Having a comprehensive audit plan is key for conducting a successful audit.
To make it simple, The Knowlogy has put together our 9 essential elements for effective audit plans.
1. Audit Rationale
The audit rationale is why the audit is required. For most audits, the why is usually answered by the design of the audit program. Whether it be for Good Laboratory Practice, Good Clinical Practice, or Good Manufacturing Practice. You should not be conducting audits for which there is no purpose. So find out the why; otherwise, you do not know the critical areas to be audited.
2. Audit Objectives
Define the audit objectives to meet the audit rationale. What is to be accomplished by the audit.
Audit Objective examples
- To qualify a supplier for the provision of critical reagents to be used in analytical chemistry.
- To provide management assurance that the facilities and processes are in compliance with GLP.
- To qualify the service provider for the provision of contract archiving of regulatory records.
3. Audit Criteria
These are the regulations, standards, industry guidance, and documented instructions against which the audit will be conducted. Documented instructions may include policies, standard operating procedures, work instructions, study plans, and protocols.
If the audit is of a supplier, verify which regulation or standard they comply with at the planning stage. There is nothing worse than travelling to a site only to find that they do not operate according to the audit criteria in the plan.
4. Audit Scope
The audit scope is the extent and boundaries of the audit. Generally, it includes a description of the physical locations, functions, organisational departments, activities, processes, and possibly the time period.
5. Audit Activities
To describe the methods to be used during the audit. The audit may use one or more of these methods;
- Tour of facilities
- Observation of activities
- Review of documented procedures
- Review of records
6. Audit Team
Who will be conducting the audit? Will it be one auditor or a team of auditors. If there is an audit team, the Lead Auditor should be identified and the central point of communication for the audit client, auditees, and the audit team. The roles of the audit team may be listed especially if they are a specialist in specific areas.
7. Audit Location
Where will the audit be conducted. Previously, this would have been on-site, but with technology’s abilities, the option of conducting the audit virtually can be considered. On-site or virtual will be dependant on the audit objectives. If the audit objectives can be met, conducting the audit virtually may be a better option.
8. Audit Timing
Of course, if the audit is observing an activity, the timing is determined by the activity. However, document reviews could be performed with more flexibility. Be mindful of a never-ending audit and consider the auditee’s other commitments when you require their input. Of course, there is probably never a perfect time to conduct an audit, but you need to have agreement from the auditee that they will commit to a time.
9. Audit Reporting
Plan the output of the audit in advance. Reporting the audit results should be defined in internal procedures; however, include in the audit plan for the audit client and auditee to be informed and agree.
- Format of the report. Will it include a list of documents reviewed, an outline of processes and findings. This information will support you in making audit notes.
- The timelines for providing the report. Remember to include sufficient time to write the report, peer review, and other internal administration tasks.
- The timeframe for responses to the audit results are to be provided by the auditee.
Download our Audit Plan template designed for conducting an external vendor audit here.