Audits allow for the review of a process or set of processes to enable identification of non-compliances with regulations or laws. Any deficiencies found can be corrected to enable full compliance.

The Visited Audit Process

The audit process is as follows:

  1. Issue invitation to CI/ PI and team lead or vendor/ service provider
  2. Liaise with correspondent to determine suitable audit date (if audit date is not pre-determined due to availability of auditors)
  3. Pre-audit documentation is provided to auditors by the auditee
  4. Pre-audit documentation is reviewed by the auditor along with any other applicable available information
  5. Audit is conducted over 1+ days (depending on audit plan requirements) covering;-
    • Opening meeting, where any issues experienced by the auditee and the study in general can be discussed. Availability for the exit meeting and point of contact for the duration of the audit is confirmed at this point
    • Audit commences, with auditors taking tour of facilities or beginning review of documentation as appropriate.
    • Exit meeting between auditors and auditees conducted, any findings identified are discussed and auditees are offered the opportunity to provide additional information against findings. (a follow up email may be sent to the CI/PI if they are unable to attend the exit meeting)
  6. Auditors draw up the audit report with an aim to provide this to the auditees within 28 days
  7. Auditees to review audit report and provide an action plan against any critical, major or other/ minor findings along with completed signature page back to the auditors within 28 days
  8. Auditors review action plan to determine suitability of described actions against findings. A conversation between the auditors and auditees may be required if actions are not deemed appropriate.
  9. Once the auditors accept the action plan, an audit certificate will be issued. This will allow the closure of the audit

Expectations Ahead of a Visited Audit

Ahead of an audit, you will be contacted to arrange a suitable date. Please ensure adequate space is available for the number of auditors in attendance, booking a suitable room where required. Any information requested in advance by the auditors should be provided 2 weeks before the audit date.

Expectations During a Visited Audit

During the audit opening meeting, you will be asked to provide an overview of the project of work. This will include any issues you have experienced. Please remind yourself of any problems, actual or perceived, prior to the meeting so that these can be discussed.

Over the course of the audit, the auditors may have questions or need assistance in locating specific documentation. It is usual practice to collate queries and request information/ assistance just before lunch so that you can come back with answers prior to the exit meeting. Further questions/ requests may be made prior or during the exit meeting depending on information reviewed post lunch.

Expectations After an Audit

It is recommended that any findings discussed during the exit meeting/ follow up email are reviewed, actions considered and acted upon to correct any noted deficiencies. The formal report will be supplied and at this point, confirmation of actions conducted/ to be conducted will be requested.

Please note, findings classified as ‘Recommendation’ do not need to be reported back formally and are provided for consideration by the Principle Investigator/ Team. Finding classifications requiring action are shown below along with their required turnaround times.

Critical – Begin action immediately

Major – Action to be completed within 3 months

Other/ Minor – Action to be completed within 12 months

The Self-Assessment Audit Process

The audit process is as follows:

  1. Issue a request to CI/ PI and team lead or vendor/ service provider to perform a self-assessment in an allotted month
  2. Audit is conducted over 1+ days (depending on audit plan requirements/ staff resource)
  3. Self-assessment is returned to the QA team for review
  4. QA team review the self-assessment tool and associated documentation provided. The QA team may seek clarification against statements made in the tool or asks further questions against information provided
  5. Following provision of any additional requested information, a formal report will be drawn up and provided to the CI/ PI and team lead or vendor/ service provider. At this point, confirmation of actions conducted/ to be conducted will be requested.
  6. The audit report is to be reviewed and an action plan drawn up against any critical, major or other/ minor findings and this should be sent along with a completed signature page back to the QA team within 28 days
  7. QA will review the action plan to determine suitability of described actions against findings. A conversation between QA and persons who completed the self-assessment/ action plan may be required if actions are not deemed appropriate.
  8. Once the QA team accept the action plan, an audit certificate will be issued. This will allow the closure of the audit

Expectations for the Conduct of a Self-Assessment Audit

The audit tool is a large document however we do not expect the complete audit tool to be used for every self-assessment audit. Only complete the sections indicated, those not required will be “greyed out”.

