Permissions: RACT Assessment Read Only: Users can view assessments and exports (no edits).
RACT Assessment Read Write: Users can create, edit, archive, and finalize assessments and risks.
Assessments are conducted using the most recent Risk Management Configuration. The CTQs, Considerations, Critical Data, Critical Processes, KRIs, QTLs, Functional Plans, and Risk Libraries made available and used in the assessment are defined within this configuration. (Refer to the 'Risk Management Configuration' article in the 'Risk Management' section for details.)
Tip: The master header has links to the Risk Management and RBQM modules. This allows users to navigate seamlessly between Risk Management, RACT, and RBQM.
Start and Conduct an Assessment
-
Open or start a version from the RACT Study Landing Page, click Start Assessment to open a new draft version, or click the hyperlink in the Version column to open the active draft or a finalized assessment.
The Assessment Version page displays CTQ Considerations grouped by CTQ in the left panel and every Risk card for the version in the right workspace. Selecting a Consideration refreshes the workspace to show only the Risks linked to that Consideration.
-
Select CTQ Considerations from the left panel. Participants determine which Considerations are necessary for the assessment and assign the corresponding Risks accordingly. Any Consideration not applicable to the study risk assessment may be skipped. Even if some Considerations have no Risks added, the version can still be finalized as long as all required fields for the included risks are completed.
Note: General Risk(s) is automatically added as the last Consideration under each CTQ to capture risks not linked to a specific Consideration.
Tip: Click the Details
icon next to the CTQ header in the left panel to view the details of all Considerations for that CTQ in the workspace to the right.
-
To add a Risk, select a Consideration in the left panel. On the right side, the Consideration will display at the top of the workspace. Click the Add Risk button, and the Create New Risk window opens. Multiple Risks can be added to the same Consideration.
Go to the Create a New Risk section for step-by-step guidance.
- Validate completeness by clicking View Incomplete to list any Risk cards missing required information. Resolve each item until no incomplete Risks remain.
- The Finalize Assessment window serves as both an ongoing documentation tool and the finalization form. Open this window at any time during the assessment to enter information, and click Save to store the interim progress. Alternatively, click Review and Finalize to finalize the version if needed.
-
Click the Review and Finalize button in the top right of the risk workspace, and the Finalize Assessment window will open.
When every Risk is complete, reopen Finalize Assessment, review entries, and click Review and Finalize. The version locks, audit fields (Start Date/User, Finalize Date/User, Total Risks) populate automatically, and the version becomes available in the Assessment list on the RACT Study Landing Page.
Go to the Finalize an Assessment section for the steps and details on finalizing an assessment.
- Reassess as required and conduct a new assessment version at each scheduled interval or upon event-driven triggers (e.g., protocol amendment, inspection findings, global disruptions, etc.). Begin the new version from the Assessments tab and repeat Steps 1-6.
Create a New Risk
Note: Fields with a red asterisk indicate an entry is required. Use the scrollbar to access all fields.
Enter a Risk Manually
Risk Identification
- Risk Description: Enter a concise narrative summarizing the potential risk in plain language.
- The Create New Risk form, configured in Risk Management Configuration -> Risk Assessment, provides the option to display the Risk Description, Risk Statement, or both, and to specify whether they are required. The form can therefore capture either a Risk Description, a structured Event-Cause-Impact Risk Statement, or both.
- Risk Statement Generation: If the Risk Description field is used in the Risk Assessment, users can either manually fill out the Event, Cause, and Impact Text fields or click Generate Statement for the GenAI Assistant to parse the description and automatically populate those fields. Review the generated content for accuracy and make any necessary edits.
- Event Text: Enter the triggering event.
- Cause Text: Enter the underlying cause.
-
Impact Text: Enter the possible consequences.
Critical Data and Processes
- Critical Data: Select the associated critical data from the multi-select drop-down list.
-
Critical Processes: Select the associated critical processes from the multi-select drop-down list.
Risk Evaluation
- Impact: Select the score based on the scale specified in Risk Management Configuration -> Risk Levels. The score number will be used in calculating the Overall Risk Score (RPN).
- Likelihood: Select the score based on the scale specified in Risk Management Configuration -> Risk Levels. The score number will be used in calculating the Overall Risk Score (RPN).
