ERM and the Pharmaceutical Industry

Similar documents
Enterprise Risk Management: Developing a Model for Organizational Success. White Paper

Fraud Risk Management

From Dictionary.com. Risk: Exposure to the chance of injury or loss; a hazard or dangerous chance

Introductions. Enterprise Risk Management. Thinus Nienaber. Why are You here? Where are You coming from? Where are You going?

Volunteering for Clinical Trials

A Discussion About Internal Controls February 2016

More than 2000 organizations use our ERM solution

From the cube to the rainbow double helix: a risk practitioner s guide to the COSO ERM Frameworks

The Drug Development Process and Design of Clinical Trials

5/23/2016. The Drug Development Process and Design of Clinical Trials. Clinical Trial Design Guidance. Regulatory Definitions

STATEMENT SANDRA KWEDER, M.D DEPUTY DIRECTOR, OFFICE OF NEW DRUGS CENTER FOR DRUG EVALUATION AND RESEARCH U.S. FOOD AND DRUG ADMINISTRATION BEFORE THE

CHAPTER 15: ENTERPRISE RISK MANAGEMENT - SUPPLEMENTAL MATERIAL

Leveraging IT risk management to boost competitive advantage

New WHO Report: Access to new medicines in Europe: Technical review of policy initiatives and opportunities for collaboration and research

WHITE PAPER. Creating a Risk Mitigation Plan for Your Phase 1 Studies

Office for Human Subject Protection. University of Rochester

METROPOLITAN TRANSPORTATION AUTHORITY

Momenta Pharmaceuticals, Inc. 36 th Annual J.P. Morgan Healthcare Conference

Miles CPA Review: BEC Q Updates for 2017 Edition

Functional Classification of Medicine

BUSINESS CPA EXAM REVIEW V 3.0. For Exams Scheduled After March 31, 2017

Enterprise Risk Management: Aligning Risk with Strategy & Performance June 26, :45 p.m. 4:45 p.m.

Collaborative Development Financing

Value of Industry Pharmacists (VIP) Case Competition ( ) Competition Guide Version 2.0. This year s competition is sponsored by:

AUDITING. Auditing PAGE 1

Policy Appendix IV: DRCR.net Industry Collaboration Policies Version 5.0, February 2, 2009

Risk Management Strategy

Policy Appendix IV: DRCR.net Industry Collaboration Policies Version 6.0, August 2, 2017

Enterprise Risk Management. Marc Heneghan. BA 559 Enterprise IT Governance. Professor Michael Shaw

CRO partner in Rx/CDx Co-Development

Introduction to clinical trials Magnus Kjaer

QbD In Drug Development. Mathew Cherian Ph.D. Director & Senior Fellow Pfizer, USA

716 West Ave Austin, TX USA

Introduction to clinical trials

Misleading Congress about Drug Development: Reply

Enterprise Risk Management 2016

McKinsey Center for Government What's Driving the Recent Surge in New Drug Approvals?

In Control: Getting Familiar with the New COSO Guidelines. CSMFO Monterey, California February 18, 2015

Determining Patient Access to Investigational Drugs in the US

Governance to the power of four. KPMG s 4D governance solutions: Pioneering support, new standards

The COSO Approach to Enterprise Risk Management

Strengthening Your Enterprise Risk Management Process

Novartis Business Services HR University Relations. Clinical Sciences and Innovation. Postgraduate Program

Chapter 1. Pharmaceutical Industry Overview

Publicly Funded Clinical Trials: A Route to Sustained Innovation with Affordable Drugs

Enterprise Risk Management, Compliance, and Management Advisory Services: An Integrated Approach. SCCE s Higher Education Compliance Conference

What s New in GCP? FDA Clarifies, Expands Safety Reporting Guidance

Summary of Provisions in 21 st Century Cures Act (H.R. 6) as passed by full House of Representatives, July 10, 2015

PDUFA VI Public Meeting Remarks of Cynthia A. Bens Alliance for Aging Research. August 15, 2016

RISK MANAGEMENT FRAMEWORKS: Adapt, Don t Adopt. Here s a primer on how to use two well-known approaches.

Enterprise Risk Management Defined and Explained

EFFICIENT USE OF AUDIT COMMITTEES

Strategy. When. and ERM Meet

6. Vision 3: Leading the Japanese economy forward as a high value-added industry"

Tackling Pharmaceutical Industry s Regulatory Affairs Challenges with Technology WHITE PAPER

CGEIT Certification Job Practice

CGMP Requirements for Investigational Products

Pediatric Exclusivity and Drug Development Requirements in the Overall Pediatric Population. Prepared by Beckloff Associates, Inc.

