The World Health Organization (WHO) issued a draft guidance document titled “Guideline on Data Integrity” (October 2019) and within the document there is the statement:

Quality risk management (QRM), control strategies and sound scientific principles are required to mitigate such (Data Integrity) risks

and then further it states:

“application of QRM with identification of all areas of risk to DI through data integrity risk assessment (DIRA) and implementation of appropriate controls to eliminate or reduce risks to an acceptable level throughout the life cycle of the data”;

Please see the link to the draft guidance document (here).

So, what does this mean?  What is the expectation?  What do you need to do when executing a DIRA?

A fundamental requirement when conducting risk assessment is having an understanding of the system (that generates data/records), especially in the context of Data Integrity assurance.  A key tool for DIRA is the generation of a system data map.  Such data maps should cover the lifecycle of that record; from creation of the data/records through to archival, and ultimately destruction.  At each juncture of the data map, the data integrity risks to the record should be assessed in terms of the potential to impact the ALCOA+ quality elements of that record.  For example, can the record be modified/deleted/copied? Is the record complete?  Are activities captured real time within the audit trail?  Can a step be repeated?

The WHO draft Data Integrity guidance document suggests using the FMEA tool (or something similar) to aid in the assessment of any data integrity risk based upon severity, occurrence, and detection.  Such assessment can facilitate the identification of a suitable CAPA to address the identified data integrity risk.  When assessing the data integrity risk for a system, there should also be an understanding of the criticality of the record that is generated (by that system), and the potential risk to product quality.  For example, data associated with impurity profile release testing for a finished product is more critical to product quality (and ultimately public safety) compared to incoming shipping receipt records for pallets to store raw materials.

The goal of the DIRA is to identify the risk, determine the criticality, and then to implement a CAPA where the risk is eliminated, or reduced to an acceptable level.  When risks have been identified and CAPAs have been identified, additional interim measures may also be necessary to support the continued use of the system (depending upon the timeframe associated with the CAPA).  This is common where a CAPA has been identified to implement an automated, configuration-based computerized fix to a data integrity risk, but (due to the timeframe), an interim procedural control is required in the short term (such as an additional layer of manual verification to assure the accuracy of the data).

DIRA should be considered at the time of initial qualification of a system, as part of change control, and when conducting periodic systems reviews.  A thorough DIRA will assure an understanding of the lifecycle of the data on the system and the associated data risks.

If you have any questions in relation to Data Integrity Risk Assessment, please contact Paul Mason, Ph.D. at