When we perform risk assessments one of the most often seen errors, is that the risk was never defined in a specific scenario.

  • Is the risk described associated with an agent we handle in an ELISA assay in the QA lab?
  • Or is the agent in high concentration spun around in a high speed centrifuge in a vaccine production?
  • Are we in a new and modern facility with engineering controls and bells and whistles?
  • Or an old vintage facility with worn out utility systems and only power enough to run one autoclave at a time, either sterilizing new raw materials for the production or decontaminating waste from the past vaccine batch?  


We need to understand under what circumstances the risk is defined. Therefore we need to approach the hazard from the outside in. Describe the campus, the building, the floor, the room, the utility systems serving the room, the fermentor or the downstream purification system. It is necessary because it tells us something about how many layers of product and staff safety/security we already have available. This is called a ‘layered approach”. If we understand how many barriers there is between the agent and the animals outside, and the environment, it begins to become clear if these layers are enough, or we need more.

As many risk assessments needs to be done for what is inside the campus, some fewer for what is inside this building, even fewer on the floor and only a small handful of what is in the production room we can begin to work with “blocks”. Small sections of text that can be reused risk assessment after risk assessment. These text blocks can be handled in a database or another system that can be selected and automatically spool over in a template document. Same can be done with hazards.


The chemicals and the agent characteristics. This is another data base. We might use the same agent in many rooms in a vaccine facility, but if the agent has been described in a disciplined way, it can with a click be added to risk assessment after risk assessment as baseline information. It will always have the same characteristics, infectious dose, preferred infection route and decontamination methodology etc.


This multi dimensional structured philosophy is the foundation for the below listed bullet points. If each item is described in a small paragraph, the background information for the risk assessment document can be assembled by 30-50% by prefabricated paragraphs. It can be done by a junior member of the team. This especially goes for well defined processes and a limited number of agents as it is typically seen in GMP productions.

Now it also becomes clear when a new risk assessment needs to be performed. If any major changes in this scenario description occur, a new production or inactivation vessel in introduced, a new type of single use equipment or downstream purification step it introduced, it is time to revisit the risk assessment.

The variable part of the risk assessment is then what we are doing with this specific agent at this time. But many production process steps or QA laboratory procedures are generic, and can like the physical reality and agent/chemical characteristics be listed in a database. A separate database.

Data from published Laboratory Acquired Infections (LAI’s), together with the institutions accident/incident and good catches logs can be used as information source of likelihood and consequence. And risks can be ranked according to likelihood, and according to consequence.

When a junior member had collected all the factual information and listed it in a structured way in relationship databases, it is time for the more seasoned colleagues to get engaged. Actual assessment of the risk takes experience and knowledge, as does the following evaluation step.


  • Physical features
    • Laboratory environment
      • Campus
      • Building
      • Floor
      • Lab/production
      • Shower facilities
      • Handwashing sinks, location
      • ……and more
    • Equipment
      • Used during production/QA lab procedures: centrifuge, autoclave (make/model/age), fermentor, sterility isolator, ELISA, assays etc.
        • Highlight aerosol generating procedures/equipment
        • Highlight open manipulations/disconnection of equipment/sampling outside primary containment devices
        • Highlight pumping steps or high pressure transfer of liquid from one vessel to the next
        • Have special focus on pooling steps where several upstream batches will be combined before downstream processing. Volume suddenly jumps up to new dimensions.
        • Have special focus on purification and concentration steps where infectious units pr ml suddenly jumps up from one hour to the next
        • Have special focus on large scale waste decontamination equipment like kill systems, floor to ceiling pass through autoclaves
        • Have special focus on simultaneous use of equipment that might be impacted by limitations in utility system capacity. Clean steam distillation towers, WFI production, pressurized air, building vacuum systems, oxygen and other explosion prone systems
      • Waste handling: Line up and storage area before treatment, packing, decontamination method, approval procedure for successful decon, and have special focus on unusual situations like large scale spills that will generate vast amounts of waste over a very short time
      • Cameras, intrusion alarms, guards, MOU with local law enforcement, Txt messages to production personnel etc.
    • Manuals, standards and guidelines applicable and relevant for the procedures
      • List all applicable documents that are relevant for the facility
      • If possible rank them according to which guideline/standard/regulation that trumps the others and explain why. Ensure traceability to avoid losing the reader
    • External/internal literature about:
      •  The process, (SOP’s, wear and tear, results from inspection of worn parts, trend analyses from maintenance evaluations, maintenance frequency adjustments, ….)
      • Accident / incident statistics and trends
      • LOPA frequencies for specific equipment types if they exist for more quantitative risk assessments

