Principles and Practice of Pharmaceutical Medicine

Audit report

ICH GCP (1995) defines an audit report as ‘A
written evaluation by the sponsor’s auditor of the
results of the audit’. Format and layout of audit
reports vary greatly between companies and can
range from a simple list of audit findings to a
detailed description of all audit areas, observations
and conclusions. The lead auditor is responsible for
preparing the audit report and should be assisted by
the entire audit team. Ideally, the audit report
should be prepared as soon as possible after the
audit. The report should be a complete and accurate
representation of the audit conducted, and not
include opinions or assumptions.
The following details are typically included
(ISO 19011:2002, 2002):

type and scope of the audit;

audit objectives and reason for conducting the
audit, if appropriate;

identification of the auditee and organizational
and functional units and processes audited;

identification of the client/sponsor and trial
protocol;

identification of the audit team leader, and mem-
bers and technical experts, if required;

date(s) and location(s) of audit activities at the
site; start and stop dates of the audit;

audit criteria and reference documents;

audit findings and conclusions.

Further details may be useful:

audit plan and any deviation to the audit plan;

list of auditees and interview partners;

recommendations for improvement and recom-
mended follow-up activities;

distribution list for the audit report;

statement of the confidential nature of the

contents.

The lead auditor should sign and date the final audit

report which should then be disseminated to the

recipients as agreed with the sponsor.

It may be useful to remind the recipients of the

confidential nature of audit reports which means

that they should not be made publicly available or

distributed to persons outside the company. Reg-

ulatory authorities should not routinely be pro-

vided with audit reports. Audit reports should be

securely filed (ideally with the QA department) and

not included in the Trial Master File (TMF).

Audit certificate

According to ICH GCP (1995), an audit certificate

is ‘A declarationof confirmationby the auditorthat

an audit has taken place’. It is kind of a ‘neutral’

document and does not make reference to deficien-

cies or findings observed during the audit. It merely

documents that an audit has taken place and is

issued by the lead auditor at the termination of

the audit.

Audit follow-up

The value of an audit would be considerably

reduced if no corrective or preventive follow-up

activities emerged from an audit report in case of

identified deficiencies or recommendations for

improvement. The auditee and/or recipient of the

audit report are responsible for initiating follow-up

activities. In case of serious or critical observations

made during the audit, QA auditors are often asked

to review the corrections planned to resolve a

problem.

Archiving

Like all documentation in clinical research, archiv-

ing is also required for QA documents, such as

correspondence, audit notes, reports and certifi-

cates.

168 CH13 QUALITY ASSURANCE, QUALITY CONTROL AND AUDIT