IV.B.3. Quality system and record management practices

IV.B.3.1. Competence of auditors and quality management of audit activities

IV.B.3.1.1. Independence and objectivity of audit work and auditors

The organisation should assign the specific responsibilities for the pharmacovigilance audit activities. Pharmacovigilance audit activities should be independent. The organisation’s management should ensure this independence and objectivity in a structured manner and document this.

Auditors should be free from interference in determining the scope of auditing, performing pharmacovigilance audits and communicating audit results. The main reporting line should be to the upper management with overall responsibility for operational and governance structure that allows the auditor(s) to fulfil their responsibilities and to provide independent, objective audit opinion. Auditors can consult with technical experts, personnel involved in pharmacovigilance processes, and with the person responsible for pharmacovigilance; however auditors should maintain an unbiased attitude that allows them to perform audit work in such a manner that they have an honest belief in their work product and that no significant quality compromises are made. Objectivity requires auditors not to subordinate their judgement on audit matters to that of others.

IV.B.3.1.2. Qualifications, skills and experience of auditors and continuing professional development

Auditors should demonstrate and maintain proficiency in terms of the knowledge, skills and abilities required to effectively conduct and/or participate in pharmacovigilance audit activities. The proficiency of audit team members will have been gained through a combination of education, work experience and training and, as a team, should cover knowledge, skills and abilities in:

• audit principles, procedures and techniques;
• applicable laws, regulations and other requirements relevant to pharmacovigilance;
• pharmacovigilance activities, processes and system(s);
• management system(s);
• organisational system(s).

IV.B.3.1.3. Evaluation of the quality of audit activities

Evaluation of audit work can be undertaken by means of ongoing and periodic assessment of all audit activities, auditee feedback and self-assessment of audit activities (e.g. quality assurance of audit activities, compliance to code of conduct, audit programme, and audit procedures).

IV.B.3.2. Audits undertaken by outsourced audit service providers

Ultimate responsibility for the operation and effectiveness of the pharmacovigilance system resides within the organisation (i.e. within the Agency, competent authority or marketing authorisation holder). Where the organisation decides to use an outsourced audit service provider to implement the pharmacovigilance audit requirements on the basis of this GVP Module and perform pharmacovigilance audits:

• the requirements and preparation of the audit risk assessment, the audit strategy and audit programme and individual engagements should be specified to the outsourced service providers, by the organisation, in writing;
• the scope, objectives and procedural requirements for the audit should be specified to the outsourced service provider, by the organisation, in writing;
• the organisation should obtain and document assurance of the independence and objectivity of outsourced service providers;
• the outsourced audit service provider should also follow the relevant parts of this GVP Module.

IV.B.3.3. Retention of audit reports

Retention of the audit report and evidence of completion of action needs to be in line with the requirements stipulated in GVP Module I.