5 Things I Learned about FDA Audits from its Sister in Compliance, the FCC

The unannounced FDA audit is a feared experience
but these five tips can alleviate some of the stress.
Before I came to work at MasterControl, I was an operations coordinator at a company called CaptionCall. CaptionCall provided telephone captioning to the hard of hearing, and because it was funded through federal taxes we were directly overseen by the FCC. While I was working at CaptionCall, I was directly involved in an audit performed by the FCC. The day of the inspection was one of the most stressful days in my career.

The audit was not previously announced but, like FDA audits, it was hardly a surprise. We had known something like this was coming and had been carefully preparing for the possibility of an audit for the past year. I didn’t know anything about quality or compliance but the nature of my job meant I was on the front lines of the audit when it did finally happen. So even before I began working in the quality industry, I had learned five very important lessons which I feel translate perfectly into the regulatory field:

This article is related to the Toolkit: 
8 Free Resources to Boost Your Audit Management System
To get the full details, please download your free toolkit.

1) Find an expert and really listen 

CaptionCall was a very young company when I started working there and they didn’t have a quality or compliance department. In order to get started, they hired a consultant to help them prepare for possible FCC audits. He knew the most common observations and findings and he helped us steer past those early on in the process so we could focus on addressing more serious problems. As an example, he started by tackling our visitor policy, which did not account for the possibility of a surprise audit from the FCC. If we hadn’t hired him, we would have tripped over that very first hurdle when the FCC did drop by unannounced.

In today’s high-tech environment, I’ve seen plenty of people take a cavalier attitude towards consultants and subject matter experts. They say things like “If I want to know what industry best practice is, I’ll just look it up on the internet and handle it myself.” I can say from experience that the problem with self-study is that you do not know what you do not know. I can guarantee there are pitfalls which you would not even think to look up on the internet beforehand. If you want to avoid those pitfalls, your best bet is to find someone who’s seen many, many audits and can thoroughly prepare you for them.

2) Run practice audits for the whole company, not just the quality department.

When your job is in quality and compliance, you run the risk of seeing audits through a sort of tunnel-vision. Because you’re at the center of all the activity, it’s all too easy to get wrapped up in the many things you have to do during an audit and forget you’re not the only one being scrutinized. 

One of the first things our consultant at CaptionCall did was pay a surprise visit to each of our call centers, where he posed as an official FDA auditor. Often, he was able to get access to the call floor well before any of the managers even knew he was in the building – which was really bad, because only the managers had any training on what to do in the case of an audit. The consultant was able to get any answer he wanted out of the regular employees, who assumed they should volunteer any information they had to such an important visitor. When he came back to the managers with his findings, the consultant invariably pointed to a tangled mess of broken policies, conflicting information, and inadequate training. We learned our lesson. By the time the real FCC auditors showed up, those of us who weren’t managers had been prepped by at least one mock-audit scenario, and we were able to deal with the auditors with much more confidence.

3) Keep documents updated.

When CaptionCall started preparing for a possible FCC audit, only our most important documents were properly labelled as confidential or proprietary. Labelling our documents became a three-month ordeal during which everyone in the office had to put in long hours sorting through old files and adding headers or footers. It was a tedious affair, and that was with a five-year-old company which was already completely paperless.

There is plenty of software, including MasterControl, which can help you by automatically adding headers and footers to documents, but even uncontrolled documents should at the very least have a “confidential” label on the bottom. If you make a habit of properly labelling documents as they’re created, you can avoid a lot of wasted time and effort in the future.

4) Archive your files (but not for too long!)

During the months leading up to CaptionCall’s surprise audit, document retention became something of a rallying cry. We went to great efforts to reorganize our shared network drives, clean up our desktops, and set up email archives. During this flurry of activity, we quickly realized that we were keeping many documents which had no clear line of revisions and versions, but were nevertheless years old. Some of them were legacy documents from our parent company, others were drafts of policies from CaptionCall’s conception. They needed to go.

Our rule of thumb became “If it hasn’t been updated in two years, delete it.” It took some getting used to, but the positive effects were immediate. The thought of throwing something away that quickly probably makes a lot of people cringe, but you have to realize that hoarding documents, even digital documents, is not just messy; it’s a big risk. “Oh, we haven’t used that in years” is not an adequate response if an auditor comes across a 5-year-old document which doesn’t adhere to policy.

5) Nobody’s perfect.

The most harrowing experience of the whole audit was in a single moment, when an auditor leaned over my desk and took a picture of a piece of paper I had pinned to the wall of my cubicle. It was something really minor – just a chart for converting minutes to decimal-hours – but my heart sank as soon as he took the picture. The chart was absolutely against our clean desk policy, and even though it was a common tool, it really should have been labelled as confidential. I had prepared as well as I could, and yet I had still missed something. It was a disheartening idea.

In episode 26, season 2 of Star Trek: The Next Generation, Captain Picard tells one of his officers, “It is possible to commit no mistakes and still lose. That is not a weakness. That is life.” It is a piece of advice which holds doubly true for those in quality. We ourselves might do all in our power to make sure an audit goes perfectly, but the odds of a determined auditor walking out of your office without giving you something you need to improve on are almost impossible. The key is to remember that the auditor is probably not looking to put you out of business, just pushing you to be better than you already are, because high-quality products and processes ultimately benefit everyone.

Anthony Rossi is a Sales Operations Specialist for MasterControl. His roles include proposal writing, analytics/reporting, and content management for sales resources. He graduated from the University of Utah with a degree in English, with a focus on discourse analysis and technical writing. He has been interested in quality and compliance since his senior year of college, when he led a linguistics study done under the guidelines of the World Health Organization.