To Prepare or Not To Prepare - There is No Question

For many companies, coping with an FDA inspection can be a nightmare. Workloads increase significantly before, during, and after an inspection, and there is always the potential that a major regulatory economic downfall could be part of a company's future if the inspection yields negative or mixed results.

This three-part series addresses common issues that arise during an FDA inspection and provides advice on how to prevent those difficulties. Part 1 describes those actions and programs that must be part of routine operations, whether an inspection is imminent or not. Part 2 focuses on inspection day — and what to do during that examination. Part 3 follows the aftermath — responding to inspection results, implementing corrective actions, and learning from the entire inspection process.

To Prepare for an FDA Inspection

We don't try to predict all the possible questions and concerns that can come up during an inspection. Even an FDA inspector couldn't do that. Instead, we discuss common deficiencies. This survival guide ensures that you know what an inspection is, what aspects of company operations (equipment, documents, tests) are likely to be inspected, and what the most common concerns, problems, and difficulties are — those that FDA inspectors look out for. Then we make sure you know how to address those issues properly (see the "To Prepare for an FDA Inspection" sidebar).

Much of an inspection focuses on a company’s quality systems. By definition, a quality system is a program that addresses the needs and elements of a specific part of a manufacturing operation. A training program, for example, is a quality system — a quality system that defines in detail how the company will ensure that its employees have the proper knowledge to carry out their responsibilities.

Pharmaceutical and biotechnology companies typically determine how they are going to classify their quality systems. Quality systems typically include standard operating procedures (SOPs), monitoring programs, change control policies, validation programs, training, deviation and investigation programs, and consistent documentation practices.

Our survival guide, therefore, also begins by focusing on quality systems: on determining those quality systems needed and in place, on ascertaining how practical particular quality systems are, and on checking how well those quality systems have been implemented and followed. It is the responsibility of a company's management to ensure that quality systems are in place, reviewed periodically, upgraded, implemented, and followed.

Standard Operating Procedures

SOPs are a critical quality system feature, and they frequently get inspected — their contents, the quality of their preparation, and how well they are followed. SOPs are detailed documents that specify operating guidelines and instructions for every procedure within the company.

Before an Inspection

SOPs — two to do. Two types of SOPs are common. The first type is corporate or global SOPs (policies and procedures set forth by the company’s highest management level), that describe general company policies. A company’s divisions, functions, and groups subject to GMP requirements (that is, all departments excluding functions such as finance, marketing, and sales) are required to comply with global SOPs (1–3).

Local SOPs document routine tasks and make provisions for nonroutine tasks for all specific functions or departments within the company. These documents detail the tasks that must be performed at each step in the manufacturing process. Examples of these tasks include sterilization, equipment operation, emergencies, and documentation practices. Examples of observations that FDA inspectors make about SOPs are listed in the "SOP Failures" sidebar. Remember, SOPs are the first line of defense during an inspection: They describe how procedures and situations are supposed to be handled, even those situations, such as an emergency or a contaminated batch, that a company has never faced before.

Monitoring systems. Another quality system that is closely scrutinized during a typical inspection is the monitoring program. Typically, a production site must have a continuous monitoring program of all critical elements of the manufacturing operation. Critical elements include, for example, building and equipment monitoring, water quality assessment, environmental monitoring, and microbial level measurements in aseptic fill areas.

Monitoring samples. The monitoring program clearly defines what needs to be sampled and when, how the sample is taken, and how the sample must be handled and tested. It also outlines acceptable results supported by validation studies. Monitoring programs must include provisions for test results outside acceptable limits, assigning action and alert limits, addressing who needs to be notified, assessing the effect of the out-of-specification (OOS) result, and approving and implementing a corrective action. Responsibility must be assigned to a specific person who reviews the results in each area and identifies trends in the data.

OOS results. FDA observations about monitoring programs cite the lack of clear specifications for when to sample, the location from which to draw the sample, the number of samples, and poor handling for OOS or failed test results. It is inevitable that at some point a test result will fail. (In fact, an experienced inspector will doubt the validity of test results that remain acceptable over long periods of time.) Inspectors want to know how the failed result was handled, how the effect of the OOS result was assessed, how the corrective action was agreed upon, who approved the corrective steps, what the thought processes were behind the final decision about corrective action, and how the entire episode was documented. Therefore, before your company is notified that an inspection is imminent, review your monitoring programs and make sure they are sound and robust.

