Sync template from atomicqms-style deployment

2025-12-27 11:24:16 -05:00
parent 4c9698571a
commit 9a6d2ffed1
24 changed files with 2389 additions and 2 deletions
--- a/SOPs/SOP-004-Internal-Audit.md
+++ b/SOPs/SOP-004-Internal-Audit.md
@@ -0,0 +1,309 @@
+# Standard Operating Procedure: Internal Audit
+
+| Document ID | SOP-004 |
+|-------------|---------|
+| Title | Internal Audit |
+| Revision | 1.0 |
+| Effective Date | [DATE] |
+| Author | [AUTHOR] |
+| Approved By | [APPROVER] |
+| Department | Quality Assurance |
+
+---
+
+## 1. Purpose
+
+To establish a process for conducting internal audits to verify compliance with the Quality Management System, pediatric research regulations, and study protocols, and to identify opportunities for improvement.
+
+## 2. Scope
+
+This procedure applies to:
+- Planned audits of QMS processes and procedures
+- Study-specific audits of pediatric clinical trials
+- Site audits of research facilities
+- Supplier/vendor audits (if applicable)
+- For-cause audits triggered by quality concerns
+- Pre-study readiness assessments
+
+## 3. Definitions
+
+| Term | Definition |
+|------|------------|
+| Internal Audit | Systematic, independent examination of activities and documents |
+| Auditor | Qualified individual conducting the audit |
+| Auditee | Individual or department being audited |
+| Audit Finding | Observation of noncompliance or deficiency |
+| Observation | Opportunity for improvement not constituting noncompliance |
+| Critical Finding | Issue that poses immediate risk to child safety or data integrity |
+
+## 4. Responsibilities
+
+### 4.1 Quality Assurance Manager
+- Develops annual audit program
+- Selects and qualifies auditors
+- Reviews and approves audit reports
+- Tracks corrective actions
+- Reports audit results to management
+- Ensures pediatric-specific requirements audited
+
+### 4.2 Auditors
+- Conduct audits per plan and procedure
+- Maintain independence and objectivity
+- Document findings accurately
+- Verify corrective actions
+- Maintain confidentiality
+- Understand pediatric research regulations
+
+### 4.3 Auditee
+- Cooperate with audit activities
+- Provide requested documentation
+- Respond to findings within timeframe
+- Implement corrective actions
+- Verify effectiveness
+
+### 4.4 Management
+- Support audit program
+- Provide resources for corrective actions
+- Review audit summaries
+- Address systemic issues
+
+## 5. Procedure
+
+### 5.1 Annual Audit Program
+
+1. Quality Assurance develops annual audit schedule considering:
+   - All QMS processes audited at least annually
+   - Risk-based prioritization
+   - Previous audit results
+   - Regulatory inspection history
+   - Active pediatric studies
+   - Changes to regulations or processes
+   - Sponsor/customer requirements
+
+2. Audit schedule includes:
+   - QMS processes (Document Control, CAPA, Training)
+   - Clinical operations (protocol compliance, safety reporting)
+   - Regulatory affairs (submissions, communications)
+   - Data management
+   - Pediatric-specific processes (assent, parental permission, age-appropriate procedures)
+
+3. Schedule approved by management
+
+4. Schedule flexible to accommodate for-cause audits
+
+### 5.2 Auditor Qualification
+
+Auditors must demonstrate:
+- Knowledge of QMS standards and regulations
+- Understanding of pediatric research regulations (45 CFR 46 Subpart D, 21 CFR 50 Subpart D, ICH E11)
+- Current GCP certification
+- Audit training completion
+- Independence from audited area
+- Previous audit experience (for lead auditors)
+
+### 5.3 Audit Planning
+
+1. Assign auditor(s) and lead auditor
+
+2. Ensure auditor independence (no audit own work)
+
+3. Develop audit plan including:
+   - Audit objectives and scope
+   - Areas/processes to be audited
+   - Audit criteria (regulations, SOPs, protocols)
+   - Audit dates and estimated duration
+   - Personnel to be interviewed
+   - Documents to be reviewed
+   - Special pediatric considerations
+
+4. Notify auditee at least 2 weeks in advance (except for-cause audits)
+
+5. Request documents for pre-review:
+   - SOPs and work instructions
+   - Training records
+   - Study protocols and amendments
+   - Informed consent/assent documents
+   - Safety reports
+   - Regulatory correspondence
+
+### 5.4 Audit Execution
+
+#### 5.4.1 Opening Meeting
+1. Introduce audit team
+2. Confirm audit scope and schedule
+3. Explain audit process
+4. Answer questions
+5. Establish logistics (workspace, access)
+
+#### 5.4.2 Document Review
+Review documents for:
+- Compliance with regulations and SOPs
+- Completeness and accuracy
+- Proper approvals and signatures
+- Traceability
+- Pediatric-specific requirements:
