How I came to hate Excel & decided to develop an automated Risk Management tool for JIRA
By Matteo Gubellini, VP of Regulatory Affairs at SoftComply*
So you are looking for a Risk Management tool?
Something easy to use, with good traceability features?
There is plenty out in the market to pick from. All of them good tools, that tick all the boxes.
I have been there several times, both in large and small companies, and it has never been easy to adopt a new software tool.
CASE 1: A Large Corporation
You, enthusiastically, to your Manager: “We would really benefit from one of these Risk Management tools. We have so many risk management activities that we could save a lot of time using one. In addition, everything is linked, no danger of losing traceability or mitigation actions. I’ve already tested a few and they look really good.”
Manager, not as enthusiastic: “I see, and how much do they cost?”
You, ready for this question, going through your papers: “One of them costs a lot but it’s one off; the other is cheaper as it is per licence per user. We definitely have the budget for it. And will save tons of money by automating the risk management activities and improve compliance!”
Manager, nodding: “Sure. Do any other divisions / plants use one of these tools?”
You: “No. We all use Excel. But it’s not really what it is designed to do though.”
Manager, a little less enthusiastic: “Did you check with the other Quality Managers if they are ok with adopting a new Risk Management tool? It doesn’t make sense that we are the only ones to use it. We will need to create our own procedures for it.”
You: “Yes, I mentioned it to them. They agree in principle, although their approach to risk management is slightly different so we will need to create different environments or templates anyway.”
Manager: “And what about IT?”
You: “They say it’s feasible, they will have to install it on the servers, but they have to talk to the other IT departments in the other divisions first.”
Manager: “Does it come validated?
You: “Well, no, but regardless we will have to validate it ourselves.”
Manager, dismissing the whole conversation with: “Ok, send me all the info, I will discuss it at the next management meeting.”
3 Months Later
You, hopefully: “Hello, did you talk about the risk management tools with the other managers?”
Manager: “Yes. We will need a detailed cost/benefit analysis for it. We have to include all costs, IT, validation, training, maintenance. But keep it in the backburner, at the moment we have other priorities.”
CASE 2: A Small Startup
You, enthusiastically, to your Manager: “We would really benefit from one of these Risk Management tools. We are relatively new to risk management and we could really save a lot of time using them. In addition, everything is linked, no danger of losing traceability or mitigation actions. I’ve already tested a few and they look really good.”
Manager: “How much?”
You: “One of them costs a lot but it is one off; the other is cheaper as it is per licence per user. They will save money by automating the risk management activities and improve compliance”
Manager, worried: “Wow it’s a lot of money… what are we using now?”
You: “Excel. But it’s not really what it is designed to do. It’s easy to miss things… and we are not really experts, the new tools have nice guidance. And it takes a lot of time to manage risks in Excel.”
Manager, confused: “Yeah, but what’s wrong with Excel? It worked fine until now. We went through the last audit with it.”
You: “Yes, we went through it, but it was a pain, we couldn’t find things, people could not remember how risks were linked to mitigation actions… we had a few close calls…”
Manager: “Can we get a free demo?”
You: “Sure, but it’s not the point, after 3 months we are back to Excel.”
Manager: “This will get us through our new product development project. Then we’ll see”
You: “Well not sure if it’s worth it then, we will have risk management files in two different systems…”
Manager: “Look, if we get that huge project with the client and if the sales of our new product goes well” (…and countless more ifs…)
You protest: “But this can be a year from now…”
Manager, remaining calm: “It’s not critical. If the client, the FDA and the notified body are ok with Excel, so are we. The cost is too high. We have a system that more or less works.”
You try one last time: “But we could have a major problem at our next audit…”
Manager dismisses it and turns to other tasks at hand with the final note: “… so don’t miss anything!”
After being through such situations several times as a Regulatory Affairs Manager, I decided it’s time to develop something that ticks the boxes for everyone, including managers:
1. Affordable – No scary numbers;
2. Pay-as-you-go license fee – better than one-offs; no need for capital requests, lump sums that require lengthy approval processes;
3. Integrates with the software tools used in the company, i.e. does not require additional effort to learn the tool – more training? No thanks;
4. Embeds guidance into the tool – a great tool is useless if you don’t know how to use it;
5. Fully customizable, i.e. allows usage across departments, teams and plants regardless of the risk management method used – makes everybody happy;
6. Automates traceability, the nightmare for QAs;
7. Requires no effort from IT being cloud-based yet reliable and secure – IT will love it .
Read more about SoftComply Risk Manager
* SoftComply is a developer of Cloud and Server based tools that help companies manage their software risks and implement their quality systems based on the medical device software regulations www.softcomply.com