The president and the auditor of a Costa Rican company selling reinsurance bonds to life settlement companies were arrested and charged, along with the company itself, in a seven-count indictment unsealed today for their alleged role in a $670 million fraud scheme involving victims throughout the United States and abroad.

A Michigan businessman pleaded guilty to wire fraud in connection with the federal E-Rate program.

Two individuals pleaded guilty today for their participation in a conspiracy to defraud the Federal Communications Commission’s (FCC) Video Relay Service (VRS) program.

Iheanyi Frank Chinasa, 39, of Gaithersburg, Md., was convicted yesterday by a federal jury in Richmond, Va., of multiple fraud charges and obstruction of an official proceeding related to his participation in a scheme to defraud Cisco Systems Inc., announced Assistant Attorney General Lanny A. Breuer of the Criminal Division, U.S. Attorney Neil H. MacBride of the Eastern District of Virginia and Michael Morehart, Special Agent in Charge of the FBI Richmond Field Office.

A Las Vegas man was arrested yesterday on charges that he defrauded distressed homeowners in Las Vegas who were attempting to refinance or adjust their home mortgages.

Two former humanitarian aid workers were each sentenced today to 142 months in prison for defrauding the U.S. Agency for International Development (USAID) of approximately $1.9 million that was intended to assist impoverished people and towns in Liberia.

Iheanyi Frank Chinasa, 39, of Gaithersburg, Md., was sentenced today to 84 months in prison for his participation in a scheme to defraud Cisco Systems Inc.

The principal and co-owner of Integra Capital Management LLC, a North Carolina company, was arrested in Denton, N.C., today for defrauding commodities trading investors of more than $3.2 million, announced Assistant Attorney General Lanny A. Breuer of the Criminal Division and U.S. Attorney Anne M. Tompkins of the Western District of North Carolina.

An owner of a Houston health care company pleaded guilty today in connection with a $654,227 Medicare fraud scheme.

The president and part owner of a Michigan-based Internet and technology services company was sentenced today to serve 15 months in prison for defrauding the federal E-Rate program.

Four Florida men were arrested today on charges that they defrauded homeowners in Massachusetts and elsewhere in connection with a home loan modification scam.

Roger Charles Day Jr. was found guilty late yesterday of leading an international conspiracy to sell more than $4.4 million in nonconforming and defective parts to the Department of Defense.

Saudi Arabia-based Tamimi Global Company Ltd has agreed to pay the United States $13 million to resolve criminal and civil allegations that the company paid kickbacks to a Kellogg Brown &s operations in Iraq and Kuwait.

Two individuals have been charged in New York for their alleged participation in a plot directed by elements of the Iranian government to murder the Saudi Ambassador to the United States with explosives while the Ambassador was in the United States.

Akinsunbo Akinbile, 44, pleaded guilty before U.S. District Judge Keith P. Ellison in Houston to eight counts of health care fraud.

– The principal and co-owner of Integra Capital Management LLC, a North Carolina company, pleaded guilty today for his role in a commodities trading investment scheme that allegedly raised more than $3.2 million.

Thomas B. Evans, 47, of Centennial, Colo., pleaded guilty before U.S. District Judge Christine M. Arguello in Denver to one count of conspiracy to commit mail and wire fraud.

The Department of Justice today released the executive summary of the report by an independent auditor of the Gulf Coast Claims Facility (GCCF), the facility set up to process claims in the wake of the April 20, 2010, Deepwater Horizon oil spill.

An owner of a Houston health care company was convicted yesterday by a jury in the Southern District of Texas in connection with a $750,000 Medicare fraud scheme.

Jill Ann Charpia, 33, formerly of San Antonio and currently of Colorado, pleaded guilty today before U.S. Magistrate Judge Henry J. Bemporad in San Antonio to a criminal information charging her with one-count of false statements to a government agency.

Julio Soto Jr., 52, of Columbus, Ga., pleaded guilty today before U.S. District Chief Judge Margaret B. Seymour in the District of South Carolina to a criminal information charging him with one count of conspiracy to accept illegal gratuities.

