What is an audit trail in pharma?

What is an audit trail in pharma? Why audit trail is required? Does audit trail in pharma is a regulatory requirement? What if the audit trail not performed? Who can perform the audit trail? When we talk about the audit trail such questions come into our mind. isn’t it?

Lets understand the importance of audit trail in pharma industry.

Audit trail is a process to check the activities are being performed in the organization are recorded in the compliance mode and traced.

Audit trail is an activity that gives reliability on the organization with respect to compliance to the regulatory body.

What Is an Audit Trail In Pharma?

An audit trail gives information about the chronology of What, When, Why, and Who performed the activity. In the Audit trail we can trace out the source of the activity from where it has been generated, when it was generated, the person who performed it, why the activity has been performed and What activity was performed. To assure the compliance audit trail is a must.

Generally, Audit trail in pharma can be performed in two ways such as paper-based manually and electronic audit trail. An electronic audit trail is more simple and reliable as compared to the paper-based audit trail. Audit trail makes the electronic data secure and traceable.

Definition Of Audit Trail In Pharma:

An audit trail is a secure, computer-generated, time-stamped electronic record that, allows reconstruction of the course of an event relating to the creation, modification, and deletion of an electronic record.

Why Audit Trail Required In Pharma?

Nowadays, in pharmaceutical audit FDA data integrity warning letters are common. FDA issuing warning letter to many of the companies, due to data integrity issue and lack of transparency in the data. Data integrity is a concern for the regulator and to comply with it, an audit trail is a must. An audit trail is assured to the regulator or FDA inspector, transparency into the quality system. The drug manufactured in the organization is having enough compliance level and produces a product with the required quality.

Audit trail in the pharma nullifies the data integrity issues and a makes organization trustworthy and reliable.

Does Audit Trail In Pharma Is A Regulatory Requirement?

The answer to this question is, YES it is a regulatory requirement. All the regulations having their own requirement as per regulatory guidelines.

As per FDA’s 21 CFR part 11 guidelines for pharmaceuticals guidance document ” 21 CFR part 11, Electronic Records; Electronic signature- scope and application guidance for industry” it is required.

The FDA’S Division of Drug Information, CDER (Center for Drug Evaluation and Research) is clearly stating in this guidance document.

21 CFR Part 11 B, Sec 11.10 Control for closed systems.

“Use of secure, computer-generated, time-stamped audit trail to independently record the date and time and operator entries and actions that create, modify and delete an electronic record. Recorded changes shall not obscure the previously recorded information. Such documentation records shall be retained for as long as possible for agency review and copying”.

European Commission: audit trail in pharma requirement;

EudraLex volume 4, Annex 11: Computerized System

“Consideration should be given, based on a risk assessment, to building into a system the creation of a record of all GMP related changes and deletion ( A system-generated audit trail). For change or deletion of GMP-relevant data, the reason should be documented. Audit trail needs to be available and convertible to a generally intelligible form and regulatory reviewed”.

Also read:

10 Principle’s of cGMP
Difference Between 21 CFR Part 11 and EU Annex 11

PIC’S: requirement on Audit trail in pharma;

PIC’s guidance ” Good practices for data management and integrity in regulated GMP/GDP environments”

” Audit trail functionality should be verified during validation of the system to ensure that all changes and deletion of critical data associated with each manual activity are recorded and meet ALCOA+ principles”

” Audit trail functionalities must be enabled and locked at all time and it must not possible to deactivate functionality”

” Where available, audit trail functionality for electronic based system should be assessed and configure properly to capture any critical activities relating to the acquisition, deletion, overwriting of and changes to data for audit purposes”.

“Companies should implement procedures that outline their policy and processes for review of audit trails in accordance with risk management principles”.

FDA’s expectation on audit trail in pharma;

FDA Data integrity and CGMP Compliance;
” FDA recommends that audit trail that capture changes to critical data be reviewed with record and before final approval of the record. Audit trail subject to regular review includes, but are not limited to; the change history of finished product test results, changes to simple run sequences, changes to sample identification, and changes to critical process parameters. FDA recommends routine scheduled audit trail review based on the complexity of the system and its intended use”.

MHRA expectation on audit trail:

” An audit trail provides for secure recording of life-cycle details such as creation, additions, deletion, and alteration of information in a record, either paper or electronic, without obscuring or overwriting the initial original record. An audit trail facilitates the reconstruction of the history of such events relating to records regardless of its medium, including the Who, What, When and Why of the action”.

” Routine data review should include a documented audit trail review where this is determine by its risk assessment”.

What if Audit trail not performed?

Audit trail is nowadays integral part of pharmaceutical industry. If audit trail is not performed some major impact can be seen on industry such as;

  1. If the Audit trail not performed regulatory audit may get Form 483 observations or a Warning Letter.
  2. The organization will lose the trustworthiness and reliability of regulatory agencies.
  3. Ultimately organization business may get impacted.
  4. The brand value will get down.
  5. Audit trail records help to smooth investigate the incidences that may suffer.
  6. The analyst may perform repeat analysis to get pass results.
  7. We could not identify or trace the activity perform by the person.
  8. Could not ensure data integrity.
  9. Alcoa plus can not be possible.

Who can perform audit trail?

Audit trail review is a responsible work and it can ensure by the other department rather than user department. The regulatory expects that there should not be any bias review on the audit trail. The Quality assurance department can review the audit trail to ensure the compliance.

There are much software are available in the market for audit trail review such as for accounting QuickBooks audit trail software is available. We can see QuickBooks transaction history also.

Audit trail in pharma

People also Read : Interview Questions and answers;

Interview Q&A on Karl Fischer

Interview Q&A on Disintegration test