Spiders, Mold, & SOPs: Tales From A Site Inspection Veteran

By Dan Schell, Chief Editor, Clinical Leader

It’s not every day that a mock regulatory inspection reveals a closet full of mold-covered records fused together by water damage and crawling with spiders — but that’s exactly what Sarah Moeller encountered during one of her more memorable site visits. Her reaction was decisive: iron out the pages to salvage what could be saved, locate digital backups, and prepare to disclose the issue transparently to regulators. The situation, while extreme, highlighted the importance of vigilance, preparation, and adaptability in clinical trial oversight.

With more than 300 inspections facilitated and decades of experience across the pharmaceutical and medical device sectors, Moeller, the president & CEO of her consulting business, The Greenlight Group, LLC, is widely recognized as a trusted authority on regulatory readiness. “I’m at an age now where apparently the word to describe me is ‘seasoned,’” she says with a smile. “I don't have anything more to prove to anybody. My job is to help teams understand what they didn't document; show them where there are gaps and explain why it’s a big deal to address those issues right away. But equally, I believe it’s my job to give them credit for the good work they’ve done.”

Anticipating the Inspection Process

During our interview, Moeller set me straight on a common misperception: the FDA is not an auditing body. Rather, it conducts inspections led by investigators — not “auditors” — who examine far more than compliance checklists; they assess patient safety, data integrity, and the study's overall conduct. These inspections can include audit activities, but the scope and intent are broader and more complex.

She also informed me that, these days, high enrollers aren’t always at the top of the list for sites that get chosen for inspection. Instead, sites that have not previously been inspected may be prioritized, as may those located near available investigators (especially given current staffing and logistical constraints). Other selection criteria may include prior findings, CRO involvement, study complexity, or geographic accessibility.

In some situations, inspection readiness activities may include identifying potentially at-risk sites, organizing documentation, and reviewing historical performance. For example, for the latter, I asked if a lot of screen failures should be considered a red flag for sites to investigate. “Actually, they are more a signal to dig deeper and ask critical questions,” Moeller explains. “I’d want to know if sites are cherry-picking patients likely to produce favorable outcomes. Were the inclusion/exclusion criteria written in a way that unnecessarily excludes large portions of the population? Are patients being asked to take on too much, such as completing nine questionnaires, attending 14 visits, arranging transportation despite mobility issues, or undergoing invasive procedures like spinal taps or EEGs?” She also considers whether patients are turning away from research altogether due to the burden.

Conversely, if there are very few or no screen failures, Moeller becomes concerned. A complete absence of screen fails can indicate missing documentation or lack of transparency. She looks into whether failed participants were consented, underwent testing, or experienced adverse events that weren’t reported. Even if patients aren’t enrolled, any change to standard of care must be documented. While some sites argue they aren’t paid to track screen fails, Moeller points out that the protocol often requires it, and ignoring that can put the site at risk.

Preparation Through Simulation

For many site teams, the inspection process feels abstract — until it doesn’t. Moeller’s approach to mock inspections is designed to bridge that gap. She makes sure the teams she works with have ample time to prepare prior to the mock inspection, but their response is intended to mirror what would be expected during an actual FDA inquiry. For example, they likely will be faced with a simulation that includes multiple rapid-fire questions and immediate document requests. This process helps teams anticipate the pace, intensity, and expectations of actual regulator interactions.

The mock inspection experience often includes roleplaying interviews, rehearsing responses, and walking through critical processes such as informed consent documentation, adverse event reporting, and data verification. In Moeller’s view, these rehearsals are essential for helping staff understand what to expect and avoid missteps that can arise from nervousness or lack of preparation.

Equally important is managing who participates in the inspection itself. Moeller emphasizes that regulatory investigators are not there to hold casual conversations; they are information-gathering professionals. Responses should be accurate and concise, with appropriate site staff answering only the questions posed. Senior executives, while ultimately responsible for a study, are typically not the best individuals to represent operational details during an inspection. “When a senior executive or CEO insists on being in the room with the regulator, I tell them, ‘OK, but understand what’s going to happen. The regulator can and will ask you about details of the trial, such as what happened with the randomization. Why were there errors? And since that’s not your area of expertise, you may simply try to be helpful and inadvertently misspeak, which could put them on the wrong path or alert them to something we don't even want or need to talk about because it's been fixed already. All of that puts the clinical and data management teams — and the site — in a precarious position.’ Thus, I try to explain that I’m protecting them by not putting them in that room.”

Focusing on Core Risk Areas

Over the course of her work, Moeller has identified several recurring issues that tend to surface during inspections, many of them preventable with early attention. Among the most common is documentation inconsistency. Protocol adherence, deviation tracking, training records, and consent forms are frequent focal points for inspectors. When these elements are missing, outdated, or incomplete, it can undermine confidence in the site's conduct.

Another critical area is digital data handling. In today's environment, sites are expected to manage multiple electronic systems — from EDC to ePRO platforms, eConsent tools, and temperature-monitoring systems. Ensuring these platforms are Part-11 compliant, securely managed, and properly validated is essential. Passwords stored on sticky notes, for example, may seem like a small infraction but can point to broader security gaps.

Vendor oversight is another area where gaps can emerge. If external service providers (e.g., central labs, CROs) are involved, documentation confirming qualification, performance review, and issue resolution is typically expected. Moeller notes that rushed timelines or organizational turnover often result in missing or incomplete oversight records, which can pose a challenge during an inspection.

To support inspection readiness, teams often benefit from a structured review process. This includes ensuring that:

• Documentation aligns with the approved protocol and regulatory agreements.
• Deviations are identified and tracked in real time.
• Training logs are complete and roles are clearly delegated.
• Physical records (if applicable) are stored securely and protected from damage.
• System audit trails are available and data transfers are traceable.

Building a Sustainable Inspection Culture

Beyond process and paperwork, Moeller emphasizes the importance of fostering an inspection-ready mindset across the study team. Creating a culture where compliance is viewed not as a one-time hurdle but as a continuous practice can help reduce the stress and disruption inspections often cause.

At many sites, CRCs shoulder a large portion of this burden, often managing multiple systems across several studies, handling patient interactions, overseeing data entry, and coordinating with monitors. Obviously, supporting their work through clearer guidance, manageable system demands, and recognition of their pivotal role can lead to improved performance overall.

Study technology is another pressure point. When different systems are used inconsistently across protocols — or introduced late in a trial (ugh!) — sites can struggle to keep up. Moeller has observed cases where system failures or unfamiliar interfaces disrupted or delayed data collection during patient visits. The takeaway here is simple on the surface but hard to implement when it comes down to the nitty gritty — ensure that technology solutions are both reliable and tailored to the site's needs can make a meaningful difference.

Informed consent is one area where adaptability is especially valuable. Whether the process is conducted on paper or electronically, Moeller emphasizes that patient needs should guide the approach. “If I'm a brain injury patient, maybe I want to take my time and think about the ICF and read it more slowly at home and then come back and have my screening appointment. Maybe I want someone to talk me through it. Maybe I speak Vietnamese, and I need a Vietnamese translator. Is one available? The consent process should be patient-centric, whatever that means for your patient population, for your clinic, your site, and your systems.”

As regulatory expectations evolve and operational challenges increase, consistent preparation and thoughtful oversight remain essential. And while moldy records and spiders may be the exception, the need for vigilance, integrity, and a readiness mindset is universal.