FDA inspection is one of the critical elements of FDA’s role in ensuring high quality products are comings to market which does not pose a threat to public. To ensure it FDA inspects various drug and device manufacturing facilities and reviews the systems and processes time to time. These are various regulations and guidance documents which talks about best practices for process and system compliance, however there are many grey areas which need to be taken care by manufacturers. As the amount of variables are huge for any FDA inspection, FDA inspectors are specifically trained to emphasize on certain elements which are very critical and they mainly focus on those while conducting a FDA inspection.
It is very much in favor of manufacturers to know what exactly a FDA inspector will review in their processes and systems so that they can rectify it before inspection and also maintain throughout the process. Though only those elements are not all to pass a FDA inspection, it is always better to know the secrets of the checklists which FDA inspectors will use frequently to do inspection and what methods to apply to be compliant against each of the areas they will be looking for. This article gives and idea about those elements related to CAPA and how manufacturers can focus on those key elements and follow methods of compliance to pass a FDA inspection successfully.
Documents used by FDA Inspectors :
A. Investigations Operations Manual (IOM) : Chapter 5 – Establishment Inspections
B. Compliance Program Guidance Manual for Inspection of Medical Device Manufacturers (CP 7382.845)
C. Guide to Inspections of Quality Systems (“QSIT Manual”)
A . Investigations Operations Manual
- Chapter 5.6.2.2 – contains details about Quality Audit. The key areas to look after are
- Exemptions: as per GMP preamble Internal Audit report is exempted from FDA purview , however “FDA wants to make it clear that corrective and preventive actions, to include the documentation of these activities, which result from internal audits, are not covered under the exemption
- Method of Compliance : You need to separate audit findings and reports from corrective actions. Also Audit Committee Meeting reports could contain matrix of corrective actions and CAR Log. You should utilize ECO/ECN as evidence of CAs i.e reason for change “Corrective action in response to Finding 3-13 from internal audit of Document and Data Control, performed on XXX date”
- Chapter 7.2.3.2 – It contains details about Device Recalls and corrective action
Best Practices :
- Describe the corrective action taken to correct the immediate problem.
- Did the firm qualify/validate the corrective action? and properly established responsibility to assure that the corrective action would be implemented and completed?
- What action was taken to prevent the recurrence?
- Was the non-conformance information provided to those responsible for the areas in which the it occurred?
- Did the firm determine if the nonconformance extended to other devices?
- Did the firm determine if changes were needed in procedures; if so, did it validate and implement the changes?
- Was the corrective action taken is appropriate?
- Method of Compliance :
Corrective action summary should contain: What was done? i.e Redesign? Procedure or drawing modified?
All corrective actions must be Verified and validated : Protocol (incl. P/F criteria), testing, results, approval
Document which department is responsible for implementation of corrective action and method of communication of corrective action. it can be through training
Take steps to minimize recurrence of nonconformance through training & process monitoring.
Determine and document limits of the non-conformance.
If process need changing, validate & implement and if it is not required then it needs to be justified.
There should be assurance of effectiveness of corrective action.
B. Compliance Program manual for Inspection of Med device Manufacturers :
This manual basically provides guidance to FDA personnel inspection and administrative enforcement activities. In particular it focuses on corrective actions with respect to previous FDA inspections.
It has multiple levels which determines the type of inspection, methods of compliance and regulatory follow up, administrative and judicial actions are given below.
- Types of Inspection and Focus areas :
- Level 2 Inspection or full inspection : you can expect this type of inspection which is also called full inspection when you have never gone through any inspection previously. This inspection is very comprehensive and covers all the 4 subsystems QSIT – CAPA, Management control, Design control, P & PC
- Level 1 or abbreviated inspection : This is a shorter inspection and happens after you have had a full inspection previously. This inspection will cover CAPA system and one of the major subsystems such as P&PC or Design control. It will review the adequacy of corrections and CAPAs from 483 items from previous inspections.
- Level 3 or Compliance Follow up : as the name suggest, it is a follow up to an inspection earlier conducted and the findings during previous inspection has resulted in further action..
- What Inspectors look for ? the inspectors are instructed to verify the adequacy of corrective actions those are implemented to address violations : ” If corrections or CAs are not implemented (effectively), verify that deficiencies continue to exist and provide evidence to support possible regulatory action.”
- Level 3 or Compliance Follow up : as the name suggest, it is a follow up to an inspection earlier conducted and the findings during previous inspection has resulted in further action..
- Level 4 or for cause inspection : This is not very common or does not happen very frequently, but when it happens, it catches manufacturers un-aware. This happens in response to specific information that raises questions or problems or causes safety concerns of products.
- It mainly focuses on quality problems, reviews underlying causes to assure appropriate corrections or corrective actions.
