New Proposed Auditing Course: Considerations for an eData Quality Audit Program

We’ve submitted this course proposal for the April SQA Quality College in Anaheim. Feedback has been good, but even if it isn’t picked up for this venue…it will eventually happen *somewhere*:

Instructors: Timothy J. Kuhn and Conrad Kawaguchi

Target Audience: Seasoned Auditors with little eData/CSV experience or CSV professionals with little auditing experience.

 Course Objectives

• Establish and differentiate between the eData Audit Function and the Operational CSV Quality Roles.

• List the considerations for the GxP eData Audit Program (Contributing to other GxP Audits, Independent Focused Data Integrity Audits, etc.)

• Explore the various roles that the eData Auditor may serve as part of an audit (SME, Co-Auditor, Audit Lead)

• Define and list the desired skill set for the eData Audit Team

• Break down the various types of audits and risk areas for each: GLP Labs, Central Clinical Labs, Central Readers (eCG, Imaging, etc.), ePRO (Electronic Patient Reported Outcomes – AKA Diaries), Acquisition Due Diligence, GMP Manufacturing Sites and Vendors, PV, eSystem Validation, Databases, IT Infrastructure, Cloud Providers, Software Providers, SaaS vendors, Pharma, Device, Combo Product, and others.

Course Description: Electronic Data (eData) is pervasive in the GxP world and auditors in that GxP eData space need to understand what is most important in these areas. This course will explore considerations in establishing an eData audit program, give auditors with little Technology/eData/Computer System Validation(CSV)/IT saavy the understanding needed to assess the eData/eSystems they encounter in the course of their existing GxP audits, and expand the understanding of eData auditors beyond the software vendor audit so as to know what is most important in GxP audits. The course will demonstrate “what to look for” for a variety of audits, both technology-focused and more conventional areas in which technology has “encroached”.




Applying the “Risk-based Approach to the Quality Review

Although the concept of “Risk Based Approach” is not new to Validation, it is not often applied to the Quality Review for a Validation project. With the realities of increased volume of validation work and finite QA resources, it makes sense to target the Quality Review on the areas of most significance. I’ve mocked up this frame work to do exactly that. Any thoughts?


Targeted, Risk-based CSV Operational Quality (QA) Review

Request for Quality Review: The Validation Team (Business/Technical/Validation unit provides the list of deliverables to be generated for a given project in conjunction with the request for Quality Unit Review for the project.

The Quality Impact Assessment is conducted independently by the Quality Unit to determine the level of review required for a given Validation project. The Quality Unit will review and sign the Risk Assessment.

There will be an Internal Escalation Process to the QA review triggered by various flags or issues (e.g., request from stakeholders, problems detected during review, etc.) that can potentially increase the level of Quality Review within a project.

Quality Impact Assessment Targeted QA Review QA Approvals Example Scenario
Critical All deliverables; 100% Review Risk Assessment, Plan, Report Directed; GMP LIMS for Release
High Risk Assessment, Plan, User Requirements, Report, Sampling of Scripts (e.g., SQ N+1) Risk Assessment, Plan, Report PVDB; Clinical DB; Primary GLP Data System (e.g., SDMS)
Medium Risk Assessment, Plan, Report Risk Assessment, Plan, Report Clinical Trial Management System (Monitoring), Laboratory Data Generating System
Low Risk Assessment Risk Assessment Indirect GxP System (e.g., Learning Management System)

Fundamentals of Quality

I’ve gotten some questions of late that have had me thinking about the core of what I do; fundamental questions as to what it is and why. This is a good thing and I feel that now is a good time to till this fertile soil and see what can be learned (or remembered).

Over the next few weeks, I plan to explore these ideas in a series of posts. I’m planning on submitting an abstract or two to the SQA conference and this will be a good stepping-off point to get that effort underway. I plan to present on a subfield in which I am working very heavily in my current role; Clinical System Validation. That is, Computer System Validation for the Clinical (GCP) arena within the greater pharma landscape (pharma, medical devices, and related industries).

In any case, its been too long since I’ve added some really good content here. Keep your fingers crossed that I’ll be able to put up something useful, interesting, or both.