Warning Signs That You’re Headed for a Bad Audit by the FDA

“An ounce of prevention is worth more than a pound of cure” ~Benjamin Franklin

Although this quote is generally attributed to human health issues, it can also apply when one is considering the “health” of your laboratory computer systems and business processes.  Just as taking care of yourself (i.e. eating healthy, exercising, and getting sufficient sleep) can prevent poor health outcomes, so too will establishing and maintaining the proper systems, processes, and quality culture help prevent poor audit outcomes.

Interestingly, in the complete version of the quote, Franklin actually addressed fire safety and wrote how tending live coals properly (i.e. covered) during transport, a preventative action, could mitigate the risk of a house fire while also reducing the risk of personal harm.  Why did people of the day not use their warming pans with lids to transport live coals, hence prompting the penning of the now famous quote?  Perhaps there was a cost or time savings factor for carrying live coals up and down wood stairs in whatever happened to be at hand, but why take these risks?

Unfortunately, it is not unusual to find companies that do not take preventative measures to maintain and improve the “health” of their laboratory computer systems or business processes.  These companies tend to go down the road of “quantity over quality”, accepting higher levels of risk and taking shortcuts to save costs to improve their bottom line.  Inevitably, these organizations get their comeuppance and are stopped in their tracks when the FDA auditors come for a visit.

Watch Now: "The Auditors are Coming! Run and Hide or Stand and Defend?"

Can an organization know for sure that their laboratory computer systems and business processes will pass or fail an FDA audit?  Well, one can’t really tell for sure because it can be somewhat dependent on the auditor.  But, there are risky behaviors and warning signs, just like carrying live coals up and down wooden stairs using open shovels and subsequently smelling smoke, that need to be addressed.  So, without further ado, let’s dive in and look at some of those poor behaviors and warning signs.

Lack of integrated quality systems

A classic poor behavior is when an FDA regulated laboratory organization does not have an integrated quality system in place and is being actively utilized.  This lack of an integrated solution can lead to data integrity challenges, inconsistencies, and a lack of standardization among various internal departments’ key documentation, training, and Corrective and Preventive Action (CAPA) processes.  Notification, tracking, and deployment of CAPAs will also become difficult without a fully integrated QMS.

Lack of a risk-based computer system validation approach

Using a generic, one-size-fits-all, Computer System Validation (CSV) approach is a huge warning sign that your upcoming FDA audit is not going to go well.  A generic CSV approach doesn’t reflect your organization’s appetite for risk or make use of the benefits that a Risk-Based Approach affords, such as tailored software testing to meet your specific needs, and effectively leveraging what software vendors may already provide.  The use of a generic CSV approach will be apparent to an auditor and if the validation of your laboratory computer systems doesn’t consistently produce results that meet your predetermined specifications and quality attributes, you will definitely run into trouble when during an audit.

Customer complaints

A major warning sign of something being off to an auditor is an inordinate number of customer complaints.  It is well known that a complaint that poses a major health risk will get immediate attention.  But multiple, or repeat minor complaints, like the incorrect number of cough drops in a box, can begin to put your lab organization on the FDA’s audit radar.  Additionally, not having a clear procedure in place that is followed and monitored (see #5) to address these types of complaints also raises a red flag.

→ Additional Reading:  Validation Mistakes You Don’t Know You’re Making

Weak documentation (SOPs, audit plan, validation plans, etc.)

Another sure warning sign to any auditor is finding weak, “bare bones”, or incomplete regulatory compliance documentation.  This can include documentation that is:

  • Not followed
  • Doesn’t match how things are actually done
  • Not under change control and are consistently not up-to-date
  • Referenced, but doesn’t exist
Literature: "Validation Master Plan"

Now take a moment and look around your organization.  Do you see any of these warning signs or poor behaviors?  If so, do you have a plan on how to address these shortcomings?

Share Now:

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.