A Blueprint for an Effective and Efficient Remote Audit Process
The pandemic has accelerated the adoption of remote audits, even in highly regulated industries like manufacturing and medical devices. With the COVID-19 virus lurking around and a wide variety of disruptions affecting enterprises – the role of audits has become more crucial than ever. Enterprises are reinventing their QMS workflow to ensure all quality and regulatory compliance requirements are met. A robust audit management process helps quality leaders “know all their gaps”. Internal audits and audit planning play a key role in building a continuously improving (CI) quality management workflow.
In spite of travel and other restrictions, organizations are ensuring quality and compliance requirements are met with a robust, well-defined remote audit process. The following certification/notified bodies have also allowed and laid down guidelines to conduct remote/virtual audits:
- ISO 9001
- ISO 13485
- ISO 14001
- ISO 50001
- ISO 45001/OHSAS 18001
- EN/AS 9100 series
- ISO 22000
- ISO/IEC 27001
- MDSAP
Quality leaders also believe that remote audits are here to stay. While specific instances will require physical audits, the belief is that we’ll have some sort of a hybrid audit process (with both physical and remote audits) in the future.
Not to be Confused with a Desktop Audit!
Remote audits are often confused with desktop audits. A desktop audit is only for the purpose of document review against a set of compliance or regulatory requirements conducted without any interaction except via e-mail to address queries. While desktop audits could be a part of a remote audit, it primarily involves the use of technology to review documents and records using a risk-based approach and sound sampling techniques.
Virtual or remote audits, on the other hand, are conducted using interactive, web-based communication tools. Remote audits are applicable (primarily) in the following scenarios:
- New certification audit
- Surveillance audit
- Recertification audit
- Submission of a change notification
- Transfer of certification body
- Internal audits to identify gaps in your QMS
While remote audits have become mainstream during this pandemic, we believe it’ll become a standard part of the audit management workflow – especially for preliminary findings. Possibly, the future of audits will be hybrid – with a healthy mix of physical and virtual audits.
Best Practices of Remote Audits
To ensure that a remote audit is conducted effectively and efficiently, there are a few best practices that organizations must follow:
- Have a well-defined agenda, including a clear note on the purpose of conducting the audit
- Document your expectations from the audit
- Perform a feasibility check to conduct a thorough audit
- Define roles and authorize responsibilities to relevant team members
- Check if there are unresolved issues that require an onsite audit
- Define the sharing drive and conferencing application beforehand
- Maintain data privacy – system compliance to 21 CFR Part 11, GDPR, HIPPA
- Sign a legal agreement barring electronic recordings or other breaches between the two bodies
- Budget extra time to avoid unforeseen technical issues that may arise such as connectivity issues, time zone differences, power failure, corrupt data
- Be on time
- Motivate the team and provide necessary training
- Ensure easy navigation throughout the process
Preparation for an E-Audit
Prior to kickstarting the remote audit (or e-audit, as it is sometimes called) make sure there is a well-documented process for each of the below steps:
- Step 1 – Audit planning, documentation and technology/ICT to be used
- Step 2 – Audit preparation and execution steps
- Step 3 – Audit note with auditee company, documentation on practical difficulties and advantages, and audit conclusion and report
Here’s a suggested checklist to be used while preparing for the audit:
- Ensure remote audit is feasible and appropriate for the organization
- Determine the right conferencing (WebEx, Google Meet, Microsoft Team, GoTo meeting) and cloud storage service (GoogleDrive, Dropbox, OneDrive, Amazon Drive)
- Dry run technology to be used prior to the audit
- Conduct a risk assessment and document the outcomes through an internal remote audit
- Have mock remote audits to overcome hurdles during the assessment process – document review, interviews, process review, closing meeting
- Install and utilize mobile, secure, reliable, scalable, and configurable cloud-based EQMS like the one from ComplianceQuest
- Prepare e-copies, searchable PDFs of documents and records when EQMS is unavailable
- Send e-meeting invitation well in time for necessary participation
- Declare restrictions and confidential areas of concern to avoid conflicts
- Avoid noisy environment and limitations of AV equipment
- Discuss the guidance document from ISO, IAF-MD4, MDSAP, MDCG with employees
Role of an EQMS in Remote Audits
Audits of any kind involve extensive review of a company’s data. In the case of remote audits, the lack of proper and efficient EQMS leads to significant problems, including readability issues, difficulty in sharing documents, and security complications.
We believe it is a no-brainer to digitally transform your remote audit management process with a cloud-based EQMS– like the one from ComplianceQuest. It’ll not only help you run an efficient process but also make it easy for the quality leader to integrate audit findings with the rest of the EQMS workflow. This integration with other EQMS modules like CAPA, Document Management, Supplier Management and Equipment Management makes it way easier to collaborate with key stakeholders to improve the overall quality and compliance capabilities of an enterprise.
Specifically, some key advantages of implementing ComplianceQuest’s EQMS include:
- Complete alignment to ISO 9001, ISO 13485, CGMP, etc.
- It is cost-effective, saves time, is paperless and improves enterprise-wide data visibility
- Our EQMS serves as the single source of truth for all quality-related data and information
- Facilitates cloud-based storage of documents and records
- Documents and records are easily identifiable and traceable
- Provides easy-to-navigate dashboards and reports
- Helps maintain data confidentiality and security
- Helps in risk identification, control, and monitoring
- Supports remote working
- Ensures integration of the entire quality workflow across supplier, customer and internal processes
- The training management process is integrated with the EQMS workflow
- Keeps all employees aware of the timelines and accountability
- Any new changes made in QMS can be communicated immediately to the stakeholders
ComplianceQuest’s Audit Management software is designed to drive efficiency into your audit management workflow. Moreover, it is designed to support multiple stakeholders including auditors, quality leaders, quality engineers and senior management.
For a more detailed understanding of remote audits, listen to this webinar here.