The Quality Assurance (QA) function is pivotal during due diligence in the life sciences industry. QA professionals play a critical role in ensuring compliance, identifying systemic risks, and validating the integrity of operations.
This guide outlines the essential QA tasks during due diligence and provides a targeted approach to evaluating and remediating quality-related gaps.
Table of Contents
Know your place in the scheme of things.
Having participated in many due diligence activities, I must remind my QA and Regulatory brethren of our role in this process: to investigate, categorize, prioritize, and report.
In following the steps listed below, we will “find out some things.” Our job is not to freak out and start shooting flares off in every direction: it is to bring those things back to the team for a risk-based decision regarding whether and how to proceed.
If you or your team find some things you think should be dealbreakers, make sure you dispassionately identify them and present a view of the risks and what it would cost in time and resources to lower them.
Oftentimes, the deal will proceed regardless, so we need to ensure the business knows what it just signed up for.
Now, let’s move on to how to be a valuable part of the process!
Why QA is Vital in Due Diligence
The life sciences industry is defined by its rigorous focus on safety, efficacy, and regulatory compliance. QA ensures that all processes—from manufacturing to post-market surveillance—meet these standards. In due diligence, QA should be helping to evaluate four main areas:
- Regulatory Compliance: Ensuring adherence to FDA, EMA, ISO, and other applicable regulations in the day-to-day operations of the enterprise.
- Product Quality and Safety: Reviewing systems that guarantee consistent product quality and patient safety.
- Risk Mitigation: Identifying quality-related risks that could lead to recalls, penalties, or reputational damage.
- Operational Integrity: Assessing the maturity and robustness of quality systems.
Key QA Tasks in Due Diligence
1. Evaluate the Quality Management System (QMS)
- Review the QMS to ensure it is robust, scalable, and compliant with regulatory requirements (e.g., FDA’s 21 CFR Part 820, ISO 13485).
- Assess document control systems, including SOPs, work instructions, and quality manuals.
- Verify the implementation and effectiveness of risk management practices, such as FMEA (Failure Modes and Effects Analysis), and assess them against ISO 14971.
- Pro Tip: Scrutiniz and pay special attention to aware dates to ensure they are being correctly identified and noted in the records.
2. Assess CAPA Systems
- Review historical CAPAs for trends in recurring issues, resolution effectiveness, and timeliness.
- Evaluate the root cause analysis methodologies used and whether preventive actions were adequately implemented.
- Check CAPA closures for proper documentation and regulatory alignment.
- Make sure are being opened when they should be.
3. Review Audit and Inspection Histories
- Analyze internal and external audit reports, including findings and responses.
- Assess the quality of the audit reports and the auditors themselves.
- Evaluate regulatory inspection outcomes (e.g., FDA Form 483 observations, EMA audit reports).
- Verify the implementation of corrective actions from past audits and inspections.
4. Examine Complaint Handling and Adverse Event Reporting
- Assess complaint handling processes for compliance with 21 CFR 820.198, 21 CFR Part 803 & 806, and ISO 13485:2016.
- Review trends in complaints and adverse event reports for systemic product quality issues.
- Verify that complaints are investigated thoroughly and linked to CAPA when necessary.
- PRO TIP: Scrutinize and pay special attention to aware dates to ensure they are being correctly identified and noted in the records.
5. Inspect Supplier Quality Controls
- Evaluate the supplier qualification and monitoring processes.
- Review supplier audit reports and corrective actions for deficiencies.
- Verify that supplier agreements include quality-related provisions, such as material specifications and quality audits.
6. Audit Product Development and Validation Processes
- Review product design and development documentation for compliance with Design Controls (21 CFR 820.30).
- Evaluate validation protocols and reports for manufacturing processes, test methods, and equipment.
- Verify risk assessments related to product development and lifecycle management.
7. Analyze Training and Competency Records
- Assess training records to ensure staff are qualified for their roles.
- Verify that training programs align with regulatory and quality requirements.
- Identify gaps in competencies that could pose compliance risks.
8. Evaluate Post-Market Surveillance Processes
- Review systems for monitoring product performance in the market, including field safety corrective actions (FSCAs).
- Verify compliance with reporting requirements for adverse events and recalls.
- Evaluate trends in post-market data for potential systemic risks.
9. Inspect Change Control Processes
- Assess the robustness of change control procedures for managing processes, equipment, and document changes.
- Verify that changes are evaluated for impact on product quality and regulatory compliance.
- Review records of past changes to ensure proper implementation and documentation.
QA-Focused Due Diligence Checklist
| Category | QA Tasks |
|---|---|
| Quality Management System | Review QMS documentation, SOPs, and risk management practices. |
| CAPA | Evaluate root cause analyses, timeliness, and documentation of CAPA processes. |
| Audits and Inspections | Analyze audit histories, regulatory findings, and implementation of corrective actions. |
| Complaint Handling | Assess processes for complaint investigations and adverse event reporting. |
| Supplier Quality | Review supplier qualification, monitoring, and audit results. |
| Validation Processes | Verify design controls, process validations, and risk assessments. |
| Training and Competency | Audit training records and assess alignment with regulatory requirements. |
| Post-Market Surveillance | Evaluate processes for monitoring and reporting product performance in the market. |
| Change Control | Assess change management records for quality and compliance impacts. |
Best Practices for QA in Due Diligence
- Collaborate Across Functions: QA should work closely with regulatory, R&D, and operations teams for a holistic evaluation.
- Focus on Risk: Prioritize areas with the highest potential for non-compliance or patient safety concerns.
- Document Findings Thoroughly: Maintain detailed records of identified gaps, risks, and remediation recommendations.
- Engage Subject Matter Experts: Use specialized QA professionals to evaluate complex areas like sterilization processes or biocompatibility.
- Plan for Remediation: Develop a clear roadmap to address gaps and ensure sustainable compliance. The plan should include estimates of the time and effort needed to achieve compliance.
Conclusion
Quality Assurance is the backbone of a successful due diligence process in the life sciences industry. We ensure that acquisitions, partnerships, and investments are built on a solid foundation by focusing on compliance, operational integrity, and risk mitigation.
The tasks and checklist provided in this article can guide QA teams through a comprehensive evaluation, safeguarding patient safety and regulatory alignment while enabling informed decision-making.
Contact us below for more info.