Kinds of Audits/Audit Process
What are the three main roles in an audit?
Auditee, Auditor, Client
What are the three questions to determine if something is unethical?
Is this legal?
Is this balanced?
How will this make me feel about myself?
What are the 4 main documents that are used as references or bases of audits?
ISO 19011
FDA QSIT
FDA CPGM 7382.845 (Yes it's ok to not remember the numbers)
MDSAP
Define Misfeasance
The basic reason for an audit is:
a. To complete an audit report showing deficiencies
b. To determine if a control system is in place and effective
c. To suggest improvement opportunities to suppliers
d. To select the most efficient and low cost suppliers
The basic reason for an audit is:
b. To determine if a control system is in place and effective
In an internal audit, who is the client? Who is the auditee? Who is the auditor?
Client and Auditee - the company performing the audit
Auditor - a representative from that company
What are the 5 data integrity principles?
Physical integrity
Logical integrity
ALCOA-CCEA
Metadata
Audit Trails
What are the 3 inspection levels of FDA CPGM?
Level 1 - Abbreviated inspection of 2 QSIT major subsystems
Level 2 - Comprehensive inspection of all 4 QSIT major subsystems
Level 3 - Follow-up and For-cause inspections
What does QSIT stand for?
Quality Systems Inspection Technique
Being sympathetic to an auditee's plight will:
a. Encourage the auditee's management to correct deficiencies
b. Uphold the client's best interest
c. Demonstrate professionalism
d. Often be detrimental to the outcome of the audit
Being sympathetic to an auditee's plight will:
d. Often be detrimental to the outcome of the audit
What are the three kinds of audits by method and their definitions?
System audit - concentrating on quality system interest
Process audit - concentrating on achieved results of the processing effort
Product audit - concentrating on one or more products or services
What are the three main things auditors must be competent with respect to?
Applicable regulatory, statutory, and safety requirements
Appropriate device technologies and processes
Auditing of medical device manufacturers' quality systems
What are the 7 ISO 19011 principles of auditing?
Integrity
Fair Presentation
Due Professional Care
Confidentiality
Independence
Evidence based approach
Risk based approach
What is PDCA? Describe an example of this in practice.
Plan, Do, Check, Act
*Make a collective decision on if the example was sufficient*
Objective evidence can only be expressed via:
a. The lead auditor's credentials
b. Verifiable qualitative observations
c. Statements of fact
d. Verifiable quantitative observations
Objective evidence can only be expressed via:
c. Statements of fact
Name three benefits of a process audit over a system audit
(Any three of the following)
Easier to verify conformance to standard, methods, procedures or other requirements
Require less planning than system audits
Require fewer auditors than system audits
Identified issues are more easily addressed
What are the 3 fundamental principles of the ASQ code of ethics?
Honest and impartial in serving stakeholders
Strive to increase competence and prestige of the quality profession
Use knowledge and skill for enhancement of human welfare
1+ grade 5 NCs
2+ grade 4 NCs
Identified public health threat
Fraudulent activity or counterfeit product
What does MDSAP stand for, and what are the 5 countries?
Medical Device Single Audit Program
Australia, Brazil, Canada, Japan, USA
Audits are often conducted using a standard to ensure:
a. Objectivity in the evaluation of performance
b. A timely execution of the audit
c. A maximum number of observations
d. Uniformity in both process and product observations
Audits are often conducted using a standard to ensure:
a. Objectivity in the evaluation of performance
What are the 5 steps of the audit process?
Managing
Planning
Conducting Audits
Reporting Results
Maintaining Records
What is the sequence of events necessary for legal consequence? (5 events)
Negligent
Owes company a duty
Breached the duty
Failed required standard of care
Breach of duty caused damages
What are the 7 subsystems of QSIT?
Major -
Management Controls, Design Controls, CAPA, Production and Process Controls
Minor -
Material Controls, Records/Documents/Change Controls, Facility and Equipment Controls
Name each term in ALCOA-CCEA
Attributable, Legible, Contemporaneous, Original, Accurate
Complete, Consistent, Enduring, Available
An external auditor is engaged by the company owner to conduct an organization audit and to provide a report. The auditor should seriously consider which of the following liability issues:
a. Fraud, standard of care and negligence
b. Standard of care, negligence and liability damages
c. Negligence, liability damages and fraud
d. Liability damages, negligence and standard of care
An external auditor is engaged by the company owner to conduct an organization audit and to provide a report. The auditor should seriously consider which of the following liability issues:
a. Fraud, standard of care and negligence