Inspection Preparation With a Risk-Based Approach Consistent with ICH E6 (R2) Requirements

Posted in Risk Mitigation

The Avoca Group recently conducted a webinar about strategies for inspections using a risk-based approach as outlined in ICH E6 (R2). Audience members submitted many questions focused on the Trial Master File (TMF). This blog summarizes the most frequent inquiries from the webinar related to TMFs and offers our responses.

TMF Regulatory Requirements

Because of The Avoca Group’s extensive experience consulting for inspections/audits and the Avoca Quality Consortium® (AQC) Member companies’ input regarding their experiences with inspections/audits, The Avoca Group is able to provide unprecedented insight into the expectations of regulatory agencies. Based on these experiences and case studies, we’ve determined that inspectors often check that the TMF is complete, can be accessed directly, has audit trails to ensure record/data integrity, and contains original/certified copies of the documents.

Before addressing some of the questions for each of these inspection points that were asked during the webinar, it’s worthwhile revisiting some of the key principles from regulatory agencies.

EMA’s Good Clinical Practice Inspectors Working Group (GCP IWG) DRAFT Guideline on GCP compliance states “A TMF is the collection of essential documents that facilitates the conduct and management of the clinical trial and allows that the integrity of the trial data and the compliance of the trial with GCP can be evaluated.” According to Article 57 of the regulation, the essential documents are “those pertaining to the trial which allow verification of the conduct of the trial and the quality of the data generated.” Therefore, documents that are generated from following the systems and procedures that assure the quality of every aspect of the trial are considered essential documents.1

The FDA’s Draft Guidance to Industry Data Integrity Compliance with cGMP states that “data integrity refers to the completeness, consistency, and accuracy of data. Complete, consistent, and accurate data should be attributable, legible, contemporaneously recorded, original or a true copy, and accurate (ALCOA).”2

According to the WHO’s Guidance on Good Data and Record Management Practices, “The audit trail is a form of metadata that contains information associated with actions that relate to the creation, modification or deletion of GXP records … creation, additions, deletions or alterations of information in a record, either paper or electronic, without obscuring or overwriting the original record. An audit trail facilitates the reconstruction of the history of such events relating to the record regardless of its medium, including the “who, what, when and why” of the action.”3

Therefore, the inspections around the TMF stem from the need to ensure that good practice is being followed to ensure the integrity of the data from which decisions regarding new drugs/devices are being made.

Completeness – Hybrid TMFs

According to the regulatory agencies, the TMF needs to provide all essential documents relevant to the clinical trial.

When the eTMF is a hybrid model (paper/electronic), the MHRA and EMA specifically have a strong preference to directly access eTMFs for inspection purposes. If a sponsor TMF is paper and the CRO TMF is electronic, then the sponsor is accountable for the entirety of all documents that support the conduct of the clinical trial, patient safety, and data integrity. The sponsor’s quality management system (QMS) should clearly articulate how the paper-based TMF and eTMF operate together to complete the TMF. Additionally, the contract or other document or procedure agreed between all parties should outline the arrangements for the TMF (which should include how the TMF would be made available if either party were to be inspected).

The TMF should include emails that contain relevant and important information about the clinical trial conduct; decisions that affect patient safety, data integrity, or key risks for the trial; and any documentation of actions taken for these items. However, having said this, best practice is not to document these items within emails, but rather to document them in actual team or study documents such as meeting minutes, trip reports, monitoring reports, or analysis reports.

One attendee reported experience with two MHRA inspections with different companies, during which the MHRA had a focus on data flows, data integrity, and awareness of the MHRA data integrity guidance. In our experience, although data flows are highly recommended, they vary widely among sponsors, studies, etc. It is important that the diagram include all data from the source (including sites, external vendors) to the generation of the tables/listings and any other format that goes into the CSR.


The MHRA and EMA expect that the eTMF will be straightforward in terms of use – not requiring extensive training for the inspector. They request direct access to it with minimal orientation.

Regarding access to data records, guided access is acceptable for certain data records within an esystem in addition to direct access to the TMF system. For example, we were asked during the webinar specifically about safety data – it is acceptable to reference in your TMF index the location of source safety data and direct an inspector to the Safety Database as the central repository for safety data. Other examples include audit trails and eCRF and CTMS. This is due to the technical nature of some of these systems, which might contain data rather than documents.

Audit Trails for Record/Data Integrity

How inspectors want to view the TMF’s audit trail differs by regulatory agency – whether it be the system’s back-end or an export of the audit trail. Certainly, the MHRA is known to request access to the TMF metadata, including the audit trail. If/where there is a particular reason why access to system back-end is not available, provision of exported audit trail can be negotiated, provided it is reliable (i.e., from a validated system).

The Avoca Group has many industry-leading oversight tools, and audits have been performed of these tools in practice, which have been found acceptable. A case study was presented by Alexion during the 2015 Avoca Quality Consortium Fall Members’ meeting regarding an agency inspection of their pharmacovigilance QMS. They had used Avoca leading practices. Upon completion of the inspection, the inspector indicated that it was the most effective management system he had seen. This case study is available to all AQC Members in the AQC online Knowledge Center. Other examples are available upon request.


Original/Certified Copies of Documents

Finally, we received multiple questions about document certification. Per EMA/15975/2016 definition (aligned with ICH), a certified copy is a paper or electronic copy of the original record that has been manually verified (e.g., by a dated signature) or has been generated through a validated process to produce a copy with the exact content and meaning of the original.

The best practice for certifying a document in an eTMF is to have a well-defined process in place that includes qualified individuals who are assigned to generate a copy, verifying (certifying) that it is identical to the original and signing for accuracy or have a procedure that documents the validated electronic process for generating the copy. There must also be internal organizational audit verification that copies are consistent with originals.

Regarding which TMF content requires a certified copy, the general principle is that original documents that are required for the TMF (e.g., ICH essential documents and/or other documents that are pertinent to the study) need to be transferred to an electronic format for eTMF filing. The transfer process should be validated and undergo regular quality control checks to ensure that the information will not be lost or altered. Whether the original hard-copy documents are kept by the CRO once they are uploaded into the eTMF depends on the risk level acceptable to the CRO and sponsor. In concept, once a document has been certified via a validated and documented approach, paper copies may be destroyed. Section 5.2 “Destruction of original paper after digitization” of the Draft EMA Guideline outlines several relevant points for consideration when making this risk-based decision.2

In the common scenario where the site process is to retain original (wet ink-signed) essential docs and they do not have a process to send in certified copies for filing in the eTMF, sites either send copies to the monitoring organization, post a scanned copy of the original in the eTMF, or have them collected by site monitors for filing in the TMF/eTMF. Since the site will have the original documents in the Investigator Site File that are verified by the site monitor, it is not typically expected that a certified copy process is implemented [since the original record remains available in the ISF (TMF)].

View and download the Webinar on which this blog is based. >>

Because this post was guided by the questions asked during our webinar, it touches only on a segment of all the considerations for the TMF. For additional information about any of these topics, the guidance documents issued by the regulatory agencies1-4 provide their expectations for the majority of scenarios. Of course, we at The Avoca Group are available to provide our perspectives based on our experience and those of the AQC Member companies. For more information about our Consulting services, click here.

  1. EMA: EMA/15975/2016, Good Clinical Practice Inspectors Working Group (GCP IWG), DRAFT Guideline on GCP compliance in relation to trial master file (paper and/or electronic) for content, management, archiving, audit and inspection of clinical trials, March 31, 2017:
  2. FDA: DRAFT Guidance for Industry Data Integrity Compliance with cGMP, April 2016:
  3. WHO: Guidance on Good data and Record Management Practices, Annex 5, September 2015:
  4. MHRA: GxP Data Integrity Guide, March 2018:

The Avoca Group’s Consulting Services for Inspection Readiness provide full management through point-of-need support for inspections. Learn more >>