Donna Hollaway, RN, CCRC
Authority to Audit
45 CFR 46.109(e)
 An IRB shall conduct continuing review of research
covered by this policy at intervals appropriate to the
degree of risk, but not less than once per year, and
shall have authority to observe or have a third
party observe the consent process and the
UTHSC Local IRB Policy
The process of compliance auditing is meant to
accomplish several important purposes:
 Assure human subjects are properly protected, and
that procedures to accomplish this goal are carefully
 Assist investigators in complying with current
regulatory standards for protecting human subjects
and in avoiding any external sanctions that may result
from non-compliance with standard of practice
Local Policy (cont)
 Process is intended to assure that the University and
affiliated institutions remain in good standing with
federal agencies having oversight of human subject
research activities.
Most frequently asked
“How did my study get selected
for a compliance audit?”
 Observation of the informed consent interview
 For cause
 Random
What is reviewed during an audit?
 Informed consent documents
 Subject eligibility documentation
 Verification of the informed consent interview
 Research records
 Medical records (if required)
 Database
 Study medication
 Confidentiality
 Regulatory documents
“Informed consent is the cornerstone of human
subject research and the critical element in assuring
the protection of subjects who voluntarily choose to
enroll in a study.”
Research Practitioner
July-August 2011
Informed Consent
 Correct version (most current)
 IRB-stamped version
 Pages initialed by subject
 Only designated personnel conducted the
informed consent interview
 Signatures dated and timed by
 Person Obtaining Consent
 Investigator (must sign with 72 hours)
Informed Consent Verification
21 CFR 312.62(b), “the case history for each individual
shall document that informed consent was obtained
prior to participation in the study”. Generally, industry
fulfills this requirement in one of two ways:
• By documenting consents in source documents;
• By documenting consents on case report forms.
Best practices call for a contextual
statement in a source document
regarding exactly how and when
the consenting processing
Subject Eligibility
There must be some type of documentation that the
subject strictly meets the inclusion/exclusion criteria
Research Records
 Research records will be reviewed for completeness,
timeliness, and accuracy
 Were visits and study procedures completed within the
defined window?
 Can data be verified from a source?
Protocol Deviations
 Deviations: Failure to follow procedures specified in the
approved research protocol in the absence of a protocol
 Minor – no substantive effect on the risks or benefits for
the subject, and no effect on value of data, and does not
result from willing or knowing misconduct on the
investigator or study staff
 Major – deviation that has harmed or posed significant
risk of harm to subject, or compromised scientific
integrity of data, or appears to result from misconduct
Medical Records
If the study involves the subject’s
clinical record, the records will be
compared to data points in the
research record for compatibility.
If the data has been entered into a database, the
database will be reviewed for accuracy, security, and
Study Medication
 Is it being stored according to the protocol?
 Are the dispensing records up to date?
 Is returned study medication stored correctly?
 Is it being stored securely, who has access to it?
• Where are the study records stored?
• Who has access to the records?
• How are the records labeled?
• Has a database been created?
• How are specimens labeled?
• Is any portion of the specimen retained at the local
Regulatory Documents
Regulatory documents are reviewed for continuity,
changes in study procedures, amendments/changes
that should be submitted to the IRB, study staff
responsibilities/assignments, study staff training,
investigator CVs, and evidence of PI oversight.
What happens after the audit?
 Audit report is written and forwarded to the IRB
 Follow-up letter is written documenting audit findings
 PI and key study staff receive copies of audit report and
letter via iMedRIS
 Audit report and letter is placed in “Other Documents”
in iMedRIS (as well as “Correspondence”)
How to respond to an audit
 If there are no significant audit findings, no response
is necessary
 If audit findings require a revision to the study
application, a Form 2 will be requested
 If audit findings require corrective action, items to be
addressed will be outlined in the letter
 A correspondence can be created in iMedRIS to
address each request for corrective action or additional

similar documents