310 lines
8.6 KiB
Markdown
310 lines
8.6 KiB
Markdown
# Standard Operating Procedure: Internal Audit
|
|
|
|
| Document ID | SOP-004 |
|
|
|-------------|---------|
|
|
| Title | Internal Audit |
|
|
| Revision | 1.0 |
|
|
| Effective Date | [DATE] |
|
|
| Author | [AUTHOR] |
|
|
| Approved By | [APPROVER] |
|
|
| Department | Quality Assurance |
|
|
|
|
---
|
|
|
|
## 1. Purpose
|
|
|
|
To establish a process for conducting internal audits to verify compliance with the Quality Management System, pediatric research regulations, and study protocols, and to identify opportunities for improvement.
|
|
|
|
## 2. Scope
|
|
|
|
This procedure applies to:
|
|
- Planned audits of QMS processes and procedures
|
|
- Study-specific audits of pediatric clinical trials
|
|
- Site audits of research facilities
|
|
- Supplier/vendor audits (if applicable)
|
|
- For-cause audits triggered by quality concerns
|
|
- Pre-study readiness assessments
|
|
|
|
## 3. Definitions
|
|
|
|
| Term | Definition |
|
|
|------|------------|
|
|
| Internal Audit | Systematic, independent examination of activities and documents |
|
|
| Auditor | Qualified individual conducting the audit |
|
|
| Auditee | Individual or department being audited |
|
|
| Audit Finding | Observation of noncompliance or deficiency |
|
|
| Observation | Opportunity for improvement not constituting noncompliance |
|
|
| Critical Finding | Issue that poses immediate risk to child safety or data integrity |
|
|
|
|
## 4. Responsibilities
|
|
|
|
### 4.1 Quality Assurance Manager
|
|
- Develops annual audit program
|
|
- Selects and qualifies auditors
|
|
- Reviews and approves audit reports
|
|
- Tracks corrective actions
|
|
- Reports audit results to management
|
|
- Ensures pediatric-specific requirements audited
|
|
|
|
### 4.2 Auditors
|
|
- Conduct audits per plan and procedure
|
|
- Maintain independence and objectivity
|
|
- Document findings accurately
|
|
- Verify corrective actions
|
|
- Maintain confidentiality
|
|
- Understand pediatric research regulations
|
|
|
|
### 4.3 Auditee
|
|
- Cooperate with audit activities
|
|
- Provide requested documentation
|
|
- Respond to findings within timeframe
|
|
- Implement corrective actions
|
|
- Verify effectiveness
|
|
|
|
### 4.4 Management
|
|
- Support audit program
|
|
- Provide resources for corrective actions
|
|
- Review audit summaries
|
|
- Address systemic issues
|
|
|
|
## 5. Procedure
|
|
|
|
### 5.1 Annual Audit Program
|
|
|
|
1. Quality Assurance develops annual audit schedule considering:
|
|
- All QMS processes audited at least annually
|
|
- Risk-based prioritization
|
|
- Previous audit results
|
|
- Regulatory inspection history
|
|
- Active pediatric studies
|
|
- Changes to regulations or processes
|
|
- Sponsor/customer requirements
|
|
|
|
2. Audit schedule includes:
|
|
- QMS processes (Document Control, CAPA, Training)
|
|
- Clinical operations (protocol compliance, safety reporting)
|
|
- Regulatory affairs (submissions, communications)
|
|
- Data management
|
|
- Pediatric-specific processes (assent, parental permission, age-appropriate procedures)
|
|
|
|
3. Schedule approved by management
|
|
|
|
4. Schedule flexible to accommodate for-cause audits
|
|
|
|
### 5.2 Auditor Qualification
|
|
|
|
Auditors must demonstrate:
|
|
- Knowledge of QMS standards and regulations
|
|
- Understanding of pediatric research regulations (45 CFR 46 Subpart D, 21 CFR 50 Subpart D, ICH E11)
|
|
- Current GCP certification
|
|
- Audit training completion
|
|
- Independence from audited area
|
|
- Previous audit experience (for lead auditors)
|
|
|
|
### 5.3 Audit Planning
|
|
|
|
1. Assign auditor(s) and lead auditor
|
|
|
|
2. Ensure auditor independence (no audit own work)
|
|
|
|
3. Develop audit plan including:
|
|
- Audit objectives and scope
|
|
- Areas/processes to be audited
|
|
- Audit criteria (regulations, SOPs, protocols)
|
|
- Audit dates and estimated duration
|
|
- Personnel to be interviewed
|
|
- Documents to be reviewed
|
|
- Special pediatric considerations
|
|
|
|
4. Notify auditee at least 2 weeks in advance (except for-cause audits)
|
|
|
|
5. Request documents for pre-review:
|
|
- SOPs and work instructions
|
|
- Training records
|
|
- Study protocols and amendments
|
|
- Informed consent/assent documents
|
|
- Safety reports
|
|
- Regulatory correspondence
|
|
|
|
### 5.4 Audit Execution
|
|
|
|
#### 5.4.1 Opening Meeting
|
|
1. Introduce audit team
|
|
2. Confirm audit scope and schedule
|
|
3. Explain audit process
|
|
4. Answer questions
|
|
5. Establish logistics (workspace, access)
|
|
|
|
#### 5.4.2 Document Review
|
|
Review documents for:
|
|
- Compliance with regulations and SOPs
|
|
- Completeness and accuracy
|
|
- Proper approvals and signatures
|
|
- Traceability
|
|
- Pediatric-specific requirements:
|
|
- Age-appropriate consent/assent forms
|
|
- Proper parental permission
|
|
- Adherence to 45 CFR 46.408 categories
