During a GMP inspection, is it required to show supporting documents, e.g., confidential documents and other quality records, along with QMR meeting minutes? Is it mandatory to present them to the GMP inspector?
Based on my experience, yes. During an inspection, we present the output of the Quality Management Review (QMR) because the auditor or inspector is bound by a non-disclosure agreement. They are required to keep any information shared by the company confidential during an audit or inspection. Therefore, we have generally been quite transparent in this regard.
The only document we typically try to avoid showing is the risk register, as it often provides an easy way for inspectors to identify issues. In my experience, this was the one document we preferred not to present. However, we do provide the output from the Quality Management Review when needed.
Who will lead the QRM meeting, the CEO or the QA Head?
In my experience, it's the Head of Quality who leads the Quality Management Review. The CEO is present, but not does not lead the project.
How long should QMR meeting documents be archived for GMP inspection? What is the standard retention period according to ISO 13485?
Currently, in our company, we keep documents for a period of 10 years. This is required by regulation—in our case, IVDR. For GMP, I believe the requirement is to retain documents for an additional year after the product lifecycle. It usually depends, but we have seen that most companies retain their documents for between 7 and 10 years.
How do you get stakeholders to proactively contribute input rather than expecting Quality to give presentations, define topics, and do all the work?
This was indeed my fear when I decided to take this approach. I was essentially asking additional people to take on more work when they were used to relying on Quality Assurance to prepare everything.
However, my fear turned out to be unfounded. People were happy to prepare and showcase what they were working on, as well as to discuss and present their points to the management team. In my case, it was quite easy, I explained why I wanted to do this, provided context, and then gave them the floor. We also granted them a lot of autonomy. They knew they had to present certain KPIs, but beyond that, they were free to present what they felt was relevant. This level of autonomy made a big difference, as it encouraged them to take ownership of the discussion topics.
Ultimately, this is a clear indicator of the quality maturity within an organization—it depends on the quality culture of the company.
How are KPIs aligned with our overall business objectives?
Well, this is a discussion and a reflection. For example, one of the objectives of the company is to decrease costs and improve the effectiveness of the supply chain.
So the question to ask yourself is, "How can quality support this by decreasing the cost of non-quality?" Then, we identify what non-quality means for us, and based on this, we set up KPIs, what we want to measure, and afterward, we identify the objectives we want to reach. For example, we determine how to measure non-quality in terms of cost and set an objective to decrease this cost by 10% each year.
One way to measure non-quality is by analyzing nonconformities. Thus, we also track the number of nonconformities opened per month to see if we are able to reduce this number, which can indicate that non-quality is decreasing.
Sometimes, there are business objectives that quality cannot directly support or influence, and that's okay. It requires reflection, we need to understand what the company wants to achieve from a business perspective, and quality is also a part of the business.
Is there a benefit to using a scoring system to objectively determine if your QMS is still effective?
Within DiaSource, we haven't yet reflected on how to truly measure quality maturity. However, in my previous experiences in the pharmaceutical industry, there was indeed a scoring system.
Each department had to answer a set of questions with different rating options, and in the end, we would obtain a score from 1 to 5—both for the company as a whole and for each department individually. I don't remember the specific questions, but I do recall that the system was in place, and each year, we had to answer these questions.
At Scilife, we have a Quality Management Maturity Scan, which functions like a Quality Maturity test. It is closely aligned with the FDA’s Quality Maturity program. If you read this guidance, you can find some KPIs that can be part of this scoring system.
What corrective actions are taken when KPIs indicate a deviation from quality standards?
It will depend on the KPI and the situation.
For example, in our case, we track the number of nonconformities that are opened. We have observed that, while not a huge number, the amount of nonconformities is significant, and we do not see a positive trend of decrease. Based on this, we decided to increase the number of meetings dedicated to addressing nonconformities. We also chose to specifically analyze recurrent nonconformities and introduce additional KPIs to provide more insights beyond just the number of nonconformities.
Additionally, we now monitor the time it takes to close a nonconformity, as well as the backlog, since having too many unresolved nonconformities could become an issue.
How do you define the target of a KPI?
It's not always easy. Sometimes, there are clear recommendations. I know that for GMP, for example, there are guidelines on the time allowed for closing a nonconformity or the time to open a nonconformity or a complaint. When such recommendations exist within the regulations, it becomes quite straightforward to set a limit or a target.
Otherwise, for me, it should be a balance between something achievable and ambitious enough. One example from my previous work experience is when I was the head of a QC team for biochemical tests. For some ELISA tests, we had a repeat rate of 20%. At the time, my boss came from a physical-chemical background, where they performed colorimetric tests and similar analyses, where the repeat rate was around 2-3%. He asked me to work on my tests and said, "You have to reach a 5% repeat rate for your ELISA tests," which was absolutely unachievable. So each time we reviewed KPIs, I had to justify a lot because I was never able to reach the 5% repeat rate.
This is why I believe KPIs should be ambitious but also achievable. Otherwise, the discussion will not be very productive.
What do inspectors usually request during an inspection about QMRs?
Firstly, we always start with the procedure. Inspectors typically ask to see the procedure that describes the QMR process.
Once they have reviewed the procedure, they want to see proof that we are actually performing the review. At that point, we provide the meeting notes, a document approved by the management team.
The last time, they also asked us to go through the different slides to see how the process is managed, how we discuss KPIs, whether actions are being taken, if we are actively reviewing projects, and so on.
