Audit Trail Review: practical step-by-step guide for QC and Manufacturing

Audit Trail Review: step-by-step operational method

Introduction

Audit Trail Review requires method, expertise and a solid understanding of GxP systems.
This guide provides a structured workflow for reviewing audit trails from HPLC/GC, LIMS, MES, SCADA and batch systems, turning the process into an efficient, audit-ready routine.

🔧 Step-by-step guide

1. Identify the relevant audit trails

Classify the system’s audit trails into:

  • critical data
  • non-critical data
  • configuration / user management

According to the guide, this classification must already be defined during URS and system validation.

2. Filter the critical events to be reviewed

For QC (HPLC/GC):

  • chromatogram reprocessing
  • manual integrations
  • data exclusions
  • modifications to methods or sequences

For LIMS:

  • changes to results
  • status changes (review, approval)
  • deleted tests

For Manufacturing:

  • changes to CPP parameters
  • alarms and operator responses
  • steps repeated or cancelled
  • manual overrides in SCADA/PLC

3. Analyse anomalies

Assess whether the event is:

  • covered by procedure
  • justified and documented
  • consistent with timestamps, roles and electronic signature
  • requiring deviation, OOS, investigation or change control

4. Document the review

  • electronic comments (e.g. “Audit Trail Reviewed”)
  • electronic signature on the dataset
  • summary report filtered on relevant events

⚠️ Watch out for…

  • inconsistent timestamps → possible system clock manipulation
  • “Admin” user modifying data → critical violation of Attributable
  • repeated reprocessing → potential attempt to force results
  • missing signatures → failure to follow process steps

Common mistakes and operational solutions

Mistake: printing thousands of unfiltered log lines
Solution: filter only “significant changes”, as recommended in CDS guidance.

Mistake: considering ATR an IT activity
Solution: QC and Manufacturing must perform the review; QA validates and oversees.

Mistake: missing justification for changes
Solution: make the “Reason for Change” field mandatory.

📦 Short checklist

  • critical audit trails identified
  • filters applied for significant events
  • reprocessing / changes / deletions verified
  • consistency of roles and electronic signatures checked
  • alarms and operator actions correctly assessed
  • review properly recorded

Realistic scenario

During an HPLC analysis, the audit trail shows five consecutive reprocessings of the same chromatogram.
The review checks:

  • missing justifications
  • minimal differences between versions
  • no deviation opened

→ The review identifies a potential attempt to alter the results. QA opens an investigation.

Conclusion

An effective Audit Trail Review requires method, smart filtering and critical interpretation. Explore the full guide on GuideGxP.com.

Back to blog

Looking for something specific?

DISCOVER THE FULL GXP CATALOG