Validation Programs

At your next staff meeting, ask your coworkers, "Does our company have a comprehensive validation program in place?" Be prepared for several interesting responses.

Validation programs are arguably what inspectors are most interested in when they visit your company. During validation, critical parameters and acceptable ranges are established for processes and equipment. The quality of the validation program indicates how tests are performed and documented, how deviations are handled, and how conclusions are reached. How a validation process is carried out is the best example of how work is planned, executed, and documented on a daily basis. Therefore, the quality of a company's validation program shows an inspector the level of detail and technical knowledge that the company applies to day-to-day operations. Even if an inspection does not start with validation, it almost always raises issues that can be traced back to the original validation work.

Figure 1. Validation protocols for a typical software life cycle

A comprehensive validation program starts with policies that establish guidelines and responsibilities for validation processes. Those policies typically cover procedures for preparing, reviewing, approving, executing, and completing the validation plan.

In separate documents, the validation requirements for individual areas, such as laboratory equipment and processes, computers, cleaning, and utilities, among others, must be clearly defined. This set of documents establishes a company's commitment to its validation efforts. The documents also establish a requalification program at timely, preestablished intervals to verify the results of the original validation effort.

A validation master plan (VMP) is also essential because it establishes a company's validation plans for the near future. It should include a list of validation activities that the company plans to complete within a reasonable time frame. Once a VMP is approved, periodic reviews will ensure that validation plans are on schedule assuring inspectors that the company is committed to completing its validation tasks. VMPs do not, however, replace completed validation efforts.

Validation protocols are the most critical element of a validation program. Figure 1 shows the validation processes in a typical software life cycle. Creating validation protocols is an extremely detailed process, but as a general rule, companies should ask the questions in the "Before an Inspection" sidebar about the company's validation programs.

Batch Records

The biopharmaceutical industry generates massive batch records (about the size of telephone books) full of comprehensive data that include each step taken during manufacturing and a log of the necessary controls, checks, and balances. These documents are a compilation of production records, test data for raw materials, components, and product integrity. Everything is documented in batch records: the vials used, the equipment used, and the product temperature when machines are in operation, among many other items. Batch records are the ultimate proof that the batch was prepared using established and predefined steps.

Batch record violations. Batch records are often one of the first items that FDA inspectors examine for deviations, missing information, the quality of a company’s documentation practices, and other operating weaknesses. Inspectors want to assess whether the company’s records are comprehensive enough to reflect all production facts, how the company’s quality assurance department reviews the records, how deviations are detected and responded to, and whether there is any missing data in such documents. FDA frequently cites companies that fail to properly analyze their batch record data, that keep inadequate data, that fail to describe deviations in detail, or that provide insufficient responses to deviations. If batches are OOS, companies must understand why and demonstrate that they can correct the problem and prevent recurrence. Such documents can be long and the analysis process tedious, but the process can result in cost savings if the company can identify ways to solve ongoing problems.

Batch records as preventive measures. Batch records can clear a company’s name and disprove suspicions of wrongdoing. In 1982, McNeil Consumer Products, a division of Johnson & Johnson (www.jnj.com) and the maker of Tylenol, was faced with product alteration in which Tylenol was laced with cyanide, causing several U.S. deaths. McNeil's batch records helped the company defend its procedures and supported the theory that the problem was not a production deviation but postproduction tampering. Therefore, a company should pay close attention to the contents of its batch records, how those records are filled out during operation, and how the documents are reviewed.

Deviations and Corrections

Another frequent focus during inspections is a company’s deviation management and its corrective actions. Deviations can occur during manufacturing, validating, laboratory testing, or program monitoring.

Deviation management

is a program under which OOS results are reviewed, analyzed, trended, and corrected. Typical questions that an experienced inspector has in mind when inspecting a company’s deviation management and corrective actions are listed in the "Inspecting Deviations" sidebar.

Deviations can take place when manufacturing equipment breaks down or when operators make errors. In these circumstances, it is important to analyze trends in the deviations and to determine the reason for the failures. If there is a trend, what is causing it? Is it user error or improper equipment use? If the equipment is being used improperly, was there an SOP on the machine, and was the SOP being followed? Deviations are red flags that can portend even bigger problems.

Training

A review of the most recent citations issued to companies by FDA shows that many of the issues they cite relate to human error (4). The key to overcoming human error problems is proper and frequent training.

