Risk Management for Pharmaceuticals

Firt you need to identify the risks associated to the context of your organization. You can use a SWOT analysis to determine the risks and opportunities. You have to identify the risks related to the customer requirements but also additional risks associated to other requirements that have to be complied, for instance risks coming from the regulatory environment, spepecific levels of toxic that cannot be exceeded, etc. Some other examples of risks may include: human capital risks, financing risks, IT risks, etc.

Once you have identified the risks, you will need to use certain criteria to determine their significance, for instance, frequency of the risks, impact, etc. These criteria are not stated by the ISO 9001:2015, so you can decide which are the criteria that best fit your organization. After, you will have to carry out the necessary actions to eliminate or mitigate the risks according to their significance. Those risks that are subject to comply with laws and regulations will automatically be significant and your company will need to take the necessary actions to mitigate the risks (i.e. fulfill the regulatory requirements). These actions may include HR training, new equipment, better facilities, work instructions, improvement on calibration procedures, etc. Once these actions have been implemented and run for a certain amount of time you will need to measure their effectiveness. 

Basically these are the steps that you will need to follow:

1. Determine risks
2. Assess risks
3. Mitigate risks
4. Monitor results 

You can find more information below:

- Free webinar on-demand – How to implement risk management in ISO 9001:2015 - https://advisera.com/9001academy/webinar/how-to-implement-risk-management-in-iso-90012015-free-webinar-on-demand//
- How to address risks and opportunities in ISO 9001: https://advisera.com/9001academy/blog/2016/06/21/how-to-address-risks-and-opportunities-in-iso-9001/
- How to identify risk significance in ISO 9001:2015 - https://advisera.com/9001academy/blog/2019/01/14/how-to-identify-risk-significance-in-iso-90012015/
- For a free preview of an example of the Registry of Key Risks and Opportunities - https://advisera.com/9001academy/documentation/registry-of-key-risks-and-opportunities/
- Enroll for the free course - ISO 9001:2015 Foundations Course - https://advisera.com/training/iso-9001-foundations-course/
- Book - Discover ISO 9001:2015 Through Practical Examples - https://advisera.com/books/discover-iso-9001-2015-through-practical-examples/ (I use a lot of examples based on the risk-based approach)