Permissions: RACT Assessment Read Only: Users can view assessments and exports (no edits).
RACT Assessment Read Write: Users can create, edit, archive, and finalize assessments and risks.
Assessments are conducted using the most recent Risk Management Configuration. The CTQs, Considerations, Critical Data, Critical Processes, KRIs, QTLs, Functional Plans, and Risk Libraries made available and used in the assessment are defined within this configuration. (Refer to the 'Risk Management Configuration' article in the 'Risk Management' section for details.)
Tip: At the bottom of the left navigation panel, there are links to the Risk Management and RBQM modules. This allows users to navigate seamlessly between Risk Management, RACT, and RBQM.
Start and Conduct an Assessment
-
To start a new RACT Assessment, click the Start Assessment button on the Assessments page. The Create New Assessment window open.
- Select the Assessment Setting for this assessment version. The Assessment Setting determines the CTQs and considerations, risk assessment form fields, and the risk level scoring.
-
Click Create. When a new assessment version is started, it is created as a Draft. The assessment version name is assigned once the assessment is finalized.
Note: If a draft assessment already exists for the study, starting a new assessment prompts a warning that the existing draft will be overwritten and any unsaved progress will be lost.
- To open an existing draft or a finalized assessment version, click the hyperlink in the Version column in the Assessment Versions listing.
- The Assessment Version page opens and displays CTQ Considerations grouped by CTQ in the left panel and every Risk card for the version in the right workspace. Selecting a Consideration refreshes the workspace to show only the Risks linked to that Consideration.
-
Select CTQ Considerations from the left panel. Participants determine which Considerations are necessary for the assessment and assign the corresponding Risks accordingly. Any Consideration not applicable to the study risk assessment may be skipped. Even if some Considerations have no Risks added, the version can still be finalized as long as all required fields for the included risks are completed.
Note: General Risk(s) is automatically added as the last Consideration under each CTQ to capture risks not linked to a specific Consideration.
Tip: Click the Details
icon next to the CTQ header in the left panel to view the details of all Considerations for that CTQ in the workspace to the right.
-
To add a Risk, select a Consideration in the left panel. On the right side, the Consideration displays at the top of the workspace. Click the Add Risk button, and the Add Risk window opens. Multiple Risks can be added to the same Consideration.
Go to the Create a New Risk section for step-by-step guidance.
- Validate completeness by clicking View Incomplete to list any Risk cards missing required information. Resolve each item until no incomplete Risks remain.
- The Finalize Assessment window serves as both an ongoing documentation tool and the finalization form. Open this window at any time during the assessment to enter information, and click Save to store the interim progress. Alternatively, click Review and Finalize to finalize the version if needed.
-
Click the Review and Finalize button in the upper right of the risk workspace, and the Finalize Assessment window opens.
When every Risk is complete, reopen the Finalize Assessment window, review entries, and click Review and Finalize. The version locks, audit fields (Start Date/User, Finalize Date/User, Total Risks) populate automatically, and the version becomes available in the Assessment list as Draft, on the RACT Study Landing Page.
Go to the Finalize an Assessment section for the steps and details on finalizing an assessment.
- Reassess as required and conduct a new assessment version at each scheduled interval or upon event-driven triggers (e.g., protocol amendment, inspection findings, global disruptions, etc.). Begin the new version from the Assessment Versions listing and repeat Steps 1-7.
Create a New Risk
Note: Fields with a red asterisk indicate an entry is required. Use the scrollbar to access all fields.
Enter a Risk Manually
Risk Identification
- Risk Description: Enter a concise narrative summarizing the potential risk in plain language.
- The Add Risk form, configured in Risk Management Configuration -> Risk Assessment, provides the option to display the Risk Description, Risk Statement, or both, and to specify whether they are required. The form can therefore capture either a Risk Description, a structured Event-Cause-Impact Risk Statement, or both.
- Risk Statement Generation: If the Risk Description field is used in the Risk Assessment, users can either manually fill out the Event, Cause, and Impact Text fields or click Generate Statement for the GenAI Assistant to parse the description and automatically populate those fields. Review the generated content for accuracy and make any necessary edits.
