Audits & Inspections_Katalyst HLS

Audits & Inspections
3/27/2017Katalyst HealthCares & Life Sciences

2
What we will learn today?
1. Quality Policy
2. Audits & Inspections
3. Inspection Readiness
4. Internal Audits:
5. Classification of Audit Findings
6. RCA & CAPA
7. Audit tool
8. Audit Do’s and Don’ts
9. Introduction to Good Documentation Practice (GDP)
10. Tips for GDP
11. Risk Management
12. Escalation Management

3
Introduction: Quality Management System (QMS)
Quality Policy Manual
Frameworks and Generic
Procedures (Project
Management)
Life Sciences (IT + BPS)
SOP/ SWP/ SWI (Guidelines)
Client Specific Procedures +
Templates
Client Specific Instructions
(Usage of tools and
templates)
Governed by ISO 9001:2008,
eSCM (eSourcing Capability
Model), CMMi and Regulatory
norms.
In addition to above, these
are governed by Client
specific SOPs/ SWPs/
SWIs.
Process
Space
Project
Repository
Storing location Type of document Governance

4
Definitions & Differences
AUDIT INSPECTION
Definition A systematic and independent
examination of trial related activities and
documents to determine whether the
evaluated trial related activities were
conducted, and the data were recorded,
analyzed and accurately reported
according to the protocol, sponsor's
standard operating procedures (SOPs),
Good Clinical Practice (GCP), and the
applicable regulatory requirement(s).
(ICH-GCP E6-R1 - Section# 1.6)
The act by a regulatory authority (ies) of
conducting an official review of documents,
facilities, records, and any other resources
that are deemed by the authority (ies) to be
related to the clinical trial and that may be
located at the site of the trial, at the
sponsor's and/ or contract research
organization’s (CRO’s) facilities, or at other
establishments deemed appropriate by the
regulatory authority (ies). (ICH-GCP E6-R1
– Section# 1.29)
Purpose To check on compliance, process
improvement, data credibility, preparation
for regulatory inspection.
In addition to it - Inspection is the basis of
granting marketing authorization approval.

5
Types of Audit/ Inspection
▪ Types of Audit:
▪ Internal audit
▪ Customer/ Client audits/ Third Party Audit
▪ ISO 9001:2008 Surveillance audits, etc.
▪ Types of Inspection:
▪ PAIs (Pre-Approval Inspections)
▪ For Cause Inspections
▪ Routine Inspections
▪ Pre-Inspection visits (by some Indian regulatory agencies)

6
Focus Area for Audit/ Inspections
ProcessPeople
Interview of
resources
Training
records
JD/ RD/ CV BG Checks Resource
Skill
Application
Access
Management
Tool
Validation
Records
Staff
Turnover
Capacity & back
log plan
Access Invoke/
revoke
records
Application
problem
Management
BCP
test records
MSA/SOW
Addendum
SOPs/SWIs
Management
Quality
Control
Quality
Assurance
Deviation
Management
Training
Management
SLA/ KPI
Monitoring
Change
Management
Risk
Management
CAPA
Management
Tool
Validation
Governance
Escalation plan
OrganogramBCP & disaster
recovery plan
Data privacy &
security
Customer
communication
Issue & Problem
Management
Inspection
management
Vendor
management
Document management system
Handover
takeover
Archival
process
Regulatory
updates
ICSR Case
Processing
Quality Control
Activities
Lock/ Unlock
activities
Study Set-up
activities
Statistical Related
activities
Study Conduct /
Closeout
Allocation/
Assignment
Medical Writing
Reports/ Narrative
Study
Documentation
Signal
Detection
Regulatory/
Document
Publishing activities
Technology
Aggregate
Reporting

Transition (Start Up) Steady State (Engagement Lifecycle) Closure
T3 Audit
T6/ Go- Live Audit
Study Audit
(For CDM)
Closure
Transition
Manager,
Project Manager
•Scope & Solution
Design
•Contract
Assessment
•Governance
•People profile
•As Is Process
Maps
•KT Plan
•Engagement Risks
End of T3 stage of
transition
Transition
Manager,
Project Manager
•Contract
Assessment
•KT assessment
•Quality Plan
•Deployment
Requirements
•Process Map SOP/
SWP/ SWI
•Capacity Planning
& Ramp up etc.
Before Go-Live (T6) of
the project
Study Team
Members
•Specific Work
Instructions,
SOPs, SWPs
• Study specific
documents
•Configuration
Management
•Quality Control
•Trainings
•Study
Deliverables
Go-Live, DBL
Milestone
Project
Manager
•Service
Transfer
•Retention &
Archival
•Lessons
Learnt
•Access
Revoke
•Resource
transfer out (if
applicable)
Once (At the
end of the
project)
Process Audit
Project Manager,
Transition Manager,
Team Manager,
Team Leader
•MSA/ SOW Execution
(Contract Management)
•Capacity Plan
•QMS Adherence (SOP
and Plan adherence)
•Configuration Mgmt
•Training and Quality
•Metric Management
•Change Management
•Issue Mgmt
•BCP & DR
•Risk Mgmt etc.
Based on C1/ C2/ C3
projects and special
requests by BUs
System Audits
Project Manager,
Team Manager,
Team Leader,
Team Members
•Specific Work
Instructions, SOP,
guidelines
• Study specific
documentations
•Configuration
Management
•Quality Control
•Trainings
•Sample case
assessment (In case
of PV engagement)
Annual
For Cause Audit
Project Manager,
Relevant stakeholder
involved
•Consistent dip in
quality/ accuracy
scores
•Major non-
compliance to the
contractual or
regulatory
requirements
•Customer
feedback/concerns
As and when
required
Joint Quality Management Review
• Joint Quality review to ensure process compliance
• Identification of focus area based on Client feedback
• Communicating critical changes and process updates
• Building common forum to discuss process compliance &
risk
Inspection Readiness
• Building mechanism to share information on Inspection
• Validating inspection readiness preparedness
Regulatory Updates
• Building mechanism to track regulatory
updates specific to outsourced scope of
work
• Building mechanism to communicate
regulatory updates
• Governance Plan
• Communication Plan
Frequenc
y
Focus
Auditee
Quality Management Review with Client QA SPOC (Based on mutual agreement)
7
Audits (Life Science)
T3 Audit