Enterprise Risk Management. Applying enterprise risk management to environmental, social and governance-related risks.

Establishing Case Quality Metrics The Sciformix experience

Internal Audit of ICT Governance in WFP. Office of the Inspector General Internal Audit Report AR/15/11

Using the COSO Map. Unpublished Article By Larry Hubbard

STATE OF THE ASIA-PACIFIC PHARMACEUTICAL INDUSTRY 2013: EXECUTIVE SUMMARY

Sage ERP I White Paper

Guidelines: c. Providing the investigational drug for the requested use will not interfere with the initiation, conduct, or completion of clinical

How Advertisement Skews Truth in Y AZ Publicity. In our globally connected and communication-driven world, advertisement plays an

Speed your time to market with FDA s expedited programs

THE FDA, THE DRUG APPROVAL PROCESS, AND THE PATIENT VOICE

Diving into the 2013 COSO Framework. Presented by: Ronald A. Conrad

Expanded Access A Regulatory Balancing Act For Drug Cos.

WITA/GWU TRADE SEMINAR September 29, 2016 Washington D.C. RICHARD KJELDGAARD INTELLECTUAL PROPERTY AND TRADE CONSULTANT

International Transfers of Personal Data at sanofi-aventis R & D

Chin Koerner Executive Director US Regulatory and Development Policy

GREAT STRIDES IN SCIENCE WHAT ABOUT ACCESS? Marlene E. Haffner, MD, MPH 2nd IRDiRC Conference Shenzhen, China November 8, 2014

Early Development Best Practices for Stability- Regulatory Perspective

Drug Development: Why Does it Cost so Much? Lewis J. Smith, MD Professor of Medicine Director, Center for Clinical Research Associate VP for Research

Statement on Risk Management and Internal Control

Figure 1: COSO Enterprise Risk Management Cube

Audit Training-of-Trainers Workshop, November 2014, Vienna Components of internal control within organization

Strategic trends facing the pharmaceutical industry and their implications for marketing skills development Received: 4th September, 2002

Core Values and Concepts

Patricia Van Arnum Issue Date: February 2012 Editor Contact: Patricia Van Arnum, (732)

Internal Oversight Division. Audit Report. Audit of Enterprise Risk Management

COSO What s New, What s Changed, Why Does it Matter and Other Frequently Asked Questions

Managing Risk and Uncertainty Through the Drug Life cycle. Recent FDA Initiatives. Theresa Mullin, PhD

AICPA CITP Credential Examination Series

Internal Control Integrated Framework. May 2013

Enterprise Risk Management Aligning Risk with Strategy and Performance COSO ERM Framework Update

September 12, Division of Dockets Management (HFA-305) Food and Drug Administration 5630 Fishers Lane, Room 1061 Rockville, MD 20852

1. A public issue exists when there is agreement between the stakeholders' expectations of what a

World Medical Association Declaration of Helsinki

Project Delivery Excellence

GxP Auditing, Remediation, and Staff Augmentation

MEDICAL DEVICE CLINICAL INVESTIGATIONS AND ISO 14155

About Clinical Trials

PROACTIVE ADOPTER SERIES: Embracing foundational benefits of IT security

Clinical Trials: What You Need to Know

Audit and Compliance Committee Enterprise Risk Management

Expanded Access and the Individual Patient IND

Transcription:

ERM and the Pharmaceutical Industry Prepared By: Britton Stotler University of Illinois BADM 559 December 13, 2008

Introduction Risks are an innate part of every aspect of life, and the business environment is of no exception. Nearly every industry and every individual organization, especially in today s increasingly global environment, faces a myriad of risk factors that threaten their ability to operate effectively. Some of these risks may be common and systematic across all industries, such as those resulting from competitive pressures, general economic conditions, government regulation, or social concerns, while others may be industry specific, such as the political tensions that influence the oil industry, or the environmental forces that severely influence the various agriculture industries. However, in looking at the sheer impact of risk across various industries, the pharmaceutical industry in particular stands out as one of the most risk heavy industries. Today more than ever before, advances in healthcare and medical breakthroughs are reaching new horizons that were once never believed to be possible. Positioned within the healthcare industry are countless pharmaceutical companies, each competing intensely with one another while burning up massive amounts of cash and other resources for research and development in the hopes of discovering the next breakthrough drug or treatment. In addition to the risks from competition, pharmaceutical companies face many unique risks related to operations, government regulation, quality control, market concerns, and a multitude of other factors. History has shown that many pharmaceutical companies have not been successful at managing these risks, but by utilizing Enterprise Risk Management (ERM) practices, pharmaceutical companies can act proactively in