- Event Text: Enter the triggering event.
- Cause Text: Enter the underlying cause.
-
Impact Text: Enter the possible consequences.
Critical Data and Processes
- Critical Data: Select the associated critical data from the multi-select drop-down list.
-
Critical Processes: Select the associated critical processes from the multi-select drop-down list.
Risk Evaluation
- Impact: Select the score based on the scale specified in Risk Management Configuration -> Risk Levels. The score number is used in calculating the Overall Risk Score (RPN).
- Likelihood: Select the score based on the scale specified in Risk Management Configuration -> Risk Levels. The score number is used in calculating the Overall Risk Score (RPN).
- Detectability: Select the score based on the scale specified in Risk Management Configuration -> Risk Levels. The score number is used in calculating the Overall Risk Score (RPN).
- Weight: Accept the default value of 1 or adjust to scale all RPNs up or down.
- Risk Control Threshold: This is the predefined threshold set in Risk Management Configuration -> Risk Levels. Defines the RPN cut-off that triggers mitigation.
- Overall Risk Score (RPN) Calculation: The RPN is derived by muliplying Impact x Likelihood x Detectabilty x Weight.
-
Critical Risk: Optional, if Yes is selected, the RPN equals or exceeds the threshold.
Risk Control
- Risk Control Action: The choices are Accept or Mitigate. The RPN and the Risk Control Threshold drive the choice and can be overridden by the user.
- Risk Owner: Enter the risk owner's name.
- Risk Owner Role: Enter the role of the risk owner.
- Functional Plan: Select the appropriate plan that covers control activities for the relevant function (e.g., Data Management Plan, Medical Monitoring Plan). Choice typically aligns with the Risk Owner’s functional role. Available plans are maintained in Risk Management Configuration -> Functional Plans.
-
Include into Review Plan: Select Yes to make the risk available for selection in Review Objectives in Data Central Configuration. A risk is linked to the Review Plan only after it is selected in one or more Review Objectives. Linkage is based on the latest finalized RACT assessment.
Monitoring Metrics
-
Quality Tolerance Limits: Select the QTL from the drop-down. Users can now add a Data Source for the QTL, specifying the system or record where the QTL data originates.
Click the Add button to include additional QTLs as required. If the Risk is added from a library, recommendations are provided on-screen.
-
Key Risk Indicators: Select the KRI from the drop-down. Users can now add a Data Source for the KRI, specifying the system or record where the KRI data originates.
Click the Add button to include additional KRIs as required. If the Risk is added from a library, recommendations are provided on-screen.
- Monitoring Owner Name: Enter monitor owner's name.
- Monitoring Owner Role: Enter role of monitor owner.
- Pre-Study Mitigation Actions: These are the mitigations performed before the study starts to support Quality by Design (QbD). Select an existing mitigation from the drop-down menu or type in a new one, then click the Add button that appears. If the Risk is selected from a library, the pre-study mitigations are auto-populated if they are available in the library. Pre-populated mitigations can be removed or added.
-
During-Study Mitigation Actions: These are the mitigations performed during the study. Select an existing mitigation from the drop-down menu or type in a new one, then click the Add button that appears. If the Risk is selected from a library, the during-study mitigations are auto-populated if they are available in the library and can be removed or added as needed.
Risk Review
This section is optional but recommended for tracking risk realization, causes, actual impact, and actions taken.
- Risk Realized: Select Yes or No.
- Date Risk Realized: If Yes, enter the date.
- Require adjustments of risk controls: Select Yes or No.
- Causes (if Risk Realized): Describe the root cause
- Impact (if Risk Realized): Summarize the effect of risk realized.
- Realization Comments: Enter any additional information.
-
CAPA, if appicable: Links the risk event to an official CAPA for compliance tracking.
More Details & Save
This section is optional and fields below are an example of what can be added. The section may remain unused, or additional custom fields can be created based on process requirements. These adjustments are applied in Risk Management Configuration -> Risk Assessment.
- Reason for Closure: Enter concise text why the risk record is being closed.
- Close date: Enter the date when the closure was approved.
- Transferred to CRO: Select Yes or No.
