Developing an Internal Quality Assurance (QA) Program Guidance

Every study should have internal QA processes and procedures in place to ensure compliance with the research plan and subject safety while efficiently collecting high quality data. For the purposes of this document, the research plan includes the protocol, the consent form(s), the IRB application, data collection forms and other study instruments, instructions (e.g., standard operating procedures, manual of procedures) and any corresponding grants/contracts.

Prior to implementing an Internal QA Program, you should follow the steps outlined in the Preventing Noncompliance Guidance .

An internal QA program provides for a periodic and systematic examination of compliance with the research plan. As described below, an internal QA program should include both Self-Auditing and Continuous Improvement. An internal QA program could be implemented by a study team, the research program, and/or the department (referred to as unit henceforth). Internal QA does not include monitoring conducted by federal regulatory agencies, institutional monitoring units, sponsors or Contract Research Organizations (CROs).


Self-auditing processes provide an additional level of confidence that all activities are being conducted in a compliant manner and a mechanism to discover processes that are susceptible to error. A written self-audit plan should identify who will conduct the audits, which studies will be reviewed, the focus areas, the tools that will be used, how the results will be shared, and how any findings that suggest a need for correction will be addressed.

Self-auditing could be performed by members of theunit under which the study is being conducted. There are benefits and limitations of each. The more distant someone is from the conduct of the daily activities, the more objective review that person may be able to provide; however, the more removed a person is from the study, the more effort that may be required for that person to become familiar with the study.

When designing a self-auditing program prioritize the studies and areas that present the greatest potential risks. Focus first on those risks that could have the most significant impact on subject safety or data integrity and that are more likely to occur. Identifying these risks will allow prioritization between studies, especially for research teams with larger study portfolios. Studies that have more of the below characteristics should be given priority over studies that have fewer or none of the below characteristics:

  • FDA Regulated 
    • UW-Madison held Investigational New Drug (IND)/Investigational Device Exemptions (IDE) should be prioritized over other FDA regulated studies including those using IDE exempt devices and externally held INDs.
  • Not externally monitored
  • High level of complexity (study design and/or procedures)
  • Less experienced study team members

These same factors should inform the frequency, focus (e.g., review of regulatory files, subject records, drug accountability records) and the extent (e.g., number of subjects) of reviews for each study.

Once you have identified those studiesthat you will review first, you may also need to prioritize the items to review within a given study. The specific prioritization will depend on the risk level and design of the study.

  1. Any items related to subject safety (e.g., safety related eligibility criteria or study procedures) should be given highest priority.
  2. Items related to core human subjects protection requirements (e.g., informed consent and protocol compliance) should be given second highest priority.
  3. Lower priority should be given to investigational product accountability, adverse event management, and other similar items.

Self-audit tools are available through the Post-Approval Monitoring and FDA Regulated Research Programs. However, further customization or additional tools may be needed based on the nature of your study.

Continuous Improvement:

The results of all self-audits and other assessments (e.g. regular conversations with study teams and subject feedback) should be used to make continuous improvements. The continuous improvement process is very similar to the process of developing a Corrective and Preventative Action Plan.

  1. The first step in making continuous improvements is to organize the results of these assessments in a way that allows for the identification of trends. Assembling the results in a short written report is recommended.
  2. The next step is creating and utilizing a process that allows individuals who can make changes in study conduct to review the report. This review process is most effective when it is collaborative and involves study team members with different perspectives on study conduct. Having regularly scheduled study team meetings focused on continuous improvement is recommended.
  3. The goal of these study team meetings should be to identify deficiencies and/or improvements that can be made based upon the review of the results. Deficiencies should be fully analyzed and improvements developed using the process identified in the Investigating the Cause of Noncompliance and Implementing Corrective and Preventive Action (CAPA) Plans Guidance.
  4. Finally, improvements need to be monitored to ensure that they are having their intended effect. If they are not, this process should be restarted.

UW-Madison Resources:

*External IRBs have different noncompliance requirements. If your study was reviewed by another IRB, please follow their noncompliance requirements.

KeywordsQA, quality assurance, improvement   Doc ID69554
OwnerTravis D.GroupVCRGE and Graduate School
Created2016-12-16 15:39:50Updated2021-08-09 10:47:56
SitesVCRGE and Graduate School
Feedback  1   0