DOI: 10.1002/qaj.395

EditorialDoes Quality AssuranceneedQuality Assurance?

The largest room in the world is the room for

improvement.

Anonymous

Many years ago, audits were a rare occurrence

(as were auditors!) and, because of the infre-

quence, auditees were rather nervous about

audits. It was unclear what exactly was to be

expected in an audit, what auditors would ask

and look for. Audits in the pharmaceutical

industry, especially in the medical areas such as

clinical research, were a new phenomenon. It was

often the first time that a physician was asked to

detail his/her procedures for conducting clinical

trials, for recruiting and screening trial partici-

pants, that documents were scrutinized and that

the clinical investigator had to explain and

correct discrepancies and deficiencies. These early

days of Quality Assurance (QA) were certainly a

learning phase for auditors and auditees.

Times have changed. Since then, both groups

have made their experiences on how to behave

during audits and how to deal with audit

situations. Audits have continuously increased

by number and scope, and although they are not

part of daily routine (and not meant to be), they can

no longer be considered a rare event. Documents

being reviewed and procedures being verified are

just ‘part of the business’ in the pharmaceutical

industry.

Over the past years, I have been in some

discussions related to the value of quality

assurance activities and auditing. Overall, the

importance of QA activities in Good Laboratory

Practice (GLP), Good Clinical Practice (GCP)

and Good Manufacturing Practice (GMP) was

never put into question. QA audits were always

considered an integral component of the regu-

lated industry. The value of introducing and

maintaining a quality management system in

these areas was hardly challenged. However,

auditees expressed dissatisfaction because activ-

ities related to an audit were considered incon-

clusive, poor, irritating or inadequate. Auditees

included pharmaceutical companies, Contract

Research Organizations (CROs), other service

providers as well as clinical investigators.

Here are some audit situations which have

recently raised criticism:

* During an audit visit, the CRO audit team

discussed at length about the value of the

clinical trial protocol and presented diame-

trically opposed interpretations of the proto-

col requirements to the auditee. After the

audit, the sponsor company apologized to the

auditee for the auditors’ behavior.* At an investigator site audit, the auditor

arrived unprepared for the audit, i.e. without

having read the trial protocol, without being

aware of the study objectives, primary and

secondary variables and without knowledge

of other important trial documents such as

the Case Report Form (CRF) or investigator’s

brochure. The auditor failed to take detailed

audit notes, so that the auditee was contacted

numerous times after the audit to provide

information for the audit report.* The auditor did not announce the audit dates

and scope of a (remote) audit of a Remote

Data Entry (RDE) system. As a consequence,

the audit was conducted on a beta version

which was still in development. The audit

Copyright r 2006 John Wiley & Sons, Ltd. Qual Assur J 2006; 10, 245–246.

results were not meaningful and caused

considerable confusion.* The auditors were unable to justify their audit

findings by referencing a legal or regulatory

document describing the requirement. Audit

findings remained entirely subjective.* Following the audit at an external provider

subcontracted by the CRO, the CRO auditor

distributed the audit report widely and

e-mailed it to the entire project team and –

erroneously – to a sponsor company. In

addition, the audit report was in a draft

version and not protected against modifica-

tions. The auditee was very worried about the

uncontrolled distribution of the report.* The auditors did not provide any verbal

feedback to the auditee during or at the

conclusion of the audit. The auditee did not

receive a written audit report/a summary of

the findings or a ‘thank you’ letter or other

confirmation that the audit had taken place

. . . despite several attempts by the auditee.

While the general value of QA audits was not

challenged, auditees were worried about the

quality of the QA work. They were concerned

about the lack of professionalism demonstrated

in audits. They felt that individuals, scrutinizing

activities conducted and documents created by

auditees in order to determine compliance with

regulatory requirements and Standard Operat-

ing Procedures (SOPs), must be able to live up to

their own standards.

QA auditors’ activities are under the magnify-

ing glass. The necessary independence of QA

auditors from operational functions must not

imply that double standards for auditees and

auditors would be acceptable. In fact, it leads to

the question what procedures QA is following to

assure the quality of their work } if at all.

Does quality assurance need quality assur-

ance? To answer this question, let us look at the

raison d’etre of QA. The principal tasks of QA

auditors are to determine compliance, to identify

weaknesses or deficiencies and to detect oppor-

tunities for improvement. QA activities ensure

that procedures remain suitable to meet internal

and external requirements. They uncover blind

spots and prevent quality management systems

from getting rusty.

Is this also applicable to QA’s own procedures

and processes? Of course! There is no reason

to believe that QA auditors are impeccable

and consistently deliver excellent auditing

quality – see examples listed above. Auditees

are becoming more experienced in being audited

by different auditors and are able to compare and

identify suboptimal audit procedures quickly.

Here are some ideas for improving QA

processes: review the QA SOPs to determine if

they are adequate, provide training on audit

standards [1,2], implement internal Quality

Control (QC) steps, establish peer review

procedures of audit report and other documents,

initiate rotating audit assignments and ensure

variable composition of audit teams, request an

independent audit (by an external auditor),

collect feedback from auditees etc. Be creative!

Despite their independence, QA auditors are

part of the company or the business and, as a

matter of course, quality management efforts

must also extend to QA.

References

1. International Organization for Standardization (ISO).

ISO 19011:2002 – Guidelines for the Quality and/or

Environmental Management Systems Auditing.

Geneva, Switzerland, 1 October 2002.

2. European Forum for Good Clinical Practice (EFGCP)

Audit Working Party. Revised ENGAGE Auditing

Guideline – Optional Guidelines for GCP Compliance

and Quality Management Systems Auditing. Brussels,

Belgium, 22 February 2005.

Rita Hattemer-Apostel

E-mail: rha@verdandi.ch

246 Editorial

Copyright r 2006 John Wiley & Sons, Ltd. Qual Assur J 2006; 10, 245–246.