What is risk?

Quality Risk Management:
Applying the principles and tools

What is risk?
How does an organization identify and reduce it?

Regulatory agencies world-wide are encouraging our industry to identify, assess, and manage the potential quality risks associated with pharmaceutical and biotech products.  Pharmaceutical firms are also realizing that risk management is an important way to rationally set priorities for quality and compliance activities. 

This two-day workshop presents the concepts of risk assessment and risk management to executives, managers, and technical personnel.  Using examples and activities, participants learn about seven of the most frequently used tools and processes for identifying and quantifying risk.  Integrated approaches to prevent risks from being expressed and protecting things of value are also presented.

Tools discussed include:

  • Holographic Hierarchical Modeling and Risk Filtering and Ranking
  • Preliminary Risk Analysis
  • Hazard Analysis and Critical Control Points
  • HazOp
  • Failure Mode Effects and Criticality Analysis
  • Fault Tree Analysis
  • Event Tree Analysis

Who should attend:

Those in management, quality, development, compliance, laboratory, operations, and other technical areas.

Learning objectives:

  • Provide a working knowledge of the concepts and tools used in managing risk with applications to pharma and biopharma
  • Develop rating scales that can more objectively describe severity, occurrence, and detectability.


  • Define terms and concepts important in risk management.
  • Describe the importance of risk assessment and risk management to various industries or endeavors.
  • Identify and discuss models used to describe accidents.
  • Describe the phases used in managing risks.
  • Describe techniques used in risk assessment, when they are used, and how they are performed.
  • Given a set of quality system elements, identify where risk assessment tools and risk management processes can be effectively used.
  • Identify issues in implementing Risk Management in an organization.

Detailed course outline - Click here »

  1. Workshop Introduction and Objectives:
    • Participant goals/topics of importance
  2. Quality Risk Management (QRM) defined
    • The what and why behind QRM
    • The basic elements of quality risk management
      • Analysis of all available information
      • Determine the likelihood of a risk
      • Assess the risk using methods to determine potential impact and severity
      • Evaluate and decide which risks to control
      • Control and mitigate the significant risks
      • Monitor
      • Communicate with all stakeholders
    • Small and large group activity: Why is risk management so important now?
  3. The evolution of "Quality Thinking" in the pharma industry
    • From specifications to testing to process understanding
    • Changes in GMP requirements and expectations related to QRM
      • The connections between risk-based thinking, the product life cycle and the quality system: ICH Q8, Q9, and Q10
      • Where we see the need for risk-based thinking 
      • The growing importance of product and process understanding
      • What regulatory agencies and national authorities have been saying

  4. Key concepts and how they apply to risk-based thinking
    • The six fundamental questions of risk assessment and risk management
    • Vulnerabilities and timing:  What factors can make a product or organization more susceptible to hazards?
    • Small and large group activity:  identifying vulnerabilities

