Configuring Quality Control (QC) Risk-Assessment

eTMF allows you to take a risk-based approach to Quality Control (QC) reviews of documents. Vault selects a document for QC review based on the document type, risk level, and applicable rules.

Configuration Overview

Creating Document Type Risk Mappings

Document Type Risk Mapping records track the QC Risk Level for specific Classifications and, optionally, Subartifacts. You can only create one record for each Classification and Subartifact

To create a Document Type Risk Mapping record:

  1. Navigate to Business Admin > Objects > Document Type Risk Mappings.
  2. Click Create
  3. Select a Classification.
  4. Optional: Select a Subartifact.
  5. Select a QC Risk Level.

Vault uses Document Type Risk Mapping records to determine which QC Risk Rule to apply to a given document. Vault does not assign QC Risk Rules to document type Classifications with the QC Risk Level of None, defaulting the applicable Primary or Secondary QC Status field to QC Required as a result of the risk assessment.

Creating QC Risk Rules

When a user sends a document for a QC review, and that document’s Classification has a Document Type Risk Mapping record, Vault applies a qualifying QC Risk Rule record. The QC Risk Rule record determines the likelihood of Vault selecting the document for QC review based on the Percentage Sampled

To create a QC Risk Rule record:

  1. Navigate to Business Admin > Objects > QC Risk Rules.
  2. Click Create.
  3. Select a QC Risk Level
  4. Select a QC Type. You can select Pre-Approval or Post-Approval.  
  5. Optional: Select an Organization
  6. Optional: Select a Study
  7. Optional: Select a Country.
  8. Enter a Percent Sampled

When selecting a QC Risk Rule for a document, Vault matches the QC Risk Level on the Document Type Risk Mapping record for the document’s Classification to the QC Risk Level on the QC Risk Rule. To determine if it will select the document for QC review, Vault references the Percent Sampled value on the applied QC Risk Rule and generates a random number for that document. Vault compares the randomly generated number to the Percent Sampled value and selects the document if the number falls within the value. For example, if the Percent Sampled value is 80% and the randomly generated number is less than or equal to 80, Vault selects the document for QC review. If the randomly generated number is greater than 80, Vault does not select the document for review.

You can select an Organization, Study, or Country for QC Risk Rule records. When you create QC Risk Rule records with values for these fields, the document must also match the values in those fields for the rule to apply. When more than one QC Risk Rule record applies to a single document, Vault applies the rule with the largest Percent Sampled value.

Viewing Risk Rule Metrics

Vault generates a Risk Rule Metric record for each QC Risk Rule. The Risk Rule Metric record tracks the Number of Matched Documents and Number of Docs Requiring QC for the corresponding QC Risk Rule record and updates the values once the system completes the Risk Assessment system action. Vault resets the Risk Rule Metric record when you change or update the associated QC Risk Rule.

Configure Quality Control (QC) Workflow for Risk Assessment

To enable Quality Control risk assessment, the Quality Control workflow requires a few additions. The workflow below provides an example of a Quality Control workflow including the necessary additions to enable the Quality Control risk assessment functionality.

Example QC Risk Assessment Workflow

The following describes the purpose of each step in this example workflow:

  • Risk Assessment system action: This system action performs the risk assessment on the document in the workflow. This system action consists of identifying the Document Type Risk Mapping record that corresponds to the document’s Document Type Classification and the correct QC Risk Rule to apply. Next, the system generates a random number from one (1) to 100 and compares it to the Percent Sampled value.
  • Update States Based on Risk Assessment action: This action step enables the system to update the documents that do not require QC to Approved and the documents that do require QC to In QC Review. These states may be different in your Vault.
  • Are All Docs Not Requiring QC? decision step: This decision step ends the workflow if all documents complete the risk assessment and do not require QC. If any documents in the workflow require QC, the documents move to another step in the workflow.
  • Filter out QC Not Required action: With this action, the workflow filters out the documents that do not require QC from the documents that do.
  • QC Approval task: This is the QC task for the documents that require QC.
  • Update Document States Based on Verdicts action: This action updates the state of documents that required QC.

Users can complete all steps in this article with the standard Business Admin, System Admin, or Vault Owner security profile. If your Vault uses custom security profiles, your profile must grant the following permissions:

Permission Type Permission Controls
Security Profile Admin: Document Fields: Read, Create, Edit Allows you to view and add fields on document types
Security Profile Object: Document Type Risk Mapping: Read, Create, Edit, Delete Allows you to view, create, edit, and delete Document Type Risk Mapping records
Security Profile Object: QC Risk Rule: Read, Create, Edit, Delete Allows you to view, create, edit, and delete QC Risk Rule records
Security Profile Object: Risk Rule Metric: Read Allows you to view Risk Rule Metric records
Security Profile Admin: Document Workflow: Read, Create, Edit, Delete Allows you to view, create, edit, and delete document workflows