Current regulations require that pharmaceutical companies ensure that all manufacturing—including the manufacture of starting
materials—conducted on-site and off-site is compliant with the principles of current good manufacturing practices (cGMPs),
as set out by the European Union Guidance
and the US Code of Federal Regulations.
Therefore, the expectation from the regulatory authorities for work performed off-site is that these processes must be formally
evaluated as part of a quality management system to ensure compliance with the regulations. This is usually accomplished by
a gap analysis. This compares the operations and systems of an outsourcing provider to predefined criteria, and evaluates
the level of compliance to provide justification for either approving or rejecting the service offered. Dependent on the quality
management system and the perceived criticality of the service provided, the audit may consist of only a written questionnaire
or may also include a physical inspection and assessment of the facilities and proffered services. For example, the supplier
of consumables and reagents would only require a written audit, whereas a supplier of contract test services or manufacturing
would require an on-site inspection.
In conducting an audit, the choice of service will inevitably determine the questions that have to be answered. A contract
manufacturer will require a different focus than a contracted analytical service, and thus it is useful to have questionnaires
available to cover different service providers. The Pharmaceutical Inspection Cooperation Scheme3 publishes some helpful checklists on its publications web site which are available for free and are often used as starting
points. It is important to remember, however, that such questionnaires are only memory aids. There is no substitute for the
power of observation. One should not slavishly follow lists of questions and lose sight of the inspection process itself.
Selecting an Outsourcing Provider and Determining its Quality Status
Before proceeding to the audit stage, a company should seek to identify an outsourcing provider that can provide high quality
services. The selection process is dependent on the service required, and the initial stages may involve a proposed provider
recommended by other users. The selection process should be described in a standard operating procedure that includes considerations
of how many potential providers should be assessed and against what selection criteria. These criteria may include accreditation
to a quality standard, reputation in the industry, past experience, and even location.
Quality Status of the Service Provider
When selecting a provider, the first stage often confirms the existence of the provider's quality system. Outsourcing providers
may also cite accreditation by a third party inspection body, such as the UK Accreditation Service (UKAS) or the International
Standards Organization (ISO). However, it is necessary to consider the relevance of such accreditation with the required standard.
Obviously, any company that will provide manufacturing services must follow cGMP requirements. In Europe, contract manufacturers
also must be in possession of the relevant licenses and, if applicable, a letter of inspection from the Medicines and Healthcare
products Regulatory Agency (MHRA) that says the provider can be named on licenses. This will contribute to the decision as
to whether a postal or physical inspection is required.
Another critical consideration is whether or not a provider will allow an audit inspection to take place. If the provider
does not welcome an audit inspection, the provider should be excluded from the approval process.
Before an audit can be conducted, a confidentiality agreement must be in place. A confidentiality agreement will enable free
discussion of any concerns that arise during the course of an audit. If a provider requests a confidentiality agreement be
agreed to in advance of the audit, it is a sign that the firm is accustomed to working in a regulatory environment. It is
acceptable, however, to wait to sign the actual agreement until the date of the inspection.
Determining the Scope of the Audit
Before the audit is conducted, there should be an introductory meeting to identify the parties involved to establish the scope
of the audit. Audit inspections may cover total compliance of the entire facility to cGMP requirements, or be limited to a
specific area, such as a single outsourced analytical test. The audit could therefore be narrow in scope or more general,
depending on the service provided.