ones with the power to wash away the promise of an application approval.
Let’s see how.
Evolving shifts at the FDA are shaking up a critical compliance program.
As drug developers have realized since then, those 6 words are more than a new goal post for the PAI process. This new objective represents a break from conventional approaches to compliance, one that puts the industry on notice: the FDA is focusing on quality earlier in the development lifecycle than ever.
Developed almost 40 years ago, in response to a series of industry-shaking generic drug scandals, the FDA PAI program has already established rigorous benchmarks for the overall application approval process. But historically, its focus has been on three objectives that most drug developers could comfortably (though perhaps not consistently) handle with trusty old documents:
- Objective 1, “Readiness for commercial manufacturing”: Verifying the company can reliably sustain a commercial-scale product supply and minimize the risk of shortages.
- Objective 2, “Conformance to Application”: Demonstrating that the company’s proposed processes, equipment, and other factors are consistent with those observed during on-site inspection.
- Objective 3, “Data Integrity”: Confirming that the data submitted in the company’s application are accurate and complete.
For decades, these goals have told drug developers exactly what they need to focus on to navigate the PAI process itself. Make sure application and manufacturing facilities match up as closely as possible, assume the investigator will take a risk-based approach to each objective, and prepare for the best – a successful inspection that supports a positive approval decision.
But then along came the game-changer, a new objective that fundamentally shifts the focus of the PAI program: away from confirming conformance to a moment-in-time application, to verifying systemic commitment to a much bigger goal.
Objective #4: The FDA PAI program adds a major new layer
As it quickly dawned on many drug developers, Objective 4 doesn’t simply add a new to-do to the PAI checklist. It sets new expectations for the entire drug development process leading up to a PAI.
To see how, let’s take a closer look at this significant new addition to CPMG 7346.832:
- Objective 4, “Commitment to Quality in Pharmaceutical Development”: Assess the establishment’s ability to develop and manufacture drugs of consistent quality. This includes determining whether an establishment has implemented and follows a development program that applies sound science and principles of material science, engineering, knowledge management, and quality risk management in a holistic manner.
The FDA then adds that it’s looking for that commitment to cover 4 key elements. Here’s where those ripples really start to be felt:
- Pharmaceutical Development Program: Review the tools, procedures, or strategies used in the product development program, and verify that the program described in the application aligns with the one used in practice. (“Live processes match the application? Check!”)
- Senior Management Commitment to Quality: Determine whether the right documentation, skill sets, and oversight are in place throughout the development program, and that senior leadership has eyes on all of it. (“Top brass is involved and aware? Check!”)
- Multidisciplinary Integrated Development Team: Verify that the product development team is represented by integrated, cross-functional departments with relevant disciplines. (“Right people at the table for the audit? Check!”)
- Quality Risk Management in Development: Determine whether the product development program includes adequate risk assessment activities, and assess the firm’s use of quality risk management principles during development. (“Wait… what?”)
As the last element makes clear, objective 4 isn’t just about what investigators see at the PAI – it’s about how the product itself has been developed leading up to the inspection. All of a sudden, PAIs aren’t simply about confirming that quality has been achieved at that point in time: they’re about verifying that quality has been considered, assessed, and effectively controlled all along.
While that change may have been a quiet surprise in 2022, it follows a clear trend at the FDA – one that has been gathering speed since their white paper on Quality Management Maturity.
Here, the FDA has introduced a new set of assessments focused on pushing drug developers to “successfully integrate business and manufacturing operations with quality practices and technological advancements to optimize product quality, enhance supply chain resiliency, and drive continual improvement.” According to the FDA, higher levels of QMM indicate greater process capability, process performance, and a reduced risk of quality failures – events that often contribute to drug shortages.
These goals clearly rhyme with those of Objective 4. Together, both updates point to the same implication: the FDA is looking for drug developers to not just show quality at the PAI, but embed it in their organizational systems, behaviors, and processes. And that means the entire focus of the PAI is expanding – beyond “just” development outcomes, to a company’s entire development approach.
So how can drug developers prepare for that newly expansive PAI process? Let’s start with two key components of Objective 4.
To achieve objective #4, Knowledge Management and Quality Risk Management are both essential.
ICH Q10 (Pharmaceutical Quality System) defines Knowledge Management (KM) as a systematic approach to acquiring, analyzing, storing, and disseminating information related to products, manufacturing processes and components. Alongside Quality Risk Management (QRM), KM is one of two key Q10 compliance enablers that may permit a site to achieve an advanced (or “mature”) Quality System.
In a recent blog post, Peter Baker shared a practical example of KM’s role:
“An analyst knowing that an extra minute of sonication during sample preparation reduces variation in assay results is potential knowledge that can be integrated into the quality system to reduce OOS’s and drug shortages.
However, this will remain ‘information’ in the analyst’s head until there is a management strategy in place to document this implicit information within the workflow validation risk assessment – at which point it then becomes ‘knowledge.’