such a way that allows them to manage and mitigate the risk factors facing their organization. Environment of the Pharmaceutical Industry Because countless people throughout society ultimately use the drugs created by pharmaceutical companies, they need to be heavily regulated by the government, and in the United States, such regulation is led by the Food and Drug Administration (FDA). The FDA regulates pharmaceuticals in regards to such factors as drug safety, quality standards, labeling and warnings, and a host of other issues. The FDA s drug approval process is perhaps the greatest challenge facing pharmaceutical companies when they are trying to achieve market approval for a new drug. The FDA approval process is quite intricate and involves numerous stages, and even if a drug is able to ultimately achieve market approval, pharmaceutical companies still face significant risk as the drug enters the market. Since its inception, the U.S. Federal Government has given the FDA the responsibility to oversee the testing of new drugs. As time progressed, and new drugs and their inherent implications became more pronounced, the approval process for new drugs has become increasingly complex. According to the FDA, on average it takes approximately twelve years for an experimental drug to complete the approval process, which begins with laboratory animal testing and ends with review and approval by the FDA. One can see the statistical difficulty of obtaining FDA approval as, according to

the FDA s website, for every 5,000 compounds that enter preclinical testing, only about five reach the first phase of experimentation involving humans. Additionally, of these five compounds that make it to human testing, only one of them actually ends up being approved. The process to obtain FDA approval begins with preclinical laboratory testing, and often involves testing on various animal populations. The objective of preclinical testing is to determine the potential biological implications of the new drug in a general setting. Following satisfactory preclinical research, the drug s sponsor must submit an Investigational New Drug Application (IND), which summarizes the results of the preclinical testing and details what will eventually be done during trials involving human testing. Once the IND is reviewed and approved by the FDA and an institutional review board, clinical trials can begin. In Phase 1 of the clinical trials, generally healthy human volunteers are used to assess the overall safety of the drug. In Phase 1, the focus is on determining the impact of the drug on the human body, and the potential side effects of the drug. When entering Phase 2, the goal is to determine the overall effectiveness of the drug on individuals who have the condition or disease that the drug is meant to cure or treat. Most commonly, in controlled studies, one group of patients is given the drug while another group is given a different treatment, quite often a placebo. On a side note, this is where the significant ethical issues of the FDA process begin to emerge due to the

FDA s requirement that some sick individuals receive a placebo. Essentially, individuals with the condition being examined who volunteer for a clinical study do not know whether they are being given the actual drug, which could potentially save their lives, or a useless placebo. Presuming that Phase 2 studies sufficiently illustrate the effectiveness of the drug in question, Phase 3 can begin. Phase 3 studies typically are aimed at obtaining an even greater amount of data and evidence to evaluate the overall safety and effectiveness of the drug in question. These studies often entail analyzing the effects of the drug in different doses and among different populations. After completing all three phases of clinical trials, the drug s sponsor files a New Drug Application (NDA). A NDA contains all information and data pertaining to the previous stages of research, and basically asks the FDA to approve the drug for sale in the United States. Finally, upon receiving a NDA, the FDA must decide within sixty days whether or not to file the NDA for review. Once filed, the lengthy review process can begin, and a FDA review team is assembled to make a final evaluation of the drug s developmental history. Once it is determined that the drug has been shown to be sufficiently safe, meaning that the benefits seem to outweigh the apparent risks associated with the drug, the FDA grants the drug approval to be marketed in the United States. A graphical depiction of the entire approval process obtained from the FDA s website is

provided below, and through it one can see the numerous intricacies and overlapping steps involved throughout the process. However, even after a drug passes all stages of the FDA approval process, and is ultimately approved by the FDA, often times it is discovered that unforeseen, and occasionally, potentially deadly side effects have slipped through undetected. One recent case of such an occurrence was that of Merck s arthritis painkiller Vioxx, which was

found to have actually increased the risk of heart attack and stroke in those who used it. What drugs such as Vioxx reveal, is that even after a drug receives approval, post approval risks such as after market drug failure and safety concerns can result in product recalls and litigation such as class action lawsuits or even government action. COSO s Enterprise Risk Management (ERM) Framework ERM is a rather broad concept that includes the procedures and tactics used by organizations to assess, manage, and mitigate the various risk factors facing their operations. Additionally, by properly managing its internal and external risks, an organization can reduce the likelihood and overall impact of such risks if they do in fact ultimately occur. Clearly, every company in every industry faces significant uncertainty with regards to many of its day to day operational procedures. The Committee of Sponsoring Organizations of the Treadway Commission (COSO), which traditionally focused on how an organization can enhance and manage its internal control structure to better guard against fraudulent financial reporting, published one of the most widely used ERM integrated framework in 2004 following a period during which several infamous corporate scandals took place. COSO s ERM framework is intended to help guide organizations in developing clear procedures and methods for managing risk. According to COSO, ERM allows an organization to align its risk appetite with its overall strategic objectives, enhance decision-making capabilities when responding to risk, and reduce operational uncertainty

