Acknowledgements

The PIPA Committee would like to thank the following members of the PIPA Training Working Party who played a major role in the development of this course:

  • Avile Rodriguez, Senior Safety Officer, Mitsubishi Tan abe Pharma Europe Ltd
  • Cecilia Adetola, Medical Signatory Pharmacist, CK Management Ltd
  • Anne Turnbull, PIPA Operations Manager
  • Sharon Braithwaite, PIPA Memberhsip & Events Coordinator

Transparency

On publication, GVP Module IV required that the European Commission must make public:

Confidentiality

Documents and information collected by the internal auditor should:

Requirements for audit reporting in the EU

3. Requirements for audit reporting in the EU

3.1 Reporting by the marketing authorisation holder

  • The marketing authorisation holder shall place a note in the pharmacovigilance system master file (PSMF) concerning critical and major audit findings of any audit relating to the pharmacovigilance system in the pharmacovigilance system master file (see Module II – Pharmacovigilance system master file (Rev 1))
  • Based on the audit findings, the marketing authorisation holder shall ensure that an appropriate plan detailing corrective and preventative action is prepared and implemented
  • Once the corrective and preventive actions have been fully implemented, the note may be removed
  • Objective evidence is required in order that any note of audit findings can be removed from the PSMF (see Module II – Pharmacovigilance system master file (Rev 1))
  • The marketing authorisation holders should ensure that a list of all scheduled and completed audits is kept in the annex to the PSMF
  • The dates and results of audits and follow-up audits shall be documented

3.2 Reporting by the competent authorities and in Member States and the Agency

  • Competent authorities in Member States and the Agency should ensure that they comply with reporting commitments in line with the legislation, GVP guidance and their internal reporting policies
  • Competent authorities in Member States shall report the results of their pharmacovigilance system audits to the Commission on 21 September 2013 at the latest and then every 2 years thereafter

Competent Authorities in Member States and the European Medicines Agency

2. Competent Authorities in Member States and the European Medicines Agency

2.1 Requirement to perform an audit

  • The Agency shall perform regular independent audits of its pharmacovigilance tasks and competent authorities in Member States shall perform a regular audit of their pharmacovigilance system
  • Competent authorities in the Member States and the Agency shall perform risk-based audits of the quality system at regular intervals according to a common methodology to ensure that the quality system complies with the requirements
  • The dates and results of audits and follow-up audits shall be documented

2.2 Common methodology

  • All audits at the competent authorities in the Member States and the European Medicines Agency should have a common ground in terms of methodology

This is in order to have a useful audit system

  • This should ensure harmonised planning, implementation and reporting by every competent authority in Member States and at the Agency

2.3 The Pharmacovigilance Risk Assessment Committee (PRAC)

  • The mandate of the Pharmacovigilance Risk Assessment Committee (PRAC) shall cover all aspects of the risk management of the use of medicinal products for human use, having due regard to the design and evaluation of pharmacovigilance audits

Marketing Authorisation Holders in the EU

1. Marketing authorisation holders in the EU

1.1 Requirement to perform an audit

The Marketing Authorisation Holder in the EU is required to:

1.2. The qualified person responsible for pharmacovigilance in the EU (QPPV)

  • The responsibilities of the QPPV in respect of audits are provided in Module I – Pharmacovigilance systems and their quality systems
  • The QPPV should receive pharmacovigilance audit reports, and provide information to the auditors relevant to the risk assessment, including knowledge of status of corrective and preventive actions
  • The QPPV should be notified of any audit findings relevant to the pharmacovigilance system in the EU, irrespective of where the audit was conducted

Retention of audit reports

3. Retention of audit reports

Retention of the audit report and evidence of completion of action needs to be in line with the requirements stipulated in Module I – Pharmacovigilance Systems and their Quality Systems (section I.B.10.IV.C. Operation of the EU network)

Audits undertaken by outsourced audit service providers

2. Audits undertaken by outsourced audit service providers

Ultimate responsibility for the operation and effectiveness of the pharmacovigilance system resides within the organisation

(i.e. within the Agency, competent authority or marketing authorisation holder)

When the organisation decides to use an outsourced audit service provider, the following should be specified to the provider:

  • The requirements and preparation of the audit risk assessment, the audit strategy and audit programme and individual engagements in writing
  • The scope, objectives and procedural requirements for the audit should be specified in writing
  • The organisation should obtain and document assurance of the independence and objectivity of outsourced service providers
  • The outsourced audit service provider should also follow the relevant parts of this GVP module.

Competence of auditors and quality management of audit activities

1. Competence of auditors and quality management of audit activities

1.1 Independence and objectivity of audit work and auditors

  • The organisation should assign the specific responsibilities for the pharmacovigilance audit activities
  • Pharmacovigilance audit activities should be independent. The organisation’s management should ensure this independence and objectivity in a structured manner and make sure that this is documented
  • Auditors should be free from interference in determining the scope of auditing, performing pharmacovigilance audits and communicating audit results
  • Auditors can consult with technical experts, personnel involved in pharmacovigilance processes, and with the person responsible for pharmacovigilance however auditors should maintain an unbiased attitude that allows them to perform audit work in such a manner that they have an honest belief in their work product and that no significant quality compromises are made
  • Objectivity requires auditors not to subordinate their judgement on audit matters to that of others

1.2 Qualifications, skills and experience of auditors and continuing professional development

  • Auditors should demonstrate and maintain proficiency in terms of the knowledge, skills and abilities required to effectively conduct and/or participate in PV audit activities
  • The proficiency of audit team members will have been gained through a combination of education, work experience and training and, as a team, should cover knowledge, skills and abilities in:
    • Audit principles, procedures and techniques
    • Applicable laws, regulations and other requirements relevant to pharmacovigilance
    • Pharmacovigilance activities, processes and system(s)
    • Management system(s)
    • Organisational system(s)

1.3 Evaluation of the quality of audit activities

  • Evaluation of audit work can be undertaken by means of ongoing and periodic assessment of all audit activities, auditee feedback and self-assessment of audit activities (e.g. quality assurance of audit activities, compliance to code of conduct, audit programme, and audit procedures)

Actions based on audit outcomes and follow-up

2.4 Actions based on audit outcomes and follow-up
  • Actions referenced in this section of the guideline, i.e., immediate action, prompt action, action within a reasonable timeframe, issues that need to be urgently addressed, or communicated in an expedited manner, are intended to convey timelines that are appropriate, relevant, and in line with the relative risk to the pharmacovigilance system
  • Corrective and preventive actions to address critical and major issues should be prioritised
  • The precise timeframe for action(s) related to a given critical finding, for example, may differ depending on nature of findings and the planned action(s)
  • The management of the organisation is responsible for ensuring that the organisation has a mechanism in place to adequately address the issues arising from pharmacovigilance audits
  • Actions should include root cause analysis and impact analysis of identified audit findings and preparation of a corrective and preventive action plan, where appropriate
  • Upper management and those charged with governance, should ensure that effective action is implemented to address the audit findings