Quality Audits Management. What do we need to take into account? First approach, what is an audit?
Quality Audits are one of the main tools of the Quality Management System to check the status of compliance with the applicable regulations and propose the necessary ones corrective measures, despite the standard we are talking about (GMP, GLP, GCP, GDP, ISO 9001, ISO 13485, ISO 22716…), or the step of the product lifecycle (research and discovery, preclinical development, clinical development, starting materials manufacturing, finished product manufacturing, quality control, distribution, etc.)
Thus, the right definition of the Quality Audits System is crucial for the success and the effectiveness of the process. In this article we are going to review the main points that need to be considered for addressing the principles of the Quality Audits System and will provide some tips that could help in the management of the Quality Audits.
What is an audit?
An audit is as a methodical and independent examination carried out to determine the level of compliance with a specified standard. A Quality Audit is performed to assess the appropriate design and implementation of a Quality Management System (QMS) according to the applicable regulation.
Thus, an audit shall provide objective evidence of the strengths and weaknesses of a QMS, and the ways in which it can be improved and reinforced.
Type of Quality Audits
There are three main types of audits, according to the relationship between the auditor and the audited.
- First party audits, or Internal audits. In these audits, the auditor and the audited belong to the same company. These audits are performed on a periodical basis, normally at least once a year, with the aim to evaluate the level of compliance of the QMS and to improve control over the internal processes.
- Second party audits, or suppliers’ audits. These audits are performed to evaluate the level of compliance of providers, subcontractors, or suppliers, according to external or internal requirements. These audits are crucial to ensure the quality of products and services acquired externally.
- Third party audits, or inspections. These audits are performed by official bodies, certification companies or authorities, to ensure compliance with existing regulations, standards or official references.
Also, pending on the standard and on the step of the product lifecycle, audits can be performed with different approaches, in order to provide the best assessment of the compliance status at each stage. Two main groups of audits can be identified:
- System Audits, focused on the general principles of the management, including QMS, facilities and equipment, processes, computerized systems, personnel, vendors, documents…
- Product/Process/Studies audits, focused on a specific area of concern, a specific product, a specific process, a specific trial.
Lets see one more possible classification of audits, according to their assessment method:
- On site audits: in these audits, the auditors move to the facilities to be audited, and perform the assessment on site. This assessment includes also the review of documents and the face to face interview with the company staff.
- Remote audits: in these audits the review is performed using communication technologies, such as e-mail, conference calls or information exchange platforms. Facilities can be e-visited using multimedia files, such as photography or video. Interviews with the staff are performed using videocalls or phone calls.
- Documental audit: in these audits the review is limited to documents and records. There is no visit to the facilities or staff interviews. These audits are usually supported by questionnaires or checklists that are completed by the auditor or by the audited and include a deep review of documents and records that provide evidence of compliance with the applicable regulations.
Pending on the nature of the audit, the available resources, and other conditioning situations, like travel restrictions, audits can be performed with a blended approach. For instance, to reduce the on-site auditing days, a documental review or a remote audit can be performed as a first step, followed by a short visit to the facilities.