Risk assessments are often an afterthought. A company is required to be audited, and the auditor finds gaps or holes in its processes. That company then scrambles to make corrections. The auditor, as an objective third-party, may see things that the company misses or have seen more cohesive operations elsewhere – but his or her recommendations often come after the damage is done. Risk management resolves this issue by making risk assessments proactively and continuously.
Consequences of Poor Risk Management
When companies practice poor risk management, they aren’t just risking failing an audit. They are putting their time, costs, and quality at risk. Many end up feeling like they spend their days “fighting fires” and “managing” surprises, then find themselves unable to explain the ensuing delays to their shareholders, sponsors, or other stakeholders. The worst part is that because they do nothing to fix the root cause of these issues, the situation never gets any better, and the company loses money.
Benefits of Risk Management
Proper risk management changes that prognosis. When your company puts into place a process for identifying and responding to project risks, it reaches new levels of transparency that allow all of the parties involved to be on the same page. Your company can use that operational awareness to inform planning, protecting time and quality. Furthermore, you create a situation in which you can improve your future study management, learning best practices.
Understanding the Risk Management Process
To manage risk effectively, you need to have a process in place. It starts with formalizing and operationalizing the risk management process. This helps to establish your company’s priorities and identifying the risks associated with reaching those parameters. Next, you also want to conduct regular risk assessments. Ask yourself what could go wrong and try to determine the likelihood that there will be a negative outcome – and do so often. The most effective risk assessments happen frequently.
Once you’ve identified the risks you face, controls need to be put into place. Specifically, management and project decisions need to be made with the express purpose of mitigating the risks your team identifies. Finally, your company needs to reassess the situation, incorporating new information and developments.
Developing a Risk Management Plan (RMP)
Once you understand the risk management process, you can build a risk management plan or RMP. This document details the study conduct as well as the potential controls that could be put into place. At Pharm-Olam, our project managers (PMs) write the RMP. It is reviewed and revised at each stage of the study. This including start-up, enrollment, treatment, follow-up, database lock, and closeout, as well as for any changes to the protocol. In addition, the PMs review study risks and the actions taken to mitigate those issues monthly at a minimum. High-risk studies may receive more frequent reviews. They share risk assessments with the associated Sponsors as well the team as a whole, so everyone understands the problems facing the study as well as the efforts taken to manage the risks.
Putting It Together
To manage risk properly, it takes time and consistent effort. Risk assessments are not something to be completed on an ad-hoc basis. Moreover, overseeing risk well requires a plan. Many people will contribute to your company’s ability to mitigate risk within a study. Having an RMP in place outlines everyone’s role as well as the dangers of which they should be aware. Furthermore, as individuals take action to influence risks, these efforts are recorded and monitored. Ultimately, everyone involved can see what is happening and have the chance to work together transparently towards making the study a success.