Inconsistency in managing CAPAs: When CA loses PA
CAPA is a process in which regulators watch closely as they expect companies to follow up to detect and resolve compliance issues. As such, it’s a critical point of focus during audits, whether FDA or ISO QMS audits.
So, every company needs to establish a procedure for handling CAPA – to stick to it!
An effective and compliant CAPA process involves a set of data in order to detect problems, find and implement solutions, and document findings and changes. It’s a process that can impact the entire company and you need a system that can track key activities and provide an audit trail as needed.
CAPA processes should be dropped into the particular project-affected, thereby triggering a special sequence of events (steps) required to resolve the QMS issue.
Auditors are very tough when it comes to CAPAs. It’s one of the subjects that auditors cover during each visit, from experience, I know!
Firstly, the CAPA procedure is on the menu. They study each step of it so that they can check how it’s implemented in actual practice. Then, next is to go over how CAPAs from the last surveillance audit was resolved and of course other internally identified non-conformities.
Auditors expect that companies be consistent in handling their CAPAs. Well, you said in your procedure how you are going to do it and procedure should be followed. Literally!
If it is defined that your CAPA needs to pass through the following steps: detecting and reporting the non-conformity, then investigation of the root cause of your problem, performing corrective and preventive actions and CAPA verification at the end – STICK TO IT!
Be consistently consistent!
Your auditor will certainly want to see that you carried out the complete process while handling your CAPA. So, be sure that you are using an appropriate solution where all the data can be saved in one place and where you can connect all the steps of a process. In that way, you’ll certainly know which corrective action refers to which non-conformity.
You think that root cause analysis isn’t necessary for that CAPA, so some of your CAPAs missed it in the report? Or maybe CAPA verification? You think this non-conformity won’t repeat again, and you don’t need to define preventive action? Big mistake! Huge!
Auditors have eyes for these things! You forgot that they have studied your procedure! Result: you need to re-do all your CAPAs. Oh yes, that can happen, that will happen! It has been seen during recent audits by TUV SUD, DEKRA, etc. Suddenly your up to your eyeballs in alligators in the middle of a swamp. And so comes the non-conformity to handle all your CAPAs from the beginning – you need to have these procedures in order to be consistent.
All CAPAs need to contain all data, and PA’s are data for a CAPA. Re-doing 50 CAPAs?! Think again if you think you can skip root cause analysis, CAPA verification or preventive action… oh the pain, maybe those alligators might be more merciful…