The end result objective of a corrective and/or preventative action (CAPA) is, quite simply, a solution to the issue from which the Corrective Action Request (CAR) was generated. If it is not driving toward a solution, a CAR is a waste of time and resources. For organizations in regulatory environments, the CAPA System is an over-arching umbrella—all control points flow through to the CAPA system.
Internal Sources That Feed Into the CAPA System:
External Sources That Feed Into the CAPA System:
From the perspective of regulatory agencies like the U.S. Food and Drug Administration (FDA), CAPA is viewed as the central component of your Quality Management System, and that affects all control points including design controls, production and process controls, records and documents change controls, material controls, and facility and equipment controls. Since a significant number of Form FDA-483 observations and Warning Letters cite CAPA deficiencies, it is evident that FDA investigators are likely to look closely at a company’s CAPA system during their inspections. In recent years the FDA has been promoting the adoption of closed loop CAPA systems where CAPA is the tool that drives reports and keeps management informed.
Some organizations are suffering from “death by CAPA;” their companies are being strangled because too many elements are included in their CAPA systems. In its most basic form, there are just two fundamental ingredients in a CAPA system:
The first element is the experience, expertise, and wisdom of the personnel involved with conducting CAPA processes. If personnel do not have a prior track record with CAPA, this may be an area where an organization has less control over CAPA activities.
The second core element of CAPA, one where more organizational control can be demonstrated, is process. The CAPA process requires critical thinking and an effective determination of the exact questions that need to be asked in order to come up with proper solutions.
Most companies doing business in regulatory environments could improve their CAPA processes by implementing better methodologies and applying effective risk-based filters. At minimum, a good closed loop CAPA system is comprised of the following elements:
- Problem Definition
- Verification of Effectiveness
The first element of a CAPA, of course, is the problem definition input that opens the CAPA: a customer complaint, a deviation, a nonconformance report, an out-of-spec finding, an internal audit finding, and so forth. There are four core modules of an open CAPA:
- Problem Definition
- Investigation (root cause or failure analysis),
- Corrective action implementation to prevent recurrence,
- Verification of effectiveness
Problem Definition is the evaluation phase, a scoping process where a determination is first made whether or not an investigation is warranted. The three main components of issue review are commonly called CSG: Concern, Specifics, and Gateway.
Issue review specifics are defined by asking the “five W” questions:
- Weight (magnitude)
An organization’s ability to successfully close a CAPA is directly related to how capably it is able to narrow down these five dimensions and arrive at a defensible decision. Designing and utilizing an issue review worksheet can facilitate CAPA investigations and streamline the gathering information on these specifics.
The “Gateway” component of CAPA revolves around the impact (safety, hazard, severity, visibility, etc.) and magnitude (i.e., frequency and/or size) of the situation. A gateway score chart can hone in on magnitude specifics based on qualitative and/or likelihood compared with descriptions of the input event occurrence (continually, frequently, occasionally, rarely, etc.). Likewise, an impact chart can provide a gateway scorecard for the severity of the event: critical, important, minor, or negligible. Most issues will likely be important or minor events. Specific scores can be assigned according to impact and magnitude scales to determine if the event is acceptable (no action required), undesirable (may or may not be put in the formal CAPA system), or unacceptable (CAPA opened and a resolution is required).
Once CAPA specifics have been defined and impact and magnitude has been determined, it is time to take action. Possible actions include:
- Adaptive Action: Actions that allow the organization to live with or adapt to the issue and continue to operate according to organizational objectives.
- Interim/Correction Actions: “Band-aid” or containment actions that alleviate the effects of the issue and buy time before a corrective action is implemented. Containment is a backup plan if a problem cannot be resolved.
- Corrective Actions: Problem prevention and containment actions that permanently eliminate the cause of the issue to minimize the potential that they are likely to occur again
- Verification of Effectiveness: Follow-up Actions taken to verify that the actions taken were effective to eliminate the cause of the issue, and did not result in adverse effects elsewhere in the operation.
Approaches to Investigations
As in any problem solving situation, there are three basic approaches to the investigation component of a CAPA:
- Trial and Error: This is a risky method that may work for some companies but it also has the potential to exacerbate the problem. You may get lucky, but you also may complicate the problem.
- Fishboning, design of experiments, and brainstorming: These quality tools are usually better solutions than trial and error, but they are also dependent on past experience and potentially useless if the root cause lies outside the realm of personnel expertise. Scrap and downtime are potential complications.
- Comparative Approach: A deductive thinking approach is the ideal method in that it provides understanding of what the problem is not. Investigators can use a comparative approach to discover what sets the problem apart. A fact-based, objective comparative approach investigation should yield clues that identify the problem’s root cause which will then require a corrective action.
One valuable investigative tactic is sometimes referred to as the PICCC or PI-cubed methodology: Problem, Investigate, Clues, Compare, and Cause.
- Problem: The first step in the PICCC method is to determine and understand exactly what has gone wrong.
- Investigate: Once the problem has been defined, investigators can gather data that can be used in comparisons and determinations of what the problem is not.
- Comparison: Asking “is not” questions (comparing time periods, locations, types of defects, etc.) furthers refine the investigation.
- Clues: The clues uncovered during the investigation are inferences of the facts. At this stage of the investigation, the organization is finally formulating some answers as to why the problem has occurred.
- Cause: Investigators can now take the clues and build a cause that can explain the problem or deviation. An assessment can be made regarding the impact of the event and preventive measured, if necessary, can be identified and implemented.
CAPA Verification and Documentation
Every good CAPA process should have a built-in effectiveness checking mechanism to verify and validate that the CAPA system is working. Data tracking is a mandatory component of CAPA so that the organization can insure that all CAPA-related information can be confirmed, monitored, measured, and, if necessary, corrected.
Documenting CAPAs according to regulatory requirements is another vital CAPA factor to take into account. Because CAPA data must be easy to access and analyze, every phase of a CAPA investigation is forms based. Automating forms-based processes like CAPA can not only facilitate regulatory compliance but also save a company time and resources. Commercial off-the-shelf (COTS) software solutions are available that can comprehensively document CAPA investigations and integrate the CAPA process with other processes critical to regulatory compliance such as change control, customer complaints, and audits. An effective CAPA software solution should be configurable and user-friendly and should include features such as:
- Automated routing, notification, delivery, escalation, and approval of CAPAs and all related documentation
- Secure, centralized, and Web-based repository for all CAPA documents
- System oversight of quality incidents that escalate to CAPAs (i.e., customer complaints, audit findings, etc.)
- Efficient reporting and advanced analytics
- Form-to-form launching capabilities
- Revision and approval history features Best-practice electronic forms and workflow routes that can be used as is out-of-the-box or customized based on company requirements