Accessibility disclaimer: To obtain information contained in document files on this page in an accessible format please contact the Human Subjects Office at (317) 274-8289. Or email the IU Institutional Review Board at firstname.lastname@example.org
Quick guide: Internal audits of human subjects research
IU’s Office of Research Compliance conducts research compliance audits that are internal to the University. Audits are conducted in accordance with the IU Standard Operating Procedures for Auditing Human Subjects Research and are categorized as either for-cause (directed) or not-for-cause (scheduled).
Words to know
- For-cause (directed): Audits requested by an IRB, IRB chair, the director of the Human Research Protection Programs, or the associate vice president of research compliance when circumstances require an on-site record review, generally related to reported or suspected noncompliance.
- Not-for-cause (scheduled): Audits that are part of the IU Human Subjects Research Audit Plan and Schedule. Criteria used to select studies for a not-for-cause audit vary and are approved by the IU IRB Executive Committee semi-annually. Examples of criteria include but are not limited to the following factors:
- Clinical studies opened by a new principal investigator (PI) or an existing clinical study that has been transferred to a new PI.
- The PI holds the Investigational New Drug (IND) or Investigational Device Exemption (IDE).
- Factors indicating study subjects may be at increased risk (i.e. PIs with a high volume of studies, studies with minimal or no external oversight, inclusion of vulnerable populations, past or present subject safety or noncompliance issues, involvement of investigational drugs or devices).
Investigators may request to be on the schedule for a not-for-cause audit to ensure continuing compliance in their research studies by contacting IU’s Quality Improvement Office. Participating in a scheduled audit can provide valuable education for all research staff as well as principal investigators. QIO staff members make every effort to include these requested audits on the schedule, based on current workload and risk assessment.
How it works
- Made approximately 2-4 weeks prior to audit.
- Auditor solicits subject enrollment information.
- Auditor determines scope of audit and materials to be reviewed (typically includes Regulatory Binder, a selection of subject charts, and Investigational Product Accountability Logs).
- On-site audit (typically 1-3 days) and closeout meeting (typically 1 hour at end of last audit day) are scheduled.
- Auditor reviews IRB file to become familiar with the study, including changes to protocol, consent/assent documents, other study materials, and study team over time.
- If IU is not the IRB of record, IRB files will be requested from study team.
- Activities include an introduction meeting, study team interviews as necessary, and review of selected study materials. Scope of audit may expand while auditor is on-site.
- Study team member is not required to be present at all times (periodic check-in only).
- PI is required to attend. Other study team members are encouraged to attend.
- Key findings, appropriate Corrective and Preventive Action Plans, and timeline for report are discussed.
- Attendees are eligible to receive 1 CME credit for this meeting.
- Audit report is completed and sent to PI and study contact by email approximately 1-3 weeks after the closeout meeting.
- Report includes guidance from auditor regarding appropriate and thorough responses.
- PI responses are due 2 weeks following receipt of the audit report.
- Auditor reviews responses and clarifies any remaining issues.
- Auditor provides PI and study team with final audit report and responses.
- PI and study team submit the final audit report and responses through KC-IRB as a Reportable Event.
- PI and study team are notified by HSO if any additional actions are required.
- Upon acceptance of report by the IRB, the audit is closed.
Who to contact
Contact the Quality Improvement Office within the Office of Research Compliance at email@example.com.