- Detectability: Select the score based on the scale specified in Risk Management Configuration -> Risk Levels. The score number will be used in calculating the Overall Risk Score (RPN).
- Weight: Accept the default value of 1 or adjust to scale all RPNs up or down.
- Risk Control Threshold: This is the predefined threshold set in Risk Management Configuration -> Risk Levels. Defines the RPN cut-off that triggers mitigation.
- Overall Risk Score (RPN) Calculation: The RPN is derived by muliplying Impact x Likelihood x Detectabilty x Weight.
-
Critical Risk: Optional, if Yes is selected, the RPN equals or exceeds the threshold.
Risk Control
- Risk Control Action: The choices are Accept or Mitigate. The RPN and the Risk Control Threshold drive the choice and can be overridden by the user.
- Risk Owner: Enter the risk owner's name.
- Risk Owner Role: Enter the role of the risk owner.
-
Functional Plan: Select the appropriate plan that covers control activities for the relevant function (e.g., Data Management Plan, Medical Monitoring Plan). Choice typically aligns with the Risk Owner’s functional role. Available plans are maintained in Risk Management Configuration -> Functional Plans.
Monitoring Metrics
- Quality Tolerance Limits: Select the QTL from the drop-down. Users can now include a Data Source for the QTL. Click the Add button to include additional QTLs as required. If the Risk is added from a library, recommendations will be provided on-screen.
- Key Risk Indicators: Select the KRI from the drop-down. Users can now include a Data Source for the KRI. Click the Add button to include additional KRIs as required. If the Risk is added from a library, recommendations will be provided on-screen.
- Monitoring Owner Name: Enter monitor owner's name.
- Monitoring Owner Role: Enter role of monitor owner.
- Pre-Study Mitigation Actions: These are the mitigations performed before the study starts to support Quality by Design (QbD). Select an existing mitigation from the drop-down menu or type in a new one, then click the Add button that appears. If the Risk is selected from a library, the pre-study mitigations will be auto-populated if they are available in the library. Pre-populated mitigations can be removed or added.
-
During-Study Mitigation Actions: These are the mitigations performed during the study. Select an existing mitigation from the drop-down menu or type in a new one, then click the Add button that appears. If the Risk is selected from a library, the during-study mitigations will be auto-populated if they are available in the library and can be removed or added as needed.
Risk Review
This section is optional but recommended for tracking risk realization, causes, actual impact, and actions taken.
- Risk Realized: Select Yes or No.
- Date Risk Realized: If Yes, enter the date.
- Require adjustments of risk controls: Select Yes or No.
- Causes (if Risk Realized): Describe the root cause
- Impact (if Risk Realized): Summarize the effect of risk realized.
- Realization Comments: Enter any additional information.
-
CAPA, if appicable: Links the risk event to an official CAPA for compliance tracking.
IQRMP Integration
-
Include into Data Review Plan(s)?: Select Yes or No. If yes, ensure the corresponding risk is represented in data review activities; risks flagged for IDRP integration can be manually pulled from the Risk Summary tab.
More Details
This section is optional and fields below are an example of what can be added. The section may remain unused, or additional custom fields can be created based on process requirements. These adjustments are applied in Risk Management Configuration -> Risk Assessment.
- Reason for Closure: Enter concise text why the risk record is being closed.
- Close date: Enter the date when the closure was approved.
- Transferred to CRO: Select Yes or No.
- Date of Transfer to CRO: If yes, the date of the transfer.
- Click Save. The Risk is added to the Risk Assessment for the study and assigned a Risk Assessment ID; incomplete Risks may be saved and returned to later for completion.
Note: In the Risk Library, the Risks have a Risk ID. However, when creating a Risk for an assessment, a Risk Assessment ID will be generated for the defined risk.
Using a Risk Library & AI Risk Statement Generation
- To add a risk from the existing library(s), click the Select Risk from Library button. The Select Risk window opens.
-
The list will open with all risks in the active Libraries. Users can identify the library to which a risk belongs to by checking the Library column.
-
Select a risk by highlighting the row. Review the fields for the risk in the listing and click Apply. The fields will be automatically populated with risk data.
If Risk Statements are used in the Risk Assessment, they can either fill them out manually or use the GenAI Assistant.
-
Click the Generate Statement button to generate an AI-assisted Risk Statement. The system parses the Risk Description and fills the Event, Cause, and Impact Text fields.
