Imagine this: the FDA has contacted you and announced an upcoming inspection, or worse yet, an FDA investigator has unexpectedly arrived and is waiting in your lobby. The management team says that the staff is prepared to support an inspection. However, in reality, that may be the farthest thing from the truth. In fact, what you discover is that you are barraged with problems ranging from Subject Matter Experts (SMEs) who make inappropriate comments, to inadequate documentation from your last recall, as well as a CAPA list that you cannot provide electronically because no one knows how to extract the data or generate the necessary report.
These scenarios occur more frequently than you might think. Believe it or not, many companies put inspection preparation on the back burner and convince themselves that it is not necessary for a number of reasons — e.g., because they’ve had a positive inspection history, are familiar with an FDA investigator, are overwhelmed with day-to-day business, or simply because they have become complacent. Deciding not to prepare for an inspection can be risky and costly. Problems can be avoided with some simple organizational and risk-based preparation.
There are 10 key questions to assess your inspection readiness. In my experience, when a firm can confidently answer yes to each question, it is well prepared and has a higher probability of a successful inspection outcome. A key aspect in answering these 10 questions is taking a risk-based approach to your inspection readiness.
Current FDA Trends
1. Are you aware of all current trends as they specifically relate to your products?
With an increase in the use of a global supply chain and international manufacturers sending products to the U.S., a critical part of the FDA’s charter is ensuring the integrity of the supply chain, and inspections are key to that process. With 15% of food, 50% of devices, and 80% of active ingredients for pharmaceuticals originating from outside the U.S., the FDA is operating on a global basis like never before. There are now FDA offices around the world, including posts in Beijing, Shanghai, and Guangzhou, China; New Delhi and Mumbai, India; San Jose, Costa Rica; Santiago, Chile, and Mexico City in Central and South America; Brussels, London, and Parma, Italy in Europe; Pretoria, South Africa and Amman, Jordan in the Middle East.1 The number of foreign inspections has increased from approximately 1,400 in 2010 to more than 2,000 in 2011.2 Being able to answer yes to this question means that you are fully informed and aware of FDA strategies and their areas of focus, as well as current enforcement trends in inspections as they relate to your products.
Linking FDA Trends to Your Preparation
2. Have you reviewed your processes with a critical eye, viewing them from the FDA’s perspective?
You need to correlate FDA inspection trends to your preparation efforts. Companies should examine current inspection and enforcement trends through several sources, including the FDA’s website, assessment of what is going on with other businesses in their own industry, and through participation in regulatory groups. An excellent and timesaving approach to staying current is regularly reviewing warning letters and other enforcement information found on the FDA website (http://1.usa.gov/Ur58ge), all provided as part of the government agency transparency initiative. Moreover, this means not only reviewing the information on current enforcement trends or changing cGMP, but also understanding how this may specifically apply to your products. To be successful requires a critical, independent and unbiased view. This can be achieved through your internal audits, as long as you are confident in the ability to be objective. If not, you can use external third parties to accomplish this.
Confidently answering yes to the review process question means that you are fully aware of all of the areas of FDA focus during inspections and that you know where the bar has been raised, how this may apply to you and where you may have similar findings.
So what should you do if you find that you have a similar compliance issue to that of a current trend? Once you have identified an issue, you will need to determine whether or not your company has adequately addressed it.
It is essential to fully understand where the specific issue is covered in your quality system and review the documentation to ensure it is adequate. For example:
- Is there a CAPA?
- An investigation?
- Has the issue been documented in a quality record?
- Is there an identified root cause?
- Is there an action plan to address the issue?
- If so, is it being completed according to schedule?
- Not being aware that they have an issue because they are not keeping up with cGMP and enforcement trends
- Significant internal audit findings that go unaddressed
- Empty CAPA — a document is opened in the CAPA system but not populated (the lights are on but nobody’s home!)
- The belief that an FDA investigator will never discover the issue
Several elements are key to a risk-based inspection readiness approach. It is imperative that you know your vulnerabilities and there are three Ss to successfully addressing risk — System, SMEs and Support process. These are areas where many companies often slip-up because they do not fully comprehend their vulnerabilities and are not fully prepared for an inspection. These three areas are critical to successful inspection outcomes.
3. Have you assessed and addressed all potential internal and external compliance risks?
Identification and remediation of all internal and external compliance risk requires due diligence. You should examine any current or past product issues — e.g., internal, related to testing or manufacturing or external, such as product performance in the field.
- Review your internal quality data to see what trends are evident and how you have addressed them.
- Review your CAPA and complaint data just as they would be provided to an FDA investigator; sort it and see how it matches up to what your routine trending has shown.
- Examine your manufacturing processes monitoring data and any related CAPAs. You will need to be able to demonstrate that processes are validated where required.
- Understand the areas in your system where you make decisions related to risk and critically assess how robust those decisions are (Adverse event/MDR reporting, recall decisions, whether or not an investigation is performed, risk management files, etc.)
This approach also needs a critical, unbiased eye, so the best practice here is to identify these items utilizing some level of independent review, whether that is from a corporate group or external consultants. Challenge all internal and external risk-related decisions and make sure they are consistent and compliant.
If you are diligent, what you will come away with are specific areas and topics for inspection preparation based on where you have identified risk and areas that require action. This information then becomes the focus for topics in your preparation efforts and for practice with your SMEs.
