In this interview, NewsMed talks to Bettina Kaplan about how proactive leadership sets the tone for inspection readiness across all levels of an organization.
Could you explain what “inspection readiness as a mindset” means to you, and why it is critical in today’s regulatory environment?
Inspection readiness, to me, is a sustained state of an organization—assuring that one's organization is always prepared for a visit from any agency, health authority, or regulatory body.
This includes confirming all documents are current, site is following proper (applicable and effective) procedures and working in a way that mirrors what you’d want an inspector to see every day, not just during audits.
Everyone should be questioning whether these items are in place on a daily basis. Quality should be a mindset for the entire organization: “Am I doing this correctly? Is this what is required? Am I cutting corners, or am I doing the work in full so that it is always retrievable?”
Documents should be thorough and complete, so that when someone reviews them, no further explanation is needed. The work should be clear to anyone, not just to someone with specific background and knowledge. Everything should be easy to understand and readiness should be embedded in the daily mindset not only in quality, but throughout the whole organization from top to bottom.
Many companies focus on mock inspections as a major milestone. How can organizations shift from episodic readiness events to a state of continual preparedness?
Mock inspections often trigger a last-minute scramble to get everything in order, but is that rush reflective of your day-to-day operations or only how things look when an inspection is on the horizon?
Instead of treating inspection preparation as a one-off event, readiness should be embedded in your systems and processes. When readiness is built into your daily operations, mock inspections become just another check-in and not a crisis.
How do SOPs evolve as an organization matures, and how do they support a readiness culture?
SOPs should be phase-appropriate, meaning they should align with the current phase or state of the organization. If you are being inspected, do your SOPs reflect where you are in development? Are you in pre-commercial or commercial stages? Are your SOPs appropriate for Phase I, Phase II, or Phase III?
If you are moving into commercial operations, your SOPs should already be commercial-ready. The goal is to stay one step ahead so that the work you are doing is compliant with the requirements of the next phase.
What role does proactive training play in fostering a culture of compliance, and how can teams ensure that training translates into everyday behavior?
Proactive training is fundamental to a strong culture of compliance. At a basic level, organizations need to ask: Has everyone completed the training required for their role? Are the right, qualified people in place? And are they trained not just on their specific tasks, but also in the broader responsibilities tied to their function?
That means going beyond job-specific instruction. Teams need comprehensive training that covers regulatory compliance, such as GMP, good documentation practices (GDocP), good distribution practices (GDP), and other relevant GxP areas. This training should be tailored to each group’s responsibilities, ensuring it’s both relevant and actionable.
But effective training doesn’t stop with content delivery. It also includes preparing people for real-world scenarios, including inspections. When employees know what's expected of them during an inspection and feel confident in how to engage, that’s a direct result of well-designed training.
Consistency is key. It’s important to maintain oversight across the board, whether for employees, consultants, or contractors. And there should be a process in place for ongoing, on-the-job evaluations. How is the training translating into daily performance? Are there recurring issues? Has someone been involved in a deviation or investigation that may point to a gap in training?
By regularly reviewing performance and addressing potential gaps early, teams can ensure that training isn’t just a checkbox—it becomes a continuous tool for reinforcing compliance in everyday operations.
How can leadership influence and reinforce a mindset of continuous inspection readiness throughout all levels of an organization?
Leadership should lead by example. They should demonstrate that they are also fully trained, that they are not behind on any requirements, and that they are inspection-ready as well. Anything in their domain that might be subject to review should also be in a ready state.
Leadership should also hold meetings to review what an inspection might cover and assess whether there are any areas where the organization may be at risk. If there are, they should work directly with the relevant groups and take ownership alongside them. This builds shared accountability and reinforces a culture where readiness is part of everyday expectations.
Image Credits: Design Space InPharmatics LLC
What are some of the most common pitfalls companies encounter when treating inspection readiness as a moment, rather than a mindset?
One common pitfall is the assumption that conducting a mock inspection—and finding no issues—means everything is fine. That is just a snapshot, a moment in time. Organizations must constantly evaluate and reassess.
One key practice is to conduct internal audits regularly. These should be independent of the department being audited to ensure an objective perspective. Internal audits differ from mock inspections in that they typically span multiple days and may involve more open sharing within the organization. A mock inspection is often treated more like a formal regulatory visit.
The problem with treating inspection readiness as an isolated event is that it fails to embed that mindset across the organization. To prevent this, companies should conduct regular meetings and track metrics that promote ongoing compliance. For example: How is training progressing? Are there outstanding deviations? Are CAPAs being addressed? Were the CAPAs adequate and effective? Are documents approved and uploaded within required timeframes? Are they complete? Could someone review them immediately without issue, or are things falling behind?
In terms of vendor and contractor oversight, what practices have you seen work well in embedding inspection readiness across external partners?
We establish quality agreements with our vendors and contractors that define the oversight requirements. As part of that oversight, we conduct site audits and review their documentation to ensure it meets the standards required for a regulatory inspection, at least for the work they perform on our behalf.
While we cannot guarantee that all aspects of their operations are fully compliant, we can ensure that the work they do for us meets expectations. We should review deviations, change controls, batch records, and product releases. We cannot rely solely on the vendors and contractors; we must remain actively involved as partners.
For example, I work extensively with CMOs. It has been my practice that I or one of my teams members personally review all batch records, oversee product release, and examine major and critical deviations. Even minor changes are reviewed to monitor trends. If we notice something recurring, we raise it with the CMO and request investigation—saying, for instance, "We are seeing a trend here. Please look into it." We are also fully involved in the change control processes. CMOs should not implement changes unilaterally.
Mock inspections are still widely used—how can they be reimagined or integrated into a broader culture of quality, rather than treated as a one-off exercise?
