What is a Pharmacovigilance Audit?

Introduction

Pharmacovigilance systems are built upon trust.

Regulators trust that Marketing Authorisation Holders have established effective systems to:

• Collect safety information
• Evaluate risks
• Monitor benefit-risk balance
• Meet regulatory obligations
• Protect patients

However, trust alone is insufficient.

Organisations must periodically verify that their systems are functioning as intended.

This is the role of pharmacovigilance auditing.

A pharmacovigilance audit provides independent assessment of whether the pharmacovigilance system is operating effectively and whether risks are being managed appropriately.

What Is a Pharmacovigilance Audit?

A pharmacovigilance audit is a systematic, independent and documented assessment of pharmacovigilance activities.

The objective is to determine whether:

• Processes are appropriately designed.
• Procedures are followed.
• Controls are functioning.
• Risks are managed.
• Regulatory obligations are met.

Audits evaluate both:

Compliance

Are requirements being met?

Effectiveness

Are controls actually working?

This distinction is important.

A process may be compliant on paper while remaining ineffective in practice.

Key Characteristics of Audits

Several characteristics distinguish audits from routine operational activities.

Systematic

Audits follow a defined methodology.

Activities are planned and documented.

Independent

Auditors maintain objectivity.

They should not assess their own work.

Evidence-Based

Conclusions are supported by evidence rather than assumptions.

Risk-Focused

Attention is directed toward areas creating the greatest risk.

These principles support credibility and consistency.

Why Pharmacovigilance Audits Exist

All systems contain risk.

Even well-managed organisations may experience:

• Process failures
• Human errors
• Technology issues
• Governance weaknesses
• Compliance gaps

Audits help identify these issues before they become:

• Regulatory findings
• Inspection observations
• Patient safety concerns

A useful way to view audits is:

Audits provide assurance that controls continue to operate effectively.

Audits Versus Inspections

One of the most common misunderstandings involves the distinction between audits and inspections.

Although both assess pharmacovigilance systems, their purpose differs.

A strong audit programme often improves inspection readiness.

However, audits should not exist solely to prepare for inspections.

Audits Versus Monitoring

Audits and monitoring are also different activities.

Monitoring

Usually focuses on ongoing operational performance.

Examples:

• KPI review
• Compliance monitoring
• Trend analysis

Auditing

Provides independent assessment of system effectiveness.

Monitoring asks:

What is happening?

Auditing asks:

Why is it happening and are controls effective?

Both activities are important.

The Purpose of Auditing

Many people assume audits exist primarily to identify deficiencies.

This is an incomplete perspective.

The broader purpose is assurance.

Audits help answer several critical questions:

Are controls effective?

Are risks understood?

Are processes functioning?

Are improvements required?

Does management have reliable visibility?

The strongest audit programmes support organisational learning rather than simply generating findings.

The Audit Lifecycle

Most pharmacovigilance audits follow a structured lifecycle.

Planning

Defining objectives and scope.

Preparation

Reviewing background information.

Fieldwork

Collecting and evaluating evidence.

Reporting

Documenting observations and conclusions.

CAPAs

Addressing identified issues.

Follow-Up

Verifying effectiveness of actions.

Each stage contributes to audit quality.

Audit Scope

Audit scope varies according to objectives.

Examples include:

Case Processing

Assessment of ICSR activities.

Signal Management

Evaluation of signal processes.

Aggregate Reporting

Review of reporting obligations.

Vendor Oversight

Assessment of outsourced activities.

PSMF

Review of system documentation and governance.

Quality Systems

Assessment of training, CAPAs and governance.

The scope should reflect organisational risks.

Risk-Based Auditing

Modern audit programmes increasingly use risk-based approaches.

This recognises that:

Not all activities create equal risk.

Factors commonly considered include:

• Patient safety impact
• Regulatory impact
• Operational complexity
• Outsourcing dependency
• Inspection history

Higher-risk activities generally receive greater audit attention.

For additional discussion see:

[[risk-based-audit-planning]]

Audit Findings

Audit findings identify weaknesses, risks or opportunities for improvement.

Common categories include:

Critical Findings

Significant immediate risk.

Major Findings

Important weaknesses requiring management attention.

Minor Findings

Limited impact deficiencies.

Observations

Improvement opportunities.

The objective is not finding large numbers of issues.

The objective is identifying meaningful risks.

CAPAs

Audit findings typically result in CAPAs.

Corrective and Preventive Actions help organisations:

• Address deficiencies
• Strengthen controls
• Prevent recurrence
• Improve governance

Strong CAPAs focus on root causes.

Weak CAPAs focus only on symptoms.

For additional discussion see:

[[audit-capas]]

The QPPV Perspective

Audits provide one of the most important sources of assurance available to a QPPV.

The QPPV cannot directly observe every pharmacovigilance activity.

Audit programmes help provide visibility regarding:

• Compliance
• Governance
• Risks
• System effectiveness

This information supports informed oversight.

For additional discussion see:

[[qppv-and-audit-oversight]]

Inspection Perspective

Inspectors frequently evaluate audit programmes.

Questions often include:

• Is the programme risk-based?
• Are audits independent?
• Are findings addressed?
• Are CAPAs effective?
• Are repeat issues occurring?

The existence of audits alone is insufficient.

Regulators generally expect evidence that audit outcomes drive improvement.

Common Misconceptions

Several misconceptions appear frequently.

Audits Exist to Find Fault

Audits exist to provide assurance and support improvement.

Audits and Inspections Are the Same

They serve different purposes.

More Findings Mean Better Audits

Finding quality matters more than quantity.

Audit Closure Equals Improvement

Improvement requires effective CAPAs and verification.

Understanding these distinctions improves audit effectiveness.

Characteristics of Effective Audits

Strong audits typically demonstrate:

Independence

Objectivity is maintained.

Risk Focus

Resources align with risk.

Evidence-Based Conclusions

Findings are supported by evidence.

Meaningful Recommendations

Improvement opportunities are practical.

Effective Follow-Up

Issues are resolved sustainably.

These characteristics increase organisational value significantly.

Key Takeaways

• Pharmacovigilance audits provide independent assurance regarding system effectiveness.
• Audits differ from inspections and routine monitoring activities.
• The purpose of auditing is assurance, risk management and improvement.
• Audit programmes should be risk-based.
• Findings should lead to effective CAPAs and sustainable improvement.
• Audits represent an important source of assurance for QPPVs.
• Inspectors frequently evaluate the effectiveness of audit programmes.
• Mature organisations use audits as strategic governance tools rather than compliance exercises.

References

1. EMA Good Pharmacovigilance Practices (GVP) Module IV – Pharmacovigilance Audits.
2. EMA Good Pharmacovigilance Practices (GVP) Module I – Pharmacovigilance Systems and Their Quality Systems.
3. EMA Good Pharmacovigilance Practices (GVP) Module III – Pharmacovigilance Inspections.
4. Regulation (EC) No 726/2004.
5. Directive 2001/83/EC.
6. Commission Implementing Regulation (EU) No 520/2012.
7. ICH Q9 Quality Risk Management.
8. ICH E2E Pharmacovigilance Planning.