# Working with Audit Room

Audits can often be time-sensitive, time-consuming, and meticulous. QMS provides an Audit Room management solution to facilitate the time-sensitive activity of conducting third-party audits. Team members participating in an audit can create requests from the front room, associate them with documents or attachments, and manage them in the back room. Vault allows them to communicate the priority, status, and fulfillment of each request, publishing them to Inspectors when ready. The functionality is facilitated by the <a href="/en/gr/780444/">Audit Room</a> application page, a collaborative drag-and-drop interface that assists organizations with responding to requests and efficiently presenting information to auditors.

This feature is only available in systems with QMS enabled and relies on Admin configuration to integrate seamlessly with your existing _Audit_ workflows and lifecycles.

## Relevant Roles

QMS provisions the following roles to support the Audit Room functionality through their participation in the audit process:

  * **Front Office**: The individual who is in the front room during the audit and is responsible for creating new inspection requests. They are the only member capable of publishing requests to Inspectors.
  * **Fulfiller**: A team member who is assigned requests and is responsible for fulfilling them and providing a response.
  * **Inspector**: Third-party auditor who has limited access to Vault and can only access published requests.

## Creating Inspections

Audit Room functionality relies upon the _Inspection_ object type on the _Audit_ object, which captures information about the third-party audit including the scope, purpose, and the organization that is conducting the audit.

To create an _Inspection_:

  1. Navigate to the _Inspection_ custom object tab or to **Business Admin > Inspections**.
  2. Click **Create**.
  3. Populate the required fields.
  4. Indicate an **Audit Host** and **Auditor Organization**. You can assign an existing _Person_ to be the _Audit Host_ or you can create a new _Person_ record.
  5. Click **Save**.

Upon saving, Vault navigates you to the _Inspection_ record's details page. From this page, you can assign users to _Quality Team_ roles, such as _Front Office_ or _Fulfiller_, and edit the record to associate the _Inspection_ with a **Scribe Notes** document. To [assign Inspectors][1], navigate to the _Persons_ section.

Following the creation of _Inspection Requests_, you can access the Audit Room interface by clicking **Enter Audit Room** from the record's **Actions** menu. The availability of this action may vary based on your <a href="/en/gr/780445/">lifecycle configuration</a>.

### Creating Inspection Requests

The _Inspection Request_ object is a child of an _Inspection_ record that captures an Inspector's request, collects responses to said request, and allows for attachments and references to existing documents in your Vault. All documents and attachments tied to an _Inspection Request_ may be accessible to the Inspector upon the _Inspection Request_ entering the _Published_ state of its lifecycle. Inspectors may file _Inspection Requests_ directly, or members of the Audit team may file on their behalf, setting the _Inspector_ fields as necessary.

To create an _Inspection Request_:

  1. Navigate to an _Inspection_ record and click **Create** under the _Inspection Requests_ section. Alternatively, you can create new requests by clicking **Create** from the Audit Room interface.
  2. In the dialog, populate the required fields, such as **Category**, **Request**, and **Priority**.
  3. Select an **Inspector** from the drop-down and optionally, the **Inspector Status**.
  4. Optional: Populate the fields in the _Response_ section.
  5. Click **Save**.

Upon saving, Vault navigates you to the _Inspection Request_ record in its initial lifecycle state. Most configurations leave the _Inspection Request_ to be selected for processing, fulfillment, review, and publication by members of the Fulfillment team.

From the _Response_ section of the record, members of the Fulfillment team can populate the response in addition to selecting a user to the _Assignee_ and _Reviewed By_ fields. From the object record sections, you can relate requests to each other, upload attachments, and capture a response to the request. Assigned users can then utilize the drag-and-drop <a href="/en/gr/780444/">Audit Room</a> interface to progress each _Inspection Request_ through its lifecycle.

### Adding & Sharing Documents

You can add one (1) or more reference documents to an _Inspection Request_ record by clicking **Create** from the _Inspection Request Documents_ section. From the creation page, select a **Document**, indicate a specific document **Version**, and then click **Save**. Published documents selected this way will have the Inspector added to the _Inspector_ role.

 <div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: Be careful when configuring support for supporting documents and records as this may expose more versions of the document than intended. See <a href="/en/gr/780445/">Configuring Audit Room</a> for more information.</p>
    </div>
  </div>
</div>



### Adding & Sharing Supporting Records

<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: This first release that supports the sharing of supporting records directly with Inspectors is an early preview of the intended set of record sharing functionality within Audit Room. We recognize that this business area–direct invitation of Inspectors into your system of record–is a sensitive area where it is critical to get the experience right, and provide the right tools to ensure a comprehensive, controlled suite of tools. This early preview of the feature is not yet recommended for production use and will be subject to enhancement and changes with future releases, but we wanted to get these tools into your hands for Sandbox and Evaluation environments to begin collecting feedback on a wide scale, across different organization sizes and specialities. While we’re working on the follow-on requirements for this feature set, as always, we’ll be closely watching all feedback channels for how this is resonating with your teams.</p>
    </div>
  </div>
</div>



Fulfillment teams can select records to share with Inspectors when _Inspection Requests_ are published. Veeva QMS supports a robust experience to enable Fulfillment teams to select the right records in preparation of a response, paired with a very simplified experience for Inspectors reviewing the shared records. 