- Level 4 or for cause inspection : This is not very common or does not happen very frequently, but when it happens, it catches manufacturers un-aware. This happens in response to specific information that raises questions or problems or causes safety concerns of products.
2. Inspection steps :
- Part IIIA, Section 1 – Inspectional strategy : This requires inspectors to review the past data and be ready and create a strategy as per the available data. Inspectors are required to access post- market information and follow-up on previous 483 observations, including corrections & CAPAs.
- Method of Compliance : to pass this step you must follow following process and get your documentary evidences ready which validates that the steps are completed.
Make sure you respond to 483 immediately after inspection, which should Include planned CAPAs, projected due dates
Provide updated response as changes occur and Provide final update upon completion.
Generate summary of corrections and CAPAs
- Method of Compliance : to pass this step you must follow following process and get your documentary evidences ready which validates that the steps are completed.
- Part VA, Sec 4. Regulatory Follow-up, Administrative and Judicial Actions
This is done in response to recall, warning letter, seizure, injunction, prosecution, civil penalties, detention. The company officials submit proposals and objective evidence related to containment, corrections and corrective actions such as :
- Actions taken and to be taken to bring violative process/ product into compliance within specified time frame
- “In determining whether violations support legal action, consider the significance of the device, the establishment’s quality history, and whether the problem is widespread/continuing.”
- Method of compliance : below are best practices steps to comply and pass the inspection
- You must respond in writing to ALL interactions w/FDA in which a document is issued and ensure that the response is from “company official”
Response
- Containment implemented (e.g., product hold)
- Completed correction (e.g., customer letter)
- Proposed corrective action (e.g., revalidations)
- Explanation how these bring violative product into compliance
- Dates completed, or proposed completion dates
- Your response will be considered as part of FDA’s recommendation for any legal action
C . Guide to Inspection of Quality Systems (QSIT)
This guide document instructs inspectors on how to conduct inspection. In particular it emphasizes the 4 major sub systems to review :
Management Control
CAPA (satellites Medical Device Reporting, Corrections and Removals, and Medical Device Tracking)
Design Controls
Production and Process Controls (satellite Sterilization Process Controls)
This document also instructions to
- Evaluation of whether firm has addressed QSR requirements by defining procedures
- Analysis of whether firm has implemented those procedures : Sampling tables included
- Inspectional Objectives for each sub-system.
Inspectional Objective and Compliance steps for CAPA System :
The main subsystem is CAPA and we will discuss the top 10 inspection objectives and what Inspectors are trained to look for and what are the steps of comply.
CAPA System Inspectional Objective 1 :
Verify that CAPA system and procedures that address QSR requirements are defined & documented.
- Inspector instructed to review CAPA procedure(s) to assure :
- It/they require that corrective action taken to address product/quality problem include action to: Correct existing nonconformity or quality problem and prevent recurrence of the problem
- Include explanations for how company will meet the requirements for all elements of CAPA subsystem
- Inspectors are instructed to :
Gain working knowledge of firm’s CAPA procedure before beginning evaluation
Have management provide definitions
Make sure there is a method for identification and input of quality data into CAPA system, including information regarding product/quality problems that may require CAPA
Methods of Compliance for Objective 1 :
- Make sure you have a CAPA procedure, OR your Quality Manual lists procedures that involve CAPA
- Define potentially ambiguous words: nonconforming product, correction, corrective action, preventive action, etc.
- Review 21 CFR 820.100 to make sure your CAPA procedure includes reference to all CAPA requirements
- Make sure your CAPA procedure
Requires that corrective action taken to address product/quality problems includes action to:
- Correct the problem AND Prevent the problem from recurring OR reduce its likelihood
Describes how you identify quality data, and how it’s fed into the CAPA system
- Where are quality problems / nonconforming data looked for?
- Where is this data reported?
CAPA system Inspectional Objective 2 :
Determine if appropriate sources of product and quality problems have been identified. Confirm that data from these sources are analyzed to identify existing product and quality problems that may require corrective action.
- Inspector is instructed to:
- Assure company has procedures that describe/require input of product/quality problems into CAPA system
- Analyze product/quality problems to identify which ones require corrective action
- Confirm company routinely analyzes data from
Component, in-process and finished device testing
Post-distribution info: complaints, service activities, product returns
Concessions, and other sources of quality data
Methods of Compliance for Objective 2 :
- CAPA procedure must describe how product/ quality problems get fed into CAPA system
- Responsibility for surfacing problems
- Types of problems that must be surfaced: isolated occurrences, trends, etc.