Manssor Arbabsiar, aka Mansour Arbabsiar, pleaded guilty today in federal court in the Southern District of New York to participating in a plot to murder the Saudi Arabian Ambassador to the United States while the Ambassador was in the United States.

Khalid Ali-M Aldawsari, 22, a citizen of Saudi Arabia and resident of Lubbock, Texas, was sentenced today by U.S. District Judge Donald E. Walter in federal court in Amarillo, Texas, to life in prison.

The former director of accounting and the former outside auditor of Arizona-based residential mortgage loan originator American Mortgage Specialists Inc. pleaded guilty in Arizona to conspiracy to defraud BNC National Bank and obstruction of justice, respectively.

Manssor Arbabsiar, aka “Mansour Arbabsiar,” was sentenced today in New York City federal court to 25 years in prison for participating in a plot to murder the Saudi Arabian Ambassador to the U.S. while the Ambassador was in the U.S..

Attorney General Eric Holder and U.S. Attorney for the Western District of North Carolina Anne M. Tompkins announced today that the United States has filed a civil lawsuit against Bank of America Corporation and certain of its affiliates, including Merrill Lynch, Pierce, Fenner &Bank of America”).

The Justice Department announced that yesterday a federal court in Ft. Worth, Texas permanently barred Karena Mondrianh, of Southlake, Texas, from preparing tax returns and from operating a tax-preparation business.

Three defendants who previously pleaded guilty in connection with an immigration services fraud scheme were sentenced in federal court.

The government has filed a complaint against Canton, Ohio-based TAB Construction Co. Inc. (TAB) and its owner, William E. Richardson III, for allegedly making false statements to the Small Business Administration (SBA) to obtain certification as a Historically Underutilized Business Zone (HUBZone) company.

A retired colonel and a sergeant in the Army National Guard have been charged in a nine-count indictment in Albuquerque, N.M., for allegedly defrauding the National Guard Bureau.

Two individuals charged with running a telemarketing operation that defrauded Spanish-speaking consumers were sentenced today in Miami federal district court.

Two Florida men were sentenced today to serve 84 months in prison for defrauding thousands of homeowners in a $4 million nationwide home loan modification scheme.

Three individuals have been indicted for their alleged roles in an approximately $32 million fraud against a Federal Communications Commission (FCC) program designed to provide discounted telephone services to low-income customers.

A Maryland man was sentenced today to serve one year and a day in prison for defrauding thousands of homeowners in a $4 million nationwide home loan modification scheme.

A soldier in the Texas Army National Guard pleaded guilty today for his role in a bribery and fraud scheme that caused more than $30,000 in losses to the U.S. National Guard Bureau.

Former Specialist Christopher Renfro, 26, of Houston, Texas pleaded guilty today to two counts of wire fraud and one count of aggravated identity theft. Previously, on March 24, 2014, Renfro pleaded guilty to one count of conspiracy and one count of bribery in connection with the same scheme.

Today, U.S. District Judge Gustavo A. Gelpí approved the selection of Arnaldo Claudio to serve as Technical Compliance Advisor (TCA), overseeing the implementation of sweeping civil rights reforms under the Agreement for Sustainable Reform of the Puerto Rico Police Department.

A North Carolina couple pleaded guilty for leading a Costa Rican sweepstakes fraud scheme that defrauded hundreds of elderly Americans

A former LaPorte County deputy auditor has been indicted by a federal grand jury in the Northern District of Indiana for embezzling over $150,000 from the LaPorte County government and committing tax fraud.

A dual United States-Costa Rican citizen pleaded guilty today for his role in a $1.88 million sweepstakes fraud scheme that defrauded hundreds of elderly Americans.

Attorney General Eric Holder announced today that the Department of Justice and 19 states and the District of Columbia have entered into a $1.375 billion settlement agreement with the rating agency Standard &s Financial Services LLC, along with its parent corporation McGraw Hill Financial Inc., to resolve allegations that S&s 2013 lawsuit against S& true credit risks. Other allegations assert that S&s business relationships with the investment banks that issued the securities.

You know you need a computer systems audit, but that’s literally the extent of what you know.
Has this ever been you?