When documenting the self-assessment audit please include as much detail as possible. The tool is designed to be completed electronically. As a Word document it will expand to allow the recording of information e.g. version numbers and dates of documents, findings from review of patient notes, contents of a file note.

Audit Preparation

It is recommended that you self-review your study files to ensure compliance with the NJRO SOPs and GCP requirements paying close attention to the ALCOA+ principles. The audit tool used by the QA team for visited and self-assessment audits can be used for this purpose. Please contact the NJRO QA team to request a copy.

There is currently no defined expectation as to how often a study file should be reviewed, but it would be reasonable to review each study at least once in its lifecycle, more if it is a study encompassing a number of years. NJRO SOPs are accessible via the NJRO Documents Page, and the ALCOA+ principles are outlined below.

  • Attributable – Record who performed an action and when (including a time where appropriate)
  • Legible – Data must be readable throughout the entire lifecycle of the record
  • Contemporaneous – Documented at the time of the activity
  • Original – Original record or a certified copy
  • Accurate – No errors or editing without documented amendments. Reliable data
  • Complete – All data regarding an action, repetition of an action or, a review performed. Data/ records must be complete
  • Consistent – All components of a sequence of events are followed including a date and where applicable time stamp in the expected sequence
  • Enduring – A sustainable record (systematically documented) in hard copy notes or validated systems i.e. patient notes, laboratory notebooks, Case Report Forms (CRF), electronic CRF or Laboratory Information Management Systems (LIMS)
  • Available – Can be accessed for review, audit and, inspection over the lifetime of the record

Audit Documents and Templates

We are continuously developing a number of templates to provide examples of what we consider to be the required information in a given document/process.

A non-exhaustive list of templates and SOPs are shown below. Please contact us to obtain a copy of these templates or to see if we have generated for a one to cover your particular scenario.


  • Adverse Event & Serious Adverse Event Log
  • Eligibility Guidance & Checklist
  • Informed Consent Guidance and Checklist
  • Enrolment Log
  • Screening Log
  • Deviation Log
  • Amendment Log


  • Undertaking a Corrective and Preventative (CAPA) Investigation
  • Undertaking a CAPA Investigation – Tabulated Timeline
  • Undertaking a CAPA Investigation – CAPA Plan
  • Change Management SOP
  • Change Management Application

The QA team are happy to review drafts of documentation for new or existing studies in advance of their submission to REC.

Common Findings

We track findings generated in a given period to determine trends and patterns. At the time of writing, a number of findings relate to the consent process, documentation practices in general and evidence of study staff training i.e. presence of a signed and dated CV and current GCP certificate. An abbreviated summary of major and other/ minor findings is shown below.

Major Findings

  • ICFs not complete
    • Signatures of participant or researcher are missing
    • The form is missing acknowledgement to enable study participation
    • Pages of the ICF are missing or have not been annotated
  • ICFs have been completed on behalf of the participant (without appropriate explanation) or the participant has been directed to complete sections via highlighting/ marking with a cross
  • ICFs reference incorrect versions of PIS, through version number and/ or date
  • Incorrect PIS has been provided to participants or has been stored in the participant notes
  • Eligibility confirmation is incomplete/ inconsistently documented
  • Protocol has not been signed by the PI to confirm agreement to conduct activities according to the protocol
  • Expired GCP certification or GCP certification not present
  • Missing CV
  • No evidence of Informed Consent training for Allied Health Professional staff
  • Delegation: not delegated by PI, delegated inappropriate duties for their role, delegation log not reflective of staff conducting trial related tasks

Other/ Minor Findings

  • ICFs do not have participant identification numbers on them
  • ICFs have non-GCP compliant corrections
  • Documentation has nowhere to sign to show who undertook the tasks and when
  • Signatures of physician/ research staff is missing from worksheets
  • Documentation for some patients are blank but without explanation i.e. study checklists
  • Incorrect version references in documents
  • Documents are not version controlled through version number and date
  • CV not signed or dated


As part of the audit process the QA team will make recommendations. Often they are not a regulatory requirement but reflective of good practice. An example is the evidence of confirmation of General Medical Council (GMC) and Allied Health Professional (AHP) registrations for staff conducting trial related tasks