Designing Analytical Methods for Long-Term Audit Readiness

Audit readiness isn’t a last-minute activity triggered by validation or inspection. It’s established much earlier, at method design, through the scientific understanding, risk-based control, and documentation needed to demonstrate that a method is fit for purpose and capable of performing consistently over time. If those elements aren’t built in from the outset, gaps are likely to emerge later, during robustness assessment, method transfer, routine use, or in the form of out-of-specification (OOS) or out-of-trend (OOT) results and decisions that are difficult to defend.

That’s the real shift in the regulatory conversation. The old mindset treated validation as a staged event. You completed the studies, wrote the report, and called the method validated. That isn’t how it’s viewed anymore.

As regulatory expert Peter Baker (Live Oak Quality Assurance LLC) noted in a recent webinar series, “We really have to change the way we define validation.”¹

The expectation now is much closer to lifecycle thinking.^2,3 A method isn’t considered strong simply because it passed a validation protocol years ago. It has to continue delivering accurate, complete, and defensible data over time. That starts upstream, in development.

What are regulators really concerned about?

If you strip the language back, the concern is actually very simple. Can you trust the data? More specifically, is the data accurate, and is it complete? Those are the two questions that matter most.

Peter Baker captured that point directly when he said that “accuracy and completeness are the two factors that FDA is really looking for.”¹ Everything else, including controls, procedures, documentation, audit trails, assessments, validation studies, is there to support those two questions. If method design doesn’t support accuracy and completeness, then the rest of the package is weaker than people think.

That’s why method design matters so much. Accuracy isn’t protected just by choosing a detector or writing a sample preparation SOP. It depends on the full analytical workflow, including sample preparation, instrument conditions, data handling, analyst interaction, procedural controls, and the way variability enters the process. If those things aren’t thought through during development, then parts of method performance are being left to chance. From a regulatory standpoint, that’s a weak position to defend.

Robustness isn’t something you add at the end

This is where a lot of organizations still get into trouble. Robustness is often treated as something you confirm near the end of development, almost as a final checkbox before validation. That’s too late if the method was never built on a solid understanding of variability in the first place. If you want a method to stand up over time, you need to understand what could make it drift, what could make it fail, and what could cause it to behave differently across analysts, instruments, materials, or sites.

This work belongs in development, and if it’s not done early, it usually has to be done later—while under pressure. You start seeing signals: precision drift, unexpected system suitability failures, repeat investigations, or borderline results. That’s exactly the situation regulators don’t want to see. If variability was understood earlier, many of those downstream questions become easier to answer, and some of them never come up at all.

Better method design starts with understanding variability

So, what does better design look like? It starts with practical questions:

• Where can variability enter this procedure?
• Where are the manual steps?
• Where are the sensitive conditions?
• Where could sample preparation go wrong?
• Where could chromatographic behavior change?
• Where might hardware, software, documentation, or human interaction influence the result?

Asking these questions early and adopting a structured, risk-based development approach is vital to understanding where variability can arise, which factors are most likely to affect method performance, and how the procedure can be designed and controlled to support reliable performance across its lifecycle, in line with the principles of ICH Q14 and USP <1220>.^2-4

This means mapping the workflow, identifying the factors that can influence the reportable result, and evaluating which of those factors are most likely to matter.⁴ The method can then be designed either to control those factors or to build a scientific understanding of their impact. That’s how the discussion moves from “the method seems to work” to “we understand why it works, and where it is vulnerable”. Those are very different positions when a method has to be defended under audit scrutiny.

A trial-and-error approach isn’t enough anymore

A lot of methods are still developed with a “one factor at a time” mindset. You adjust something, see if it looks better, adjust something else, and see if it improves again. That may get you to a usable method, but it often leaves a limited understanding of how the variables interact and where the real edges of performance are. The real problem is that you can end up with a method that looks acceptable under one set of conditions but is much less well-understood than people assume.

That matters later. When a method change or adjustment is needed, the question is not just whether the change can be made. The question is whether it can be justified scientifically. If the development work didn’t generate enough knowledge, that becomes much harder. You’re left with assumptions, opinions, and incomplete rationale, and those don’t hold up well in inspections. A systematic development approach makes that justification much easier.²

The real goal is methods that are defensible by design

One of the biggest benefits of strong development is that it reduces ambiguity later. When variability appears, you are in a much better position to ask the right question: Is this coming from the method, the sample, or the process?

Without that foundation, organizations often spend time chasing the wrong root cause. They tweak the method when the real issue is upstream. They retrain analysts when the real issue is design related. They treat repeated signals as isolated events instead of seeing them as signs of a broader weakness in the method.

The takeaway is straightforward. If you want methods that stand up to audit scrutiny, don’t treat audit-readiness as something you add later. Build it into the design.^2,3 Build in the understanding of variability. Build in the scientific rationale. Build in the control strategy.^2-4 Build in enough knowledge that, when questions come later, you aren’t guessing—you are explaining.

How can Waters help you?

Waters supports a more structured, risk-based approach by combining instrumentation, scalable chemistries, integrated informatics, and expert services to help laboratories design workflows that are scientifically justified, traceable, and defensible from the start.⁵

Waters positions this approach around lifecycle-oriented analytical design, aligned with ICH Q9 and ICH Q14, so teams can make better risk-based decisions, strengthen control, and support consistent method performance over time. Professional Services, Software Compliance Services, Instrument Qualification Services, and Analytical Services can then help labs deploy, validate, qualify, transfer, and maintain those approaches in a way that supports inspection-readiness across the method lifecycle.

In the end, that’s what strong method development should deliver: not just a passed validation study, but a method that’s robust, controlled, and scientifically defensible across its lifecycle. From a regulatory perspective, that’s what long term audit readiness really looks like.

Special thanks to Peter Baker, President, Live Oak Quality Assurance LLC, for generously sharing the regulatory insights and practical perspectives from the webinar series that informed this article.

To hear Peter Baker’s perspectives on Managing Method Variability in full, watch the webinar series.

References

1. Baker, P. (2025). Webinar series Managing Method Variability: A Foundation for Risk-Based Change.

2. International Council for Harmonisation. (2023). ICH harmonised guideline Q14: Analytical procedure development. Adopted 1 November 2023.

3. United States Pharmacopeia. (2021). <1220> Analytical Procedure Life Cycle. USP–NF. Rockville, MD: United States Pharmacopeial Convention.

4. International Council for Harmonisation. (2023). ICH harmonised guideline Q9(R1): Quality risk management. Adopted 18 January 2023.

5. Waters web page: Audit Ready Labs with Risk Based Quality Control.