GxPinnacle Logo
Skip to content

What Do Inspectors Check for Vendor Qualification Requirements in Pharmacovigilance?

Pharmacovigilance systems must ensure vendors are qualified before performing safety activities. Regulators expect documented vendor selection, risk assessment, due diligence, audit evaluation, and formal approval processes aligned with GVP requirements.

For: Founders, CEOs & MDs·PV Leads·QA/Compliance·Scientists tasked with documentation

Alignment: Global pharmacovigilance principles (ICH-aligned) and inspection practices

Most useful when: Preparing for inspection, setting up a process, or closing a documentation gap

Key points

  • Pharmacovigilance vendors must be formally qualified before performing safety activities, ensuring they have the systems, expertise, and compliance controls required to support regulatory obligations.
  • Qualification must include documented due diligence, risk assessment, and evaluation of vendor capabilities.
  • Vendors must demonstrate compliance with pharmacovigilance regulations, quality systems, and data handling requirements.
  • Qualification decisions must be approved by appropriate functions including PV, QA, and the QPPV.
  • The level of qualification must be proportionate to the risk and criticality of the service provided.
  • Inspection-ready evidence must demonstrate that vendor selection is controlled, justified, and documented.

What inspectors expect

Each point below should be supported by controlled documents and traceable records.

  • Vendors must be qualified before performing pharmacovigilance activities.
  • Qualification must be based on documented due diligence and risk assessment.
  • Vendors must demonstrate capability to comply with regulatory requirements.
  • Qualification decisions must be formally approved.
  • The MAH must retain responsibility for vendor performance.

Summary

Inspectors assess whether pharmacovigilance vendors are formally qualified before engagement. They typically review due diligence, risk assessments, audit outcomes, and approval decisions to confirm that vendors are capable of performing PV activities in compliance with regulatory requirements.

Common questions

These are the questions this page is designed to answer directly.

  • What is vendor qualification in pharmacovigilance?
  • How do you qualify a pharmacovigilance vendor?
  • What do inspectors check for vendor qualification?
  • What is required before outsourcing PV activities?
  • How are vendors assessed in pharmacovigilance?
  • What documentation is required for vendor qualification?
  • How do regulators assess vendor selection?
  • What is a PV vendor qualification process?
  • What is required before signing an SDEA?
  • How do you demonstrate vendor qualification in inspections?

Evidence objects inspectors expect

Vendor Qualification SOP

  • Defined process for vendor identification and qualification
  • Roles and responsibilities for PV, QA, and Procurement
  • Risk-based qualification approach
  • Approval and documentation requirements

Vendor Assessment Questionnaire

  • Evaluation of vendor PV processes and experience
  • Assessment of quality management system
  • Review of regulatory inspection history
  • Evaluation of data security and system validation

Risk Assessment Documentation

  • Risk classification (high, medium, low)
  • Assessment of service criticality
  • Evaluation of regulatory impact
  • Documented justification of risk level

Pre-Qualification Audit Evidence

  • Audit reports for medium or high-risk vendors
  • Assessment of PV processes and systems
  • Identification of gaps or compliance risks
  • Audit conclusions supporting qualification decision

Vendor Qualification Report and Approval

  • Summary of vendor strengths and weaknesses
  • Decision to approve, conditionally approve, or reject vendor
  • QA review and approval
  • QPPV or delegated approval of vendor

Approved Vendor List

  • List of qualified PV vendors
  • Defined services provided by each vendor
  • Risk classification and status
  • Approval and review dates

Regulatory Basis (Primary Sources)

  • GVP Module I – MAH responsibility for pharmacovigilance systems and oversight of third parties
  • GVP Module VI – requirements for ensuring compliant handling of safety data
  • ICH E2D – post-approval safety data management and vendor responsibilities
  • MHRA GPvP guidance – expectations for vendor qualification and oversight
  • FDA pharmacovigilance guidance – responsibility for compliance when outsourcing activities

Typical Inspection Questions (What Inspectors Ask)

  • How did you qualify this vendor?
  • What risk assessment was performed before engagement?
  • Show me your vendor qualification documentation.
  • Did you audit this vendor before approval?
  • Who approved the vendor and on what basis?

Failure patterns

Vendors are engaged without formal qualification.

Risk assessments are incomplete or not documented.

Vendor capabilities are assumed rather than verified.

Audit requirements are not applied for high-risk vendors.

Qualification decisions are not formally approved or justified.

What good looks like

  • Structured and documented vendor qualification process.
  • Clear risk-based approach to vendor assessment.
  • Evidence of vendor capability and regulatory compliance.
  • Audit performed where required and findings addressed.
  • Formal approval and documentation of qualification decisions.

Operationalisation

  • Define a structured vendor qualification process within the PV SOP.
  • Use standardised questionnaires to assess vendor capabilities.
  • Perform risk assessments based on service criticality.
  • Conduct audits for medium and high-risk vendors.
  • Document qualification decisions and approvals.
  • Maintain an up-to-date approved vendor list.

Need regulatory documentation today?

Save time and reduce inspection risk with structured, pre-built process-ready documentation.
Created by industry professionals, adaptable to your organisation.

Related pre-built documentation inside the app

Get AccessLog In

FAQ

What is vendor qualification in pharmacovigilance?

Vendor qualification is the process of assessing and approving a third-party provider to ensure they can perform pharmacovigilance activities in compliance with regulatory requirements.

What checks are performed before approving a pharmacovigilance vendor?

Checks typically include review of the vendor’s quality system, pharmacovigilance processes, regulatory inspection history, data security controls, personnel qualifications, and risk assessment, supported by questionnaire responses and audit where required.

When must a vendor be qualified?

A vendor must be qualified before performing any pharmacovigilance activities or handling safety data on behalf of the MAH.

What is included in vendor qualification?

Vendor qualification includes due diligence, risk assessment, review of processes and systems, audit where required, and formal approval.

Do inspectors review vendor qualification processes?

Yes. Inspectors frequently review vendor qualification documentation to confirm that vendors are assessed and approved appropriately.

Is an audit always required for vendor qualification?

Audits are typically required for medium and high-risk vendors, while low-risk vendors may be qualified through documentation and assessment alone.

Who approves vendor qualification in pharmacovigilance?

Vendor qualification is typically approved by PV Operations, Quality Assurance, and the QPPV or delegated authority.

Sources

Primary guidance used to inform this map. This page is a structured interpretation layer; always validate against the original source documents.

European Medicines Agency (EMA)

  • Guideline on good pharmacovigilance practices (GVP) – Module I
    View source
  • Guideline on good pharmacovigilance practices (GVP) – Module VI
    View source

FDA

ICH

MHRA