- From where do problems originate (see Data analysis to be included, below)
- Consistent systematic process for analysis of product/quality problems to distinguish between those that DO require corrective action and those that do NOT
- Document which determines this and where it is documented
- Recommendation: Interdepartmental body, meeting frequency is up to you
- Data analysis to be included (“routinely”)
- Acceptance activities for component, in-process and finished device testing
- Information obtained after distribution: complaints, service activities, returned products
- Information relating to concessions, other sources of quality data
CAPA System Inspectional Objective 3 :
Determine if sources of product and quality information that may show unfavorable trends have been identified. Confirm that data from these sources are analyzed to identify potential product and quality problems that may require preventive action.
Inspector is instructed to:
- Determine if the firm is identifying product and quality problems that may require preventive action.
- Review if preventive actions have been taken regarding unfavorable trends recognized from analysis of product and quality information.
- Determine if the firm is capturing and analyzing data regarding in-conformance product.
Methods of Compliance for Objective 3 :
- Identify product/quality problems that may require preventive action and review trend-based nonconformance information: components, suppliers, in-process, complaints, etc.
- Identify preventive actions that are taken and accurately describe relevant actions as “preventive” to illustrate compliance
- Include conforming data in your data review which should contain trend of all test/inspection results and investigation details of negative trends that are still in conformance
CAPA Inspectional Objective 4:
Challenge the quality data system i.e verify data received by the CAPA system is complete, accurate, and timely.
Inspector is instructed to:
- Select one or two quality data sources
- Review records to confirm data was entered into CAPA system.
- Determine whether data is a ) complete i.e complaints transcribed in their entirety b) Accurate i.e Reject quantities from in-process test c) Entered into CAPA system in timely manner i.e Duration between data generation and review
Method of Compliance Objective 4:
- Compliance most effectively assured by internal audit
- Audit the CAPA at least semi-annually
- Each audit should rotate quality data sources
- January: Incoming and In-process
- June: Concessions and Complaints
- Evaluate data inclusion into CAPA system and conduct “blitz” review
CAPA Inspectional Objective 5 :
Verify that appropriate statistical methods are employed to detect recurring quality problems. Determine if results of analyses are compared across different data sources to identify and develop the extent of product and quality problems.
Inspector is instructed to:
- Determine which statistical and non-statistical techniques are used
- Confirm comparison of problems and trends across different data sources to establish a global, not an isolated, view of a problem.
- Confirm that the full extent of a problem is captured before the probability of occurrence, risk analysis and the appropriate corrective or preventive action are determined.
Method of Compliance for Objective 5 :
- Implement both types of techniques
- Statistical: Pareto analysis, spreadsheets, pie charts
- Non-statistical: quality review boards/committees
- Make sure to describe in CAPA procedure(s)
- Compare problems/trends across similar data sources
- E.g., Service records compared to complaints, in-process compared to final test/inspection
- Make sure your determination of probability of occurrence, risk assessment and CAPA includes this comparison
CAPA Inspectional Objective 6 :
Determine if failure investigation procedures are followed. Determine if the degree to which a quality problem or non-conforming product is investigated is commensurate with the significance and risk of the nonconformity. Determine if failure investigations are conducted to determine root cause (if possible). Verify there is control for preventing distribution of nonconforming product.
Inspector is instructed to:
- Review procedure for conducting failure investigations
- Determine if the procedure includes
- Provisions for identifying failure modes
- Determining significance of failure modes
- Rationale for determining if a failure analysis should be conducted as part of the investigation
- Determine if the procedure includes
- Discuss with the firm their rationale for determining if CAPA is necessary for an identified trend.
- Select failure investigation records of >1 failure mode and determine if the firm is following their failure investigation procedures.
- Confirm that all sampled failure modes have been captured within data summaries
- Determine whether the investigation is sufficient to determine the CA necessary to correct the problem.
select one significant failure investigation that resulted in CA, and determine if root cause had been identified so that verification/validation of the CA could be accomplished.
- Review incomplete failure investigations for potential unresolved non-conformances and possible distribution of nonconforming product.
- Review records of nonconforming product where the firm concluded CAPA was not necessary.
- Review nonconforming product & concessions.
- Review product and quality concessions to verify that concessions have been made appropriate to product risk, and not solely to fulfill marketing needs
- Review controls for preventing distribution of nonconforming products.
Methods of Compliance for Objective 6 :
- Your procedure must specifically describe failure investigations
- How, where, when, and by whom are failure modes identified?
- Reference each type of data source
- Include standardized document (see next slide for example)
- Quantify significance of failure modes via risk analysis -RIN/RPN
- Requirement for justification if no failure analysis is conducted
- Requirement for justification if no corrective action is necessary in response to identified trend
- How, where, when, and by whom are failure modes identified?
- Compliance with your failure investigation procs
Continual review during internal audits
“Blitz” review of investigation reports
- One-time verification: make sure all data sources are captured in periodic data review. Then, make sure agenda is consistent. All failure modes are now captured in each review!