Yes, you use computers on a daily basis, and you may even use the system that needs to be audited. But you don’t spend your day thinking about where all the system components are located, how services and software are combined, and what Part 11 requirements apply. Terms like “cloud computing” make you feel slightly queasy. You’d rather get a root canal than discuss “distributed processing.” Your expertise is in manufacturing. Or clinical research. Or non-clinical lab operations. And somehow it’s your job to make sure an effective and properly-sized system audit is conducted. Great.



Yet your Quality Assurance colleagues -- whether they’re from your internal QA department or an external compliance company -- need your input. They need to understand what software is being purchased, what services are being contracted, how and where components of the system are being implemented, and how the system will be used.

The good news is that the QA auditors can help you. They know that FDA favors a risk-based approach to validation and Part 11 implementation, and they even know what that means. They love to talk about configuration management and change procedures. They love gathering evidence that demonstrates your system works correctly and is in a state of control, and they know what rocks they should look under to find and fix vulnerabilities.

What follows are examples of the types of information you need to convey to QA – and that they should be asking you about – to properly size and scope an audit.

How do You Plan to Use the System?

Suppose you need to audit the supplier of a new Document Management System. The first thing an auditor would need to understand is how you plan to use the system. How mission critical are the documents you’re looking to store?  Are they covered under regulatory scope?  Maybe you plan to use the system as a collaboration environment for developing new SOPs. That would require a relatively low level of scrutiny, especially if you only plan to print out the finalized documents for wet ink signature. (As a point of comparison, if you plan to use the system to finalize SOP approval, the auditor would need to check that Part 11 requirements for electronic signatures are properly implemented.) What if the Document Management System will be housing critical GxP documents, such as Trial Master Files, Master Schedule Sheets, or Master Batch Records? In these cases, the validation would have to be far more thorough, and Part 11 electronic record features, such as audit trails and archiving functionality, would have to be implemented and verified.

Here’s another “use” example. Similar to the term “Document Management System,” the term “Analytics System” does not tell the whole story. From a business perspective, study start up (SSU) metrics may be vital for sponsors and CROs to collect and analyze. But since they have no regulatory impact, the FDA would not require an SSU analytics system to be validated. (That doesn’t necessarily mean you might not want to, though.) On the other hand, a system that performs statistical analysis on study data for regulatory submission is about as critical as it gets, and would require thorough validation and Part 11 implementation. Other analytics systems, such as dashboards that pull data from critical systems, might fall somewhere between these two extremes.

What is the Vendor Providing? And How? And Where?

If you need to audit a complex system, the questions QA will ask you will go beyond system use. The auditors will need to understand the combination of software and services the vendor is providing, and where the software and data reside.

• Does the software and data reside internally at your company or does the vendor provide a hosting service?
  If the vendor is hosting, the auditor needs to tour the facilities and review SOPs and records to evaluate physical security, staff training, environmental controls, backup procedures, disaster recovery plans, data retention, computer infrastructure, and change control.
  
  
• Does the hosting vendor own its own servers or does it, in turn, outsource that function to a 3rd party hosting company, (possibly even in the cloud)?
  If the hosting is outsourced, ideally an auditor would be able to visit the hosting site. Failing that, the auditor would ask questions about the vendor’s qualification processes and review SOPs that govern vendor selection/management procedures. If the vendor outsources other services beyond hosting, those services might need to be considered, as well.
  
  
• Is the vendor providing any other services?
  Many EDC vendors will provide study-specific services such as screen development and data entry validation edits. Auditors would need to review SOPs for providing these services and understand how the vendor tests and manages modifications to these components as the study proceeds.
  Sometimes computer systems vendors provide ancillary services, such as help desk functions and user account management. That would mean additional SOPs and training records for the auditor to look through.

Other Considerations

There are many. For example, where are you in the product life cycle? You ask different questions about a new system than you would about one that has been operating for a few years. Is the product Commercial off-the-shelf (COTS) or highly customized? COTS systems vendors often have their own validation package which auditors would review, and then ensure proper operation in the sponsor/CRO’s specific environment. A highly customized or custom-built system would require a more extensive validation process.


