Professional Documents
Culture Documents
AGENDA
Review regulatory audit requirements EU, US
Internal auditing EU and US requirements
Supplier auditing EU and US requirements
REGULATORY REQUIREMENTS
Requirements for the conduct of audits (internal and supplier
audits) vary from one authority to another
All authorities clearly expect internal and supplier audits to be
conducted, though not all specifically and literally require such
audits
Despite the lack of uniformity and clarity of the regulatory
requirements, sound quality management principles and
conventional industry practices combine to establish auditing
programs as a current good practice for the industry, world
wide.
This presentation will compare the US and EU requirements to
illustrate how different regulatory authorities deal with the topic.
Companies should be aware of other countries requirements that
may impact their operations conducted in those countries.
10
Audit Group
Organization and
Operations
11
12
13
14
15
INDEPENDENCE OF AUDITORS
Regulatory requirements do not require that auditors be entirely
separate from the areas audited. In fact, the idea of self
inspection assumes that an internal process is beneficial.
Auditors should be empowered to issue findings without fear of
consequences, conflict of interest or undue influence from the
audited facilities or departments.
Therefore, companies generally utilize personnel from the Quality
organization, or sometimes a fully separate Audit group or
Compliance organization to conduct internal audits. Others may
rely on external consultants to provide objectivity.
In sensitive matters where there is concern about litigation, many
companies arrange for auditors to be retained under attorney
client privilege through in-house or external legal counsel. This
may vary from one country to another.
16
AUDIT TEAMS
Few Auditors will be highly skilled in all areas of GMP; assistance
may be very helpful
Process experts
Engineers
Chemists
Microbiologists
Other specialists
17
AUDIT SCHEDULING
Resources do not permit auditing everyone and everything, so
choices must be made
Risk based auditing is now the normal procedure for most
companies
Risk considerations should be based on potential for direct product
quality impact; higher impact = more frequent and more in depth
auditing
These include, but are not limited to:
Audit history of the site/department/system to be audited
Regulatory agency audit history
Patient risk impact: API, aseptic filling, final testing, stability testing, proper labeling,
sterility aspects, cold chain, etc. are all key risk areas
Lower risk operations include excipient manufacture, packaging suppliers, other material
suppliers or service providers who have less direct impact on product quality
18
19
AUDIT PLANNING
Require a written audit plan and agenda before the audit
Obtain information from internal stakeholders (especially for
supplier audits): What problems have been seen, what areas do
stakeholders want addressed during the audit, what suggestions
do they have?
Be flexible during the audit; if other serious concerns are noted, it
may be necessary to deviate from the plan, with good cause
20
21
22
AUDIT REPORTS
Audit reports should be objective, and provide factual support for
observations
The most significant findings include:
Anything that points out a health hazard to the patient such as non-sterility,
overformulation, underformulation, label mixup, stability problems, cross contamination,
etc.
Observations that impact product currently on the market or in distribution channels
Things that happen repeatedly rather than just once
The more current the observation, the more significant it is; something that happened
once, three years ago, is usually insignificant; something that represents a current trend
usually is more significant
23
24
25
26
27
28
Special
Considerations
For Supplier
Auditing
29
Next priority:
Side chain synthesis
Intermediate process steps
Laboratories performing lower risk or specialized testing
Cold chain and GDP
Lower priority:
Glassware suppliers
Packaging suppliers
Distribution warehouses
CONFIDENTIAL 2014 PAREXEL INTERNATIONAL CORP. ALL RIGHTS RESERVED.
31
SUPPLIER AUDITS
Supplier audit systems should integrate all known information
about supplier quality, not limited to audit results, for example:
Material supply history any rejections and reasons for rejections, such as incoming
inspection findings, laboratory analytical findings, foreign material detected during
production, etc.
Recalls
Regulatory agency warnings made public
Internal concerns arising from batch record review
Business performance of the supplier on time delivery, right product, price
competitiveness, etc.
Integrated systems can provide a single reference point on supplier acceptability for use
by Procurement personnel
32
SUMMARY
Internal audits are not required by US GMP but are almost
universally employed by US companies
Self assessments are required in the EU
Technical agreements and supplier audits have been required in the
EU for years, expected in the US but now required in the US also
Dedicated, specially trained audit teams are widespread in the
industry
Auditors must be objective and independent, but can give
recommendations and advice so long as responsibility remains
with the audited department or company
Worldwide supply chain management requirements have increased
and can be expected to be a high priority area for regulators
33
THANK YOU
Gracias por su atencin!
Preguntas y repuestas
34