|
|
- Pediatric safety monitoring
|
|
- Growth/development assessments
|
|
|
|
#### 5.4.3 Interviews
|
|
- Interview key personnel
|
|
- Assess knowledge of procedures
|
|
- Verify training on pediatric requirements
|
|
- Evaluate understanding of child protection principles
|
|
- Assess competence in age-appropriate communication
|
|
|
|
#### 5.4.4 Observation
|
|
- Observe processes in action where possible
|
|
- Assess compliance with procedures
|
|
- Evaluate facility suitability for pediatric research
|
|
- Assess child-friendly environment
|
|
|
|
#### 5.4.5 Finding Documentation
|
|
For each finding, document:
|
|
- Specific noncompliance or deficiency
|
|
- Regulatory or procedural reference
|
|
- Objective evidence
|
|
- Risk level (Critical, Major, Minor)
|
|
- Location and date observed
|
|
|
|
Critical findings (immediate child safety risk):
|
|
- Report immediately to management and Principal Investigator
|
|
- Document interim actions taken
|
|
- Escalate per safety procedures
|
|
|
|
### 5.5 Closing Meeting
|
|
|
|
1. Present preliminary findings
|
|
|
|
2. Discuss observations
|
|
|
|
3. Clarify any misunderstandings
|
|
|
|
4. Establish timeframe for corrective action response
|
|
|
|
5. Thank auditee for cooperation
|
|
|
|
### 5.6 Audit Report
|
|
|
|
1. Lead auditor prepares audit report including:
|
|
- Executive summary
|
|
- Audit scope and criteria
|
|
- Areas audited
|
|
- Documents reviewed
|
|
- Personnel interviewed
|
|
- Findings (Critical, Major, Minor)
|
|
- Observations (opportunities for improvement)
|
|
- Positive practices noted
|
|
- Conclusion and overall compliance assessment
|
|
|
|
2. Report issued within 10 business days
|
|
|
|
3. Report distributed to:
|
|
- Auditee
|
|
- Auditee management
|
|
- Quality Assurance Manager
|
|
- Executive management (for critical findings)
|
|
- Principal Investigator (for study audits)
|
|
|
|
### 5.7 Corrective Action Response
|
|
|
|
1. Auditee submits CAPA response within:
|
|
- Critical findings: 3 business days
|
|
- Major findings: 10 business days
|
|
- Minor findings: 15 business days
|
|
|
|
2. Response includes:
|
|
- Root cause analysis
|
|
- Immediate corrective actions
|
|
- Long-term preventive actions
|
|
- Responsible person
|
|
- Target completion date
|
|
- Effectiveness verification plan
|
|
|
|
3. Quality Assurance reviews and approves response
|
|
|
|
4. If inadequate, response returned for revision
|
|
|
|
### 5.8 Follow-up Verification
|
|
|
|
1. Auditor verifies corrective action implementation
|
|
|
|
2. Verification methods:
|
|
- Document review
|
|
- Follow-up audit
|
|
- Process observation
|
|
- Records sampling
|
|
|
|
3. Verify effectiveness of actions
|
|
|
|
4. Document verification results
|
|
|
|
5. Close findings when satisfactorily addressed
|
|
|
|
6. If not effective, finding remains open and escalated
|
|
|
|
### 5.9 Audit Metrics and Reporting
|
|
|
|
Quality Assurance tracks and reports:
|
|
- Audits completed vs. planned
|
|
- Findings by type and severity
|
|
- Open vs. closed findings
|
|
- Overdue corrective actions
|
|
- Trends by area/process
|
|
- Repeat findings
|
|
- Pediatric-specific findings trends
|
|
|
|
## 6. Special Considerations for Pediatric Research
|
|
|
|
### 6.1 Assent and Consent Verification
|
|
- Review sample informed consent/assent forms
|
|
- Verify age-appropriate language
|
|
- Check IRB approval documentation
|
|
- Verify version control and participant records match
|
|
- Confirm proper signatures obtained
|
|
|
|
### 6.2 Pediatric Safety Monitoring
|
|
- Review adverse event documentation
|
|
- Verify growth and development monitoring
|
|
- Check pediatric-specific assessments completed
|
|
- Review DSMB reports if applicable
|
|
- Verify expedited reporting timelines met
|
|
|
|
### 6.3 Participant Protection
|
|
- Assess child-friendly environment
|
|
- Review child abuse reporting procedures
|
|
- Verify staff training on child protection
|
|
- Check privacy protections for minors
|
|
- Review parental permission documentation
|
|
|
|
### 6.4 Age-Appropriate Procedures
|
|
- Verify procedures modified for pediatric population
|
|
- Check age-specific normal ranges used
|
|
- Review accommodation for family participation
|
|
- Assess minimization of participant burden
|
|
|
|
## 7. Related Documents
|
|
|
|
- FRM-006 Audit Checklist
|
|
- FRM-007 Audit Report Template
|
|
- SOP-002 CAPA
|
|
- SOP-PED-001 Pediatric Assent Process
|
|
- SOP-SAF-001 Pediatric Safety Monitoring
|
|
|
|
## 8. References
|
|
|
|
- ICH-GCP E6(R2) Section 5.19 (Monitoring and Auditing)
|
|
- 45 CFR 46.103 (Assurance of Compliance)
|
|
- 21 CFR 312.56 (Review of Ongoing Investigations)
|
|
- ISO 19011:2018 (Guidelines for Auditing Management Systems)
|
|
|
|
---
|
|
|
|
## Revision History
|
|
|
|
| Rev | Date | Description | Author |
|
|
|-----|------|-------------|--------|
|
|
| 1.0 | [DATE] | Initial release | [AUTHOR] |
|