8
Classification of Audit Finding
▪ Non Conformance (NC): Audit finding is tagged to NC wherein there is failure
to meet defined requirements and evidence for same is observed during the audit.
The non-conformance in turn can be categorized as either Critical, Major and Minor
based on the severity of the Non Conformance.
• Critical NC
• Major NC
• Minor NC
▪ Suggestions: Recommendation to improve service based on good practices noted
from other engagements, as per auditor’s discretion.
▪ Audit Note: A factual statement that is required to be noted and documented in
the audit report. This is reporting of an event in the project and not a Non
Conformance.
▪ Good Practices: During the audit, if the Auditor identifies any unique practice
which contributes significantly to the objectives, these practices can be termed as
Good practices for the project.

9
RCA & CA-PA
▪ Correction: An action taken to rectify/ fix the issue/non-conformance
▪ Root Cause: A root cause is the reason for a condition or an action at its origin or source. It is
the cause of a causal chain which leads to a Non-conformance..
▪ Root Cause Analysis: The process of determining the root cause from all the possible
causes. It is structured and thorough review of problem designed to identify and verify what is
causing the symptoms.
▪ Corrective Action: Action taken to prevent recurrence of a known nonconformance.
Corrective Action addresses the Root cause of an actual problem.
▪ Preventive Action: Action taken to prevent occurrence of a potential nonconformance.
▪ Risk: The combination of the probability of occurrence of harm and the severity of that harm
(ICH-Q9). The cumulative effect of the chances of uncertain occurrences adversely affecting
project objectives.

10
Risk Management - Multi-Layered Risk Governance
Risky Project
Review (BU Heads)
Risk Identification
Critical Risky
Project Review
(Exec Leadership)
Risk governance will involve various groups of stakeholders including Service Line Leads,
Executive Leadership, Industrialize/ Enable Leads and Risk Management team depending on the
project context and the level of risk review being performed
Risky Project
Review
(BU Heads)
Highly Critical
Project Review
(Senior Leadership)
▪ Risk
identification
▪ Mainspring
logging
▪ Enable
discussion with
BU Heads
▪ Critical risk
projects
identified for
Exec review
▪ Escalation potential
discussion
▪ Need for SLT review
▪ Actions for
addressing
▪ critical challenges
Risk management is a systematic process for the assessment, control, communication and review of risk to the quality
of the medicinal product across the product lifecycle ( ICH Q9)
19 3/27/2017Katalyst HealthCares & Life Sciences

11
Audit Tool
Audit Reporting
• Audit Findings are reported in Audit tool
CAPA Management
• Operations provide CAPA for each individual finding
• Provide relevant evidences within completion timelines
• Document the corrective and/ or preventive in order to
address the root cause
• Verify the evidences for completeness and adequate/
effective CAPA for closure of audit findings
• CAPA effectiveness is monitored for implemented
corrective and preventive action
• Regular reports are published to management on the
Audit Compliance metrics

12
Do’s for Audit/ Inspection
▪ Identify/ Assign facilitator for audit/ inspection
▪ Understand – Purpose/ scope of the audit/ inspection
▪ Ensure compliance to the company policies and regulatory guidelines
▪ Be thorough with all your processes and calibrated amongst the team. Keep
consistency throughout the process explanation
▪ Ensure completeness of all necessary documentation, e.g., training, project related
▪ Keep all the SOPs updated and ensure all the associates are trained on all SOPs
▪ Always lock your PCs and also keep your operations area locked
▪ Keep your password secret from everyone
▪ Wear your valid ID card and use it before entering to any door.
▪ Provide your business card to auditor/ inspector in the start of the meeting.
▪ Project an attitude of confidence and professionalism.
▪ Keep your cell phones either switched off or on silent mode.
▪ Keep all training documentation ready (including ex-employees, in archive)

