It is important to consider the feasibility, benefits, and limitations of each type of audit in advance.
Q: In light of the COVID-19 pandemic, many of our planned on-site audits can no longer be performed for the foreseeable future, and there is a need to replace these by remote (desktop) audits. Under what circumstances can such remote audits be considered equivalent to on-site audits?
A: Regulatory agencies around the world are facing the same challenge of deciding when inspections can be performed remotely and when they must be performed in person. Each respective agency has its own guidelines, but across the board, they all rely on the fundamental principle of a risk-based approach to compliance.
In April 2020, the European Medicines Agency (EMA) updated its guidelines to allow for quality personnel to conduct remote audits when on-site audits are not possible, noting that, “… on-site audits as well as remote audits can be considered, after agreement with the investigator and if the audits are assessed as essential, e.g., triggered audits with the purpose of investigating serious deviations from the trial protocol or from the applicable legislation” (1).
Similarly, FDA announced postponement of both foreign and domestic inspections, except those deemed mission critical, and the agency is now relying on off-site monitoring and the commitment of companies to quality in the absence of in-person regulatory oversight. For medical devices, FDA has published a “Remote Auditing Pilot Program” document outlining a voluntary pilot program for remote auditing of processes, the Medical Device Single Audit Program (MDSAP) as part of the audit of a medical device organization (2). An important aspect of this pilot is the use of technology that facilitates remote audits, including:
Table I. Benefits versus limitations of remote versus in-person audits.
As part of the audit preparation, it is important to ensure that all involved parties have suitable and compatible technological means in place, as tools and technology vary considerably across organizations. It is recommended to prepare a checklist with minimum requirements, such as Internet upload and download speeds, for each technology, and to share this checklist in advance with the sites to be audited.
It is also important to consider in advance not only the feasibility of each type of audit, but its respective benefits and limitations. Table I provides an example for such a comparison. Whichever audit model is selected, it should be based on a documented risk assessment, and standard audit procedures should be developed in advance of the audit.
1. EMA, “Update to Guidance on Regulatory Expectations in the Context of COVID-19 Pandemic,” Press Release, April 20, 2020.
2. FDA, Medical Device Single Audit Program (MDSAP), FDA.gov.
BioPharm International
Vol. 33, No. 7
July 2020
Pages: 50, 49
When referring to this article, please cite it as S. Schmitt, “Performing Remote Audits During the Pandemic,” BioPharm International 33 (7) 2020.