Supplier Audits: Drawing ROI from a Trusted Community

June 10, 2010
If supplier audits could be harmonized and shared amongst trusted partners, "we could effectively revolutionize the entire industry" and make our supply chains much safer, says Sigma-Aldrich's Tom Beil.

Supplier audits have long been considered a necessary evil and an accepted cost of doing business. But do they have to be so burdensome, and so expensive? Not if a more collaborative process was developed so that API and drug manufacturers could share the workload of conducting audits and spread the cost burden as well.

The Rx-360 consortium has recently initiated an Audit Sharing Pilot Program aimed at doing just this. One of the key participants has been Tom Beil, VP of Quality & Regulatory Affairs for Sigma-Aldrich. Yes, such a program would save time and resources, says Beil. But it would also significantly aid the industry’s collective anticounterfeiting efforts by freeing up time and resources that can be devoted elsewhere. We spoke with Beil to find out more.

PhM: What's the breadth of Rx-360's Audit Sharing Pilot program? Who's involved right now, and what are the pilot's key objectives?

T.B.: The pilot program aims to collect audit reports and responses associated with 30 suppliers in several regions of the world—North America, Europe, China, and India. The Working Group has sent initial communications to these suppliers inviting them to participate in the pilot program and has been following up with each supplier in recent weeks to confirm participation and discuss questions. Over 40 companies have now agreed to participate in the pilot program with the number continuing to grow steadily.

The work of the Audit Standards Working Group is split into several sub-groups, as there are a wide variety of standards which are required. The Working Group and its sub-groups consist of 27 participants from 19 different companies and organizations. There are six sub-groups: APIs, Excipients, Supply Chain Security, Basic Chemicals, Packaging and Print. Of these sub-groups, the first four are active and standards are being finalized. Wherever possible, existing standards are being adopted and Rx-360 is working closely with other organizations. For example, PQG/IPEC [Pharmaceutical Quality Group and International Pharmaceutical Excipients Council] are in the process of updating the excipients standards.

The standards will be used in a pilot to prove the whole auditing process. The current thinking is that a minimum of three standards will be used within the pilot program. These are likely to be: API, Excipients and Basic Chemicals, in conjunction with the Supply Chain Security checklist, which is to be used alongside all of the other standards.

PhM: This initiative is really a key facet of overall quality management at companies like SAFC. Can you elaborate on how it will aid your work, as both a supplier and a producer?

T.B.: It is all about leveraging and not duplicating the efforts of vendor audits. As a complete pipeline partner for pharmaceutical and biopharmaceutical companies, SAFC currently undertakes in excess of 200 customer audits each year, in addition to our standard FDA and EMEA audits, and see standardization of the audit process and the sharing of audit information as ways to significantly reduce both the time and cost burden, while maintaining audit standards. As a customer, we carry out audits of our suppliers and, like all companies, want to utilize our internal resources more efficiently and maximize our return on investment, while enhancing the integrity of our supply chain. While we consider each of our customers to be special and unique, our vast experience has told us that their audit requirements are often very similar.

Typically, on a three- to four-day audit, the first few days are focused on the basics, such as the purity of water, the training, etc., which have to be undertaken before we can get to the more critical issues. From SAFC’s point of view, as a supplier we would save on fewer audits and the time it takes to host them, while as a producer we would save by being a part of a consortium that can do 100 audits for the same cost in money or time that it would take my staff to do 20-30 audits.

PhM: How can shared audits directly address issues of drug counterfeiting? Give us a brief scenario or two if you could.

T.B.: If we are sharing the good and the bad information on vendors it will help the community and not just one company. If a single company shared with another company, they could double their resources. If we could share with a trusted community we could effectively revolutionize the entire industry.

To illustrate how this works, we could use a scenario similar to that of global airport security—we are all as strong as our weakest link. We need to be able to focus on the problem companies and not put unnecessary burdens on good partners, so that we can keep the total cost of quality equal or lower while improving security.

Put simply, if 10 companies each audit the same company for the same product and we changed this situation, so that we used only one audit of that same compliant company, we have effectively freed up resources for 9 audits with which to improve the compliance and security of a higher-risk supplier.

PhM: There’s a real potential for participants to benchmark against others’ audit practices. What kinds of things do you think they’ll be surprised to find out? In what areas do they stand to learn most?

T.B.: I always say each customer is special but not unique. It is the same with the other industries that have similar audit sharing programs. We stand to learn the most in that our needs are not that unique and we can save months if not years in learning how best to set up the program. Once we get past the apprehension of disclosure, we will be pleasantly surprised at how easy it is to leverage the information to make good quality decisions.

PhM: SAFC currently conducts over 200 customer audits every year (in addition to standard FDA, EMEA audits). Can you estimate to what degree audit sharing might cut down on this burden?

T.B.: To keep this very simple, if I said we had most of the audits at 10 of our sites, and one audit for each site, we could save 190 audits. I know this is not practical but we could save on the duration of several of those audits by leveraging the common parts of the audit such as training, environmental auditing, supplier audits. By doing this we could get straight on with the customer / product specific items and reduce each audit by at least a day or two.

PhM: How will the pilot program standardize forms and procedures, given the variety of practices, checklists, etc. that will be shared by participants?

T.B.: As we focus on the standardization of the audit checklists, this also allows the industry to standardize the expectations. One of the functions of Rx-360 audit pilot program is to teach and share, pulling out the essential aspects of an audit and putting that into a “here’s what we need to do” list so that the audit process becomes more cost effective, while maintaining or improving quality in a logical fashion, harmonizing procedures and making the audit process much more transparent and efficient.

PhM: Customers are still bound to have myriad individual requests that fall outside a standardized audit format. How will you address these requests and allow for some customization of audits?

T.B.: I am not looking for one solution to answer all individual requests. I was recently at a local PDA chapter and asked the group if I were to have a Frequently Asked Questions with answers on our web, would that serve as a response to their individual questions? The answer was an emphatic “Yes.”

PhM: Is there hesitancy on the part of pilot participants to an increased level of transparency in their audits? What kind of concerns have you heard from colleagues at Sigma-Aldrich?

T.B.: One of the concerns in the industry is a comfort level in sharing information that could be used in a competitive way. This is a trust issue. I understand the concern but if we step back and look at the real trust issue, it is in our supply chain security. I would like to work with suppliers that are willing to share necessary information and can draw them closer into my business to help collect that data not try to push them aside and shop for price.

About the Author

Paul Thomas | Senior Editor