Table 1.
Risk assessment and risk management (RARM) tool.
| Label | Field Type | Description |
|---|---|---|
| Risk Short Name | Free text | Enter a short name that best captures the risk for quick reference. |
| Research Component | Choice option: 01. Regulatory Profile 02. Study Design 03. Study Population 04. Recruitment Environment/Setting (e.g., hospital, clinic, school, home, jail, etc.) 05. Eligibility Criteria 06. Screening and Enrollment 07. Randomization 08. Interventions and/or Procedures 09. Investigational Product 10. Endpoint(s) 11. Data Analysis 12. Data Management 13. Protection of Human Subjects 14. Study Training, Personnel Experience and Expertise 15. Other |
Choose ONE answer from the drop-down menu. Risks will often overlap into multiple research components; however, report the identified risk only once and select the most appropriate research component. |
| Risk Description | Free text | Concisely describe the heightened or critical risk and its potential impact. |
| Initial Risk Category | Choice option • Critical • Heightened |
Choose ONE answer from the drop-down menu. Risks listed here must be either heightened or critical. Do not enter standard risks. If uncertain whether the risk is standard or heightened, it is best to be conservative and to initially report the risk as heightened. The team member who initially identifies/captures the risk, determines the risk category. Subsequently, expert key team members decide on the best protocol de-risking approach for the risk identified and determine the final risk category. |
| De-Risking Decision | Choice option • Eliminate • Reduce • Accept • Risk not H/C |
Choose ONE answer from the drop-down menu. Expert key team members decide on the best protocol de-risking approach for the risk identified. • Eliminate (preferred option when possible): Process/data deleted from the protocol. • Reduce: Process/data modified in the protocol to reduce risk occurrence. • Accept: The protocol was not changed and the identified risk remains unchanged. • Risk not H/C: Risk downgraded from heightened or critical to standard. |
| De-Risking Summary | Free text | Briefly summarize significant team decisions and/or edits to the protocol/amendment. If the risk was accepted, briefly summarize the rational for this decision. |
| Final Risk Category | Choice option • Critical • Heightened • Standard • Risk Eliminated |
Choose ONE answer from the drop-down menu. When a H/C risk has either been reduced or downgraded from H/C to STD then, the appropriate choice from the drop-down menu is “Standard”. When a H/C risk has been eliminated (deleted from the protocol) then, the appropriate choice from the drop-down menu is “Risk Eliminated”. |
| Study Conduct Status | Choice option |
Choose ONE answer from the drop-down menu. |
| • Pre Study Conduct • During Study Conduct |
• Pre-Study Conduct: Choose this option when the risk is identified before study conduct has begun, i.e., during the study pre-enrollment period up until when the first subject is enrolled or the first chart review is initiated for registry studies. • During Study Conduct: Always choose this option when the risk is identified any time after the first subject was enrolled in the study or the first chart review was initiated. |
|
| Risk Status | Choice option |
Choose ONE answer from the drop-down menu. |
| • RM • F/Up • END |
• RM (risk management): The final risk category is HEIGHTENED or CRITICAL and the risk must be further assessed and managed during study conduct. Complete the rest of the questions below. • F/Up (follow-up): The final risk category has not yet been determined and requires team decision follow-up. Once the final risk category is determined, the risk status will need to be changed to RM or END. Skip all remaining questions below. • END: The final risk category is STANDARD or RISK or ELIMINATED |
|
| Likelihood | Choice option • 1 Improbable • 2 Rare • 3 Probable • 4 Very Probable • 5 Frequent |
Choose ONE likelihood score from the drop-down menu. The likelihood of errors occurring (risk occurrence) during the conduct of the trial. |
| Impact | Choice option • 1 Low • 2 Low-moderate • 3 Moderate • 4 Moderate-high • 5 High |
Choose ONE impact score from the drop-down menu. The impact of such errors (risk occurrence) on human subject protection (safety, confidentiality, rights), reliability of trial results (e.g., data integrity of the primary and secondary outcome or regulatory compliance), or other components (costs, timelines, reputation of the institution, etc.). |
