Can we use GCP / PV audits as an inspection exercise?
Audits are a great opportunity to get used to the way inspectors (like most auditors) look at things, how interviews and document requests should be handled. But can we really use GCP / PV audits as an inspection exercise?
As an auditor, I (still) see audits on a regular basis being approached as if it were an exercise for regulatory inspection. I have seen auditees beating about the bush in interviews or in responding to document requests. I have seen complete backrooms set up, including extensive QC processes significantly delaying the provision of documents.
This is something you would not hope to see during an audit, and, honestly, this type of behaviour does not belong in an inspection room either. It is frustrating the process and will only work counterproductive. It might sometimes even look suspicious.
Don’t get me wrong: I understand that an audit can cause tension and requires organisation. An audit facilitator can make responding to document requests much more efficient and may prevent mistakes. And of course I understand that business interests could also be an important factor during an (external) audit. I have been there. Also as an auditee, and as an audit facilitator.
The question is, however, can we use an audit as an exercise for a regulatory inspection?
What is the purpose of an audit?
Let’s first see how an audit has been defined in GCP and GVP:
- Good Clinical Practice (ICH E6 R2) says:
An audit is “A systematic and independent examination of trial related activities and documents to determine whether the evaluated trial related activities were conducted, and the data were recorded, analyzed and accurately reported according to the protocol, sponsor’s standard operating procedures (SOPs), Good Clinical Practice (GCP), and the applicable regulatory requirement(s)”.
- Good Pharmacovigilance Practice (EMA Guideline on GPvP, Annex I) says:
An audit is “A systematic, disciplined, independent and documented process for obtaining audit evidence and evaluating the evidence objectively to determine the extent to which the audit criteria are fulfilled (see ISO 19011 (3.1))”.
Concluding, an audit is basically a way to evaluate how activities in scope were and are being conducted. Audits look at the past (what happened?) and the present (what processes and procedures are in place?), but they should also help a company to improve processes, to mitigate risks and to ensure the quality of studies or activities in the future.
The timing of audits is therefore important!
The longer you wait, the later you identify potential issues which could have been prevented. This is not only affecting the quality, but it will also leave a team in frustration and with extra items on their to do-list. And that is not what you need when you are preparing for an inspection or when the study database lock is around the corner!
So can we use audits as inspection exercise?
Of course, audits are a great opportunity to get used to the way inspectors (like most auditors) look at things, how interviews and document requests should be handled. It helps an organisation being prepared for tough questions when they are aware of the weaknesses in systems and the issues that occurred.
However, audits are really part of an organisation’s governance framework and should help the organisation to assure the quality of their processes and the work that is done by their vendors or partners…
As such, an organisation will benefit most from an audit that is conducted in an open atmosphere, where mistakes can be discussed and acknowledged, without repercussions by management, but with the focus on opportunities for growth and improvement. In this way, audits can be of great support in preparing for a regulatory inspection.
Who made that mistake?!
As an auditor, I usually will not and often even cannot answer the question “Who made that mistake?!” An audit does not focus on personal performance. Auditors assess a system, a process, and findings are rarely caused by just one individual.
As a quality professional, I would always advise management to avoid linking audit or inspection findings to individual performance goals. Mistakes do happen, and an open dialogue, trust and transparency are essential to achieve good quality*. Deviations or audit/inspection findings are mostly the result of a weakness in the system, and this needs to be identified and repaired to let the individual and the system perform as expected.
Find out how Beyond Compliance can help your organisation to find ways to optimise the issue management process as part of a quality culture: