Data management, statistics and medical
writing
This late phase in clinical trials ‘offers’ many
opportunities to introduce errors and inconsisten-
cies in the clinical trial data as obtained on the
CRFs by the investigator sites. No stage before
included so many steps for data processing, coding,
cleaning, programming, analysis and reporting and
requires seamless interaction of many contributors.
Systems audits in this late phase in clinical trials
aim at assessing related procedures to ensure that
capable procedures exist for managing and clean-
ing clinical trial data, for conducting statistical
analyses and for preparing the final study report
which represents properly the data collected and
reported in the clinical trial. Such systems audits
are performed across functional boundaries. Such
systems audit can be combined with a database
audit and/or an audit of the final study report.
Typical aspects of such audits are the capability
of SOPs and project-specific instructions for data
management, statistical analyses and medical writ-
ing to provide an error-free report containing clin-
ical trial data that are traceable to the original
CRFs. This includes verification if software used
in data management, for statistical analyses and
report generation is fully validated and validation
is adequately documented. Audit of the reconcilia-
tion process between clinical and safety database is
another key area of the audit. All programs written,
including database set up and statistical analyses
programs must be validated and approved prior to
use. Adequate procedures for database freeze/lock
and unfreeze/unlock should be established
together with proper documentation so that post-
final database updates are fully traceable and do not
render the clinical trial data invalid. Conclusions
drawn in the final study report must be valid and
substantiated by clinical data included in the
report. Documentation related to data manage-
ment, statistics and medical writing must be
securely archived and, ideally, be part of the
TMF. All personnel involved in data handling,
analyses and reporting must be adequately trained.
Further details on and requirements to review
during such systems audits are provided in litera-
ture (FDA 21 CFR Part 11; FDA Guidance for
Industry, 1999; Rondelet al., 2000; DGGF, 2003;
Society of Clinical Data Management, 2005).Computerized systemsSystems audits in computerized systems validation
(CSV) are closely related to data collection and
management, statistics and pharmacovigilance, as
these areas are fully dependent on operating vali-
dated and properly functioning systems.
The objective of QA is to provide assurance to
management that computer systems are appropri-
ately validated so that clinical trial data integrity is
maintained. This includes verification of the sys-
tem development life cycle (SDLC) documenta-
tion (or alternative documentation for systems
which have been in place for a long time and are
not validated according to current requirements)
and adequate testing and user acceptance testing of
specified requirements. System security (logical
and physical) must be evaluated as part of the
systems audit, including access to server rooms
and backup procedures. Handling and access to
audit trails is a critical component of any CSV
audit. System documentation, instruction manuals
and appropriate training records for anybody
involved in computer systems (either as developer
or as user) must be available.
Revalidation and change control procedures for
hardware and software should be checked during
the audit.
Further details regarding CSV audits are avail-
able in literature (FDA 21 CFR Part 11; FDA
Guidance for Industry, 1999; Rondelet al., 2000;
DGGF, 2003; Follett, 2003; PIC/S Guidance, 2004;
CR-CSV Working Party, 2004; McDowall, 2005).Investigational medicinal productsProcedures for manufacturing, packaging, label-
ing, shipping, accounting, reconciling and dispos-
ing IMPs must comply with relevant GCPand good
manufacturing practice (GMP) requirements (FDA
Guidance for Industry, 1991; PIC/S Guide, 1991;
European Commission, 2003; EU Commission
Directive, 2003; ISO 9000:2005, 2005; PIC/S13.6 BRIEF OUTLINE OF AUDIT TYPES 173