Dashboard / Files / H-101
H-101

Internal Audits

Section H — Audits Revision 2 11 pages

Original Document

Scanned document (image-only PDF)

Extracted Text

Searchable text extracted from PDF

1.0 Purpose 
 
 The purpose of this procedure is to describe the procedure for internal audits in order to ensure
 
 compliance with regulations and guidelines, as well as internal standards and policies. This
 includes but is not limited to monitoring the production, quality control, quality assurance, and
 other departments for compliance with cGMP, regulatory and product quality requirements.
 This SOP also includes the internal audit requirements to ensure that the LMS (Laboratory
 Management System) is effectively implemented and maintained and that LMS processes
 
 conform to planned arrangements, as well as to the requirements of ISO 17025.
 
 2.0 Scope 
 
 This procedure applies to all internal audits conducted by/under the supervision of the Quality
 Assurance Department at Ion Labs, Inc. This procedure also describes procedures for the
 
 examination and verification of Ion Labs’ technical operations for testing services.
 
 3.0 Responsibility 
 
 3.1 It is the responsibility of the QA department to coordinate internal audits, review the
 internal audit reports, schedules for appropriateness, and ensure that scheduled audits
 
 are conducted. 
 
 3.2 It is the responsibility of Department Managers and assigned personnel to provide
 access to their facilities at the auditor’s request, respond to internal audit reports in a
 timely manner, and ensure that improvement action plans are developed, adopted, and
 implemented in their respective departments. 
 
 3.3 QA is responsible for ensuring any contracted auditors performing internal audits are
 
 appropriately qualified. When contracted auditors perform internal audits, contracted
 auditors may assume the duties of QA, except for approval of the internal audit
 schedule, assignment of corrective action and follow-up activities.
 
 3.4 | Management shall review all findings and actions related to Internal Audits and ensure
 that improvement action plans are implemented and effective. This review shall be
 
 documented during the annual Management Review. 
 
 
 

[SOP 

 Standard Operating Procedure SOP No Rev No Page 
 Internal Audits H-101 2 of 10 
 
 4.0 Definitions 
 
 4.1 QA — Quality Assurance 
 
 4.2 OTC — Over-The-Counter; Nonprescription drug product 
 
 4.3 CFR — Code of Federal Regulations 
 
 4.4 GMP — Good Manufacturing Practices 
 
 4.5 CAPA —Corrective and Preventive Action 
 
 5.0 References 
 
 5.1 C-502, SOP, Document Retention, Storage, and Destruction 
 
 Die F-506, SOP, Facility Maintenance and Sanitation 
 
 5.3 H-101-F1, Form, Internal Audit Report Form 
 
 5.4 QS-108, SOP, Corrective and Preventative Action 
 
 5.5 21 CFR Parts 111, 117, 201, 210, 211, 701 - as applicable to Dietary Supplements,
 Cosmetics and OTC 
 
 6.0 Procedure 
 
 6.1 Auditor Competence for Laboratory Audits 
 
 6.1.1 Only qualified Internal Auditors conduct internal audits on the LMS. Such
 
 qualifications for internal resources appear in the Auditors’ Training Records.
 Auditors’ training records reflect that they are qualified to perform audits based
 on successfully completing auditor training, which includes: 
 
 o ISO 17025 Orientation or ISO 17025 Awareness Training 
 
 ® Audit theory 
 
 ® Audit techniques and methods 
 
 @ Checklist generation 
 
 ® Reporting findings 
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | Page 
 Internal Audits H-101 7 3 of 10 
 
 6.2 Audit Scheduling, Frequency and Requirements: 
 
 6.2.1 An internal audit schedule shall be maintained throughout the year to ensure that
 elements within the quality system requirements as elaborated in FDA’s
 regulation for Dietary Supplements, Cosmetics and OTC Products are audited
 
 on a regular basis and at a minimum of once a year. Activities are audited more
 frequently if required. The Internal Audit function may be satisfied -in
 combination of, an annual 3TM Party Audit that is conducted at Ion Labs,
 resulting in an accredited nationally / internationally recognized certification,
 Customer Quality System Audits or various Facility GMP Audit Assessments
 
 (e.g. Monthly Sanitation / GMP Audits -Ref. SOP F-506, Food Defense Plan
 Facility Audit —Ref. SOP QS-109). These audits combined must meet, at a
 minimum - applicable 21 CFR requirements or related governmental
 requirements and documented Internal Audit Process and procedure.
 
 6.2.2 Internal Audits may consist of a review of various operational functions to
 
 include Good Manufacturing Practices in Manufacturing, Testing, Packaging,
 Labeling, Quality Related or Holding and Distribution Operations for Dietary
 Supplements as outlined in 21 CFR Part 111. Also, as applicable for all aspects
 of Cosmetic and OTC Manufacturing, Testing, Labeling, Packaging, Holding
 
 and Distribution as outlined in the CFR. 
 