| Detectability | Choice option • 5 Not at All Detectable • 4 Slightly Detectable • 3 Moderately Detectable • 2 Very Detectable • 1 Highly Detectable |
Choose ONE detectability score from the drop-down menu. The extent to which such errors (risk occurrence) would be detectable by the Study Team in light of planned study management activities. |
| Risk Score | Automatically derived | The risk score will be calculated automatically based on the likelihood, impact, and detectability scores. |
| Key Risk Indicator | Free text | Enter the KRI defined for the risk. KRI: A metric used to monitor risk exposure over time of H/C risks, (e.g., measurement of a specific data element over a meaningful data element total, over time) Ex.: KRI = #LTFU/Total Enrolled (Key risks are heightened and critical risks.) When a KRI cannot be defined, describe how the risk will be monitored during study conduct. |
| Mitigation Plan | Free text | Succinctly list all risk mitigating activities. The mitigation plan includes all activities done to prevent the identified risk from occurring; it’s the Plan A. |
| Threshold(s) & QTL | Free text | Enter the threshold value(s) and, for critical risks only, the QTL value. Ex.: T1 = 15%LTFU, T2 = 20%LTFU, T3 = 25%, QTL = 30% LTFU Threshold = predefined value of the KRI that triggers contingency plan activity(ies) to reduce/control further risk occurrence; one can define multiple escalating threshold values with corresponding escalating risk control activities (T1, T2, T3, etc.) QTL = also a predefined value of the KRI measured at the study level that triggers contingency plan activity(ies) to reduce/control further risk occurrence; however, there is only ONE quality tolerance limit (QTL) per risk and QTLs apply to critical risks only. A QTL is basically a threshold upper limit, above which a critical process or data is outside of quality. Reaching a QTL triggers a QTL Contingency Plan. |
| Threshold(s) Contingency Plan(s) |
Free text | Succinctly list all risk reducing/controlling activities. The contingency plan includes all activities done to reduce/control further occurrence of the risk; it’s the Plan B. The contingency plan includes actions that are curative when Plan A (the mitigation plan) failed, i.e., the mitigation plan was insufficient to control risk occurrence and, as such, additional actions are required to avoid and/or reduce further risk occurrence. Contingency plans may be pre-defined or developed as new data or knowledge is available. As such, the activities included here can be updated during the conduct of the trial. |
| QTL Contingency Plan (s) | Free text | QTL contingency plan(s) apply to critical risks only. Leave blank for heightened risks or enter N/A or Not applicable, if preferred. When a QTL is reached, the first step is always to assess data to verify that a systemic issue is present, as critical risks and QTLs apply only to systemic issues. The QTL contingency plan(s) should be predefined but new plan(s) can be defined as new data is available. Examples of contingency plans include: - Redefine QTL (justification must be documented) - Protocol Amendment, e.g., change study outcome, study power, etc. - Stop the study if subject protection is jeopardized beyond acceptable levels - Stop the study if the reliability of trial results is compromised beyond an interpretable level, and no other trial conclusions or tendencies would be possible |
| Responsible Party | Free text | Enter the name of the team member who is responsible for ensuring management of the risk during study conduct. The responsible party can delegate certain activities that support the overall management of the risk but remains the responsible and accountable point person for the particular risk, informing team members of risk realization and risk control activities during study conduct. |
| Measured in DB? | YES | Choose YES or NO from the drop-down menu. |
| NO | The question asks if the data elements in both the numerator and denominator of the KRI are included in the study database (DB). If “NO”, the Study Team may recommend that the data elements be included in the DB. Alternatively, the Study Team will need to define how the KRI will be monitored during study conduct. When a KRI cannot be defined, the correct answer is also “NO”. The Study Team will need to determine how the risk will be monitored during study conduct. |
H/C: Heightened/Critical; STD: Standard; QTL: Quality Tolerance Limit.