background image for GxP Lifeline
GxP Lifeline
GxP Lifeline

Proving the Effectiveness of Mock FDA Audits

May 10, 2018 By Patricia Santos-Serrao, Director of Product Strategy, MasterControl

2018-bl-proving-effectiveness-mock-audits-page-image

Obstacle: 

Regulatory authority audits have resulted in multiple and repeated observations.

Tip:

A mock U.S. Food and Drug Administration (FDA) internal audit can be conducted by an internal team of employees qualified by experience in regulatory compliance or by an external team with previous FDA work experience. Incorporating routine mock FDA audits can help your organization prepare for a FDA audit as well as reduce the number of audit observations and repeat observations received from regulatory authorities.

To make this happen, you have the responsibility to properly design and manage the execution of the mock audit. The design and management of the mock audit can be mapped out as follows:

  1. Define the intent and strategy of the mock audit.
  2. Identify how to measure reportable data during the mock audit.
  3. Define what constitutes a mock audit observation, including the data and context.
  4. Recognize how to effectively communicate the mock audit conclusions to employees across your organization.
  5. Monitor corrective action and preventive action (CAPA) efforts.
  6. Re-evaluate the state of compliance of people, processes and products within your organization.

Mock Internal Audit Intent and Strategy

A successful mock audit will create an accurate assessment of your employees’ performance during a regulatory agency audit that carries high stakes. When well-managed, a mock audit can result in significant improvements in both the performance level and compliance level within your organization’s employees, processes and products.        

Identifying How to Measure Reportable Data

Many factors can determine how successful you are in demonstrating the compliance of your organization’s processes and products. Measuring reportable data in relation to the information presented to the auditor should include the following:

  • The section or topic the auditor is currently inspecting (i.e., design controls)
  • The corresponding regulation being audited against (i.e., FDA 21 CFR 820.30)
  • Applicable company processes, procedures, forms and work instructions
  • Identification number of the record being audited
  • Feedback from the auditor of any observed or potential compliance issue

What Constitutes a Mock Audit Observation?

When the information presented to the auditor falls under the following circumstances, it should be documented in the mock audit records and flagged for a possible observation:

  • Regulatory requirements are not being met
  • Products are no longer meeting safety or performance criteria
  • Documentation is not accurate as compared to what is being done in practice

Assessments on the performance of personnel should at a minimum include the employees that interact directly with the auditor and the individuals responsible for the documentation or items that were audited. During the audit, when an employee’s behavior meets the following measures, it should be documented in mock audit records and flagged for a possible observation:

  • There is confusion or a lack of understanding of what the auditor is requesting
  • Requested information can’t produced or takes an unreasonable amount of time to obtain
  • An employee provides an incorrect or incomplete response to the auditor
  • An employee reacts unfavorably when pressured by the auditor

Effectively Communicating Mock Audit Conclusions

Your responsibility in communicating the results of the mock audit to the company includes the formal observations and indicators of employee performance. Unacceptable performance by personnel involved with the mock audit typically includes:

  • Providing extra information or documents the auditor is not entitled to receive
  • Answering questions without the necessary information
  • Opening the door to new issues
  • Agitated, flustered or disrespectful behavior

Monitor Corrective Action and Preventive Action (CAPA) Efforts

A risk-based approach is an effective way to prioritize the corrective and preventive actions (CAPA) that result from the mock audit. The mock audit observations can be ranked in order from greatest to least regarding the potential jeopardy the observation has on the total audit outcome. As resources allow, each observation should be addressed by management.

Re-evaluating the State of Compliance

You can categorize the output of the mock audit to demonstrate that improvements have been completed to the overall state of compliance within your organization:

  • Corrections that were mandatory to ensure the safety and effectiveness of the products
  • Corrections that were mandatory to eliminate hazards that existed within the processes
  • Corrections that were mandatory for the organization’s documentation to be truthful and to achieve data integrity
Patricia-Santos-Serrao-Headshot_400x400
Patricia Santos-Serrao, director of product management at MasterControl, is experienced in helping organizations transition business processes, document management, and submission compilation from paper to electronic systems. She is a member of Regulatory Affairs Professional Society (RAPS) and has earned her Regulatory Affairs Certification (RAC).
Free Resource
MasterControl Audit™

Enjoying this blog? Learn More.

MasterControl Audit™

Download Now
[ { "key": "fid#1", "value": ["GxP Lifeline Blog"] } ]