Proactive Audit Management – What You Should Know


Effectively managing audits is essential to any quality management program.  Good audit management helps to proactively ensure quality by measuring and improving processes, procedures, and marketed services and products.  In addition, supplied products and services can be audited to ensure quality adherence throughout the entire value chain.

Early detection and prevention through audit activities is the key to lowering product defects, thereby resulting in higher customer satisfaction. Many of the challenges associated with audit management center around open-ended audits and disjointed business processes. A core fundamental best practice for audit management is top-down buy-in from the organizational executive management. This level of institutional support ensures that quality is embedded into the fabric of the organization at every level.

Audit Process Management and Control

Good audit management programs begin with a clear definition of audit processes and metrics. In compliance with current regulations, the system should be able to track progress against previous audit deficiencies and identify potential root causes on time. Integrated CAPA processes ensure that corrective actions are implemented promptly to eliminate potential root causes.

Audit Management Cycle

Audit Management Best Practices

Effective audit management requires a combination of people, processes, and technology to achieve maximum results. Technology-based audit programs are in and of themselves, insufficient. The best practices summarized below highlight the essential requirements for automated audit management systems and the required processes and human resource requirements to ensure sustained compliance and reduce regulatory risk.

  • Obtain top-down management support and commitment. A fundamental requirement of any compliance initiative that impacts the entire organization is support from senior management. Top-down support ensures that compliance is treated as a corporate mandate versus a departmental challenge. It also ensures that resources will be available as needed to ensure success.
    • Corrective and Preventive Actions (CAPA).
    • Change Control
    • Non-conformance tracking and management.
    • Regulatory document / content management
    • Custom reporting, analysis, and analytics
    • Training
    • Compliance Intelligence Dashboard
  • Ensure closed-loop processes. For automated audit management systems, ensure that they are designed to successfully close out all audit processes on time. As obvious as this sounds, the number one reason for regulatory citations in this area is due to ineffective process closure.
  • Avoid “stand-alone” audit management systems. Audit management is an integrated process that requires a blend of several processes and compliance technologies to achieve real compliance.
  • Establish a proactive internal audit schedule. Continuous improvement demands that organizations periodically review internal policies and procedures and apply the necessary corrective and preventive actions to ensure quality. One fundamental preventive action is to perform periodic audits to ensure compliance and operational performance. Corrective action should be applied to all process or production issues revealed during audits to ensure sustained compliance
  • 21 CFR Part 11 compliance. In FDA-regulated companies, Part 11 is a mandatory requirement. Avoid customizing this functionality if possible.
  • Automate enforcement of audit checks and balances. Automated systems should segregate duties so that the responsibility for the audit is distributed among independent organizations. The system should include and support this best practice. Further, the system should support a multi-tiered approval process to ensure multiple levels of review and approval. Approvals should be documented with 21 CFR Part 11-compliant electronic signatures and accessible as documented evidence that audits were carried out with the highest integrity and credibility.
  • Ensure online and offline access and control. Automated audit management systems must be accessible across the extended enterprise. Most point solutions that address audit management are only accessible in the office while the auditor is online. This is impractical and promotes process inefficiencies and redundancies. Good audit management programs should allow offline completion and later synchronization of critical activities.
  • Leverage integrated document/content management technologies. Audit processes inevitably require documented evidence supporting the entire audit event. During the progression of the audit process, auditors may reference controlled documents as well as generate new documentation in support of the audit. To ensure ready access to production documentation and the management and control of audit documentation, a good audit management system should include integrated document management/content management technologies.
  • Built-in audit alerts and notifications.  One of the key reasons for non-compliance is the lack of follow-up. Day-to-day challenges and other business issues change priorities in a very dynamic manner. A well automated audit management system should include built-in alerts to notify management and personnel when pending action is required. These alerts should be coupled with corrective action plan items to ensure follow-up and subsequent closure on time.
CAPA Process

Figure 1 – Integrated Compliance Process Control

Audit Management Software Process

As shown in the figure above, CAPA is central to the audit process. Audits may reveal several issues and process deficiencies. The corrective action process ensures that these matters will be identified, tracked, and monitored in a controlled manner. All audit management systems must ensure compliance with Part 11 and include process support technologies such as reporting, analysis and trending, regulatory document management, and a documented API that supports integration with existing legacy systems such as MRP, ERP, electronic records management, and others.

