Audit Methodology

ICH-GCP & ISO 19011 Aligned

Validra Clinical Compliance Ltd conducts independent, risk-based GCP audits using a structured and consistent methodology aligned with ICH-GCP E6 (R2) and guided by recognised auditing principles, including ISO 19011.

Our methodology is designed to provide objective, defensible assurance while remaining proportionate to the scope, risk, and nature of the activities audited.

Principles of Our Audit Approach

All audits conducted by Validra are based on the following core principles:

Independence and objectivity
Risk-based focus
Systematic planning and execution
Evidence-based conclusions
Clear, transparent reporting

These principles underpin every stage of the audit lifecycle.

1. Audit Initiation & Scope Definition

Each audit begins with a clear definition of scope and objectives, agreed in advance with the client.

This includes:

Audit type (systems, site, study-specific, sponsor oversight)
Applicable standards and requirements
Scope boundaries and exclusions
Audit delivery model (remote, on-site, or hybrid)

Where appropriate, a risk-based rationale is applied to focus audit effort on areas of highest potential impact.

2. Audit Planning

Audits are planned in a structured and documented manner.

Planning activities include:

Review of background information and study documentation
Development of a tailored audit plan and agenda
Identification of key processes, roles, and records for review
Confirmation of logistics, access, and confidentiality arrangements

Audit plans remain flexible and may be adjusted during the audit based on emerging risk or availability of evidence.

3. Audit Conduct

Audits are conducted using recognised audit techniques, including:

Document and record review
Interviews with relevant personnel
Sampling of records and source data
Review of systems, processes, and controls

Remote audits utilise secure document sharing and video conferencing, with limitations clearly defined where physical verification is not within scope.

All audit activities focus on the collection of objective evidence.

4. Findings Evaluation & Classification

Audit observations are evaluated against applicable requirements and classified using a structured approach.

Findings are:

Clearly described
Supported by objective evidence
Referenced to applicable GCP or procedural requirements
Classified based on potential impact and risk

This ensures findings are proportionate, consistent, and meaningful.

5. Audit Reporting

A formal GCP Audit Report is issued following completion of the audit.

Reports include:

Audit scope and methodology
Summary of activities performed
Clearly presented findings and classifications
Overall audit conclusion
CAPA expectations and timelines (where applicable)
Limitations of the audit

Reports are written to support sponsor oversight, internal quality improvement, and regulatory readiness.

6. CAPA Review & Audit Closure

Where CAPAs are required, Validra can support:

Review of CAPA responses for adequacy
Assessment of implementation and effectiveness
Formal audit closure confirmation

Audit closure activities are conducted independently from audit delivery.

7. Independence & Quality Oversight

To maintain audit integrity:

Auditors are assigned based on competence and independence
Conflicts of interest are assessed and documented
Audit outputs undergo independent quality review prior to finalisation

This ensures audit outcomes are objective, credible, and defensible.

Proportionate, Risk-Based Assurance

Validra’s methodology is designed to deliver meaningful assurance, not unnecessary burden.

Our audits provide:

Clear insight into compliance status
Practical recommendations
Confidence for Sponsors and CROs