The Take Away

CSV/Part 11 audits will never be standardized, cookie cutter type activities; there are simply too many factors -- in too many combinations -- to consider. You want your QA efforts to be worth the money you spend and be able to answer the questions FDA says you need to be asking. If you’re unsure how to do that, that’s ok. Other people know, as long as you can help them understand how you plan to use the system, what software and services are being supplied, and how components of the system are being implemented.

In case you missed it, our previous post was Notes 2 Fix Your Notes 2 File.
_______________________________________________
Many thinks to Lisa Olson for sharing her insights with me.

Last month, I scheduled one-on-one discussions with our most experienced GCP auditors to ask each of them the same question: What surprises you most about the audits you conduct?

I guess you could say that I was the one who was surprised. I’m not sure exactly what I was expecting to hear, but I thought my teammates were going to talk about things that were new. Instead, I heard a lot more about things that have been around for a long time. To a person, my colleagues said they were surprised to be observing some of the same audit findings they were observing 30 years ago...which *is* surprising when you consider most of them were mere children at the time. ;-)  It seems we have some stubbornly persistent quality and compliance issues in the biopharma industry that decades of neither experience nor technology have seemed to remedy. And the problems are not just persistent; they’re interrelated.



Standard Operating Procedures (SOPs)
It’s quite common for auditors to encounter sponsors, CROs, and sites that lack an adequate set of SOPs to describe local procedures. There are several reasons for this. Sometimes it’s a lack of resources. Sometimes smaller, established organizations believe writing it all down is unnecessary, as “people know their jobs.” Sometimes newer companies are simply unaware that written procedures are required for particular operations. But when procedures are not documented, organizations are unable to demonstrate GCP compliance, cannot ensure that activities are performed correctly or consistently, and have difficulty training new staff members. (We’ll come back to training in a bit.)

Frequently missing from a good working set of SOPs are procedures for Disaster Recovery, Handling of Suspected Fraud, and Management of Regulatory Inspections. These SOPs are not used for day-to-day operations, so perhaps that’s why they don’t garner as much attention. Nevertheless, the inability to recover from a disaster, protect the organization from fraud allegations, or pass a regulatory inspection can sink a company.

A fourth SOP that is commonly absent from the set is the document that describes how to write, approve, distribute, revise, and retire SOPs. Also frequently missing from a working set of SOPs is our next topic: Training.

Training
Training can be expensive and time-consuming, and companies increasingly have to do more with less. In-person training has largely been replaced by computer-based systems, on-site training has given way to distance learning, and mentoring has gone the way of the dodo.

The good news is that study sites typically adhere to formal GCP training requirements. What’s often missing, though, is the training that connects GCP concepts to everyday activities. A trainee might correctly answer a multiple-choice question about audit trails, but without that “last mile” of coaching, use Wite-Out to correct a source document error. This is where SOPs come in. When training is conducted using well-written SOPs, it can help bridge the gap between standard GCP training and specific site operations.

It is not uncommon for study-specific training to be lacking in CROs – protocol training, device training, computer systems user training. As part of their vendor oversight procedures (also an SOP!), sponsors should be making sure that CRO staff is adequately trained. 

Trial Master Files (TMFs)
Whether paper or electronic, it’s common for TMF documents to be missing or expired. Replacements for these documents can usually be produced and filed at the time of the audit. Misfiled documents are another matter; they are already there but cannot easily be found. Locating and refiling them essentially doubles the time and cost of the original effort. For example, documents from multiple labs, such as certificates, credentials, vendor audit results, etc., are often mistakenly commingled. Documents must be sorted and refiled so that each facility listed on the 1572 has its own file or electronic folder.


Another very common mistake is treating every document on letterhead as if it’s general correspondence. Search for the word “letter” in the DIA Reference Model and you can see how many opportunities exist for misclassifying correspondence. For example, an IND safety report sent by the sponsor on letterhead should be filed under “Notification of Safety Information,” Section 8.3.18 in ICH E6(R2), not “Relevant Communications,” Section 8.3.11. In an eTMF, an IRB approval letter belongs in 04.01.02, its designated DIA Reference Model position, not 04.04.01, which is reserved for general communication.