Information does not become knowledge until it is documented, and the most efficient capture of this information is within a workflow validation risk assessment!
This forms the library of knowledge that can be used throughout the organization when needed (in this case, during an OOS root cause evaluation). The ability to assign a potential root cause by referencing the KM library will improve efficiency and demonstrate the ‘scientific rationale’ necessary to perform retesting/sampling.”
To Peter’s point, information does not become knowledge until it is captured and given context. Firstly, raw data values alone tell a limited story when thinking about overall product quality. Secondly, in 2024 we must ask ourselves whether documents are the best media to capture, contextualize, and ultimately convert information into knowledge (the evolution of which should be tracked across the entire product lifecycle).
Here’s a good example: Dig around in an old drawer in your house. You know, the one with all of your important docs (birth certificate, mortgage application, medical information). Time yourself trying to find a particular sentence in any one of those documents, and then imagine you have to do that multiple times a day, five days a week, – just like the average scientist searching for the site-specific operating range for a particular process parameter.
Still think documents are the answer? Doubt it. Navigating aggregated, non-contextualized information is an inefficient time-suck.
At the same time, it’s also important to point out that Peter does in fact emphasize the need for both systematic tools for capturing knowledge (KM) and then evaluating that knowledge through a patient safety lens (QRM). KM and QRM go hand in hand!
In doing so, he states:
“Without a KM library to reference and to reinforce decision making, the regulators often conclude the firm is relying on their opinion to justify root cause conclusions / product impact statements / rationale for re-testing / other critical GMP functions.”
To be clear, these are not elements you can throw in at the last minute to get through your PAI. To achieve Objective #4, KM and QRM need to be a part of the digital fabric of your CMC operations. Only then is it possible to demonstrate robust process understanding and holistic control strategies with strong data governance and integrity.
This is where we can truly see the value of enabling technologies like QbDVision, which can be a valuable way to capture, log, and contextualize all of an organization’s explicit and tacit knowledge. Doing so transforms that information into institutional knowledge that spans the product life cycle, and accelerating business processes, and, subsequently, the delivery of quality, safe, and efficacious therapies to patients.
Are you ready for Objective #4? Here’s how to tell.
If you’re preparing for a PAI in 2024, Peter provides some more valuable guidance on where to start and what to focus on. He outlines a “quick self-evaluation” that can help organizations assess their inspection-readiness, especially when it comes to demonstrating a commitment to quality:
- Knowledge Management: Has management provided the solutions necessary to ensure information gathered during development can be digitally transformed into knowledge? To gauge your organization’s maturity, use FAIR data principles as the standard for success.
- Quality Risk Management: Has management updated the overall QRM program to align with the 2022 revisions to ICH Q9? QRM tools that span a spectrum of formality can be used to assess an organization’s maturity, from simple risk memos to full-on FMEA.
While risk assessment and risk management practices are fairly ubiquitous across the industry – everyone knows about FMEAs – the challenge is often that these assessments aren’t integrated throughout an organization’s product/process knowledge. Typically, that’s because the information isn’t digitized, and is often scattered across numerous iterations of various PDFs, Word docs, and Excel spreadsheets.
For example, criticality, impact, uncertainty, and detectability calculations for CQAs may be stored in relatively easy-to-find Excel files on a Sharepoint Silo or QMS system. But even there, all the context around that particular assessment – justifications, supporting documents, linked data, etc. – is lost and near impossible to retrieve. It may have walked out of the door inside someone’s head, been thrown in a bin with a full notepad, or vanished when a 10-year-old laptop was replaced.
This all-too-common scenario clearly demonstrates the need for a comprehensive knowledge management strategy and robust digital KM library – especially when it comes to an organization’s tacit and “tribal” knowledge.
Implementing KM best practices like these can help advance quality system maturity and accelerate root cause and OOS investigations. A centralized digital knowledge base – where information is findable, accessible, interoperable, and reusable (FAIR) – facilitates thorough QRM that protects both product quality and patient safety.
KM, QRM, QMM, PAI: Remember those four acronyms
By the end of this post, I hope you’ve committed them to memory. Because regulators have absolutely done so!
It’s clear that embracing these principles is of the utmost importance in 2024 if you hope to get through your PAI and other regulatory interactions. This, quite frankly, is no longer optional to enable a mature quality system in regulators’ eyes. It’s what they need to see to accelerate product approvals and ensure quality, safety and efficacy.
As we heard from so many experts and leaders at last year’s Digital CMC Summit, tools that enable comprehensive KM and QRM are what’s next for quality management maturity in drug development. The sooner they become the standard for the industry’s new innovations, the better.
GET IN TOUCH
Explore the future of Digital CMC with QbDVision.
Reach out any time to learn how our platform can help you build a KM and QRM foundation for the entire product development life cycle.
