A risk-based approach to second person verification in microbial testing
Ensuring the integrity of microbiological test data is fundamental to drug product quality and patient safety. The FDA is particularly focused on the data integrity of microbial tests as these often use manual methods that could be open to error or fraud.
At present, the soundness of traditional culture-based microbiological test data is largely determined by factors such as effective sampling, valid testing and the interpretation of results. A BioPhorum survey into this area found that more than 50% of members were doing second-person verification of tests to satisfy FDA scrutiny, but did not think the risk was being properly managed. The concern is that lots of time is being wasted on low-risk tests being double-checked.
To address these issues the BioPhorum Microbial Control workstream has written a paper called Risk assessment of traditional culture-based microbiological tests requiring contemporaneous verification. The paper looks at the fundamentals of ensuring microbiological test data integrity and proposes that a qualitative risk assessment is performed for the traditional, culture-based quality control tests that currently require verification by a second person. In addition, lab controls are recommended to ensure that testing is robust.
The risk assessment approach is designed to help companies when analyzing the overall risk of possible errors made in the final visual readout. It looks at the benefits of the risk-based approach and the need for extra controls, and identifies instances where second-person checks are important. It contains a real focus on making sure that a test is only performed where the risk warrants it, and aims to free staff from performing routine checks on low-risk samples.
One member company applied the risk assessment approach outlined in the paper and was able to remove 12 million second person verification samples from its global testing program. A case study also demonstrated that it is possible to save one to two full time equivalents if the risk based approach is applied. The workstream members are now implementing this approach, and sharing both operational experience and feedback at audit.