 6.2.3 All processes or areas that affect the Lab’s provision of testing services are
 internally audited to provide information on whether the laboratory activities
 and defined processes conform to the LMS policies and procedures, to the
 requirements of ISO 17025, and to determine their effective implementation and
 
 maintenance. The audit includes observation of testing activities. Internal
 auditors are encouraged to identify any opportunities for improvement, as well
 as evidence where improvements have been made. Internal audits are planned
 to meet any contractual requirements, and as required by QA. 
 
 6.2.3.1 QA maintains the Internal Audit Schedule to ensure internal audits are
 
 conducted at planned intervals. QA schedules audits taking into
 consideration the importance of the laboratory activities concerned,
 changes affecting the laboratory as well as the results of previous
 audits. The entire laboratory management system is audited at least
 once per year (at the system level). Technical audits are also
 
 scheduled at least annually. 
 
 6.2.3.1.1 The laboratory audits consist of two categories: procedural
 and technical. Procedural audits may be performed at a
 different time than technical audits. The audits for both
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | Page 
 Internal Audits H-101 7 4 of 10 
 
 categories are performed in accordance with the Internal
 Audit Schedule. 
 
 6.2.3.1.2 Each accredited test method (or potential accredited
 method) and work area is audited for compliance with the
 pertinent test method or work instruction. 
 
 6.2.3.1.3 Technical audits generally consist of observations (by the
 auditor) of test procedures and comparison of the
 observations with criteria documents. Documents, reports,
 data packages, and training files as appropriate are
 
 reviewed during the audit. 
 
 6.2.3.1.4 Criteria documents can consist of analytical methods,
 contractual documents, or published government regulation,
 if applicable. Recent nonconforming work incidents and/or
 corrective actions may also serve as criteria. 
 
 6.2.3.1.5 Data packages are reviewed for compliance with laboratory
 and customer requirements. The data packages are traced
 throughout the entire testing process, beginning with the
 assessment of the project, and ending with reporting.
 
 6.2.3.1.6 Internal audits of a specific process or procedure can be
 requested by Management at any time. Requests are
 
 scheduled through the Quality Manager. Other areas of
 interest might be included in the requested audit at the
 discretion of the Quality Manager. 
 
 6.2.3.1.7 Internal audits can be announced or unannounced at the
 discretion of the Quality Manager. 
 
 6.2.3.2 When performing an audit in the laboratory, all general laboratory
 safety protocols must be followed. These include, but are not limited
 to, the use of personal protective equipment. 
 
 6.2.4 The Internal Audit Schedule shall be developed at the beginning of the year by
 the QA Department in consultation with management, based on the status and
 
 importance of activities covered by the quality system. The Internal Audit
 Schedule may be reviewed/modified throughout the year (quarterly) to
 accommodate for new product types or the influx of various audits which may
 suffice for that respective quarterly audit. This will be evaluated by Quality
 Management. All aspects of operations will be monitored as they relate to
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | Page 
 Internal Audits H-101 7 5 of 10 
 
 Dietary Supplements, Cosmetics, as well as OTC items (see Attachment 1 for
 example). 
 
 6.3. Unannounced Internal Audits or 3" Party Audits may occur at any time. Audit
 Response and Corrective and Preventive Actions will be provided at the direction
 /timeline dictated by the Auditor. Audit Structure 
 
 6.3.1 The Internal Audit will be performed by trained auditors which may consist of a
 cross functional team ensuring participation and ownership of the program or as
 an independent audit conducted by the QA Manager or designate.
 
 6.3.2 Training may consist of formal Auditor Training from a certified, reputable
 service or program that is developed internally. This training will be
 
 documented. 
 
 6.3.3 Audits will be carried out by personnel who are independent of the area they are
 auditing. Personnel conducting internal audits must be qualified and must have
 knowledge of GMP regulations, company’s quality system and procedures.
 
 6.4 Audit Preparation 
 
 6.4.1 The QA department shall coordinate the schedule for the audit with the
 
 Department Manager /3" Party Auditor/Customer Lead Auditor to ensure, if
 possible, that the audit does not conflict with operational commitments of the
 unit being audited. Auditors may audit their own work as long as they can
 ensure the objectivity of the audit results. Where possible, they do not audit
 
 their own work. 
 
 6.4.2 Prior to the internal audit, the auditor(s) should review records of completed
 corrective and preventative actions, and past audit findings for the department to
 be audited, then develop a checklist covering the quality system elements and
 activities to be audited in line with applicable 21 CFR (see Attachment 2 for
 
 example) or applicable ISO 17025 requirements 
 
 6.4.3 QA audit checklist can be used as an aide to check that all the topics relevant to
 the area have been examined. The use of the checklist, when combined with a
 well-structured approach, helps ensure all relevant topics are reviewed in the
 time available. 
 
