This page contains a Flash digital edition of a book.
CMO


A. Quality Management System


QA should determine the effectiveness of the provider’s QMS by reviewing and assuring the adequacy of the individual elements of the QMS—such as organization and infrastructure—that can support the contracted project.


While having written procedures does demonstrate the fulfillment of an important QMS element, QA verifies that they are indeed followed (via interviews, in-process observation, and documentation). Quality control steps in critical processes should also be confirmed.


A special skill is needed to attest the presence of an adequate training system. In addition to reviewing the training system, control, and respective documentation, the auditor needs to reach a comfort level that the system is well-designed. Having a “read and understood” statement might not suffice for certain processes. For more critical processes with a high potential impact, a verifiable training evaluation approach such as a “sign-off,” “release to conduct task unsupervised,” or a test may be warranted. Equally important is the hand-over procedure; while the initially assigned staff may have been trained and performed well, given an environment where the only constant is change, QA needs to be satisfied that when staff are replaced, an effective hand-over process is in place with no loss of knowledge/information in the transition.


Reviewing the provider’s QA system, the auditor should authenticate the independence of the QA function, adequacy, and the experience of the QA headcount as well as the effectiveness of the QA system. While no project-related problems may exist at this early stage, problems could happen down the road, so QA should attempt to anticipate where problems or deviations are likely to arise. The auditor should determine the provider’s system for managing these anticipated issues. For example, when something goes wrong, does the provider:


a. Identify quality problems?


b. Conduct a root cause analysis and investigate non-conformities?


c. Identify CAPA? d. Verify and validate the effectiveness of CAPA?


e. Communicate quality problems to those directly affected and responsible?


f. g.


Communicate quality problems and respective CAPA for management review and approval?


Implement changes to correct quality problems?


While successful regulatory inspections can demonstrate compliance, it can be challenging to verify the true outcome. Not all providers are willing to share details of such events. It is worth remembering that passing a US Food and Drug Administration (FDA)/European Medicine Association inspection does not automatically ensure that a provider will always be compliant.1


Rather, documentation substantiating closure


of such inspection findings can demonstrate compliance, transparency, and good issue management. Facility general quality certifications (such as an ISO certification) do afford an additional comfort level, while more specific certifications by a regulatory authority/international body (such as GLP or GMP certifications) can increase the comfort level dramatically. The latter does not always apply to clinical research organizations (eg, certain Phase I certifications in certain countries).


B. Operational and Other Aspects


For more technical and operational aspects, it is important that the auditor has the technical capability to assess the competence of the provider, and if he or she does not also have the operational background, he or she should be accompanied by a Subject Matter Expert (SME). Where possible, an ideal team would consist of both the QA auditor and the SME.


To verify the claimed capacity, a QA auditor needs to review current capacity and available facilities, as well as the ability to address changes.


A supplier/provider is usually chosen based on immediate project needs, but potential future developments and longer-term supply should also be considered.1


to ensure the project will not quickly outgrow the selected provider.


For other technical systems (eg, assessing laboratory operations), QA should verify the firm’s operations are in a state of control. If an issue arises (eg, if there is an Out of Specifications [OOS] laboratory result) or if there a clinical site monitoring performance, how does the contracted vendor address such issues?


While the pharma operational personnel can be satisfied that the CRO/ CMO can provide the requested process/service/product, QA need to be satisfied that such a process is validated, that adequate quality control steps have been incorporated, and monitored for effectiveness, and see that the actual testing, deviation, and complaints’ management data, etc, demonstrate the process effectively.


C. Business Continuity


Business continuity and contingency plans should also be addressed during the QA audit. For example, a QA audit should find answers to the following questions:


• Is the CRO/CMO successful and does it have a track record of profitability and growth?


• Is the company able to support its growth? • Does the vendor have debt capacity?


While very sensitive and often associated with disclosure reluctance, the auditor should be perceptive to any signs that may imply the owners’ intentions for selling or merging the existing business. If such a prospect is confirmed, uncertainty may arise as to whether the CRO/CMO would remain dedicated to the contracting business or maintain the same level of quality. Likewise, other factors that may impact business continuity should be examined such as business resumption contingency plans in the case of possible force majeure.


At Contract Creation: Auditing the Contract


What is a good agreement? Undoubtedly, a good agreement meets the requirements of both parties to make a cohesive association. The contract needs input and review from the major stakeholders to ensure that all delegated activities are clearly stated, and no essential ones have been missed:


• Minimum requirements spelled out in contracting agreements • Written quality agreement to clearly identify responsibilities • Awareness of other potential constraints


·


Legal/regulatory aspects, interactions between laws of different countries, and the impact of domestic and foreign Regulator Requirements


• Lines of communication and reporting Pharmaceutical Outsourcing | 18 | March/April 2015 It is imperative for the qualifying team to consider this


Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44  |  Page 45  |  Page 46  |  Page 47  |  Page 48  |  Page 49  |  Page 50  |  Page 51  |  Page 52  |  Page 53  |  Page 54  |  Page 55  |  Page 56  |  Page 57  |  Page 58  |  Page 59  |  Page 60  |  Page 61  |  Page 62  |  Page 63  |  Page 64  |  Page 65  |  Page 66  |  Page 67  |  Page 68  |  Page 69  |  Page 70  |  Page 71  |  Page 72  |  Page 73  |  Page 74  |  Page 75  |  Page 76  |  Page 77  |  Page 78