- Date of Transfer to CRO: If yes, the date of the transfer.
- Click Save. The risk is added to the current assessment and assigned a Risk Assessment ID, which identifies the risk within that version. When reopening the risk, the Risk Assessment ID displays in the upper left corner of the risk window and cannot be edited.
Note: The Risk Assessment ID is assigned at the study level and is different from the Risk ID specified in the Risk Library within Risk Management configuration.
Using a Risk Library & AI Risk Statement Generation
- To add a risk from the existing library(s), click the Select Risk from Library button. The Select Risk window opens.
-
The list opens with all risks in the active Libraries. When selecting a risk from the Risk Library, risks related to CTQs similar to the current consideration are prioritized at the top of the list to improve relevance and speed up the selection process.
Users can identify the library to which a risk belongs to by checking the Library column.
-
Select a risk by highlighting the row. Review the fields for that risk in the listing and click Apply. The fields for identification, CTQ, Category, mitigations, metrics, and others are automatically filled with the risk data, and a reference table with identifying information displays within the risk window.
This reference table stays visible even after closing and reopening the Edit Risk window, unless the user specifically removes it by clicking the X in the upper right corner of the table. The recommended Monitoring Metrics also remain when risk is reopened.
-
Click the Generate Statement button to generate an AI-assisted Risk Statement. The system parses the Risk Description and fills the Event, Cause, and Impact Text fields.
It also generates a risk statement using the text in the Event, Cause, and Impact fields. (These features are only available if Allow Machine Learning has been enabled.)
- Users can click the button again to view more suggestions. Also, the GenAI Assistant automatically reruns if the Risk Description is updated.
- Verify the wording carefully for accuracy since this is AI-generated, and make edits if needed.
- All actions involving AI-generated content such as the risk statement generation, are logged for auditing.
Note: The AI-generated Risk Statement feature can also be used with a manually entered Risk Descriptions. The quality and accuracy of AI-generated content depend directly on the clarity and completeness of the provided Risk Description.
- Review the fields that were populated from the Risk Library: Functional Plan, Pre-Study Mitigation Actions, and During-Study Mitigation Actions. Review the metrics recommendations, including KRIs and QTLs, and either add them to the risk or select the appropriate ones from the drop-down lists.
- Complete remaining mandatory fields for the risk.
- Click Save and the system assigns a Risk Assessment ID and the new Risk displays in the Risk Assessment.
Edit a Risk
-
Click the Risk card in the workspace on the right, to open the Edit Risk window. After the Risk is saved, the system generated Risk Assessment ID is locked and cannot be edited, ensuring auditability and tracibility.
- Update the fields as needed.
- Click Save to apply the changes.
Document & Finalize an Assessment
The Finalize Assessment form serves a dual purpose: it allows users to document assessment activities as they occur and serves as the final step in completing the assessment process. While the assessment is ongoing, the form displays a warning message indicating that the assessment cannot be finalized until all required fields in the risks are completed.
During this stage, the form allows information to be entered and saved, but the Finalize button remains disabled. Once all risks are marked as complete, the warning message is removed, and the Finalize button is enabled, allowing the assessment version to be locked and finalized.
- Version Name: Enter a descriptive name to identify the finalized assessment version.
-
Version Description: Provide a summary describing the specific version of the assessment.
Protocol
- Protocol Amendment: Optional field allowing the entry of relevant information about protocol amendment if applicable.
- Protocol Amendment Date: Specify the date of the protocol amendment.
-
Protocol Complexity: Optional field allowing for the capture of details on the complexity of the protocol.
Version History
- Participants: Enter the names and roles of all team members involved in conducting this assessment. Click Add to include additional participants. This confirms that the assessment was a collaborative effort.
- Description of Change: Provide a detailed explanation of changes made during this assessment, including significant decisions or new risks identified.
-
Reason for Change: Enter the reason or event prompting this assessment, such as a protocol amendment, scheduled reassessment, or triggered event.
Note: Information entered into 6, 7, and 8 is reflected in the Version History section of the exported Study Risk Management Plan and aligns with the GDocP and inspection readiness as per the GCP ICH regulation. -
Reassessment Interval: Optional field to ensure that the Risk Assessment activities are performed at the frequency specified in the company's process documents. Specify the scheduled time for reassessing study risks, if applicable. Select an interval unit (days or weeks) and enter the number to indicate when the next reassessment should occur.
- The Days Until Reassessment field on the Risk Management page automatically calculates and displays the number of days remaining until the next scheduled assessment.
- Automated reminder emails can be configured in the Task module to notify designated recipients as reassessment due dates approach.
- Finalize and start a new version of the assessment: Select this checkbox to immediately begin a new assessment version upon finalizing the current one. If not selected, a new assessment version still can be initiated manually at a later time.
- Click Save. Click to save entered data without finalizing, allowing continued documentation and updates to the assessment details prior to finalization.
- Click Review and Finalize. Once all required fields are filled out, click to lock the assessment version. Finalizing prevents further edits. Finalized assessments can stay in the list of study assessments, be archived, or be compared to another version.
-
The Risk Management Plan for the study assessments can be exported at any time, during or after finalization. Export options include either Excel or PDF format.
-
A summary of risks defined across the study can be accessed by selecting Risk Summary from the left navigation. This listing can be reviewed within the platform or exported in Excel or CSV formats.
Integrated Data Review Plan & Risks
RACT integrates with the Integrated Data Review Plan (IDRP) to align identified risks with Review Objectives defined in Data Central.
- Link Risks to Review Plan: When adding or editing a risk during an assessment, set Include into Review Plan to Yes to make the risk available for selection in Review Objectives in Data Central configuration. A risk is linked to the Review Plan only after it is selected in one or more Review Objectives. Linkage is based on the latest finalized assessment.
- Review Plan Indicator: For finalized assessments, risks that are linked to the Review Plan display a Review Plan (n) indicator on the risk card in the upper right corner, where n is the number of linked Review Objectives.
-
Hover Behavior: Hover over the Review Plan Indicator to view a table tooltip that lists linked Review Objectives, including identifier, version, description, and approval status. If no Review Objectives are linked, the tooltip states that none are associated.
-
Click Behavior: Click the Review Plan indicator to open the Review Plan in Data Central Configuration, filtered to the selected risk.
Archive an Assessment
Assessments cannot be deleted due to complience; instead, they can be archived and become permanently unrecoverable. Only finalized assessments can be archived.
-
From the RACT Assessment page, select the assessment version to archive, then click Archive. The Archive Assessment window opens.
-
Review the Risk Assessment Version Details and enter the Reason for Archive.
Note: If the latest finalized assessment contains risks that are linked to Review Objectives, a warning message is displayed before archiving. Archiving the assessment breaks the linkage to the Review Plan, but users can still view the linked Review Objectives before proceeding.
- Click Archive Assessment. The assessment version is permanently archived, removed from active listings, and moved to the Archived page for reference.
Toolbar Icons & Actions
| Icon | Icon Name | Description |
|---|---|---|
| 9-dot | Opens the Platform Menu | |
| elluminate Logomark | Returns the user to the Home Page. | |
| Configuration | View or Edit the Study configuration. | |
| Help | Opens the Help menu (Help Center, Community, Learning Portal, Support Information, Privacy Policy, Legal Notices, and elluminate Version). | |
| Blue Badge | Displays the number of items listed on the page. | |
| Filters | Use to clear filters. If highlighted, it indicates filters are applied to the page. | |
| RBQM | Navigates to the RBQM Overview dashboards. | |
| Risk Management | Navigates to the Risk Management Home page | |
| Back | Return to RACT Assessment Home Page. | |
| Report | Exports the eTMF-ready Risk Management Study report to Excel or CSV. | |
| Search | As text is entered, matching CTQ Considerations appear in the list. | |
| Delete | Delete Risks. | |
| Details | Opens the CTQ, CTQ Considerations, & Risks in the workspace. | |
| Not Answered | No Risks have been started for the Consideration. | |
| Work in Progress | The Risks are missing required fields and are incomplete. | |
| Completed | All the Risks for the Consideration have been completed. | |
| Gray Badge | Indicates the number of Risks started and / or completed for the Consideration. |