Identify and describe each biological agent / starting material

  • Characteristics of each biological agent
  • Volume/diagnostic/reference sample/culture/freeze dried/frozen/refrigerated?
  • Where is it used, where is it stored?
  • How is it transported/moved during all steps of the process from initial inoculum from frozen sample, throughout propagation steps, pooling, downstream processing, purification and concentration unto final inactivation step
  • Identify any additional process related hazards that might contribute (biological/chemical/ergonomic/electrical /asphyxiants/pressure/heat etc.)

Describe the threat picture in the region

  • What value do the agents have for a person with a malicious intent?
  • What competitors with an adverse intent or extremist groups are present
  • What neighbors is in the close vicinity to the facility could pose a threat
    • University with a lot of uncontrolled students?
    • Oil refinery/high hazards industry?
  • What neighbors could be harmed?
    • Unvaccinated community groups
    • Kindergarten downwind of the facility
  • What would be the consequences if material were lost?
    • For the facility
    • For the country
    • For the region
    • For WHO’s vaccination campaigns and global health security initiatives

Describe the impact the agent can have on the animal community 

What would be the impact on

  • Domesticated animals and husbandry, meat export and BNP for the country
  • Pets
  • Wildlife

Is there any natural hosts close by, that can spread the disease beyond control?

What could be the economical consequences of a release? Short term? Long term?

Describe the impact the agent can have on the surrounding human community

What is the impact on the neighbors to the facility, to family and close household contacts?

  • Unvaccinated minors
  • Pregnant women
  • Immuno compromized individuals undergoing chemo therapy and similar treatments?
  • Trust, support and accept of the vaccine facility location


  • Describe human factors
    • Training / experience and general compliance attitude of staff
      • What is the training requirements for an individual to work on this procedure unsupervised?
      • In GMP productions there are already rigorous training requirements and inspecting authorities that verify and certify, a full training timeline will often be more than 6 months, closer to a year and very well documented. The safety training is sometimes an overlooked field, but is easy to add into the already rigours GMP training documentation systems.
    • Vaccination and general health status
      • What is the immunization strategy, and how is staff monitored (frequency, types of tests, antibody, feces, sputum, immunocompromised, pregnancy)
      • Frequent physical interaction with unvaccinated kids at home or in close family
      • Does any in the household plan an upcoming pregnancy? Should family members be offered vaccination and boosters?
    • PPE
      • Detailed describe the PPE selected and the procedure for doffing (List what PPE that is chosen due to product sterility and clean room requirements, and what PPE that should be worn to prevent physical harm (Hot/cold) and what PPE that should be worn from a BRM perspective)
    • Behavioral observations/culture amongst the staff
      • How likely is it that staff will follow procedure to the letter, what does the incident reporting system tell?
        • Is the company culture highly compliant (it is written therefore of course we will do it. Most often the case in highly GMP compliant facilities, but not necessarily in the research related units often associated with the facility)
        • Medium compliant (well I do it if there is a chance for being busted)
        • Low compliant (yeah, ….. but I know better, there is no reason to go through all that hassle)

[Gage the company safety culture by evaluating how likely it is that staff actually will wear safety glasses when required to do so, that is typically a good indicator for how good the general compliance culture is]

[Gauge the company GMP product purity culture and cleaning procedures by visiting the bathrooms and kitchen areas. There is often a surprisingly strong correlation between these two areas. Either you know how to clean or you don’t, even if it is different cleaning teams for sterile/aseptic production areas and general areas]

  • Other factors…………………………
  • Describe other mitigation measures that has already been implemented/installed
    • BSC’s, isolators, closed system in lab scale  (make/model/age/certification)
    • Closed large scale production system
      • Stainless steel fermentors or single use?
    • Maintenance program
      • Reactive, preventive, predictive, frequency, what is being verified/changed?
      • Outsourced service contracts/in-house capacity
    • ………………………


  • Describe the procedures used in the upsteam, downstream and final inactivation process. Step by step (individually) each on a single line as detailed and with as much granularity as it makes sense, identify the risks and evaluate the consequence.


This is where you perform your actual analysis. If you keep your risk assessments basic information as structured as above, you will find that you can reuse these blocks again and again. Describing the building, the lab or the production room will be the same. It is the procedures, the chemicals or the agents that will change.

