In October 2014 at the Risk-based Monitoring conference in Copenhagen the Senior Director QA Operations of Janssen, Jan Van Parijs said: “Industry is historically heavily regulated, so as an industry we are kind of used to the fact that the authorities provide a set of rules to be followed by everyone. In Risk-based Monitoring (RbM), regulatory authorities showed a different direction so far, and basically left it to the industry to provide the path and develop their own rules.”
The wide range of interpretation of RbM effected two main consequences in the pharma industry:

  • Firstly, after the publication of the FDA (August 2013) and EMA (November 2013) guidances the majority of pharmaceutical companies and service providers, started thinking about including the risk component in their monitoring decision-making.
  • Secondly, a large number of companies and organizations claimed that they either are applying RbM already now or have done it all the time before.

What happened in the author’s opinion in reality is that many working groups pulled some old risk evaluation spreadsheets from the cabinets and/or slightly adjusted existing working processes, so that a risk evaluation stage appears on their agenda.
None of the action is really reasonable.

To dot the i’s and cross the t’s, let us initially analyze, what the FDA and EMA really wanted to say in their position and reflection papers. Let us agree on what RbM actually is. What definitions are offered in the modern clinical development?
The FDA in its guidance for industry names RbM as a combination of “strategies and plans” for monitoring presumably including the risk component in clinical trial management. In its guidance they provide a list of such strategies:

Graphics RbM Strategies

  1. Centralized monitoring – integrated approach based upon perceived risks at each site
  2. Remote monitoring – application of technologies to access the data remotely, saving the costs of on-site visits.
  3. Reduced monitoring – targeted Source Data Verification (SDV)
  4. Triggered monitoring – monitoring based upon pre-defined triggers, i.e., when risk was already identified

FDA also claims that only the “mix of centralized and on-site monitoring practices” would work best for human subject protection and trial integrity

[FDA 2013, p11].

How to apply these strategies?

  1. Identify critical data and processes
  2. Perform a risk assessment to identify and understand the risks that could affect the collection of critical data or the performance of critical processes
  3. Develop a monitoring plan that focuses on the important and likely risks to critical data and processes.

Thus, inferring from the FDA guidance we get the first definition of the RbM from the FDA point of view:


RbM – is the adequate mix of strategies including centralized and on-site monitoring practices with the goal of human subject protection and trial integrity.


EMA sets the scope wider than the FDA and speaks in its reflection paper about risk based quality management (not only about monitoring), where the quality is defined as “fitness for purpose”. It opens a discussion about the new ways how to facilitate the existing quality practices, requirements and standards with the new risk-based approach. It opposes two ways of trial management: a reactive (fire-fighting approach) versus a preventive one. It claims that the aim of the RbM is “protecting trial subjects’ rights, well-being, integrity and safety and the assurance of quality of data and the trial results”.
In conclusion, the EMA definition of the RbM can be summarized as follows:

EMA logo

RbM is an important part of a preventive clinical trial management approach, which aims to identify, assess, control, communicate and review the risks associated with the clinical trial during its lifecycle in order to guarantee the protection of trial subjects’ rights, well-being, integrity and safety and the assurance of quality of data and the trial credibility.


Summing up, there is definitely a semantic difference in scope of risk-adaptive approach and its improvement between EMA and FDA. Nevertheless, there is no significant differences in instructions and purposes. FDA puts focus on optimization of monitoring component, EMA speaks about the proactive approach in whole trial management. The reason of the difference in scopes is probably because it is not a path description, just a direction.


EMA, Nov 2013. Reflection paper on risk based quality management in clinical trials [WWW Document]. URL

FDA, Aug 2013. Guidance for Industry Oversight of Clinical Investigations — A Risk-Based Approach to Monitoring [WWW Document]. URL…/Guidances/UCM269919.pdf

Interested in learning more about Cyntegrity and our services?

Contact Us

pdf-flatDownload article as PDF