Inspecting Deviations

Inspectors examine training records when they reach the conclusion that improper use of the machinery or human errors are the cause of a cited issue. The inspector in these cases will naturally ask if proper training was conducted. Therefore, you need to ask the questions first.

When evaluating your company's training program, be sure to document your responses to training questions. Does a formal program mandate training? Does the training program specify who needs to be trained and on what equipment or processes? Are training materials presented properly by a qualified trainer? Do the training records indicate who was trained and on what equipment or process? Are the records available for inspection? Was training effective in preventing further deviations?

Inspectors can choose to determine the effectiveness of a company's training for themselves. For example, they may observe the gowning procedures for entering classified areas when the cause of a contamination problem was determined to be improper gowning practices. To be proactive and prevent the need for this type of inspection, companies should set up comprehensive training programs that clearly define who needs training, what type of training they need, and how frequently additional or refresher training will be required. Training programs attended should be documented and attached to each employee's record.

Receiving and Inspection

Most companies have standard procedures in place for accepting raw materials and consumable commodities. Receivables include not only active ingredients and excipients but also items such as glassware, clean gowns, coveralls, and chemicals or components that are used to manufacture drugs and medical devices.

A receiving and inspection program needs to define the expectations about each commodity or ingredient being received. The SOPs on the program should state those steps that need to be taken when ingredients or components are received to ensure that the material received meets expected quality attributes. The SOPs may include a review of vendor certificates of analysis and of test results, or they may require internal sampling and testing approved by the quality assurance and quality control (QA/QC) functions within the company. When a company conducts sample tests, it must document the results properly. Companies concerned about quality standards often consider third-party organizations that can conduct tests and confirm the required attributes of the raw materials. If this route is chosen, the outside testing laboratory should be audited and qualified.

SOP Failures

Change Control

Throughout the manufacturing operation and within all production processes, change is inevitable. New process steps, changes in equipment, and improvements or corrected inadequacies all cause change within a company's operations.

A formal program must be in place to handle changes. Inspectors often focus on this facet of production during an inspection. Inspectors reviewing a company's change control programs will ask if a formal change control program is in place, who administers the program, and which department has ultimate authority over change control. They will ask how the effects of a change are assessed, what steps are taken to minimize or prevent additional impacts, how decisions are made, the thought processes behind change, and who approves them. And, as in all other production processes reviewed, an inspector will want to know how the entire change event, the actions taken in response to the change, and the decisions made regarding the change have been documented.

Documentation Practices

People in the biopharmaceutical industry often joke that, "In God we trust, everything else must be documented." That phrase speaks for itself — and for the mountains of documents that regulatory compliance requires.

FDA inspectors insist on reviewing documentation processes. Documents are the only proof that companies have with which to defend their practices and operating procedures. Therefore no amount of effort put into preparing proper documents is in vain. Long before an inspection, review your company's documents . . . and then review them again. Find and fill document gaps, obtain approval signatures, be clear — and, most of all, be factual in your documentation. Always remember, "If you don’t have the proper documentation for an action or item, you don’t have that item, or no action was taken."

To Prepare . . . Perchance to Succeed

To biopharmaceutical, pharmaceutical, medical device, outsourcing, or other health care–related companies, an "inspection" translates to an "FDA inspection." But inspections come from other sources as well, from your customers as due diligence audits, from European and other national inspecting agencies, and from potential merger, acquisition, and investing partners.

Preparation for an inspection is critical. Responsible individuals within the company must ask all the questions listed in this article to determine how the company’s operations are functioning. Responsibility must be assigned to those who can ensure success. Rules and regulations can be cumbersome and time consuming, but they serve specific purposes. Proactive managers are those who understand the logic behind the regulations before they attempt to implement them.

References

(1) "Current Good Manufacturing Practice in Manufacturing, Processing, Packing, or Holding of Drugs,"

Code of Federal Regulations, Food and Drugs

, Title 21, Part 210 (U.S. Government Printing Office, Washington DC), revised 1 April 2001.

(2) "Current Good Manufacturing Practice for Finished Pharmaceuticals," Code of Federal Regulations, Food and Drugs, Title 21, Part 211 (U.S. Government Printing Office, Washington DC), revised 1 April 2001.

(3) "Biological Products," Code of Federal Regulations, Food and Drugs, Title 21, Part 600 (U.S. Government Printing Office, Washington DC), revised 1 April 2001.

(4) FDA Warning Letters. Available at www.fda.gov/foi/warning.htm (accessed May 2002). BPI