Internal Auditing in
Research:
The QA Process
Research Education Series
February 14, 2011
Sarah Dutkevitch, RN, OCN, Clinical Research Nurse Specialist
Heather Kemp, MBA, CCRP, Clinical Research Coordinator
Department of Surgery, General Surgery Section
Agenda / Overview
• Assessing Risk in Auditing
• The SOP: Answering the Who, What, Where,
When, Why, and How of Internal Auditing
• The Coordinator’s Perspective: Before, During,
and After an Internal Audit
The Research Context
Operational
Oversight
Finance
Biospecimen
Repositories
NonTherapeutic
Operations
Educational
Research
Imaging
Research
IUH North
Hospital
Therapeutic
Operations
Regulatory
Research
Databases
IUH University
Hospital
Investigational
Drug, Devices,
and Procedures
Nursing
Data
Management
IUH West
Hospital
VA Medical
Center
Wishard
Hospital
The Research Context
Finance
Non-Therapeutic
Operations
Regulatory
Therapeutic
Operations
• Budgeting, Grants and Contracts, Account Management
• 1 Staff Member with Responsibilities in this Area
• 0.5 FTE
• Subject Consenting, Specimen Collection and Processing, Hospital Staff Training, Data
Collection and Management, Data Analysis, Manuscript Publication
• 6 Staff Members with Responsibilities in this Area
• 2.25 FTE
• Protocol Development, Regulatory Approvals (IRB, VA R&D, etc.), Regulatory
Document Collection and Maintenance, Internal Auditing
• 2 Staff Members with Responsibilities in this Area
• 1.25 FTE
• Subject Screening/Consenting/Enrollment/Management , Hospital Staff Training,
Data Collection and Management, Data Analysis, Manuscript Publication
• 7 Staff Members with Responsibilities in this Area
• 5.0 FTE
Answer the questions in Section I
(page 1) of your handout to assess the
context of your research group.
Why is it Audited?
• Compliance
• Process Improvement
• Education
Who is Audited?
• All research which:
– Is not exempt from IRB review;
– Is not being conducted under a waiver of informed
consent;
– Has subjects enrolled on the study; and
– Has not been reviewed by the Clinical Trials
Monitoring Committee in the past 12 months.
What is Audited?
• Informed Consent Documents and Informed
Consent Process Documentation
• HIPAA Authorizations
• Subject Eligibility
• Protocol Compliance (Deviations and Violations)
• Subject Safety
• Compliance with the DSMP
Sponsored Trials: Exceptions to the Rule
• Informed Consent Documents and Informed
Consent Process Documentation
• HIPAA Authorizations
• Subject Eligibility
• Protocol Compliance (Deviations and Violations)
• Subject Safety
• Compliance with the DSMP
Other Resources
1. Toward, J. (2010, November). Contrasting
Health Canada and internal academic audit
mechanisms and outcomes. SoCRA Source
Journal, 66, 26-31.
2. Austin, DM. (2010, November). Investigational
product accountability to ensure audit
readiness. SoCRA Source Journal, 66, 42-46.
3. Korieth, K. (2011, February). The high cost and
questionable impact of 100% SDV: Sponsors,
CROs reluctant to alter standard practice. The
CenterWatch Monthly, 18(2), pp.1, 15-17.
Answer the questions in Section II
(page 2) of your handout to assess the
risks inherent in your research group.
Where and When is it Audited?
• Audits are Conducted in the Office/Clinic/Lab Where Study
Charts are Stored
• Audits Fall in the Middle of the Continuing Review Cycle (±2
Months)
Where and When is it Audited?
• Audits are Conducted in the Office/Clinic/Lab Where Study
Charts are Stored
• Audits Fall in the Middle of the Continuing Review Cycle (±2
Months)
• The Auditor Provides Written Notification to the PI and Lead
Study Coordinator Approximately Two Weeks in Advance
The Email Notification
RE:
Internal Audit of Study No. [IRB No.]