- Make sure investigation procedure requires root cause determination, and training has occurred
As long as reviewing body/personnel assure presence/adequacy of root cause, the investigation is sufficient to accurately determine CA.
- Make sure all failure investigations are complete
During committee review, consider possible unresolved product non-conformances
Defensive position: Review of risk assessment to confirm presence and mitigation of failure mode assures nonsignificant risk (NSR) to patient
- Document requirements for UAI determination : Risk assessment, review and approval
- Final QA inspection/verification prevents distribution of nonconforming products.
CAPA Inspection Objective 7 :
Determine if appropriate actions have been taken for significant product and quality problems identified from data sources.
Inspector is instructed to
- Review significant corrective actions and determine if the change(s) could have extended beyond the action taken.
- Discuss the firm’s rationale for not extending the action to include additional actions.
Method of Compliance for Objective 7 :
- In CAPA procedure, define “significant corrective action”
- QSIT: “A significant action is a product or process change to correct a reliability problem or to bring the product into conformance with product specifications.”
- In investigation and/or CA record, document why you limited the change to the extent you did
- Specifically account for and exclude actions expressly contained in QSIT: changes in component supplier, training, changes to acceptance activities, or field action
CAPA Inspection Objective 8 :
Determine if CAPAs were effective and verified/validated prior to implementation. Confirm that CAPAs do not adversely affect the finished device.
Inspector is instructed to:
- Determine the effectiveness of the reviewed “significant” CAPAs.
- Review product and quality problem trend results
- Determine if there are any similar product or quality problems after CAPA implementation.
- Determine if the firm has verified/validated all CAPAs to ensure that they are effective and do not adversely affect the finished device.
- Make sure CAs were verified/validated.
- Make sure CAs include application of design controls.
- Make sure CAPA employs good engineering principles
- Establishing verification/validation protocol
- Verification of output against documented requirements
- Test equipment is maintained and calibrated
- Test results are available and legible
Methods of Compliance for Objective 8:
- Assure effectiveness of all CAPAs
- Periodic review of product/quality problem trend results
- Periodic review of similar product/quality problems after implementation
- Once CAPA is implemented, review non-conformances for four quarters
- If the nonconformance for which the CAPA was implemented does not recur, and no previously unseen non-conformances appear, you can conclude that the CAPA is effective, and does not adversely affect the finished device.
- Requirement for pre-approved protocol assures verification/validation of corrective actions.
- Your design control procedure must account for both significant and NON-significant changes
- Your investigation procedure should require the following:
- Pre-approved verification/validation protocol, P/F criteria
- Documentation of equipment used, including assurance of current maintenance and calibration
- Retention of test results for specified period
CAPA Inspectional Objective 9 :
Verify that CAPAs for product & quality problems were implemented and documented.
Inspector is instructed to:
- Review records of the most recent CAPAs
- Determine if CAPAs for product/quality problems and changes have been documented and implemented
Methods of Compliance for Objective 9 :
- Make sure your CAPA procedure references your document control procedure re: implementation
- Implementation of a corrective action is usually evidenced by a corresponding document change
- Implementation also evidenced by document distribution, signed proof of which should be retained if manual process
Another good place for a “blitz” review: Several months’ worth of “ECO Implementation forms”
CAPA Inspectional Objective 10 :
Determine if information regarding nonconforming product/quality problems & CAPAs has been properly disseminated, including for management review.
Inspector is instructed to:
- Determine that information on quality problems and CAPA has been submitted for management review – Review a recent CAPA event and determine which records were submitted for management review. (QMR records are excluded from FDA purview!)
- Confirm there is a mechanism to disseminate CAPA info to those directly responsible for assuring product quality and prevention of quality problems.
- Review and confirm information related to product/quality problems has been disseminated to those individuals described above.
Methods of Compliance for Objective 10:
- In management review procedure, require that raw data be submitted or available for review, Include all data reviewed on meeting minutes, or as attachment thereto.
- Attendees at review board meetings must involve at least Production & QA (“those directly responsible for assuring product quality”) and R&D (“those directly responsible for prevention of quality problems”)
- Their documented attendance at the meeting proves that the information related to product/quality problems has been disseminated to them – Put this explanation in your procedure
Summary :
It is imperative to know what FDA inspectors are trained on and the objectives which they follow while inspecting a facility. However it may vary from case to case and inspector to inspector. Hence it is recommended to create a Standard Operating Procedure and go through it and conduct mock inspections to be ready when FDA knocks at your door. Key elements to take care are
- Risk assessment should be used throughout CAPA determination
- Internal audits are an invaluable tool for assuring compliance to CAPA
- Best way to comply: Perform internal audits according to QSIT