The root cause of these misfilings? The filer does not know enough about the filing structure of the TMF and often is not familiar enough with clinical research to know the purpose of each document and where it belongs. The corrective action? Training. Training on the TMF plan, the TMF Management SOP, ICH GCP, and study operations in general.

Technology to the Rescue?
No doubt, CTMSs, eTMFs, eCRFs, ePRO, and other systems have improved clinical operations and reduced error. However, three decades of technological advances have done little to address the most common quality and compliance issues encountered by GCP auditors – and by extension regulators. Some might find that discouraging, but isn’t it also a little satisfying that the solution to our most persistent problems comes down to human communication?

______________________________________________________________________
A version of this article originally appeared in InSite, the Journal of the Society for Clinical Research Sites.

In an effort to tease out the priorities of a clinical study site audit, I asked six of our most experienced GCP auditors the following question:

If you only had one hour to conduct a study site audit,
what would you look at?
[Obligatory warnings:  Do not try this at home. This is just a simulation. Caveat lectorem. Dinosaurs in the mirror are bigger than they appear. Et cetera.]

Of course it’s not possible to conduct any kind of meaningful audit in so short a time, but it’s an interesting thought exercise because it gets to the heart of study site risk.
In order to respond to this question, the auditors needed to ask themselves:

(1) What are the greatest site risks to a study?
(2) Where can evidence be found that those risks are being managed?

Answering the first question is pretty easy. The very first paragraph of ICH E6(R2) tells us “Compliance with this standard provides public assurance that the rights, safety and well-being of trial subjects are protected…and that the clinical trial data are credible.” So there it is: the reason GCP exists. When we conduct clinical research, our highest priorities are human subject protection and data integrity. It follows, then, that jeopardizing these obligations is our greatest risk.

So with only an hour to evaluate whether a study site is managing these risks, we can move on to the second question. What would our audit (now referred to as “hour audit”) look like?

IRB Approvals

Hour Auditor has decided to spend the first twenty minutes at the site reviewing IRB approvals. Are all of the IRB approval letters in the Investigator Site Files (ISF)? Is the protocol that’s being executed the same version that the IRB approved? Have the protocol amendments and all of the associated Informed Consent Forms (ICFs) also been approved?

Missing approval letters aren’t necessarily the end of the world. It’s quite possible that the required approvals are sitting on the sponsor portal, having been received from a central IRB. Their absence from the ISF could just be a clerical error. However, it’s a first-order finding if the site was responsible for getting approval from its local IRB and failed to do so. The IRB would have to be notified. The FDA would have to be notified. Without review and approval from an ethics body, the safety of study participants is jeopardized and their rights violated. Everything stops.


Informed Consent

With forty minutes left to go, Hour Auditor spends the next twenty minutes reviewing participants’ ICFs. The selection of these participants may be random or targeted, depending on the results of the IRB approval review. Has each participant signed every applicable version of the ICF? Were they signed before any associated study procedures were conducted? If not, was the delay noted in the subject notes? How was the situation remedied? Was there a CAPA to ensure that any other incidents were corrected and future occurrences prevented? Was the IRB informed?


Inclusion/Exclusion Criteria

Now down to the final twenty minutes, Hour Auditor asks to see the Inclusion/Exclusion (I/E) criteria for two screened and enrolled participants. Most likely, the particulars of the study -- the vulnerability of the patient population, the therapeutic area, and the protocol complexity, among other things -- would drive the selection.

We’re running out of time, and this could be our final stop. With so much else to look at, including source data, IP accountability, staff qualification and training, and Adverse Events reporting, why focus on I/E criteria? Because they give us a glimpse of many aspects of study conduct all at once. When a site can assess complex I/E criteria correctly, it demonstrates protocol compliance and a commitment to producing reliable study data. Examining I/E criteria also gives Hour Auditor a chance to assess source data quality and provides further assurance of subject safety.