Establishing a fully integrated, closed-loop system such as depicted in the figure above will ensure the information flow from one process to another. It should be clear that the integration of compliance processes such as the ones shown above will eliminate silos of information and support enterprise compliance management objectives.

Xybion XDP Preconfigured Apps

Ready to learn more? Book a free demo.

Heidi Krueger

Head of Quality Assurance

Heidi leads Xybion’s Quality Assurance practice. She has over 20 years’ experience in designing and implementing quality assurance policies. Since joining Xybion in 2000, Heidi worked with several clients to design quality policies and ensure compliance. She is responsible to hosting Xybion customer audits. Heidi has a BA degree in Biology from The King’s College.

James Castonguay

Product Technology Lead

James provides leadership to Xybion quality management systems including product design, development and client delivery. James started working with Xybion in 2002 in its Canadian division. He is now managing product delivery from the United States. James has a master’s degree in mathematics and minor in informatics from the University of Sherbrook, Quebec, Canada.

Dave Chiaramonte

Enterprise Assets and HSE Leader
Dave brings diverse and deep expertise to his leadership role as the leader of Enterprise Asset Management (EAM) and Employee Health & Safety line of business. Dave has over twenty years of experience within the Information Technology industry including development, implementation and integration of complex Enterprise Systems in large corporate environments. He is a highly regarded technology leader in IBM’s Maximo Asset Management Product implementation. Dave worked with BMS and Dupont pharmaceuticals before joining Xybion in 2004.

Tom Klapmuts

Digital Lab Solution Leader

Tom provides leadership in design, delivery and revenue growth of Xybion digital lab solutions. He is an experienced client solutions manager with a demonstrated history of working with many clients globally to solve their business problems. Tom has training in U.S. Food and Drug Administration (FDA), Good Laboratory Practice (GLP), Life Sciences, CRO Management, and Clinical Development. Before joining Xybion, Tom worked for pharmaceutical companies such as Merck and Schering Plough. Tom is a Purdue university alumnus.

Priya Rajesh

Head of Sales: APAC | Head of Operations: India

Priya is responsible for Xybion business growth in APAC region. She brings over two decades of experience in Business Consulting and Operations Management. Her deep expertise in diversified areas, including strategic alliance and partnership management, diversity and inclusivity initiatives and employee development, will amplify Xybion’s global strategic relationships and will strengthen the company’s executive leadership in India. In her last role at Conduent, she served as Director-Marketing & Bid Management. Prior to this, Priya has worked with Infosys and Covansys (now CSC). Priya holds degrees in microbiology & health management.

Raji Bijur

Head of Quality Control & CSV

Raji leads Xybion Quality Control function. She has over 22 years of experience in software quality management, CSV, SQA, software process & KPI development and industry benchmarking. She has strong process implementation knowledge including ISO, CMMI, Agile, Scrum, Six Sigma, Lean. Certified CSQA, CSV, GCP, and GAMP. Raji has led implementation of QC processes in Robotic Process Automation (RPA) projects. Before coming to Xybion in 2019, she worked with IQVIA (Former Quintiles), Infosys, Aris Global, Mphasis and serving clients across different market segments. Raji has a bachelor’s degree in information science & technology and MBA from Indian Institute of Management, Ahmedabad.