 Note: The checklists only serve as a guide to the auditor(s). Other areas may be
 investigated as deemed necessary by the internal auditors based on audit
 
 observations or as requested by QA or management. 
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | Page 
 Internal Audits H-101 7 6 of 10 
 
 6.4.4 QA may contract LMS internal audits to qualified external resources. In this
 case, LMS audits will be planned on the basis that the contractor will complete a
 full audit compliant with this procedure. The audit will be planned as deemed
 appropriate by QA. Planning for the audit may also include an agreed
 
 approximate date for the next year’s audit. More detailed audit planning
 documents such as a detailed schedule will be provided in advance of the audit.
 QA and the contractor will discuss where to focus the audit and information
 regarding previous audit findings (including accreditation assessments) as well
 as influences resulting from considering the importance and status of the
 
 management system. 
 
 6.4.4.1 The contractor will provide evidence that they are competent to audit
 (e.g., formal qualification [IRCA, Exemplar Global, ASQ] or
 substantial experience auditing) and have some experience in the
 industry. Having helped with the implementation of a laboratory
 
 management system is considered adequate experience. Some
 knowledge and experience of ISO 17025 and sector schemes will also
 be required and may be demonstrated by formal qualification (e.g.,
 IRCA or Exemplar Global, ASQ) or experience working with the
 
 standard. 
 
 6.4.4.2 Checklists, audit evidence, audit reports, findings lists, etc., generated
 by the contractor may be of their own design so long as they meet the
 general requirements of this procedure. 
 
 6.4.4.3 Any relevant documents, including past audit reports and audit criteria
 (e.g., uncontrolled copies of current procedures or test methods and
 
 requirements) are provided to the contract auditor(s). 
 
 6.5 Audit Execution 
 
 6.5.1 Auditor(s) will conduct the audit in accordance with the schedule (or as an un-
 planned audit) and document audit findings. Auditors receive information
 through several sources such as but not limited to the following:
 
 6.5.1.1. Interviews with personnel 
 
 6.5.1.2 Examination of documentation 
 
 6.5.1.3. Observation of activities and conditions 
 
 6.5.1.4 Review of quality and technical records 
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | Page 
 Internal Audits H-101 7 7 of 10 
 
 6.5.2 The interviews should be conducted in the work area, if possible or appropriate,
 so that actual processes can be observed and any records or related data will be
 available for review. Information obtained from the interview as well as the
 records and site inspection shall be documented. The records review will most
 
 typically be conducted before conducting interviews and physical inspections
 with follow-up reviews conducted following the findings of previous steps.
 
 Note: Although audits should take place during normal working hours, the
 audit shall be conducted with the minimum interruption of
 departmental operations. 
 
 6.5.3 When a nonconformance or observation is identified, the auditor presents the
 nature of the nonconformity/observation and the evidence to the personnel
 involved for verification, clarification, and addresses any questions or concerns
 that the personnel may have, as well as to give advice, when requested,
 regarding any problems which are uncovered. Notes made in the audit checklists
 
 should support any observations or nonconformities determined. QA reviews the
 report and nonconformances to ensure that they are complete and properly
 written. QA or the Lab Director initiates corrective action for each valid
 nonconformance. 
 
 6.5.4 Audit observations severe in nature may be escalated to the CAPA System at the
 discretion of Quality Management. 
 
 6.6 Audit Wrap-up Meeting 
 
 6.6.1 After any audit session, a wrap-up/close-out meeting will be conducted to
 discuss the non-conformity observations and recommendations to verify or
 modify them, and get more information from audited personnel.
 
 Note: The wrap-up meeting provides the audited department with an
 opportunity to voice any objections. It is important that this
 opportunity is taken to clear up any misunderstandings and to explain
 any limitations on the performance of the audit. If valid objections are
 raised, the audit team should review the objections thoroughly and take
 
 necessary action. 
 
 6.6.2 The department personnel together with the auditor(s) will determine the course
 of action to improve compliance with the applicable regulations and guidelines.
 
 6.7 Internal Audit Report 
 
 6.7.1 Within fifteen (15) working days of completing the internal audit, the auditor/
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | _ Page 
 Internal Audits H-101 7 8 of 10 
 
 team prepares an internal audit report. Form H-101-F1 Internal Audit Report
 Form is completed to reflect any observations noted during the audit. The
 respective departments where the observations apply -shall review the report
 and complete form H-101-F1 sections for: corrective actions/plan, responsible
 
 person(s), due date (within 20 days unless approved by QA Manager or
 designee), and inform the auditor(s)/ QA department within ten (10) working
 days of receiving the audit report about any other issue not covered in the report,
 request an extension or present a plan for timely completion. The Audit report
 will reflect the observation(s) and corrective and preventive actions taken.
 
