The Auditor Vs. Inspector Issue

Q. During a recent audit of our company, the auditor found some non-conformance issues that we disagreed with. Do we have to make the changes the auditor suggested?

A. Those of you who have been audited will likely have come across the following situation: the auditor has identified a non-conformance with the applicable regulations. Purely for illustrative purposes, let us say that the auditor identified missing documents that should have been prepared as part of a laboratory information management system (LIMS) validation. Now the auditor informs the auditee about this finding.

The auditee shows surprise and retorts that this site/company/laboratory has a long history of successful inspections by regulatory authorities from three continents and that they never had an observation like this. In fact, during the last inspection by an agency, the LIMS validation package had been reviewed and found perfectly acceptable. Therefore, the auditee refutes the validity of the auditor’s observation.

So, how do we resolve this? Shouting match? Exchange of heated arguments? Certainly not! After all, we are professionals. And as such, we need to understand both sides.

Questioning the validity of an audit

No matter what conclusions the auditor comes to, the auditee should review the validity of the results. Obviously, the auditees will accept a positive inspection outcome with no or few or only minor observations as confirmation of the validity and acceptability of their quality systems, modes of operation, facilities and equipment, and organizational structures. However, any such result should be carefully analyzed, and the following questions (not all-inclusive) should be asked by the auditee:

• Was the inspector an expert in the field? Of note, very few people are an expert in everything.

• Did the inspector look at the documentation and the system in detail? Or was the focus of the inspection on other aspects or areas?

• Are we aware of any issues regarding the validation of that system (i.e., something we know about, but the inspector may have missed)?

• If the answers to the first two questions are a yes and no to the third, then we can be quite confident that indeed the system documentation is fully supportive of our claim to validation.

The auditor should also question their own results

Auditors should always challenge their decisions and statements, as their audit findings can have as much impact on the audited company as a regulatory inspection. Questions an auditor should ask themself include, but are not limited to:

• Am I sufficiently proficient and experienced in the specific field to make an informed decision?

• Have I referenced the correct and the latest regulations, guidance documents, industry best practices, or other sources of pertinent information?

• Have I been able to collect a sufficient and/or representative sample of evidence to support my statements?

• Did I take the auditee’s challenge seriously, and have I managed to refute it based on science, regulatory evidence, and/or other unbiased basis? 

We should bear in mind that inspectors and auditors alike are humans. As such, auditors make mistakes, have preferences, and to some extent, may be biased. Furthermore, an audit or inspection can only ever be looking at a snapshot in time. For example, unlike the people working in the company under scrutiny, auditors will not see all the behaviors, all the operations, etc. As a result, all statements made are based on a limited amount of information and observations.

Audits provide needed information

And we must not forget that the focus of an inspection (or audit) can change over time, be it for developments in the regulatory field (e.g., the increase in data integrity-related inspections in recent years) or changes to the circumstances in the inspected site (e.g., new ownership, the introduction of new dosage forms, etc.), to name a few possible reasons. Consequently, a site may have been in compliance over many years, but may not have kept up with the changes, which may suddenly find the site in a state of diminished compliance.

It is better to have a non-conformance picked up during an audit than have it recorded during an inspection. So, the next time your auditor tells you about an issue you didn’t know about, it may be sensible to accept and investigate it before deciding to reject it.

Article Details

BioPharm International
Volume 32, Number 5
May 2019
Page: 54 

Citation

When referring to this article, please cite it as S. Schmitt, "The Auditor Vs. Inspector Issue," BioPharm International 32 (5) 2019.