The US Food and Drug Administration (FDA) stated in March 2020 that it will reduce international and domestic surveillance facility inspections and instead depend on, among other things, remote record review—a power provided in section 706 of the FDASIA amendments of 2012 to the FD & C Act. On July 10th, the agency indicated that domestic inspections would resume during the week of July 20th, based on a risk assessment.

Best Practices for Remote Auditing and a Checklist for Regulatory Compliance

The abrupt workforce upheaval is challenging — and frequently blocking — in-person quality audits done by competent third parties for quality and compliance teams. Firms are increasingly turning to remote or “virtual” audits to sustain their assurance efforts until regular operations can resume, in order to prevent compounding delays caused by canceled or postponed audits.

Throughout each phase of the assessment process: planning, document review, process review, facility review, interviews, and closing meetings, we identify the problems of remote auditing and propose methods and best practices for overcoming them.

The contents of this book should not be regarded as exhaustive or conclusive because the pandemic is a continually evolving scenario. As the situation changes in the coming weeks or months, we plan to add to these issues.

GMP Auditing and COVID-19: A Guide to Remote Auditing and Workforce Recovery is an excerpt from our white paper. By downloading it here, you get all of this material and more in a convenient PDF that you can use as a playbook for preparing and hosting remote audits.

A Brief Introduction to GMP Compliance through Remote Auditing

When traditional in-person audits aren’t possible, remote audits allow quality and compliance teams to continue providing continuous assurance activities without affecting important operating areas.

GMP laws currently do not clearly ban remote auditing, nor do they provide precise guidelines or expectations for proper practice. Without formal guidelines, businesses must decide if a remote audit is acceptable and feasible based on a risk assessment that takes into account the nature of their products and services, their technical capabilities, and criteria like compliance histories and quality trends. A company that hasn’t rectified concerns identified during earlier audits that necessitated an on-site visit may not be acceptable.

“If concerns were discovered during a recent on-site audit—for example, facility issues—and they required on-site follow-up, the eligibility for a remote audit may be impacted. It’s crucial to go over that checklist to ensure you’re not doing the assessment any harm by going remote. “

Neal Siegel is a Certified Auditor and Quality/Regulatory Consultant: This risk assessment should also include the QMS’ preparation for such an evaluation, since policy or procedural hurdles may need to be identified and resolved. SOPs, in particular auditing standards may, for example, be established to presume in-person auditing, potentially complicating or prohibiting some actions, such as document access, for a remote auditor.

To guarantee that on-site audits can resume in a timely manner, all organizations should complete an initial risk assessment and document the outcomes obtained by remote auditing, including plans that will go into practice once existing restrictions are eliminated.

Planning with Stakeholders

Remote audits, like traditional in-person audits, must be prepared and scoped. However, because making a simultaneous change in a remote environment is more difficult than in person, and because each audit action may require more time owing to technical limitations, a remote audit should be properly choreographed in as much detail as feasible from the outset.