Best Laid Plans
As with any audit, particular findings at any step could (and should) alter the plans for this one-hour visit. If the ICF review left Hour Auditor concerned about fundamental flaws in the IC process, the rest of the audit might be spent trying to determine the extent of the problem. An incidental discussion could raise red flags about staff proficiency that may have Hour Auditor poring through protocol training records or scrutinizing the Delegation of Authority log. (Plus, Hour Auditor really, really wants to take a peek at the IP accountability records, and so may find a reason to do so*.)

The point of this thought exercise was to consider (1) the obligations of the clinical research industry to protect subjects and produce reliable data, (2) where the biggest risks to that obligation lie, and (3) how site audits should be prioritized to ensure those obligations are being met and those risks are being managed.

_________________________________________________________________________

*The auditors involved in this discussion did their best to honor the absurdly artificial time constraint I gave them. That meant foregoing activities no self-respecting auditor could bear to forego. This paragraph recognizes some of those activities. (Thank you all. I know this hurt.)

A version of this article originally appeared in InSite, the Journal of the Society for Clinical Research Sites.

Alarm Clock Image via Good Free Photos

Guest Blogger: Greg Weilersbacher
Founder & President, Eastlake Quality Consulting

All companies outsource. It’s a humbling fact that you simply can’t do it all yourself. This often has to do with resource allocation; your company may allocate dollars to build and sustain some activities in-house while choosing to contract higher-cost operations to qualified suppliers who already have the expertise and equipment. 

You may outsource the manufacturing of tablets, sterile injectable, or topical dosage form, or the GMP release and stability testing of your product. Once the production and testing is complete, the product may need to be stored under controlled temperature and humidity conditions and then distributed to locations around the globe. The Contract Development and Management Organizations (CDMOs) who execute these critical operations are of paramount importance to your company’s success. Choosing the right suppliers will also help to minimize stress-induced headaches throughout your organization. Here are the top five ways to get the most out of a supplier audit.



1.  Come to the Audit Prepared
This seems obvious. However, more often than not, quality auditors step into the supplier’s lobby without doing their homework. Ask yourself the following questions: Why am I auditing this supplier? Is this supplier new to my company or one that we have used before? If used previously, have I read over the audit observations as well as the supplier’s responses and do I understand them? Which audit observations do I suspect would be the most challenging for the supplier to address and which are most important to my company’s requirements for this product? Have I reviewed previously executed production batch records and testing data and are there issues that need to be resolved? Are their deviations and CAPAs to follow up on?

Your understanding the supplier’s work proposal is of great value in refining the scope of the audit. Ask yourself:  Which of our products may be manufactured and tested here and which strengths (e.g., potency) will be produced? Which equipment is likely to be used? For a tablet production, the equipment train could include balances, blenders, roller compactor, spray dryer, solvent-rated oven, comils, tablet press and tooling, gravity feeder, coating systems, de-duster, weight sorter, metal detector, tablet counter, etc. This list of equipment will assist you in requesting equipment records during the audit. 

2.  Stay On Point
Proper audit planning will help to keep the audit organized and adhere to the audit timeline. In advance of the audit, provide the audit host with a list of the technical, lab, and manufacturing staff you wish to speak with and the records you need to review. A well-organized host will have this available for your review. Stick to your audit agenda. This is critical. The best way to derail your progress is to spend precious time chasing down minor issues while glaring problems get little to no attention. Continually refer back to the audit agenda and remember to keep the content of your audit report in mind while executing the audit.


3.  Know Your Technical Expertise and Limitations
Many auditors have led previous lives in the laboratory or in manufacturing while others started their careers in quality assurance and may have little technical background with regard to equipment, manufacturing processes, GMP utilities and laboratory testing. Know your limitations and if necessary strengthen them by hiring an expert consultant to assist you during the audit.

A common problem area that is at best glossed over and at worst completely ignored during an audit is the CDMO’s compliance with GMP utilities requirements. All too often, this is due to the auditor’s lack of understanding of the operation, inputs and outputs, validation parameters, and periodic testing and maintenance requirements for utilities such as HVAC, clean or pure steam, purified water and WFI systems, autoclaves, clean compressed air, nitrogen and other gases used for operating equipment or used during processing activities in manufacturing. Typically, these areas are also less well understood by the CDMO’s employees and as a result noncompliance abound. 