  5. How people think about risk
    • Small and large group activity: What shapes risk perceptions?
    • The role of heuristics
    • The role of trust
    • Accident theory:  the basis for many risk assessment tools
    • Turning accident theory on its head:  tools for assessing risks
  6. The QRM process: what it is all about
    • Defining each task, what is accomplished and how it is done
    • Preliminary tasks:  Coming up with the “risk question”
    • Define the system or process
    • Identify the hazards – creating "risk scenarios"
    • Assess the risks
    • Evaluate the risks
    • Control and mitigate the significant risks
    • Monitor
    • Communicate to stakeholders
    • Small and large group activity:  How can you apply the process?
    • The risks of too much and too little documentation of the QRM process
    • The risk assessment “toolset”:  A look at some of the tools used in risk assessment and where they came from
      • Risk ranking
      • Preliminary risk assessment
      • Hazard and Operability Studies (HAZOP)
      • Hazard Analysis and Critical Control Points (HACCP)
      • Failure Mode Effects and Criticality Analysis (FMECA)
      • Fault Tree Analysis (FTA)
      • Event Tree Analysis (ETA)
  7. Applying Quality Risk Assessment Tools
    • Now that you know the process and some of the tools, you can apply them using several different scenarios.
    • Large group activity:  A Warm-up to using some of the risk assessment tools
    • Small and large group activity:  Practical example #1 – Risk and outsourcing.  An overview of the outsourcing process and then a small group activity where learners can use one of the risk assessment tools.  Ideas to control significant outsourcing risks will be identified.  (This can apply to contract givers as well as contract receivers.) 
    • Control and mitigation strategies:  prevention or protection?
    • Small and large group activity:  Practical example #2 – Risk and inspection readiness.  Becoming “inspection ready” can be more focused in compliance priorities are identified.  This large and small group activity first examines areas that regulatory age currently emphasizing.  Participants will apply one of the risk assessment tools and use “risk rating” approaches described by regulatory agencies.
    • A closer look at the “risk library”  – how much detail should you include in your formalized risk assessment
    • REAL WORLD CASE STUDIES: Working in small groups,  participants apply a risk assessment and risk management tool to one of several case studies.  The teams will share their conclusions in brief presentations to the large group.  Case studies have been prepared that cover product development, handling of samples, distribution practices (cold and secure chain).
  8. Integrating QRM into your organization
    • Setting up a QRM activity:  Critical success factors to consider when you are setting up or evaluating a quality risk management program, including the importance of management support
    • Suggestions for early risk assessment projects:  focus on what is important
    • Writing a procedure for risk assessment and risk management – key things to include
    • What can we learn from recent risk management failures in other industries?  What can happen when you don’t understand the limitations of the risk model?  What can happen when nobody thinks of “residual risk” or “unidentified risk?”
    • Discussion:  Taking the next steps.  What actions can you take?  What will you be able to do with this information?
This course is based on Dr. James Vesper’s book, "Risk Assessment & Risk Management in the Pharmaceutical Industry"
» More information about the book
Reading tips:
Article from Pharmaceutical Engineering, Nov-Dec 2016:
"Current Challenges in Implementing Quality Risk Management"
by Dr. James Vesper and Keven O’Donnell


When attending a Key2Compliance® course, you get access to Gate2GMP®, our document library and search tool.
Watch this short video to learn more about what Gate2GMP® offers »


Bring this course in-house?

Are you a group in need of the same training?
Do you wish to customize this course to suit your needs?

 If so, running the course in-house is probably the best and most cost effective solution.

Make an enquiry





Course facts

Course no:
Pharmaceuticals and Biopharmaceuticals

GMP region:
US and EU


Date, location and venue:

Preliminary May/June 2020, Copenhagen Denmark

This course is also offered in-house.
Click here for more info and inquiry form.

2 days
8.30-16.30 (Registration 08.00-08.30 day 1)

Price (excl. local VAT):
Up to 6 weeks before course: 13 780 DKK (€ 1 850)
Less than 6 weeks before course: 15 280 DKK (€ 2 050)
incl. course material (pdf), lunches and refreshments

Note. Due to tax/VAT regulations within the EU (for courses/seminars/conferences), the course fee is invoiced in the local currency and local VAT is added.
Accommodation is NOT included in the course fee.

For groups registered and invoiced together for the same course we offer the following quantity discount:
2-3 persons 10%
4 or more 15%
We do not offer or practice any general company discounts without commitments and/or written agreements.

Cancellation policy - Compliance Seminars®  

Cancellation of registration:

Registration is binding and when you have received our confirmation the following conditions are known and accepted. If you for any reason is unable to attend, substitution is always possible and preferred.
All cancellations and/or substitutions must have been communicated with and confirmed by us.
Cancellations received less than 30 calendar days before course start are subjected to a service charge of 150 € (Euro)/registered course day as compensation for additional administrative burden and for non refundable part of the conference reservation. Cancellations received less than 14 calendar days prior the course, or failure to cancel or "no-show", will be charged in full.

Cancellation of courses: Courses may be cancelled by the organizer if bookings fail to reach minimum numbers (normally not later than 30 days prior the course start), or due to other reasons beyond our control. In such circumstances charged course fees will be refunded, credited, or granted to attend another course for the same value. NOTE! Key2Compliance AB is NOT responsible or liable to any costs in conjunction with a cancelled course. If you need to book flights way ahead (+35 days prior the course) check with us before finalizing the purchase of flights and/or hotel accommodation for an update on the registration situation.