and losses. Furthermore, ERM allows a firm to identify and manage multiple and enterprise wide risks, seize opportunities that may arise due to risk, and improve upon how the organization operates and deploys its resources in response to its risk environment. In a sense, COSO s ERM framework compliments and expands upon COSO s traditional Internal Control framework. COSO has depicted its ERM framework as the multi-dimensional cube below, which illustrates the four objectives and eight components of the framework. ERM ~ Objectives The ERM framework focuses on achieving an organization's objectives in regards to four key areas; strategic objectives, operations objectives, reporting objectives, and

compliance objectives. Strategic objectives refer to the organization s key goals that are intended to support and drive its overall purpose. Operational objectives are those that have to do with utilizing resources in an effective and efficient manner in a way that allows the interrelated parts of the entire organization to support overall strategy. Reporting objectives are intended to improve the reliability of an organizations reported financial and operational information. Finally, compliance objectives relate to how an organization complies with applicable legal and regulatory requirements. ERM ~ Components In addition to the aforementioned objectives, COSO s ERM framework is also comprised of eight primary components, and these include internal environment, objective setting, event identification, risk assessment, risk response, control activities, information and communication, and monitoring. The first component, internal environment, refers to an organization s internal culture and how its employees behave, its overall risk profile such as whether it is risk seeking or risk averse, and how well management communicates and upholds firm values. Objective setting has to do with how management seeks to set an organization s objectives. This process, and the resulting objectives, should align with the organization s overall mission and with the company s risk appetite. Event identification involves looking to an organization s internal and external environment, identifying risks, and distinguishing them from opportunities, which sometimes are in the form of risks.

Risk assessment, the third component of COSO s ERM framework, involves analyzing the relative impact and likelihood of risks in order to prioritize which risks have the potential to be most detrimental to the organization. During risk response, management must decide which response is most appropriate given the particular risk at hand. The four general responses are to reduce, avoid, accept, or share the risk. While it may seem ideal for an organization to simply avoid all risks, this is not a practical solution, as many risks are unavoidable, and sometimes the costs associated with avoiding risk is too high to justify. Control activities help to ensure that the proper responses to the various risk factors identified are ultimately carried out in an effective manner. Information and communication refers to the overall quality and efficiency with which information is communicated throughout an organization. Finally monitoring involves the continuous evaluation and improvement of an organization s ERM system. COSO s entire ERM framework, comprising four objective categories and eight operational components, is all highly interrelated and each facet is pivotal in helping an organization manage its risk environment. Application of ERM to Pharmaceutical Companies Thus far, this report has described the unique risk profile of the pharmaceutical industry and has illustrated the basic structure of COSO s ERM framework. Now, by building upon these basic concepts, one can begin to understand how ERM can be applied in such a way as to help pharmaceutical companies manage some of their primary operating risks.

One of the major risks facing pharmaceutical companies comes from competitor behavior, and this can be further divided into competition in new drug development and when drug patents expire. Clearly major pharmaceutical companies are in a constant race with one another in order to be the first company to develop a new or breakthrough drug for a certain condition. Once a pharmaceutical company develops a new drug it seeks patent approval in order to defend its product formulation from other competitors. The time between drug development and obtaining patent protection is a very risky period for drug companies. A company s internal environment, the first component of the ERM framework, is of great concern during such a time period. Pharmaceutical companies must protect their sensitive information relating to drugs in the development process, and this means hiring employees not only with high levels of skill, but also with integrity. Additionally, proper internal controls relating to a firm s internal environment can help to ensure that information assets are kept secure and that access to highly sensitive information is monitored and controlled. Conclusion Clearly, pharmaceutical companies face a myriad of risk factors, from intense competition and government regulation to post market risks that may arise due to product failure or litigation issues. However, ERM can be used by pharmaceutical companies as an effective way manage their risks in such a way as to prevent negative consequences and take advantage of potential opportunities should they arise.

References Committee of Sponsoring Organizations of the Treadway Commission. 3 Dec. 2008 <http://www.coso.org/documents/coso_erm_executivesummary.pdf>. U.S. Food and Drug Administration. 3 Dec. 2008 <http://www.fda.gov/cder/regulatory/default.htm>.

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback