Event Description
With the complexities of laboratory environments combined with emerging biological agents, it is crucial to have a comprehensive biorisk management plan in place. This ensures the safety of personnel, the environment, and the public and maintains the integrity of laboratory activities. Effective biorisk management mitigates risks associated with hazardous biological materials and prevents unintentional exposures and unauthorized access to the laboratory. This webinar will briefly overview the ISO 35001 standard and describe the biorisk management model. Participants will learn the initial steps required to implement a biorisk management system within their laboratories, including how to develop biorisk management objectives. This webinar will also showcase a pilot study in partnership with the Association of Public Health Laboratories (APHL) that illustrates the outcomes of implementing the ISO 35001 standard in various public health laboratories.
Event Objectives
After completing this training, participants will be able to:
- Identify educational and other resources available through the OneLab Network
- Describe the ISO 35001 standard, including its purpose, structure, and key components related to biorisk management
- Identify the initial steps for implementing a biorisk management system in laboratories, focusing on developing effective objectives
- Describe lessons learned from the pilot study that examined outcomes of implementing ISO 35001 in public health laboratories
Event Media
Play Audio
August 5, 2024, ISO Bio Risk Management
DISCLAIMER: This text is being provided in a rough draft
format. It is not a verbatim transcript. Communication Access
Realtime Translation (CART) is provided in order to facilitate
communication accessibility and may not be a totally verbatim
record of the proceedings.
>> Host: We have posted a link to live captions in the chat.
We'll get to the agenda. Today we will start by discussing new
OneLab resources and go through introductions for the
presenters. We will do 10 minutes for the question-and-answer
session at the end of the presentation. We will review the
questions and then we will end the session with a discussion on
upcoming events. Be mindful webinar we will be leaving the chat
feature open. Keep in mind the appropriate rules of engagement.
Feel free to use the chat to connect with others by reacting to
what you are hearing, sharing experiences and asking questions.
We ask if you have a question for the presenter to use the Q&A
function and not the chat. Please engage with respect and
professionalism do not use inappropriate language, and proper
conduct or any form of this termination may result in removal
from the webinar. Ensure that comments are relevant to the
topic. If a moderator gives directions regarding behavior,
please comply accordingly. Please notify moderators that you
experience technical difficulties or observe any disruptive
behavior. I will turn over to our OneLab lead.
>> Before we begin the presentation, I will share CDC health
alert network message. The release of a new OneLab resource.
On July 23 CDC released health alert network announcing
information about the disruption and the availability of the BDP
tech blood culture media box. You can find links and
information in the chat. There is also a link to the July 15
call and December 2023 OneLab network event on the quality tool
to prevent blood culture contamination. If you have any
questions about the message, please send them to the link. In
an ongoing moment to delivering high quality and accessible
relevant training we are thrilled to announce the release of our
first mini lesson the public health laboratories 101. It is a
mini lesson that is designed to provide concise and engaging
learning experience and makes it easier to absorb concepts,
quality, and quickly efficient information. This lesson is
informative and interactive. It is easily accessible and
available on one lab reach. You can find the link in the chat.
I will introduce our speakers after the disclaimer. CDC, our
planners and our presenters were to disclose that they have no
financial interest or other relationships with commercial
products, manufacturers, suppliers of commercial services or
commercial supporters. I'm thrilled to introduce our first
presenter Lieutenant Commander Folasade Kembi. She is a health
scientist at the CDC division of laboratory systems quality and
safety systems branch and provides technical guidance on bio
risk management system, safety and bio security, regulatory
compliance and emergency preparedness and clinical and public
health laboratories. Before joining, she was a senior
microbiologist and inspector in the division of agents and
toxins where she provided leadership, strategic planning and
oversight to laboratory officials registered with the federal
select agent program. She is excited to share her knowledge.
Our second presenter is Doctor Mary Casey-Moore. She is a
health scientist with the quality and safety systems branch. In
her role she develops comprehensive training materials and
resources to help laboratories implement robust safety practice
and bio risk management strategies. For the past two years she
has dedicated her efforts to empower laboratories and equipping
them with knowledge and tools to enhance safety aspects and
mitigation potential risk. She is also excited to share insight
into the ISO 35001:2019 bio risk management standard and
highlight the benefits of integrating the standard into your
laboratory operations. Our presenters are Mary Casey-Moore and
Folasade Kembi. Over to you.
>> Mary Casey-Moore: Good afternoon, everyone. We appreciate
the opportunity to present with you today our presentation will
focus on ISO 35001:2019 the standard for virus management. I am
joined by Folasade Kembi. We are both from the quality and
safety citizens branch with the division of laboratory systems
and our mission is to prove public health, patient outcomes and
health equity financing laboratory systems. Here are the
objectives for today. First, we will summarize the ISO standard
and describe the bio risk management model and discuss
implementing a bio risk management system, including the initial
steps in developing bio risk management objectives. We will
present a summary of collaborative pilot project conducted with
the Association of Public health laboratories on mental mining
the standard and for public health laboratories sessions. ISO
stands for international organization for standardization. It
is a global Federation of national standards bodies with the
representative organization of each member country. It develops
voluntary, consensus-based international standards across nearly
all industry sectors. ISO 35001 is titled bio risk management
for laboratories and other related organizations, it was
published in 2019 and is 26 pages long. It was adopted by the
CEN workshop agreement and is the first international standard
that defines the requirements of the bio risk management system
for laboratories. Before diving into the bio risk management
system I want to discuss what is bio risk management. It is a
coordinated activity to direct and control biosafety and bio
security risks. Virus management can be divided into three
components. Assessment, mitigation, and performance.
Assessment covers both bio safety and security ensuring the
confidence of understanding of potential hazards, mitigation
involves implementing strategies to achieve safety and security.
This means putting controls in place to reduce and eliminate the
risk identified during the assessment. Performance is a
systematic process aimed at achieving levels of organizational
objectives and goals. Involves dividing direct evidence so that
the organization can understand and reduce risk to an acceptable
level. Effective virus management lies on the support of each
component. These three components assessment, mitigation and
performance are collectively known as the AMP model. Now onto
bio risk management system it is a systematic approach to
identify, assess, control and monitor biosafety and bio security
risks associated with hazardous biological materials. We have
taken the concept of the model assessment negation and
performance bring in a system to govern the actions. ISO 35001
defines the essential components for integrating bio risk
management into an organization’s overall governance, strategy,
planning, management systems, reporting processes, policies and
culture. It is science clear rules and response abilities with
leadership having the ultimate response ability. When
discussing virus management systems in the context of ISO, I
will highlight two aspects. The first is the standard is
structured around a management system approach emphasizing
performance over prescriptive measures. The framework allows
for the implementation of best practices and procedures within
resource capabilities. The second is ISO promotes continual
improvement through the plan do check act cycle. Ensuring
ongoing evaluation enhancement of by risk management practices.
In the following slides I will explore more elements in greater
detail. The first item that I highlighted as I mentioned the
ISO standard is based on a management system approach. It
integrates best practices and procedures to achieve
organizational objectives. Which are the biosafety and bio
security objectives. As an example, an organization may create
specific biosafety and bio security objectives within the
laboratory. To achieve those objectives the laboratory must
perform certain tasks. To perform those correctly policies and
procedures must be in place. The management system approach is
the rework of policies process and procedures set by the
organization to ensure they can perform the task correctly
required to achieve objectives. Applying this approach leads to
several benefits. It allows for system definition and process
development, structured for efficiency and effectiveness,
understanding process interdependencies, resource awareness and
allocation, and continuous improvement.
It incorporates the PDCA. It is a phenomenal concept that the
standard not only remotes the cycle as an ongoing process, but
also has a cycle built into the standard structure. I will show
you later in the presentation how. Within the cycle the steps
are as follows, the plan step is to establish objectives
programs and processes in accordance with the policy. In the
do, implant the processes that you outlined in the planning
stage. After implementation we have a check stage which
monitors and measure activities and processes with regard to
policy and objectives and reports the results. It is about
gathering data and understanding how well the strategies are
performing. And in the final act stage you take actions to
continually improve performance to achieve the intended
outcomes. Not just maintain but it's improved. Let's dive into
the structure and components of ISO 35001. The standard is
organized into 10 sections. The first section covers the scope.
It is applicable to any laboratory or other organization that
works with, stores, transports and/or disposes of hazardous
biological interiors. It can be integrated into organization of
any scale making it adaptable to nature and size. It is not
intended for risks of microorganisms and or toxins in food or
feedstocks, and risks from the use of genetically modified crops
in agriculture. The scope is followed by two sections of
references and definitions. Terms and definitions which I do
not have listed here. Section 4 is titled context of
organization and goes from four to section 10 titled
improvement. The sections breakdown the components for the
virus management system and contain guidelines of how the
standard can be applied within each organizational context. The
better as relies on the sections relate to each other, as well
as how the plan do check act cycle is built then the standards
let's look at the system model. On the side I'm showing the
sections on the left-hand side and the right I have a pyramid
view of the model. We will go through section by section.
First, the foundational layer of the pyramid is the context of
the organization, section 4. This will help you understand the
organization and its context. Define the scope and the
boundaries as well as the stakeholders involved. The next layer
is leadership, section 5, emphasizes top management role in
leading the virus management culture within the organization and
helping limit rules responsibly and for personnel within the
virus management framework. Moving to planning section 6. The
section you are identifying hazards by performing risk
assessments. Also creating bio risk management objectives.
Section 8 is titled operation which describes the execution and
management of processes necessary to meet virus management
system requirements in involves equipment maintenance, security,
inventory, PPE uses, waste management etc. The check is section
9 performance evaluation. Here is where we focus on how to do
internal audits and management reviews. To check the processes
that we have in place. Lastly, a cycle we have act in section
10 called improvement. This is to take action to improve by
reporting, investigating, managing, etc. We tie everything
together with section 7 which is support and discusses necessary
resources to carry out the cycle such as training and
competencies, workforce management and documentation. I hope
the slide emphasizes the comprehensive nature and how
implementing ISO 35001 will have the model within the bio risk
management processes. Now that winners in the model outlines
and how they are structured the check the shift the focus on
implementing the standard. For successful ISO 35001 I want to
highlight five important elements. First being top management
commitment. Leadership is authorized bio risk management
integration and communicate its importance and provide
resources. Second is planning. A major component is creating
specific virus management objectives align with lab functions to
develop and incorporate them. We will talk more later. Third
we have documentation and document control. Thoroughly document
the object is policies and procedures. Ensure that documents
are current and available and protected. Fourth, we have
training and staff awareness. Identify the training needs and
provide the training to build competency and assess staff in
understanding, we have teamwork and communication implementation
that requires collaborative effort and participation across the
organization. When it comes to simple mining the standard
strategic approach is key. We walked through the system, or the
steps involved. Step one is to develop a tool to perform
systematic gap assessment of the laboratory biosafety and bio
security processes. This tool to simplify the document into a
manageable checklist making it easier to evaluate the current
practices against the standards requirement. Step two is to
perform a gap assessment by analyzing the existing processes
identify areas that already meet the standards and those that
need improvement. The steps will provide a clear picture of
where the organization stands in relation to bio risk
management. Step three, based on the results obtained from the
gap assessment, define a process for the implementation of ISO
35001. It involves creating biosafety and security objectives
aimed at addressing the areas that need improvement. The goal
is to prioritize the objectives based on the importance and
resources, ensuring the most critical areas are tackled first.
By developing a gap assessment tool except one, our team has
done that and here is a glimpse of the process. We developed a
gap assessment tool based on the standard for the pilot project
in collaboration with -- it is still based and has a dedicated
tab in the workgroup for each of the seven major sections of the
standard. We copied and pasted the guidelines from the document
into the section resulting in 184-line items. During the
creation of the gap assessment is important to consider how you
assess your score and the organization's compliance. We used a
yes, or no scoring system for each line item and leveraged
Excel's capability to calculate average percent of conformance
for each section. It allowed us to set goals for desired
complaints to increase over time. We've also seen other scoring
systems for organizations could use a range such as zero to 3
one means not applicable and three means full compliance.
Similar to our system the goal is to increase the score over
time. The approach can be tailored to best suit the needs of
your laboratory. Once the tool is completed, we are able to
move on to step two performing the gap assessment by going
through each line item with the lab we can more easily identify
what areas need to be addressed. With those results, we can
proceed to step three defining a structured process in creating
objectives to address areas.
>> Folasade Kembi: Good afternoon. As was highlighted, the gap
is crucial. One effective way to address the gap is through the
creation of goals and bio risk management objectives. The ISO
35001 standard specifies organization established bio risk
management objectives relevant functions and levels. Before we
create the objective let's clarify the distinction between goals
and objectives. A goal is an observable and measurable result.
We want to aim our resources and efforts towards this outcome.
Objectives should describe the desired outcomes. These are the
steps we need to take in a more or less fixed timeframe to move
towards and achieve the outcome. When certain objectives are
achieved, organizations should consider risks, requirements and
other factors. Using one of the requirements of ISO 35001 is a
goal, the organization shall ensure they maintain an accurate,
verifiable inventory of biological materials specifying
biological agents and toxins based on the bio risk assessment.
Organizations should examine a process for checking, reviewing,
updating and reporting the biological cereals inventory. The
outcome to be achieved should include what constitutes an
accurate inventory, how is inventory verified for accuracy, what
details must be included in inventory, how frequently must the
inventory be updated and reviewed and who is responsible for
maintaining inventory. After the goals statement then creates
objectives to meet the goal. It should be specific, it should
answer the what and who. Conduct a comprehensive bio risk
assessment of all laboratory activities. In materials by the
end of Q3 2024 to identify biological agents requiring inventory
control. It should be achievable. It should be realistic and
available within the resources. It should be relevant about
what the impact it should be in line with the mission of the
organization inventory management implementation and time-based.
It should have a completion date and deadline. On the screen
are examples of goals and objectives of the smart objectives to
maintaining accurate verifiable inventory of biological
materials. The first one is conducting a comprehensive bio risk
assessment. Another example is to develop and implement
standard operating procedures for inventory management,
verification, documentation and reporting by Q4 2024 ensuring
compliance with the ISO 35001 requirements. And train 100% of
laboratory staff handling control materials on proper inventory
management procedures including the new SOP by quarter January
20, 2025. After setting the goals and objectives we have to
plan for the ample mentation and continuously improving bio risk
objectives. We have four steps. The first is to determine
roles and responsibilities for each objective. Assign clear
ownership and accountability and ensure necessary resources and
support. Who makes decisions, who is consulted when needed.
The second is established performance indicators and measures.
How can we be sure we are achieving what we set out to achieve?
We have to define observable metrics to track progress, Minotaur
advancement towards objectives and overall goal, and identify
areas for improvement or adjustment. One opportunity for
improvement your -- how they should be of limited based on the
available resources. Number three, conduct regular gap
assessments by assessing the effectiveness of bio risk
management process, identify nine deformities against the ISO
35001 requirements, and implement corrective actions. And forth
review and update objectives periodically.
Objectives with changing organizational needs, incorporate
lessons learned and best practices, maintain relevance and drive
continuous improvement. Pilot project to implement ISO 35001
overview there are steps implementing the management system.
Let's talk about our collaboration. In the first phase of the
project the CDC and a PHL identified two public health
laboratories which are lab one and lab two. They are sites for
implementing the system. Step two initial site uses the gap
analyst checklist to review existing process to support the
adoption of ISO 35001
step three to utilize findings from the site visit and the
checklist to define elements for ISO 35001 implementation by
virtual meetings. So, for second site visits the reviewing
process to support the adoption of the ISO – 35001 and project
closeout in the second phase which are laboratory three and
four. They started in December 2023 and January 2024. Site
visits were conducted. Nonconformities were identified and are
currently being addressed. The second site visit is in the
planning stages. The following slides will show findings from
each of the laboratory’s assessments. Laboratory one has 82%
conformity, and it is just one of the nonconformities identified
are by risk management objectives, biological materials
inventory, emergency plan training, and internal audit to expand
to BRM lack of training, except departments where advanced
training -- it was not documented where it was conducted. The
internal audit was focused on quality management issues and did
not expect safety or virus management documentation --
corrective actions were not followed. In lab two, there were 84
deformities and eight nonconformities. Some of the
nonconformities notified were roles, responsibilities and
authorizations authorities were not defined. And not
communicated or included in laboratory processes such as in the
investigation and the review evaluation they were not reported.
Another nonconformity was the understanding of different
positions. Relationships priorities and needs to increase bio
risk management activities. Such as lab inspection findings.
The risk management advisors were stretched too thin. They were
at times unable to provide support for staff. For instance, the
qualification training for the staff completion of records
management and incident investigation model staff understood the
role of quality and safety of bio risk management and what is
done to ensure safety. The last one is bio risk management
objectives were not defined and where they were defined it was
not documented. The lapse in phase 2 left three has 84%
conformity and 5% nonconformity something nonconformities were
lack of organizational bio risk management objectives, audit
policy and emergency exercises. Policy and procedure must cover
quality management system not specifically include safety test –
there is no exercising of procedures for spills, threats, etc.
Four, they have 43 conformity's and 45% nonconformity. Some of
the nonconformities include no over -- each department runs its
own program with little documentation, competency assessment
training etc. There is no management review of the risk
management system. There were no risk management objectives.
The roles rust spots abilities and authorities were not defined.
Continual improvement process, internal audit and communication.
Metrics were not drafted, and SOP risk assessment were not
reviewed to assess areas for improvement. No system exists to
conduct internal audits. Lack of communication among staff. As
a result of the observation from the studies some of the
suggestions for the pilot laboratories include how to establish
by risk management committee oversight, develop bio risk
management objective, conduct wrist assessments how to train and
form completion and process. Establish escort responsibilities
to supervising employees, provide insider threat training, and
shared CDC and APHL Resources.
If you are interested in the very resources of the international
organization for standardization we offer free access to the ISO
35001 standard. Clinical and public health laboratories within
the United States this is how the process works; your
institution will select a point of contact responsible for virus
management it can be the laboratory director. It can be the
biosafety officer or POC will email the point of contact. There
were request access to the standard along with the institution
name and physical address of the institution, then the DLS will
notify the POC via email with further instructions. If your
institution is approved, the POC must submit names of those who
would like to receive the standard. Including their work email
address and their role in the organization. The DLS notifies
the approved point of contact with details on how to access the
standard. DLS supports the enhancement of bio risk management
great in summary, today we covered the sections of the ISO 35001
highlighting how they collectively create a robust bio risk by
risk management system. Emphasize the critical components for
successful and well mentation including top management
commitment. Discussed the initial steps of the -- including
conducting gap assessments and treating risk management
objectives. And shared experiences from collaborating with APHL
to implement ISO 35001 and for public health laboratories. At
this time, we wish to acknowledge the contribution of the DLS
biosafety core team, the Association of Public health
laboratories and the ISO 35001 pilot sites. On the screen are
the resources that are relevant to the presentation today. They
include the workshop agreements and links for other documents.
It is being dropped in a chat right now. Are there any
questions?
>> We will take a few minutes to answer questions. If you have
a question after the event the free to email the one lab inbox.
Let me look for some questions. We have several questions
asking where they can find the gap assessment tool for the Excel
sheet.
>> Folasade Kembi: That is a checklist that we work with. It is
not available to everyone. It is not available because it is
based on the standard. If you want to have access, you have to
go through a page description. If you have access to the
standard, you can make your own checklist and that is a standard
the DLS is offering for free. If you have access to the
standard, you can come up with a checklist. It is based on the
iso-standard it will not be available to share. Thank you.
>> Host: You're welcome. Are there any agencies accredited to
grant the ISO 35001 certification or compliance?
>> Folasade Kembi: Currently there is none.
>> Host: Okay. We shared access to the free link to download --
considering that this is an international standard for ISO will
there be work with other labs beyond the United States? So,
because your program only does the United States labs the
question is will you at some point consider labs outside of the
United States?
>> Folasade Kembi: Currently, we are not considering that. But
we know of organizations that might be interested in
collaborating. At least one approached us and was interested.
It might be soon. Currently, we are working with laboratories
within the United States.
>> Host: How often should SOPs be assessed for risk and safety?
>> Folasade Kembi: Any time they make a change you need to
review and update. Even if you do not make a change at least
annually. Check your SOP to see what has changed in the
practice and update it. It is good practice to review at least
annually. Throughout the year, if your procedure changes, if
you are adding a work objective then go in there and update your
SOP.
>> Host: Will the standards not intended for those working with
microorganisms or toxins in food?
>> Mary Casey-Moore: There are a couple of reasons that I know
of. It is the type of risk encountered in food testing or
agricultural biotechnology that differs from clinical and public
health lavatories. Working with infectious agents and toxins is
why ISO focuses on the risk specific for laboratory environments
because they have certain safety and security measures and also
there is established standards and regulations addressed
associated with food testing. ISO 22,000 is one.
>> Host: Do you believe work hours by risk management standards
will incorporate into the cap inspection for labs in the future?
>> Folasade Kembi: No one knows. For good practices and for
continual improvement it is good to tap into the standard. But
no one knows. For the good of the lab and everyone it would
improve the processes, but I do not know and cannot answer the
question.
>> Host: Someone wants to know who would be members of the
biosafety committee? Like within the lab who would be a good
member for the committee.
>> Folasade Kembi: I think that would be dependent on the lab.
I will say probably your lab director, but it differs from lab
to lab. There are some big labs for the directors to be part of
it. Biosafety managers definitely, quality managers, the lead
technicians and maybe some laboratories. It depends and
differs. If you are talking of research institutions, we may
talk about our research at the top-level people, and it is good
for the top-level people to have a buy-in. We are talking about
the ISO 35001 standard which encourages commitment from the top
leaders. It differs from lab to lab. It is always good for
people at the top to have a buy-in and be interested in what is
going on. If it is a big lab where the laboratory director
cannot be part of the team, he or she can have a designee in the
biosafety manager and quality people that – it just depends on
the lab.
>> Host: Thank you so much for the great presentation. We hope
to have you back soon. We are getting a lot of questions about
the checklist. That is an internal document used so you will
not be able to get access to it but there is a link where you
can get access to the standards. You can do that. We are
offering one-piece credit for the webinar. Certificates are
available on one leverage for easy access to receive your pace
credit after anticipating in the session today you need to log
into your account and use the passcode to complete the
evaluation within two weeks. You must be logged into tier 1 lab
reach account to access evaluation. You will also receive an
email containing the instructions if you miss the link and
passcode in the chat. We are thrilled to announce two upcoming
one lab test August events. Register for the one lab test open
form event on August 13 at noon. Discussed training and
education needs for testers who perform corner care testing and
non- amatory sites or settings. Share the information about the
event with your colleagues, especially those who perform corner
care testing. And as a follow-up to the one lab test open form,
we will be featuring the ready set test training course on
August 28 at noon. Eastern standard Time. The link for both
events is posted in the chat. As a reminder, the events slides,
and recording will be posted to our website within two weeks.
Lastly, we encourage you to utilize the one lab in box to share
your training needs, feedback, etc. We use your input to select
our event topics and understand the needs. The one lab email
address is posted in the chat. Thank you for your participation
and have a great day.
150%
Duration
Event Speakers
Folasade Kembi, PhD, MPH
Health Scientist
Quality & Safety Systems Branch (QSSB)
Division of Laboratory Systems (DLS)
Centers for Disease Control and Prevention (CDC)
Mary Casey-Moore, PhD
Health Scientist, Safety Team
Quality and Safety Systems Branch (QSSB)
Division of Laboratory Systems (DLS)
Centers for Disease Control and Prevention (CDC)