Audit MANAGEMENT In a GMP ENVIRONMENT

Dr. Najib SehatIII All-Russian GMP Conference 27-29 August 2018

In today’s global market a company not only needs to comply with the local regulations where their product is manufactured. It is equally important to be compliant with each

and every Country where that material is sold. Preparation for Governmental/Health Authorities is critical through a robust Audit Management program that disseminates throughout an organisation. Successful audit programs should be independent & due

diligent to identify areas of risks that are CAPA mitigated. Finally, utilise the audit data to find trends to drive continuous improvement and best practice sharing.

“AUDIT MANAGEMENT IN A GMP INDUSTRY”

Outline

• 1- Health authorities & type of inspection • 2- Inspection readiness• 3- Trends & continuous improvement• 4- Quality culture

01 Health Authorities & Type of Inspections

WHY DO AUTHORITIES INSPECT INDUSTRY?Ensures compliance

• To determine whether firms are operating in compliance with cGMP, MED DEV , IVD , GCP, GDP etc

• Prevention to ensure that un-adultered products do not enter the market protecting the consumer. • Increase the communication between the industry and agencies. • Pre-approval inspection after a company submits an application to FDA to market a new product• Routine inspection of a regulated facility• “for-cause” inspection to investigate a specific problem that has come to the FDA’s attention

Challenges for Industry

• Complexity of different countries have their own interpretation and expectations.

• Need to have more harmonisation across the authorities.

• Unannounced Inspections

INSPECTION NOTIFICATIONWhen an inspection is announced, obtain the following information:

• Inspector name and contact information • Additional inspectors information, if applicable • The reason for the inspection • The scope of the inspection• Any specific areas being inspected • Duration of the inspection• Do they want specific personnel available • Do they want specific documents available

If the inspection is unannounced this will be one of the first activities on site.

If possible develop an agenda with the investigator and notify personnel to be available.

TYPES OF INSPECTIONS Types of Inspection

• Pre-approval • Biennial Inspection

Surveillance Inspection • Full inspection broad & deep evaluation. For new firms or when compliance is being questioned.• Abbreviated inspection – routine sampling plans

6 key elements embedded throughout the organisation.

2. Quality Management

3. Materials

4. Facilities & Equipment 6. Laboratory Control

5. Production1. Packaging & Labelling

Organisation, training & personal

02 Inspection Readines

WHAT IS NEEDED TO ENSURE COMPLIANCE?

Strong Systems

Proper Processes

Right People

Strong Quality Culture

Inspection Readiness

ADUIT PREPARATION

• Understand roles and responsibilities of self and direct reports

• Demonstrates ability to justify, rationalize and defend at high level

• Demonstrate control of the functional area, processes and operational SOPs

• Knowledge of major projects and risks

• Know your processes, SOPs and products – in detail

• Present with clarity

• Knowledge and skills and hands on experience

• Your training records

Functional experts

Top Management

ALWAYS BE PREPARED Take the employees with you on the inspection journey; explain why preparation is key and ultimately leads to the outcome of a successful audit :

• The reason for the inspection

• The upcoming action plan

• How a poor outcome could affect the company

One of the best ways to identify risks is to perform pre-inspections which can be in the following format:

• Unannounced Mock Inspections

• External consultants

• Routine self inspections/internal audits

• GAP analysis

PROACTIVE COMPLIANCE

Quality, Regulatory and Operations partner to identify non compliances in real time

• Drives compliance self awareness

• Drives accountability for issue mitigation

Quality, Regulatory and Operations partner to prioritize remediation

• Risk Ranking of issues to drive resource allocation

• Are aware of significant issues before inspection, so can prepare and present

Senior Management aware of compliance / inspection risk at sites

• Informed and escalation

DO’S AND DON’TSDo’s

• Establish rapport based on mutual respect

• Communicate clearly and effectively

• Project a positive, courteous and professional attitude

• Focus on the positive

• Direct questions to “subject matter experts”

• Answer the question directly and honestly

Don’ts

• Guess, lie or make misleading statements

• Get anxious or defensive

• Volunteer more information than necessary to answer the question

• Engage in unconstructive argument

INTERVIEW TECHNIQUES

• Make sure you understand the question before answering

• Seek clarification if unsure

• Do not make unsolicited comments

• Do not elaborate on answers

• Be clear an concise

• Do not interrupt inspector

• Do not argue!

• If feeling flustered it is fine to request a break

• If you do not know state so and that you will find someone who does

• Do not be afraid of silence, wait before you speak

• Do not speak outside your area of expertise

• Stay Calm

• Keep Positive

ROLE OF AUDITIndependent Audit helps identify “unknown” gaps

• Conducted by an independent resource and recommended prior to any major inspection-• Audit findings automatically move on to inspection management risk register

• Proactive: if site has already identified issue and developed remediation plan, this may be highlighted in audit report and not tracked as part of audit findings

• Prioritized with other “known” risks• Helps site establish timelines in response to finding

The role of “mock audit”• Serve as practice to identify gaps in preparation, execution, managing or responding to an

inspection• Help train SMEs in inspection presentation skills• Help practice presenting developed strategies• Usually not meant to identify new gaps in compliance, more dress rehearsal

03 Trends & Continuous Improvement

Commission adopts updated EU-US agreement on mutual recognition of inspections of medicine manufacturers. Published on 2nd March 2017.

REGULATORY TRENDS 2013 – 2016 XMHRA

• 2% Critical, 29% Major, & 69% minors and recommendations.

• Top 4

• #1 Quality Management

• #2 Complaints & Recalls

• #3 Poor Record & Documentations

• # 4 Quality Control

FDA

• ~ 676 483 forms issued every year.

• FDA does not classify their observations. It would be beneficial if all health authorities could harmonise.

• Top 4

• # 1 Investigation of deviations/RCA

• #2 Inadequate facilitate to prevent contamination or mic-ups

• #3 Control of documents

• #4 Development of scientifically sound specifications.

Planning

• Advance planning of audit schedule

• Risk based approach collected from critical complaints, FCAs, recalls, major changes, recent audits.

CAPA

• A holistic approach to CAPA implementation.

• Deep dive RCA techniques.

• Realistic timelines and ongoing monitoring.

Trends

• Trend audit observations from all types of audits conducted.

• Categorise defects into sub type descriptions.

• Identify top 3 defects.

Risk

• Trend data used to identify local and systemic issues.

• Escalate into risk register.

04 Quality Culture

• Compliance Risk: A gap between the company procedure or process and the potential interpretation of the regulation by the inspector.

• Inspection Risk: Includes the compliance risk but also the likelihood an item will be reviewed during an inspection and the comfort level of the site in reviewing that item. Inspection management team leads generation of the risk register:

• All known compliance risks• Establish criteria for inspection risks to be included with a team of SMEs from functional groups• Rank based upon agreed / standardized selection criteria

• Tackle risks based upon ranking• Responsible person with team agreeing to strategy• Mitigate unacceptable risks; prepare defense for acceptable risks or investigations• Evaluate systemic implications - does the risk impact another site?• Rank post mitigation

PROACTIVE RISK MANAGEMENT

• Introductory and ongoing GMP, ISO Standards, Regulation training for all employees• Curriculum established for each employee in

• Up to date based on job• Complete / No over due

• Inspection management

• Best Practice Sharing • Communicate positive aspects of audits within the rest of the organization.

TRAINING

QUESTIONS?