Now that you have gotten this far it is time to chose methodology of what type of risk assessment that will be appropriate.

Now is the time to look into the toolbox of qualitative, quantitative or semi quantitative risk assessment tools. This is the step where you decide whether you want to do a HAZOP, a What-if, a BowTie, a LOPA or any other of the many methodologies that are out there specially tailored for pharmaceutical or biological large scale productions.

Choose the method that will give the answer you need and nothing more.

Avoid choosing the most advanced tool or methodology, just because you can. It is often a waste of energy and time. Note that on this site we have only listed the methods that we in Vipsit have experience with. There are many, many more methodologies to be found on the internet. Look into for what industry segment they are traditionally used for and select wisely.

Consider to do a pilot test on a small scenario and eventually test a couple of the assessment types out, and decide what works best for your need.


You will want your final risk assessment executive summary to be short and sweet.

You might raise an eyebrow and think – “there is nothing about the long list above that is even remotely short and sweet”. But think about when and how you will use these risk assessments. They can be used as an appendix to an SOP where the risk assessment will help give the rationale and background for special outlined procedures, equipment or choice of PPE. You might need to show your inspecting authorities a specific risk assessment during an audit. But we can assure you, you want the discussion to be kept to exactly the topic that is up for discussion and not open up another can of worms and additional topics to be drilled into. That is why you want your individual risk assessments in single documents and not a book the thickness of an encyclopedia. That is the reason for writing a introductory pages of a risk assessment in blocks, where each and every block can be reused again and again.


Sometimes it can be helpful to create the risk assessment documents with tools like Access or similar database programs or Excel. You can pick and chose a combination of specific blocks for a specific process or type of equipment. It takes some time to define the initial system, but then as the assessments are being developed, the text around the actual assessments becomes faster and faster to write…… If you start your process and methodology right.


This risk assessment methodology is a very systematic approach and can consider any types of consequences, juggling impact on humans, environment, and impact on production equipment, sustainability, economy, animals and neighboring community. It is very well suited for equipment failure but works quite well for procedural steps as well

For a quantitative risk assessment we need to assign numbers or factors. The factors can be assigned arbitrarily, or looked up in LOPA tables. What is important is that the risk picture spreads out via the multiplication of the factors, to ensure that there is a clear indication of what should be dealt with first.

 Consequence for Staff (CS)   Factor    
No consequences 0.1
First aid needed but no further consequences 1
Injury or illness, with reversible effects 3 Not leading to permanent disability. (examples: splattered by Chlamydia in the eye; bitten by infected rodents)
Lost time injury or illness, with reversible major health effects 7Infection by staphylococcus, meningococcus B, varieties of lentivirus, Mycobacterium tuberculosis
Irreversible major health effects 15 Infection by Hepatitis C or HIV
Death 40 Contamination with SARS, Ebola or other hemorrhagic fevers
Consequence for Environment (CE) Factor  
No breach of containment 0.1  
Breach of primary containment limited to the point of use 1  
Small scale loss of containment 3
Within the site for example, escape to environment with no further effect
Large scale loss of containment 7 Outside the site for example, escape to environment (sewage systems, rivers) with no effect
Loss of containment leading to reversible environmental effects 15 Loss of containment leading to reversible environmental effects
Large-scale loss of containment leading to irreversible environmental effects 40 Large-scale loss of containment leading to irreversible environmental effects

Frequency of the procedure performed (F)
Less than once per year0.5
Once per year1
Once per month2
Once per week3
Likelihood of the occurrence of the accident scenario (L)Factor
Highly unlikely1
Unlikely, can occur but has never been observed3
Likely, has occasionally occured6
Very likely, occurs frequently10
Chance of fast Discovery (D)Factor
Instantly1It sprays in your face
Very likely3Spill during procedure where staff is present
Likely5Spill during work hours, staff not present but validated alarms on system
Unlikely7Overflow kill tank in basement without alarms
Not a chance10Leak in hidden pipes embedded in structure
Quantitative risk assessment*R = C ( S or E) x F x L x D
Acceptable riskR < 2000
Improvable risk2000 < R < 10.000
Undesirable risk10.000 < R < 500.000
Stand down500.000 < R < 1.600.000

The numbers above are just examples.* The facility or (the facility in collaboration with the National regulatory authorities) can decide on cut off values for the 4 actionable groups.