Grading of findings
Reply to Thread
This question is always being there for each auditor, I guess. The grading of the Audit Findings based on the applicable regulations ie. Critical, Major or Minor Findings. However I feel it is subjective based on the Auditors experience and mindset. My query is, which is the ideal way to grade the findings to maintain the consistency and to make it more accurate as per the regulations
indeed, you are raising a question many of us auditors have to answer on a daily basis and there is no perfect answer. If in doubt, many auditors re-read the criticality definitions as this focuses the mind (patient safety or data validity actually/potentially endangered) and for borderline cases a more conservative approach (upgrade) is often taken. What is worth considering is whether for a particular country/audit site different definitions of critical/major/minor apply compared to those used by the auditor's company/contracting company
A lot of companies have set up a peer review system where each audit report and classification of findings is reviewed by a colleague/senior manager who was not present at the audit. This ensures more consistency of classifications across reports from different auditors, but also that the descriptions are clear to others (e.g. often the auditee's senior management was not present at the audit but reads the report).
We hope this was useful.
You may want to take into consideration additional factors (i.e. in addition to impact on patient safety, data integrity, regulatory compliance, etc.,) when assessing the severity of an audit finding. The frequency of occurrence of the non-compliance, as well as the level of control / processes that govern the non-compliance, both can have an impact on the grading.
For example, an isolated incidence of non-compliance within an otherwise well-controlled process is likely to have a lower grading. Whereas, the same non-compliance issue that occurred frequently with little or no evidence of control, is likely to have a higher grading.
I agree with Barney. I wold also add the ICH E6 R2 notion of detectability. If the issue/non-conformance was detected by chance and there are not good processes/systems in place to detect future issues, then the grading should be raised. If as Barney says it is a minor issue that does not have a big impact and is readily detectable, then it is a minor audit finding, unless it is subsequently found to be the "tip of the iceberg" and the issue becomes more frequent, more impactful, or becomes less detectable!
RQA GLP Committee
The GLP Committee support the previous comments and would add that it is worth putting a definition in your SOP including a decision tree, but you do not have to grade findings at all, it is entirely a decision for your business as to what works best for you. All findings could be rated as a deficiency.