As I mentioned earlier, mock inspections should be conducted more frequently and in smaller, focused segments.
Mock inspections should be considered an extension of internal audits. Depending on the number of products or business areas, you can conduct localized mock inspections, focused on specific areas. This approach helps identify and resolve issues in a targeted way and integrates inspection readiness into everyday operations.
Data integrity is a recurring regulatory focus. What processes can be implemented early to ensure data is consistently inspection-ready across systems and teams?
Data integrity is essential. Every system in use should be configured to eliminate the risk of data manipulation. The data must remain valid, and it should not be possible to alter data improperly. When data is extracted, it must be done in a way that preserves its integrity and supports accurate reporting.
Even in validated systems, data should be reviewed to ensure no errors were introduced, such as through incorrect inputs or settings. Although a system may be validated, human error can still occur, which is why second-person verification remains crucial.
Data drives all our work. It’s foundational, and its accuracy must be continuously verified through regular review.
How can regular internal audits and management reviews support continuous improvement and inspection readiness at the same time?
As mentioned earlier, internal audits are a key tool for identifying areas that need improvement. The findings from these audits, along with other key performance indicators, should feed into management reviews.
Management needs clear visibility into what’s working and what isn’t, whether it’s a lack of resources, outdated systems, or process gaps. Once issues are identified, corrective actions should follow, whether triggered directly by the audits or surfaced during the management review process.
This ongoing cycle not only drives continuous improvement but also helps maintain a steady state of inspection readiness.
How do you approach building a QMS from the ground up that is inspection-ready from day one, particularly in early-phase development?
You want your systems to be phase-appropriate. At Phase I, certain elements are required, and you need to ensure that you have all of those in place as a minimum. As you move into Phase II, you should evaluate whether anything additional is needed—whether there are gaps to fill or improvements to make. It is also worth considering whether certain systems or elements can be implemented during Phase I that will support Phase II readiness.
The same applies when transitioning from Phase II to Phase III. I always try to stay slightly ahead, implementing elements early to enable them to support smoother transitions later.
How should organizations balance the need for simplicity and scalability in their QMS without under-preparing for regulatory scrutiny?
One principle I always emphasize is to "keep it simple." When you create systems, they must be easily executable. Procedures should be written in a way that anyone—regardless of prior experience—can follow them.
Whether it is deviations, CAPAs, or change controls, your QMS systems must not only meet requirements but also be clear and straightforward. If you bring a new person on board, they should be able to follow the procedure without confusion. There should be no ambiguity or room for misinterpretation.
Clarity and conciseness are critical. If you are consistently following your procedures and processes, then you should naturally remain inspection-ready.
What advice would you give to small or emerging biopharma companies that may feel overwhelmed by the concept of perpetual readiness?
If small companies feel overwhelmed, they should know that there are always consultants available to help. I have worked with many small startups and supported them in setting up their QMS for Phases I, II, and III in a way that suits their specific needs.
The key point is that systems and procedures must be tailored to the organization’s size and stage. Large-company procedures will not work for a small company, and vice versa. The QMS has to be written to reflect the organization’s structure, resources, and current phase.
That said, larger companies tend to have more systems in place because of their broader experience and resources. Smaller companies, especially if they attempt to manage everything internally without assistance, often miss key elements, not due to negligence, but because of limited capacity.
That is why I recommend seeking external help. Bringing in a consultant or partnering with an experienced organization can ensure coverage of all critical areas. Understanding what is required at each stage is the most effective way to maintain readiness throughout the development process and into commercial production.
How do you envision the future of inspection readiness evolving, particularly with increasing digitalization and remote audits?
I believe remote audits are going to change significantly. Inspectors may request deeper access to your systems. They will likely want to explore your systems directly, reviewing documents, extracting data, and conducting a more thorough review remotely.
These audits might become longer and could involve increased use of cameras to view specific areas. A virtual audit based only on documentation does not give a complete picture. To truly understand what is happening in a facility, inspectors need to see operations in action.
Personally, I expect that auditors may request something like a GoPro or similar device to conduct a live walkthrough of the facility. That kind of real-time visibility is critical for remote inspections.
Just like with in-person inspections, remote audits are still a snapshot in time. Often, facilities are temporarily improved or “dressed up” for the inspection. That is why unannounced inspections are more effective; they reflect the organization’s true state.
This is why continuous inspection readiness is so important. In the United States (US), for instance, the FDA can arrive without advance notice, and I believe Europe is beginning to follow that model as well. I have heard that US regulators are already conducting drop-in inspections. That is when problems arise because organizations are not always prepared.
If you are always inspection-ready, then you will be prepared for anyone who walks through the door, at any time.
About Bettina Kaplan
Bettina Kaplan is a seasoned Pharmaceutical Quality Assurance and Compliance professional with a BS in Chemistry from Steven's Institute of Technology and various industry certifications in Quality Assurance and Compliance Practices. Bettina has over 30 years of experience in Quality Control, Quality Assurance (R & D, Manufacturing, Quality Systems, Supplier Management, Quality Management and Corporate Quality) and Compliance with expertise in remediating and building robust and effective Quality Systems that are fit for the organization's size and scope.
About Design Space InPharmatics LLC
DSI provides regulatory, technical, and project management consulting services to healthcare product companies that manufacture and/or market pharmaceuticals, biopharmaceuticals, and cellular and gene therapy products.
Since 2007 we have provided our clients with innovative strategies and exceptional quality work products intended to enhance product development, approval, and marketing presence.
Whether advocating CMC strategy, directing CMC operations, or developing CMC submission content that represents the best interests of emerging biotech, we focus on the critical CMC issues and build programs that enhance development.
ProductLife Group (PLG) Acquires Halloran