We recommend utilizing the _Related_ sections, such as _Related Complaints_, _Related Investigations_, and so on, for fulfillers to select each of the supported objects for sharing with an Inspector. For example, to share a _Complaint_ record to satisfy the _Inspection Request_, members of the Fulfillment team can add the specific record in question via the _Related Complaints_ section of the _Inspection Request_.

Sharing is for a single record at a time; for example, if teams want to share a _Complaint_ and all of its investigations, the _Investigation_ records must be individually linked to the _Inspection Request_ through their various sections to be presented later to the Inspector. This empowers Fulfillment teams to share just a _Complaint_, or a _Complaint_ with a single investigation, or a _Complaint_ and all of its investigations based on the nature or details of the _Inspection Request_.

Once the _Inspection Request_ enters the _Published_ state, Inspectors can then review all of the records of those supported objects that fulfillers specified in the _Related_ sections, through the <a href="/en/gr/780445/#configuring-supporting-records">Supporting Records</a> page section. This section collects and summarizes the specified records, regardless of object or type, into a simple list for easy access and navigation. This section further allows Inspectors to review related object records without having to download or print records or leave the system.

### Adding Attachments

In addition to reference documents or records, members of the Fulfillment team may also be able to upload attachments to an _Inspection Request_ by clicking **Upload** from the record's _Attachments_ section of the _Inspection Request_. From this section, you may be able to view, edit, delete, or download attachments depending on the lifecycle state of the _Inspection Request_ and your assigned security profile. This approach is beneficial when attempting to fulfill _Inspection Requests_ with formatted outputs of entire records, or families of records.

## Assigning Inspectors {#assigning-inspectors}

Inspectors are identified as such by the _Inspector_ object type on the _Person_ object. To add Inspectors, navigate to the _Persons_ section on an _Inspection_ record and click **Add**. In the dialog, select a _Person_ or click **Create** to create a new _Person_ record. In the _Create Person_ dialog, ensure you select the _Inspector_ type from the drop-down.

If <a href="/en/gr/780445/#permissions-audit-lifecycle">configured by an Admin</a>, when an _Inspection_ record enters the _In Audit_ lifecycle state, an entry action handles the identification of the person referenced on the record and grants them access to Vault. Alternatively, you may be able to initiate the _Invite Inspectors to VeevaID_ user action from the record's **Actions** menu. Your security profile should have the same permission sets as the Inspector's security profile, or the newly created Inspector may not have all of the permissions to perform the expected tasks.

The desired Inspector must already be assigned the appropriate application role. If successful, Vault modifies the type of the _Person_ record to be _VeevaID_ and sends the person a <a href="/en/gr/548356/">VeevaID</a> invitation. If the Inspector already has an active or inactive VeevaID, Vault sends them a welcome-back email. If the Inspector does not have a VeevaID, they receive a welcome email to register.

After an inspection is complete, you can run the _Deactivate Inspector_ action to deactivate the _User_ record linked to the Inspector's _Person_ record. This action revokes the Inspector's access to the limited version of QMS they used to complete their inspection.

## Inspector View

Once an Inspector completes their VeevaID registration, they can log in and access a limited version of QMS from the _Inspections_ tab or the _Inspection_ application page. We recommend that customers pick a single approach, either through the _Inspection_ tab or _Inspection_ application page, to provide information to the Inspector.

### Inspections Tab

From the **Inspections** tab, Inspectors can view all _Inspection_ records in which they're participating. Clicking on a specific _Inspection_ record navigates them to the record details page, from which they can review the details made visible to them. Inspectors can only view published _Inspection Requests_ associated with a particular _Inspection_. Inspectors may also have access to referenced documents or attachments from their respective sections on the _Inspection Request_ record.

### Inspector Page {#inspector-page}

The _Inspection_ application page provides a focused area for Inspectors to more easily navigate and review _Inspection_ records and their associated _Inspection Requests_. From the _Inspector Portal_ tab, Inspectors can review in-progress _Inspections_ by created date. Inspectors can select each _Inspection Request,_ which opens the request in a new tab, to see more information, such as responses, attachments, and reference documents. Inspectors also can search for specific records, and they can filter records by status or category.

## Reporting on Inspections

You can utilize Vault's existing <a href="/en/gr/3631/">reporting and dashboard</a> functionality to view data across the Audit Room. From these reports, you can gather response metrics to monitor trends or insights that may be useful for your audit response teams.

## Related Permissions

To create _Inspections_ and _Inspection Requests_, your security profile must grant you _Create_ permissions for the _Audit_ and _Inspection Request_ objects.

To publish _Inspection Requests_, your application role on the _Fulfilled_ state of the _Inspection Request Lifecycle_ must have _Execute_ permissions for the _Publish to Inspectors_ action. Only users with a _Front Room_ application role can successfully execute this action.

To access Scribe Notes, your security profile must grant _Read_ permission for the _Inspection_ object type on the _Audit_ object.

Your security profile must grant _Create_ permissions on the _Inspection Request - Document_ object to add referenced documents to an _Inspection Request_. You must also have _Edit_ permissions on the _Inspection Request - Document_ based on the lifecycle state of the _Inspection Request_ record.

To view the _Quality Teams_ section on a record, a user requires _Read_ permission on the relevant team-enabled object. To add, remove, or otherwise manage _Quality Team_ members, a user requires _Edit_ permission on the relevant team-enabled object.


 [1]: #assigning-inspectors
 [2]: #inspector-page