 Close-out of the report/form may be extended due to change in processes,
 equipment or noted plan. 
 
 6.7.2 Copies of the report may be distributed to management and department
 management, as appropriate, for review. The original report, audit checklist, and
 
 any other supported documents are kept by the QA department and Document
 Control as required by SOP C-502 Record Storage, Retention, and Destruction.
 
 6.8 Follow Up to Corrective Actions 
 
 6.8.1 All corrective actions documented as a result of an Internal Audit shall be
 documented in Form H-101-F1. 
 
 6.8.2 According to the proposed completion date, QA department, or internal auditor,
 
 or designee conducts a follow-up review to verify the completion of agreed-
 upon management actions and ascertains the status of any open
 recommendations. 
 
 6.8.3 When all corrective actions have been implemented and observations are
 completed, the auditor or designate will verify effectiveness and close out the
 
 audit. 
 
 6.9 Results of Laboratory Management System internal audits are submitted for
 Management Review. Internal Audit Reports may be submitted in their entirety, or a
 summary of audit results and findings may be developed for submittal to top
 
 management. 
 
 
 

[SOP 

 Standard Operating Procedure SOP No | RevNo | Page 
 Internal Audits H-101 7 9 of 10 
 
 7.0 Revision History 

| Rev | Date | Description of Changes | CCR # | By |
|-----|----------|------------------------|-------|----|
| 0 | 06/09/10 | New - - Updated SOP format and number. Made the SOP more detailed and to 13-274 V Vitcheva ii dill be in compliance with 21 CFR part 111 | - | - |
| 7 | 04/16/14 | Updated SOP format. Added CAPA reference. Added reference to cross-functional teams. | 14-0326 | S. Millar |
| 3 | 02/22/15 | Added OTC requi« rements. Added 3" rd Party Audit.s. Added reference to Management Review. et 04/10/17 Biennial review: added reference to CAPA program/procedure. 17-0391 S. Millar Added formal Auditor Training for overseas auditor by certified 5 04/18/1g Service or program. Added QC Laboratory Internal Audit to be 18-0137 L. Erickson performed monthly. Added QC Laboratory Internal Audit Checklist format as an attachment. Changes include the reflection of Cosmetics throughout the document. CFR reference added. Removed reference to/QC | 15-0087 | S. Millar |
| 6 | 01/21/19 | Laboratory Internal Audit Checklist (Attachment 3). Defined audit types that may suffice for Internal Audits. Added reference to 3"4 Party unannounced audits. | 19-0068 | S. Millar |
| 7 | 11/04/21 | Added requirements for ISO 17025:2017. CC- 8.0 Attachments 8.1 Attachment 1 — Example of Internal Audit Schedule 8.2 Attachment 2 —- Example of Audit Checklist Format | 21-0414 | J. Sassman |

 Attachment 1 — Example of Internal Audit Schedule 
 
 201x Internal Audit Schedule 
 
 Area Audited Scope Scheduled Audit Date Date 
 21 CFR Part XX X/Guidance (Y or N) Opened Closed 
 Document/or related Regulatory 
 Reference 
 
 
 

[SOP 

 Standard Operating Procedure SOP No | Rev No Page 
 H-101 7 10 of 10 
 Internal Audits 
 
 Attachment 2 — Example of Audit Checklist Format 
 
 IANLABS 
 
 Checklist for Internal Audit 
 
 Area Audited Date: 
 
 Reg. Section Procedure Areas of Audit Adequate Comments 
 Referenced Yor N 
 
 Audit Notes: Random Logs, Forms and Documents were sampled during the audit to ensure compliance with those
 respective procedures 
 
 Audit Recommendations: 
 
 Documents Reviewed: 
 
 Doc. No./Logs Document Name Revision/Effective 
 
 Auditor Signature and Date: 
 
 
 

[SOP 

 [ 
 O 
 J 
 | 
 q 
 e 
 8 
 o 
 g 
Y 
D 
A 
I 
S 
I 
O 
U 
 
9 
4O 
0- 
1c 
W1 
YO 
dv 
dI 
OP 
I 
J 
y 
N 
p 
I 
J 
U 
TO N 
}‘ 
A 
IO 
uO 
[ 
eW 
 OL 
 H NTHAOVGMdAAYese 
 1 
 0 
 1 
 d 
 T 
 Ns4A*TVqLaOLT0uNAsG'IWI4AnNyOOO
 WLIO] 
 WOOL] 
V 
E 
S 
G 
N /oyAeqG 
I