Vendor Audit are the primary tools used to evaluate an organization’s operations. Multiple vendors or contracted service providers are commonly used in the pharmaceutical industry to support various clinical trial activities on behalf of the sponsor. Vendor Audits are, thus, the assessment of the documented quality system’s effectiveness and suitability for meeting the customer’s contractual requirements through a systematic and independent review of the system’s implementation and related quality activities and results.
An internal audit examines governance, risks, and controls, while a vendor audit examines quality management through procedures and data processes.
The step involved in managing the Vendor Audit Program are as follows:
The Quality Audit Function will schedule vendor audits for the year based on the Annual Audit plan. Vendor audits are necessary for all potential critical items.
The Vendor’s Lead Auditor will request pre-audit information.
Among the things that can be done to get ready for the vendor audit, but not only, are:
Review of relevant documents, regulatory filings, GMP certifications, regulatory status, quality agreement with the vendor/service provider, and vendor quality review. Vendor audits must talk about and agreed upon with the vendors. The announcement will include proposed goals and aims, agenda and the date and length of the audit.
Company-hired third-party consultants can audit vendors. After assessing the adequacy and cGMP-trained staff, the Third Party can sell the audit report. The lead auditor must ensure Vendor understands audit observations to facilitate the CAPA plan. To prioritize the critical comments and their impact on product quality and a business decision to discontinue.
Quality Audit Functions manage audit plans, reports and associated corrective and preventive actions (CAPAS). Audit reports are usually kept private from Regulatory Agency inspectors.
This includes proposed time frames, responsible functions and the lead auditor review the final CAPA plan.
Critical and Major Observation responses and verification will close the audit.
Metrics will track vendor audit response and closure performance at least biannually.
CONCLUSION
Compliance-focused vendor audits are becoming standard practice in many industries, especially logistics, which uses many third parties. The logistics industry’s high dependence on third parties has led to fraud, bribery, and corruption. The industry must consider the risk assessment, scope, limitation, privacy considerations, and the strength of audit rights, access, and documentation in a compliance-focused vendor audit. Instead of auditing all vendors, focus on high-risk and audit them more often. Vendor audits focus on the third party’s books and records, particularly accounting areas where improper transactions are usually recorded or disguised.