Bob Friedman

Chief Solution Architect

Bob Friedman has over 25 years of experience in Preclinical information systems at Xybion Corporation as a developer, development manager and Chief Solution Architect. He has been an active member of the CDISC SEND standards consortium for five years as well as the PhUSE / FDA Industry Collaboration. Bob has previously worked for Synthes Orthopedics, NYU Medical Center and the New York State Department of Health. He has a master’s degree in Biomedical Engineering from Rensselaer Polytechnic Institute.

Gokul Panda

Head of Platform and Product Development

Gokul is the Head of Platform and Product Development, responsible for developing new and critical platforms and products. He has over 20 years of enterprise software development in the life sciences industry and related fields. Gokul holds both a Bachelor’s Degree and Master’s Degree in Engineering from the Indian Institute of Engineering, Science, and Technology. Gokul’s unrivaled expertise in enterprise software architecture and solutions provides Xybion’s clients with leading product functionality, innovation, and platform stability.

Anu Roy

Chief Solutions Delivery Officer

Anu manages project delivery and relationship. She has over 18 years of Life Sciences industry and IT services experience. Anu has a strong track record of designing and developing digital solutions, management consulting, quality & compliance Management, CLM, process & key metrics design, program execution & improvement and account management. Anu is a recipient of the STEM WOC ‘Technology Rising Star ‘by US Women’s magazine in 2014. She has received several other awards including Infosys Consulting Architect Award for outstanding achievement in 2011, RCL Crown Golden Brain Award in 2013. Anu is a guest columnist at Pharmaceutical Compliance Monitor and published in several international business magazines. Anu has a bachelor’s degree in Biochemistry and MBA in marketing.

Keith Dempsey

Chief Information Officer

Keith Dempsey has joined Xybion as our global CIO. He brings 20+ years of progressive Information Technology experience from Merck, AIG, Barclays and PriceWaterhouse. Focusing his career on building global strategies that capitalize on progressive technologies that scale in accordance to realized business growth. His experiences range from introducing new technologies that facilitated a competitive advantage for Merck, introduced new and scalable technologies for AIG Investments, and created progressive global organizational improvements for Barclay’s Capital. Keith has a degree in Chemical Engineering from Clarkson University and an MBA from William Paterson University.

Steve Porfano

Executive Vice President & Chief Financial Officer

Steve manages Xybion corporate function which includes Finance, HR, Legal and QA. Steve joined Xybion in 1989 as Corporate Controller and was promoted to Chief Financial Officer in 1991. As Chief Financial Officer, Steve is responsible for the establishment, enhancement, coordination and administration of the Company’s financial systems, internal controls, and related areas. Additionally, he is the corporate liaison to the Company’s bank, independent certified public accounting firm and governmental compliance and financial auditors.

Kamal Biswas

President & Chief Operating Officer

Kamal joined Xybion as its President and Chief Operating Officer in 2018. He is an acknowledged leader in the life sciences industry and has over 20 years’ experience in management consulting and pharmaceutical business. Very recently, Kamal was a Partner and leader of the global Life Sciences practice at Infosys Consulting. Before that, he spent several years working with pharma companies including Novartis Pharma and Ciba Geigy to manage manufacturing and late-stage R&D functions.

Pradip K. Banerjee, Ph.D., MBA

Chairman of the Board & Chief Executive Officer

Dr. Banerjee is an entrepreneurial senior executive with 30+ years of in-depth experience in the global Life Sciences, Healthcare and Services industry in global operations, strategic management, business development, investments and new ventures creation, M&A and Buy-outs. Prior to acquiring Xybion in 2008, Pradip served as President and CEO of Science Center in Philadelphia focused on creating, incubating, managing and investing in science based new companies. He was the Partner-in-Charge of the pharmaceutical Research & Development unit of Accenture where he created the R&D consulting unit and had grown it to become $100+ million worldwide business. Dr. Banerjee holds a Ph.D. in Pharmaceutical Sciences from University of Wisconsin-Madison and an MBA from the Wharton Business School of University of Pennsylvania.

Employee Name

Job Title

Job Description