13
Do’s for Audit/ Inspection
▪ All documents/ artifacts to be stored in the shared drive/ share point.
▪ Keep documented evidence for any deviation. Be aware of what is available
and have proper justifications for what is not available
▪ Document whatever you do- ‘Anything not documented is considered as not done’.
▪ Make and maintain a set of duplicate copies of any documents provided to the Auditor (To
be provided only after authorization from the manager)
▪ Make sure all the necessary documents are in the control room, so that you may produce
the same to the auditor without delay.
▪ Listen to question carefully, ask for clarification if you are not able to understand.
▪ Get the contextual meaning of the question before you answer.
▪ Answer through the point only
▪ Assume a friendly, cooperative attitude – but do not overdo it

14
Don’t for Audit/ Inspection
▪ Delay in providing requested records or copies of records.
▪ Handover documents to the directly to auditors/ inspectors
▪ Guess, lie, deny the obvious, or make misleading statements.
▪ Walk up to the auditor/ inspector directly to clarify your doubts once the interview/
session is over.
▪ Say that something is impossible or could not happen.
▪ Volunteer information/ Respond to questions that are outside of your area of
expertise or authority
▪ Contradict something being said by a colleague.
▪ Store/ save client documents on your desktop/ personal drive, all documents should
be available in respective Project SharePoint/ Repository
▪ Leave client documents unattended e.g., on your desk, printers, shredders etc.
Keep your desk and surroundings clean and paperless
▪ Leave the auditor unescorted

15
Don’t for Audit/ Inspection
▪ Tailgate to the operations area.
▪ Tell your password even if you are prompted to do so.
▪ Use communicator while presenting your system
▪ Interrupt the auditor without taking permission or being apologetic about the same.
▪ Answer any question without understanding the same.
▪ Indulge in loose talks
▪ Get into a conflicting situations with auditors, if there is a difference of opinion
support this with appropriate reason/ justification
▪ Engage in unconstructive arguments. (also avoid win/ lose or legalistic
confrontations).
▪ Give detailed explanation for closed ended questions

16
Good Documentation Practice (GDP)
▪ Responsibility/ Accountability
▪ Uniformity
▪ Easy flow of information and easiness to understand
▪ Correct information
▪ Exactly matching the requirement/ instruction given
▪ Legibility
▪ Verifiable from original source documents i.e., Audit trail, traceability, supporting
evidences, change log etc

17
Do’s to be followed for GDP
▪ Always sign with date
▪ Use only black or blue ball point pen with permanent ink i.e., indelible ink.
▪ Use consistent date format (global format) i.e., DD-MMM-YYYY, unless
▪ specified by client.
▪ Prefer sign and date instead of initial and date unless specified.
▪ In case of an initial make sure that it is a short sign and not merely first letters of name
and surname.
▪ Use only single diagonal line for correction with new entry along with counter sign and
current date.
▪ Any correction should allow previous entry/ record visible
▪ Write ‘Not Applicable’ or ‘strike off’ as necessary. Put remark why it is not applicable, if
required.
▪ Follow change control process for changes to approved documents.
▪ Carefully review and update change log.

18
Don’ts to be followed for GDP
▪ Back date & future date i.e., Pre/ Post date
▪ Use date stamp & signature stamp
▪ Sign/ date on behalf of others, unless authorised
▪ Delegate signature unless absolute necessity and prior approved
▪ Use pencil, gel/ ink/ pilot/ roller pen, whitener, correction fluid etc
▪ Overwrite/ obliterate/ obscure the original entry.
▪ Perform bulk signatures/ use of flower brackets
▪ Use arrows and dittos.
▪ Use uncommon abbreviations & acronyms.
Be Pro-active …
… rather being Re-active!!

20
Escalation Management: Structured Process
!
An undesirable event occurred in a project or
service that has an impact on Customer.
Escalation
Reported by
Stakeholders (DM/ DD/ AM/ CP/ SBU Head) on
behalf of Customers
Escalation Management Portal is a conducive environment for reporting escalations, in a timely manner to the appropriate levels in
the Organization, and manage them effectively.
Escalation Management as a structured
process helps
 identify an undesirable event that
occurred
 assess the impact
 assign the right stakeholders to
remediate
 support appropriate intervention to
manage relationship
 communicate, act, learn and prevent
future recurrence… ESCALATION MANAGEMENT
Process & Framework
Impact Assessment &
Allocation
RCA, Action
Planning &
Tracking
Escalation
Resolution
Corrective
and
Preventive
Action
Resolution
Review &
Closure

20
Thank You
&
Questions
Contact:
Katalyst Healthcare’s & Life Sciences
South Plainfield, NJ, USA 07080.
E-Mail: info@KatalystHLS.com

Audits & Inspections_Katalyst HLS

More Related Content

What's hot

Similar to Audits & Inspections_Katalyst HLS

More from Katalyst HLS

Recently uploaded

Audits & Inspections_Katalyst HLS