What Monitoring, Governance, and Auditing Really Mean

Have You Used These Terms Before: Monitoring, Governance, Auditing?

• Are they the same?
• Are they different?
• Are they related in some cryptic way, but you find it difficult to explain?
• Can anyone execute them?
• Do they require different skill sets?

Understanding the differences between these roles is essential for professionals working in regulated environments, such as Pharma, BioPharma, and the medical device industry. Let’s break it down here. It may result in your firm continuously improving your own QMS!

1. Monitoring vs. Governance

Monitoring is typically the tactical day-to-day oversight of a process. It ensures that processes-like manufacturing, documentation, and data handling-adhere to established standards, boundaries, or defined criteria. The formality of monitoring may vary based upon risk.

Governance, on the other hand, is strategic oversight. It involves setting policies, defining critical standards or processes, and ensuring accountability across the organization. Governance aligns operations with regulatory expectations and corporate goals. Governance may be less operational and more defined by outputs of multiple processes.

An example of this difference is in data governance. One may monitor a singular process such as a site’s method to identify and verify when a true copy is made. Conversely, a company may govern a suite of DI processes for a large third-party vendor. In essence, the third-party company is left to monitor singular processes, but the contract giver is left to ensure that the suite of processes has oversight, appropriate escalation, and a formal feedback process in place.

So, can anyone perform this? The answer to this question will vary based on an organization’s setup, but below are a sample of skills to be considered prior to assigning the responsibility:

• Monitoring Professionals need skills such as:
  • Attention to detail
  • Technical knowledge of SOPs and compliance systems
  • Analytical thinking
• Governance Leaders require skills such as:
  • Strategic decision-making
  • Risk management expertise
  • Regulatory knowledge
  • Strong communication and leadership skills

2. Monitoring vs. Auditing

While monitoring is continuous, auditing is periodic and formal. Audits assess whether systems and processes comply with internal policies and procedures or external regulations. They may be conducted internally or by regulatory bodies like the FDA. Typically, auditing is performed internally by QA or other groups with demonstrated independence. A key concept is that monitoring is preventive – it catches issues early. Auditing is evaluative – it validates the effectiveness of controls and their status of in place and in use. Actions resulting from audits are typically corrective and preventive (i.e. CAPA).

A short list of skill sets to help execute these activities is as follows:

• Monitoring Roles require skill in:
  • Process knowledge
  • Real-time problem-solving
  • Operational awareness
• Auditor skills require capability in:
  • Objectivity and independence
  • Certification is common (e.g. GMP auditor)
  • Strong documentation and reporting skills
  • Ability to assess systems holistically

Why define the differences?

Each activity plays a vital role in maintaining product quality and patient safety with different defined outputs:

• Monitoring keeps operations on track.
• Governance ensures the organization is doing the right things.
• Auditing confirms that monitoring and governance are effective.

What, by whom, and when can now be defined in policies and procedures that make up a company’s QMS. However, understanding the difference can assist in clarity and reducing complexity thus increasing compliance. Need help with this? Contact Lachman Consultants at LCS@LachmanConsultants.com to help optimize your QMS on your journey to excellence.