How to Review Previous Audit Scopes

To audit, or not to audit… that is the question. And let’s be honest here... in the world of Quality (especially Pharma GDP), it’s a question we face more often than Shakespeare probably intended. When a company takes over as MAH (Marketing Authorisation Holder) for an existing medicinal product, one of the first things people ask is: “Do we need to re-audit the warehouse that’s already storing it?” Well, here’s my personal view: 👉 You don’t always need a fresh audit, but you do always need good judgement, because whilst audit is critical, it shouldn’t become a knee-jerk reflex. After all, a clipboard isn’t a magic wand. Right? Here’s my go-to guide to getting it right: 🟢 When you DON’T need to re-audit: You can rely on the previous MAH’s audit if... ✔ It was done recently (within your audit cycle) ✔ The scope covered the activities you need (e.g. GDP storage, QMS, etc.) ✔ There have been no major changes at the warehouse since last audit ✔ The site remains licensed and compliant to GDP standards ✔ You’ve reviewed and formally adopted the audit into your own supplier qualification process ✔ You’ve put your own Technical/Quality Agreement in place In other words: If the house is already clean, you don’t need to sweep it again just because you bought it. 😉 🔴 When you DO need to re-audit: A new audit is appropriate when... ⚠️ The previous audit is out of date / doesn’t meet your frequency ⚠️ The previous MAH won’t share their report or evidence of approval ⚠️ The warehouse has changed ownership, systems, scope, or layout ⚠️ New product risks are introduced (cold chain, CDs, etc.) ⚠️ There have been regulatory findings or compliance concerns ⚠️ Your internal SOP requires a site visit for new MAH onboarding This bottom line is this: Audit should be based on risk, not based on habit. Thoughts? Let's get talking. #QualityMatters #ToAuditOrNotToAudit #GDP #LetsGetTalking

If you want to save 10+ hours reviewing audit evidence, you might want to save this post. When I first got promoted to senior, reviewing evidence was chaos. Ten documents per control, multiple tabs open, follow-ups pending and still no clarity. It wasn’t that I didn’t work hard. It’s that I was starting in the wrong place. Most auditors begin with the request list. I did too. Until I realized the request list is not the control. And that mistake was costing me 10+ hours every week. So I built a simple 3-step framework that changed everything: 1/ Start with the risk, not the request. Before you open a single document, ask: What risk is this control addressing? Once you know the risk, you know what evidence actually matters. 2/ Review last year’s documentation. It’s your roadmap. It shows what the firm accepted as sufficient evidence before. Don’t reinvent. Just align and refine. 3/ Then, and only then, open the evidence. Match each item to the risk not the request. That’s where real efficiency begins. Since using this approach, my reviews are faster, cleaner, and far less painful. And the best part? I don’t drown in documents anymore. I’ve shared the full breakdown, examples, pitfalls, and how to apply it to your next walkthrough in a free guide you can download here. If you’ve ever spent a weekend buried in screenshots and sign-offs, this one’s for you. #audit #itaudit #internalaudit #cisa #crisc

Retrospective assessments might seem like a look back, but they’re really a step forward. Here’s why they matter and how to do them right... 👇 📈 𝗪𝗵𝘆 𝗧𝗵𝗲𝘆 𝗠𝗮𝘁𝘁𝗲𝗿 ➜ It also prevents issues from arising in the future. ➜ This backward review helps meet today’s expectations. ➜ They involve revisiting historical data to ensure relevance. ➜ These assessments also reveal quality improvement opportunities. ➜ Some of these opportunities may have been missed in earlier validations. ➜ Retrospective assessments keep us aligned with today’s compliance standards. 🗂 𝗥𝗲𝘃𝗶𝗲𝘄𝗶𝗻𝗴 𝗛𝗶𝘀𝘁𝗼𝗿𝗶𝗰𝗮𝗹 𝗩𝗮𝗹𝗶𝗱𝗮𝘁𝗶𝗼𝗻 𝗗𝗮𝘁𝗮 ➜ Begin with a deep dive into existing validation data. ➜ Check historical performance, equipment logs, & past deviations. ➜ Look for trends that might indicate inconsistencies found in the data. ➜ Identify areas where current standards would reveal or highlight gaps. ✨ This review process uncovers compliance risks. It also points to areas for potential optimization. ✍️ 𝗗𝗼𝗰𝘂𝗺𝗲𝗻𝘁𝗶𝗻𝗴 𝘁𝗵𝗲 𝗥𝗲𝘁𝗿𝗼𝘀𝗽𝗲𝗰𝘁𝗶𝘃𝗲 𝗔𝘀𝘀𝗲𝘀𝘀𝗺𝗲𝗻𝘁 Documentation is critical. To align with FDA expectations, be precise: 1. Describe the scope—what’s being assessed and why. 2. List out the historical data reviewed, including relevant protocols and results. 3. Note findings and corrective actions. Clearly document each gap identified and corrective actions taken. 𝗣𝗿𝗼 𝘁𝗶𝗽: End with a summary that links the retrospective findings to current compliance strategies. This demonstrates your 𝗰𝗼𝗺𝗺𝗶𝘁𝗺𝗲𝗻𝘁 𝘁𝗼 𝗾𝘂𝗮𝗹𝗶𝘁𝘆 and regulatory alignment. Have you conducted a retrospective assessment recently? What was your biggest takeaway? Drop your thoughts below! 👇 #Validation #QualityAssurance #LifeSciences #Compliance #RetrospectiveAssessment #FDA #GLP #GMP #PeriodicReview #Ellab