Change Control in pharma is the formal, documented system used to propose, evaluate, approve, implement, and review any change that could impact product quality, patient safety, compliance, or data integrity. It is a core element of the Pharmaceutical Quality System (PQS) and ensures the process remains in a validated state.
What counts as a “change”
Changes may relate to:
- Materials: API/excipient supplier, grade, specification, packaging material, vendor site.
- Process: parameters, batch size, mixing times, granulation method, sterilization cycle, hold times.
- Equipment/utilities: new equipment, part replacement, software upgrades, HVAC, water systems, compressed air.
- Facility/layout: room classification, material/personnel flow, construction/repairs.
- Methods/documents: analytical method revision, sampling plan, SOP/BMR changes, computerized system configuration.
- Organization: key personnel changes, outsourcing, contract labs/manufacturers.
Typical change control lifecycle
- Initiation: change request raised with reason, scope, and proposed timeline.
- Impact assessment (risk assessment): cross-functional review (QA, Production, QC, Engineering, RA, Supply Chain) evaluates potential impact on CQAs/CPPs, validation, stability, cleaning, packaging, data integrity, and regulatory filings.
- Classification: minor/major/critical change level determines required testing and approvals.
- Action plan: define required activities—qualification (IQ/OQ/PQ), validation/revalidation, method revalidation, comparability, training, updated documents, supplier qualification, and stability commitments.
- Approval: QA approval is mandatory before implementation; regulatory approval may be required depending on market.
- Implementation: execute plan under controlled conditions; document evidence and deviations.
- Effectiveness check and closure: confirm outcomes meet acceptance criteria (no adverse trends, successful batches, stable results) and update the validated state documentation.
Good practices and common failures
Good change control includes strong traceability, clear decision rationale, and timely closure. Common inspection findings are “changes implemented before approval,” weak risk assessment, missing revalidation, inadequate stability evaluation, and not updating impacted SOPs/BMRs or training.