+  - Age-appropriate consent/assent forms
+  - Proper parental permission
+  - Adherence to 45 CFR 46.408 categories
+  - Pediatric safety monitoring
+  - Growth/development assessments
+
+#### 5.4.3 Interviews
+- Interview key personnel
+- Assess knowledge of procedures
+- Verify training on pediatric requirements
+- Evaluate understanding of child protection principles
+- Assess competence in age-appropriate communication
+
+#### 5.4.4 Observation
+- Observe processes in action where possible
+- Assess compliance with procedures
+- Evaluate facility suitability for pediatric research
+- Assess child-friendly environment
+
+#### 5.4.5 Finding Documentation
+For each finding, document:
+- Specific noncompliance or deficiency
+- Regulatory or procedural reference
+- Objective evidence
+- Risk level (Critical, Major, Minor)
+- Location and date observed
+
+Critical findings (immediate child safety risk):
+- Report immediately to management and Principal Investigator
+- Document interim actions taken
+- Escalate per safety procedures
+
+### 5.5 Closing Meeting
+
+1. Present preliminary findings
+
+2. Discuss observations
+
+3. Clarify any misunderstandings
+
+4. Establish timeframe for corrective action response
+
+5. Thank auditee for cooperation
+
+### 5.6 Audit Report
+
+1. Lead auditor prepares audit report including:
+   - Executive summary
+   - Audit scope and criteria
+   - Areas audited
+   - Documents reviewed
+   - Personnel interviewed
+   - Findings (Critical, Major, Minor)
+   - Observations (opportunities for improvement)
+   - Positive practices noted
+   - Conclusion and overall compliance assessment
+
+2. Report issued within 10 business days
+
+3. Report distributed to:
+   - Auditee
+   - Auditee management
+   - Quality Assurance Manager
+   - Executive management (for critical findings)
+   - Principal Investigator (for study audits)
+
+### 5.7 Corrective Action Response
+
+1. Auditee submits CAPA response within:
+   - Critical findings: 3 business days
+   - Major findings: 10 business days
+   - Minor findings: 15 business days
+
+2. Response includes:
+   - Root cause analysis
+   - Immediate corrective actions
+   - Long-term preventive actions
+   - Responsible person
+   - Target completion date
+   - Effectiveness verification plan
+
+3. Quality Assurance reviews and approves response
+
+4. If inadequate, response returned for revision
+
+### 5.8 Follow-up Verification
+
+1. Auditor verifies corrective action implementation
+
+2. Verification methods:
+   - Document review
+   - Follow-up audit
+   - Process observation
+   - Records sampling
+
+3. Verify effectiveness of actions
+
+4. Document verification results
+
+5. Close findings when satisfactorily addressed
+
+6. If not effective, finding remains open and escalated
+
+### 5.9 Audit Metrics and Reporting
+
+Quality Assurance tracks and reports:
+- Audits completed vs. planned
+- Findings by type and severity
+- Open vs. closed findings
+- Overdue corrective actions
+- Trends by area/process
+- Repeat findings
+- Pediatric-specific findings trends
+
+## 6. Special Considerations for Pediatric Research
+
+### 6.1 Assent and Consent Verification
+- Review sample informed consent/assent forms
+- Verify age-appropriate language
+- Check IRB approval documentation
+- Verify version control and participant records match
+- Confirm proper signatures obtained
+
+### 6.2 Pediatric Safety Monitoring
+- Review adverse event documentation
+- Verify growth and development monitoring
+- Check pediatric-specific assessments completed
+- Review DSMB reports if applicable
+- Verify expedited reporting timelines met
+
+### 6.3 Participant Protection
+- Assess child-friendly environment
+- Review child abuse reporting procedures
+- Verify staff training on child protection
+- Check privacy protections for minors
+- Review parental permission documentation
+
+### 6.4 Age-Appropriate Procedures
+- Verify procedures modified for pediatric population
+- Check age-specific normal ranges used
+- Review accommodation for family participation
+- Assess minimization of participant burden
+
+## 7. Related Documents
+
+- FRM-006 Audit Checklist
+- FRM-007 Audit Report Template
+- SOP-002 CAPA
+- SOP-PED-001 Pediatric Assent Process
+- SOP-SAF-001 Pediatric Safety Monitoring
+
+## 8. References
+
+- ICH-GCP E6(R2) Section 5.19 (Monitoring and Auditing)
+- 45 CFR 46.103 (Assurance of Compliance)
+- 21 CFR 312.56 (Review of Ongoing Investigations)
+- ISO 19011:2018 (Guidelines for Auditing Management Systems)
+
+---
+
+## Revision History
+
+| Rev | Date | Description | Author |
+|-----|------|-------------|--------|
+| 1.0 | [DATE] | Initial release | [AUTHOR] |