March 2023

· 3 min read

March 2023 Pharma News Update

The U.S. NIST has developed a framework to better manage risks to individuals, organizations and society associated with artificial intelligence (AI).

U.S. NIST: Artificial Intelligence Risk Management Framework (AI RMF 1.0)

In collaboration with the private and public sectors, the U.S. National Institute of Standards and Technology (NIST) has developed a framework to better manage risks to individuals, organizations and society associated with artificial intelligence (AI). The NIST AI Risk Management Framework (AI RMF) is intended for voluntary use and to improve the ability to incorporate trustworthiness considerations into the design, development, use and evaluation of AI products, services and systems.

Released on January 26, 2023, the framework was developed through a consensus-driven, open, transparent and collaborative process that included a request for information, several draft versions for public comments, multiple workshops and other opportunities to provide input. It is intended to build on, align with and support AI risk management efforts by others.

UK Government Response to Consultation on Point-of-Care (POC) Manufacture

On August 12, 2021, the MHRA launched a consultation on a proposed regulatory framework that is based on and links into current regulatory systems for medicines approvals, clinical trials, evaluation of regulatory compliance at manufacturing sites and safety monitoring. This consultation ran until September 23, 2021.

On January 25, 2023, the UK government issued its response to the POC consultation. There was significant support for the creation of a new UK regulatory framework for manufacture and supply at the POC: 91% of responders agreed with the need for a new POC framework, and 94% agreed with the proposed framework.

Responders also supported a wider scope of manufacturing and supply — for the framework to include modular manufacture (75% positive) and home-based manufacture (71% positive) as well. Based on this feedback, the government will prepare a statutory instrument to introduce the new framework into UK law. Future guidance will be developed by MHRA alongside the statutory instrument to provide the necessary interpretation and procedural support.

Q9(R1) Quality Risk Management (QRM) Fully Approved

This first revision of Q9 was given step 4 approval at an interim ICH Management Committee meeting on January 18, 2023.

This revision has been made to address four areas for improvement in the application of QRM:

High levels of subjectivity in risk assessments and in QRM outputs
Product availability risks
- Quality/manufacturing issues that impact the supply chain and product availability can present risks to patients, and management of these risks is important.
Lack of understanding as to what constitutes formality in QRM work
Lack of clarity on risk-based decision-making

This revision has, quite rightly, taken the opportunity to change the terminology for the start of the risk assessment process from “risk identification” to “hazard Identification.”

The main additions to the revised guideline are in section 5, Risk Management Methodology, with additional subsections on:

Formality in QRM
Risk-Based Decision Making
Managing and Minimizing Subjectivity

On formality, the new draft gives examples of the factors to be considered to determine the appropriate level of formality:

Uncertainty, i.e., when there is a lack of knowledge about the risks
Importance of the decision to be made
Complexity of the project or subject area

The revised guide then gives characteristics of higher and lower levels of formality.

The new section Risk-Based Decision-Making states that “effective risk-based decision-making begins with determining the level of effort, formality and documentation that should be applied during the quality risk management process.” It goes on to describe highly structured processes, less structured processes and rule-based processes when making risk-based decisions.

On subjectivity, the revision notes that this can be introduced through:

Differences in how risks are assessed and in how hazards, harms and risks are perceived by different stakeholders
The use of tools with poorly designed risk-scoring scales

It goes on to state, “While subjectivity cannot be completely eliminated from QRM activities, it may be controlled by addressing bias, the proper use of QRM tools, and maximising the use of relevant data and sources of knowledge.”

The revision adds a new section on QRM as part of supply chain control to Annex II on the potential applications of QRM. This new section is subdivided as follows:

Manufacturing Process Variation and State of Control
Manufacturing Facilities and Equipment
Supplier Oversight and Relationships

Automotive and Aerospace

Advisory Circular (AC) 00-56B Management Systems

AS 9100 Series Aerospace Management Systems

IATF 16949 Automotive Quality Management Systems

Information Security Management Systems

ISO 14001 Environmental Management Systems

ISO 45001 Occupational Health & Safety Management Systems

ISO 9001 Quality Management Systems

Registration for Brake Friction Manufacturers

Building and Construction

Building Products and Furnishings

Building Water Health Consulting Services

Electrical Safety

Management System Standards

Plumbing and Plastic Pipe System Components

Food and Beverage

Agriculture and Crops

Animal Protein Supply Chain

Commercial Food Equipment and Chemical Manufacturers

Food Manufacturers

Food Packaging, Storage and Distribution

Foodservice and Contract Caterers

Grocery and Food Retailers

Hospitality — Hotels, Pubs and Bars

Management System Standards

Quick Service Restaurants, Restaurant Chains and Franchisees

Seafood Producers and Suppliers

Virtual Kitchens, Mobile Kitchens, Aggregators and Food Innovators

Other Businesses We Serve

Health Sciences

Dietary and Nutritional Supplements and Cosmetics and Personal Care Products

Management System Standards

Medical Device and IVD Solutions

Pharma and Biotech Support

Water

Building Water Health Consulting Services

Management System Standards

Municipal Water Systems Certification

Onsite Wastewater Systems Testing

Plumbing and Plastic Pipe System Components

Pool and Spa Certification

Regional Certification and Approvals

Water and Wastewater Standards

Water Treatment Products Testing and Certification Services

Auditing

Automotive and Aerospace

Building and Construction

Food and Beverage

Health Sciences

Lab and Testing Services

Management System Standards

Water

Certification

Automotive and Aerospace

Building and Construction

Dietary and Nutritional Supplements and Cosmetics and Personal Care Products

Food and Beverage

Management System Standards

Sustainability

Water

Consulting

Building and Construction

Food and Beverage

Health Sciences

Quality and Compliance Software

Sustainability

Water

Information Security

CSA STAR

Cybersecurity Maturity Model Certification (CMMC)

ISO/IEC 20000-1: International Service Management Standard

ISO/IEC 27001: Information Security Management

NIST 800-171

Lab and Testing Services

Biosafety Cabinetry Certification

Bioanalytical Research

California Proposition 65 Support

Microbiology Lab

NSF Chemistry Lab

NSF Engineering Lab