Some GMP utilities may be connected to the facility’s building management system, while others may be stand-alone equipment. In either case, the CDMO should have records of alarms (e.g., out of specification or out of range conditions), an acknowledgement of each alarm by designated staff members, and documentation of corrective actions. The last item is key. This is where the execution of quality systems tends to fail. Make a point to request documentation of corrective actions for each utility alarm. 

Additionally, purified and WFI water systems along with gases, such as clean compressed air and nitrogen, require periodical sampling/testing at each point-of-use. Verify that the timelines (monthly, quarterly, or annual) for sampling and testing were performed as directed by the CDMO’s procedures. These timelines are typically not well adhered to. A clear understanding of all the operations of the supplier’s GMP utility management process will keep your thoughts clear during the audit and help identify areas that are in need of improvement. 

4.  The Auditor’s Job is to Identify the Good and the Bad (Not to Win the Debate)
An important goal of a supplier audit is to identify the supplier’s strengths and weaknesses and come away from the audit with a compliance assessment that your company can use to make important decisions. It is of no value to your company if the goal of the auditor is to show the supplier how much he or she knows by debating the fine points of compliance. GMP auditors with decades of experience generally avoid this competitive exchange as it is unproductive. Rather, it is more important to the spend the necessary time identifying compliance issues, making them known to the audit host in a professional manner, and taking detailed notes that assist in writing the audit report. Your company’s senior managers need to know the supplier’s good and not-so-good points; detailing all of these provides the greatest value. 

5.  Interview the CDMO's Lab Staff, Manufacturing Operators, and Shipping/Receiving Personnel
CDMO’s quality systems are generally written by managers and directors who have many years of industry experience. It is of utmost importance that staff members who execute these systems understand them if your company’s product is to be manufactured, tested, stored, and distributed in a compliant manner. Request to speak with manufacturing staff members who work on the production floor and are likely to work on your product. Ask them about the process they would follow to conduct lines clearance, charge powders to a blender, operate a spray dryer, use a comil, set-up of a tablet press, inspect tablets, use metal detectors, etc. Compare the information they provide to the CDMO’s SOPs to determine if the staff understands their jobs. Listen for phrases such as “I usually do it this way…” or “it’s a different every time but I typically set up the equipment like this…” These phrases reveal a lack of control and adherence to procedures. 

The Take Away
The audit itself lays the foundation for a relationship with the supplier and the take-away message should address the following questions: Will the supplier work to resolve the issues I’ve identified? Am I confident that the supplier will immediately notify and involve my company’s representatives when deviations occur during production or testing? Do the supplier’s quality systems and records meet my company’s requirements and those of regulatory agencies? How confident am I that the supplier will produce and/or test a quality product that my company can stand behind? Is the supplier simply a pair of hands or are they committed to be my partner in this product’s success? The answers will provide you with a comfort level in making the decision to move forward with the CDMO or to look to the their competition.  

*********************************************************************************

A version of this article was first published in Outsourced Pharma.

 About the Author
Greg Weilersbacher is the Founder and President of Eastlake Quality Consulting, a GMP consulting firm based in the Southern California area. Over the last 25 years, he has held director and vice president positions leading Quality Assurance, Quality Control, Analytical Chemistry, Materials Management, GMP Facilities, and Product Manufacturing in biotech and pharmaceutical companies. His unique experiences and technical background have led to the manufacture and release of hundreds of solid oral, sterile, and biologic investigational products to clinics in the U.S. and abroad. Email Greg at weilersbacher.greg@gmail.com.

When it rains guidance, it pours. The MDCG just released Guidance on temporary extraordinary measures related to medical devices Notified Body audits during COVID-19 quarantine orders and travel restrictions. The guidance takes immediate effect and is valid for the whole period of duration of the pandemic COVID-19 as declared by the World Health Organisation. It […]

Yokogawa Electric Corporation (TOKYO: 6841) announces that it has entered into a strategic alliance framework agreement to accelerate collaboration with Saudi Basic Industries Corporation (SABIC), ranked among the world's largest petrochemical manufacturers. The agreement includes selection of Yokogawa as a preferred supplier of control systems.