On numerous occasions, I have heard people say that issues are not readily visible to others outside the company, and there is no way anyone could find it. Believe me, in most cases, they can and will be found. Another misconception is that this methodical and risk-based approach to preparation is not necessary because of successful past inspections or a good rapport with a particular FDA investigator. The problem with this type of thinking is that FDA personnel change and you are just as likely to see new investigators at your inspection. Ultimately, whether you have identified all compliance risks means that you have comprehensively assessed and addressed all internal and external vulnerabilities associated with your products and your quality systems.
4. Are you confident that all of your employees can competently answer the FDA’s questions and provide clear explanations of your processes and quality records?
You need to understand and prepare for all the possible risks associated with your SMEs and other employees who may participate in an inspection. For example:
- Do you have new personnel in key positions (e.g., SMEs) or other staff who may be part of an FDA inspection? Are they fully prepared?
- How will SMEs and other participants perform when they are in a stressful situation and feel challenged? Are they going to handle it gracefully, point fingers, or. . . ?
5. Do you have an established process to fulfill the FDA investigator’s requests?
Prior to an inspection, testing how your “back-room” process will perform during an inspection is critical. First, you need to ensure that your back-room process is clearly defined and understood by the support team. Next, managing and minimizing risk and examining the outputs and type of errors that arise is key to understanding how your request fulfillment process holds up during times of stress. The best way to test your back-room process is to conduct dry runs with the support team during simulated inspection sessions with SMEs. Answering yes to this question means that you have an organized process that accurately delivers documentation requested by the FDA investigator in a timely manner.
6. Do you have a trained inspection support team in place and is your management team prepared?
In risk-based inspection preparation, an effective model for decision making relies on the training and alignment of all SMEs and management, should issues arise during an inspection. In times of stress during inspections, multiple “chiefs” may emerge; all of whom have the best intentions, but whose actions and comments may actually yield even more chaotic situations. Effective inspection training for SMEs and management prevents confusion during critical times when organization and clear decision making is the most critical. When your company has highly trained and well-defined inspection team roles and a specific process for the management of inspections, then the odds for successful outcomes increase.
7. Are you ready to provide data in an electronic format?
During inspections, it is the FDA’s expectation that information can be readily retrieved electronically. For example, common requests during inspections include CAPAs, nonconformance, complaint and change history documentation. Your company needs a defined process and procedures that outline how and by whom that information is obtained and how you will verify the accuracy of the documentation. Are your reports validated? And if not, how are they verified? Another best practice in this situation is to pull the data in advance to test your process and have a trained SME who can explain the electronic records in detail. You can answer yes to this question when you are ready to provide validated, verified data to an investigator in an electronic format.
8. Do you have strategies in place to handle potential compliance vulnerabilities during an inspection?
Once you have completed the appropriate review to identify areas of risk and other important topics for an inspection, it is time to prepare. You will need to prepare SMEs and management to ensure that all compliance vulnerabilities have been addressed. Experiential learning is one very important key to successful inspection outcomes.
One of the most effective methods to prepare SMEs and ensure your strategies are adequate is to conduct simulated inspections, i.e., practice sessions designed to prepare participants to respond to both specific and general topics. These sessions pose both common and more challenging questions to allow the SMEs and participants to answer as they would during an actual FDA inspection. One approach, considered to be a best practice, is to design these simulated inspections using independent personnel to conduct the sessions, e.g., staff from the company’s corporate group, another site, or external consultants. One of the many benefits of this approach is that SMEs learn in a “safe” environment through experience, understand what the results are when a less-than-optimal response is given, and can improve on the accuracy of any incomplete or incorrect responses. These simulated inspections review all topics and associated documentation with a very high level of detail. This minimizes or prevents any surprises in verbal responses or document content that may contradict your strategies and conclusions.
When the simulated inspection is complete, participants receive feedback on their responses regarding the potential risks of incomplete or incorrect responses as well as any other actions that may be necessary to reduce compliance vulnerabilities. Performance feedback is also provided for the support process, including the accuracy and timeliness of records requested.
After a practice session, adjustments to your strategy may be required as part of further preparation. Multiple sessions are conducted until responses on all topics are prepared. This means the SME, other participants, documentation, and any follow-up actions associated with the topic are accurately and fully addressed. This experiential learning approach builds a very high level of confidence among the SMEs and other inspection participants.
9. Has an independent third-party objectively assessed your vulnerabilities and provided practical, cost-effective business solutions?
Answering yes means that you have done a thorough job in answering the prior questions. Whether you use independent personnel from your company’s other sites to assist in your preparation or retain external consultants, obtaining an unbiased review process is an essential best practice for inspection readiness.
10. If inspectors showed up at your door today, would you pass with flying colors?
Being ready to pass an FDA inspection with flying colors means that you have:
- Identified all your vulnerabilities and can demonstrate through your responses and documentation that you have addressed them
- Organized, defined inspection support processes
- Personnel that are trained and prepared as a result of experiential learning; your SMEs are confident and ready to interact with an FDA investigator
- Global Engagement: U.S. Food and Drug Administration, retrieved June 2012 from http://www.fda.gov/AboutFDA/ReportsManualsForms/Reports/ucm298576.htm
- Inspections, compliance, enforcement and criminal investigations, retrieved June 2012 from http://www.fda.gov/ICECI/EnforcementActions/ucm222557.htm
Julie Larsen is director Inspection Readiness Services at BioTeknica, Inc. She can be reached at InspectionReadiness@BioTeknica.com.