Dear Dr. [Name]:
This email is to remind you that the above-referenced study is scheduled to be audited on
[Date]; I will be reviewing the records for all subjects enrolled since the last continuing
review approval (Date). I will coordinate the audit with the primary research coordinator
on this study, [Name], and will disseminate the findings to the team afterward.
Attached to this email are three documents for your reference:
• A copy of the internal audit template that will be used to direct the audit proceedings;
• a copy of the General Surgery internal auditing SOP; and
• a copy of the General Surgery Research Compliance Tip Sheet.
If you have any questions about protocol compliance, please feel free to contact me at
your convenience.
CC:
[Research Coordinator]
Where and When is it Audited?
• Audits are Conducted in the Office/Clinic/Lab Where Study
Charts are Stored
• Audits Fall in the Middle of the Continuing Review Cycle (±2
Months)
• The Auditor Provides Written Notification to the PI and Lead
Study Coordinator Approximately Two Weeks in Advance
• Audits are Scheduled Using Outlook (Appearing on the
Research Staff’s Calendar)
• The PI and Research Staff are Not Present During the Audit
• The Audit Findings are Disseminated in Writing to the PI,
Research Staff, and Regulatory Staff Following the Internal
Audit
Answer the questions in Section III
(page 2) of your handout to consider
the auditing logistics appropriate for
your research group.
How is it Audited?
• Informed Consent Documents and Informed
Consent Process Documentation
• HIPAA Authorizations
• Subject Eligibility
• Protocol Compliance (Deviations and Violations)
• Subject Safety
• Compliance with the DSMP
How is it Audited?
•
•
•
•
•
Proper ICS Version and Pagination
Proper IRB Approval Stamp(s) on ICS
Proper ICS Execution
Informed Consent Process Note Review
Proper HIPAA Authorization Version and
Pagination
• Proper IRB Approval Stamp on HIPAA
Authorization
• Proper HIPAA Authorization Execution
• Medical Records Documentation (VA Only)
How is it Audited?
• Informed Consent Documents and Informed
Consent Process Documentation
• HIPAA Authorizations
• Subject Eligibility
• Protocol Compliance (Deviations and Violations)
• Subject Safety
• Compliance with the DSMP
How is it Audited?
• Subject Eligibility
– Eligibility Checklist Review and Source Document
Verification (Sampling)
• Protocol Compliance
– eCRF Review and Source Document Verification (Sampling)
The Compliance Log
How is it Audited?
• Subject Eligibility
– Eligibility Checklist Review and Source Document
Verification (Sampling)
• Protocol Compliance
– eCRF Review and Source Document Verification (Sampling)
• Subject Safety
– Regulatory File Review
– eCRF Review and Source Document Verification (Sampling)
The Safety Log
How is it Audited?
• Subject Eligibility
– Eligibility Checklist Review and Source Document
Verification (Sampling)
• Protocol Compliance
– eCRF Review and Source Document Verification (Sampling)
• Subject Safety
– eCRF Review and Source Document Verification (Sampling)
– Regulatory File Review
• DSMP Compliance
– Regulatory File Review
Answer the questions in Section IV
(page 2) of your handout to consider
the internal auditing priorities for your
research group.
The Coordinator’s Perspective
1. “An ounce of prevention is worth a pound of
cure.”
Answer Question 1 in Section V (page
3) of your handout to brainstorm some
“preventative actions” for your
research practice.
The Coordinator’s Perspective
1. “An ounce of prevention is worth a pound of
cure.”
2. Leave a trail of “bread crumbs” for the next
person.
Answer Question 2 in Section V (page
3) of your handout to assess how
detailed, organized, and reliable you
are in your research practice.
The Coordinator’s Perspective
1. “An ounce of prevention is worth a pound of
cure.”
2. Leave a trail of “bread crumbs” for the next
person.
3. Prep for the “big
day”.
The Coordinator’s Perspective
1. “An ounce of prevention is worth a pound of
cure.”
2. Leave a trail of “bread crumbs” for the next
person.
3. Prep for the “big
day”.
4. Turn that frown
upside down.
Answer Question 3 in Section V (page
3) of your handout to identify
opportunities to promote internal
auditing.