It also generates a risk statement using the text in the Event, Cause, and Impact fields. (These features are only available if Allow Machine Learning has been enabled.)
- Users can click the button again to view more suggestions. Also, the GenAI Assistant will automatically rerun if the Risk Description is updated.
- Verify the wording carefully for accuracy since this is AI-generated, and make edits if needed.
- All actions involving AI-generated content such as the risk statement generation, are logged for auditing.
Note: The AI-generated Risk Statement feature can also be used with a manually entered Risk Descriptions. The quality and accuracy of AI-generated content depend directly on the clarity and completeness of the provided Risk Description.
- Review the fields that were populated from the Risk Library: Functional Plan, Pre-Study Mitigation Actions, and During-Study Mitigation Actions. Review the metrics recommendations, including KRIs and QTLs, and either add them to the risk or select the appropriate ones from the drop-down lists.
- Complete remaining mandatory fields for the risk.
- Click Save and the new Risk will display in the Risk Assessment.
Edit a Risk
- Click the Risk card in the workspace on the right, to open the Edit Risk window.
- Update the fields as needed.
- Click Save to apply the changes.
Document & Finalize an Assessment
The Finalize Assessment form serves a dual purpose: it allows users to document assessment activities as they occur and serves as the final step in completing the assessment process. While the assessment is ongoing, the form displays a warning message indicating that the assessment cannot be finalized until all required fields in the risks are completed.
During this stage, the form allows information to be entered and saved, but the Finalize button remains disabled. Once all risks are marked as complete, the warning message is removed, and the Finalize button is enabled, allowing the assessment version to be locked and finalized.
- Version Name: Enter a descriptive name to identify the finalized assessment version.
-
Version Description: Provide a summary describing the specific version of the assessment.
Protocol
- Protocol Amendment: Optional field allowing the entry of relevant information about protocol amendment if applicable.
- Protocol Amendment Date: Specify the date of the protocol amendment.
-
Protocol Complexity: Optional field allowing for the capture of details on the complexity of the protocol.
Version History
- Participants: Enter the names and roles of all team members involved in conducting this assessment. Click Add to include additional participants. This confirms that the assessment was a collaborative effort.
- Description of Change: Provide a detailed explanation of changes made during this assessment, including significant decisions or new risks identified.
-
Reason for Change: Enter the reason or event prompting this assessment, such as a protocol amendment, scheduled reassessment, or triggered event.
Note: Information entered into 6, 7, and 8 will be reflected in the Version History section of the exported Study Risk Management Plan and aligns with the GDocP and inspection readiness as per the GCP ICH regulation. -
Reassessment Interval: Optional field to ensure that the Risk Assessment activities are performed at the frequency specified in the company's process documents. Specify the scheduled time for reassessing study risks, if applicable. Select an interval unit (days or weeks) and enter the number to indicate when the next reassessment should occur.
- The Days Until Reassessment field on the Risk Management page automatically calculates and displays the number of days remaining until the next scheduled assessment.
- Automated reminder emails can be configured in the Task module to notify designated recipients as reassessment due dates approach.
- Finalize and start a new version of the assessment: Select this checkbox to immediately begin a new assessment version upon finalizing the current one. If not selected, a new assessment version still can be initiated manually at a later time.
- Click Save. Click to save entered data without finalizing, allowing continued documentation and updates to the assessment details prior to finalization.
- Click Review and Finalize. Once all required fields are filled out, click to lock the assessment version. Finalizing prevents further edits. Finalized assessments can stay in the list of study assessments, be archived, or be compared to another version.
-
The Risk Management Plan for the study assessments can be exported at any time, during or after finalization. Export options include either Excel or PDF format.
-
A summary of risks defined across the study can be accessed through the Risk Summary tab. This listing can be reviewed within the platform or exported in Excel or CSV formats.
Archive an Assessment
Assessments cannot be deleted due to complience; instead, they can be archived and become permanently unrecoverable. Only finalized assessments can be archived.
-
From the RACT Assessment page, select the assessment version to archive, then click Archive. The Archive Assessment window opens.
-
Review the Risk Assessment Version Details and enter the Reason for Archive.
- Click Archive Assessment. The assessment version is permanently archived, removed from active listings, and moved to the Archived tab for reference.