What a high-stakes eTMF RFP must accomplish—and why it matters in US/UK/EU inspections

From features to evidence: write the RFP as if the inspector will read it

An eTMF platform is not just a repository—it is an operational control system that must withstand line-of-sight testing during inspections. A credible Request for Proposal (RFP) defines verifiable security, hosting, workflow, and support expectations that convert into objective acceptance criteria. It anticipates live retrieval drills, timestamp scrutiny, and cross-system reconciliation, so that what vendors promise becomes what auditors see. Frame the RFP so each must-have maps to a measurable, auditable behavior and a fileable artifact (validation packet, SOP, report, or log).

State your compliance backbone once—then anchor it

Open the RFP with a single “Systems & Records” paragraph that the winning vendor must adopt. Electronic records and signatures align to 21 CFR Part 11 and port to Annex 11; the platform exposes a searchable audit trail; anomalies route through CAPA with effectiveness checks; oversight vocabulary follows ICH E6(R3); safety exchange contexts acknowledge ICH E2B(R3); registry narratives remain consistent with ClinicalTrials.gov and portable to EU-CTR submissions via CTIS; privacy safeguards map to HIPAA and GDPR/UK GDPR with data-residency options. For authoritative signal without a separate references list, embed short in-line anchors to the FDA, the EMA, the UK’s MHRA, the ICH, the WHO, Japan’s PMDA, and Australia’s TGA.

Outcome-first scope: retrieval speed, contemporaneity, and traceability

Write requirements around three outcomes. Retrieval speed: “10 artifacts in 10 minutes” is a realistic live-request target. Contemporaneity: clocks and SLAs enforce filing within five business days for high-volume artifacts. Traceability: dashboards drill from KPIs to listings to artifact locations with owners and timestamps. Each outcome becomes a testing script and acceptance proof at UAT and during mock inspections.

US-first regulatory mapping with EU/UK portability

US (FDA) angle—how assessors probe your vendor claims

US reviewers pivot from events to evidence under FDA BIMO: activation → approvals packet; visit occurred → monitoring report and follow-up letters; safety letter sent → site acknowledgment within window. They test whether signatures pre-date use, whether filing is timely, and how fast teams retrieve artifacts. Your RFP must require drill-through from dashboard tiles to artifact listings and to locations inside the eTMF, with stopwatchable performance.

EU/UK (EMA/MHRA) angle—same science, different wrappers

EU/UK teams emphasize DIA TMF Model structure, sponsor–CRO splits, and site file currency. A US-first RFP written in ICH language ports with wrapper changes (role labels, file-naming tokens, date formats) and allows data-residency and contract language appropriate to EU-27 and the UK. Require vendor templates for DPIAs and supplier qualification aligned to Annex 11 supplier oversight.

Security and hosting: non-negotiables you should demand (and how to test them)

Isolation and encryption that survive pen tests and supplier audits

Insist on tenant isolation at network, compute, and datastore layers; encryption in transit (TLS 1.2+) and at rest (AES-256 or better); optional customer-managed keys (BYOK) with HSMs; and immutable logging. Require documented key-rotation policies and incident response runbooks. For UAT, include a red-team exercise scoped to eTMF roles and privilege escalation attempts.

Data-residency and cross-border flows

Specify US, EU, and UK hosting regions with the ability to pin primary data and backups to a chosen jurisdiction. For EU→US or UK→US flows, require SCCs/IDTA and transparent sub-processor lists. Demand per-document residency flags for exports and clear behaviors for cross-region collaboration (e.g., read-only mirrors vs federated search).

Identity, least privilege, and operational resilience

Require SSO (SAML/OIDC), MFA, granular RBAC down to folder and metadata fields, service-account scoping for integrations, and break-glass procedures with alerting. Uptime SLAs ≥99.9% with tested backup/restore RPO/RTO; document tabletop exercises for disaster recovery. Ensure audit logs capture admin actions, permission changes, and export events with retention aligned to study and archive timelines.

1. Provide Part 11/Annex 11 validation summary and supplier-qualification pack.
2. Offer US/EU/UK data-residency with documented sub-processor chains.
3. Support SSO+MFA, granular RBAC, and customer-managed keys (BYOK).
4. Expose immutable, queryable logs for admin and export actions.
5. Commit to RPO/RTO targets and periodic recovery drills with evidence.

Workflow must-haves: from filing SLAs to live retrieval drills

Filing clocks, rejection loops, and SLAs you can actually enforce

Define clocks for “finalized,” “submitted,” and “filed-approved,” with configurable SLAs (e.g., median ≤5 business days). Require rejection with reason codes and re-submission tracking. For site-facing updates (e.g., ICF, safety letters), enforce acknowledgment windows and store proofs in the TMF.

Drill-through from KPIs to artifacts—no dead-end dashboards

Every KPI tile (Median Days to File, Backlog Aging, First-Pass QC Acceptance, Live Retrieval SLA) must drill to listings with artifact IDs, eTMF locations, owners, and timestamps. Listings must open the artifact in place. Ban static images of dashboards in favor of live queryable views.

CTMS eTMF reconciliation and version control

Require mapping for core events (activation, visits, monitoring letters, safety communications) with skew tolerance (e.g., ≤3 days). Version chains must be explicit and navigable; superseded items marked; and cross-links maintained during migrations. Support template-driven naming and controlled metadata to prevent misfiles.

Decision Matrix: hosting, tenancy, and key-management choices

How to record decisions in the TMF/eTMF

Maintain a “Vendor Hosting & Security Decision Log” with question → option chosen → rationale → evidence anchors (DPAs, pen tests, certifications) → owner → due date → effectiveness results. File under sponsor quality and cross-link to supplier qualification records.

Commercials and service: avoid lock-in and demand measurable outcomes

Pricing, exit, and data portability

Require transparent pricing for licenses, storage, integrations, and migrations. Insist on documented extract formats, no-fee study-close exports, and tested restore into a neutral staging store. Demand run-booked de-provisioning with proof of data deletion after off-boarding.

Support SLAs and named roles

Define ticket priority classes and response/resolve times; appoint a named Customer Success Lead, Validation Lead, and Security Officer. Quarterly service reviews should include defect recurrence trends and agreed improvements.

Change management and roadmap influence

Require notice periods for breaking changes, sandbox availability, and documented regression testing. Capture roadmap items critical to your program (e.g., native CTIS export helpers) as contract addenda with dates and acceptance tests.

QC / Evidence Pack: what to file where so assessors can trace every claim

• Vendor Qualification Dossier: Part 11/Annex 11 validation summary, supplier audits, certifications, pen-test summaries.
• Security & Hosting Appendix: data-residency declarations, sub-processor lists, DPAs/SCCs/IDTA, BYOK/HSM attestations.
• Workflow & SLA Pack: configurable clocks, rejection reason codes, acknowledgment tracking, and KPI definitions.
• CTMS eTMF Reconciliation Spec: event mappings, skew tolerance rules, and variance listings.
• Run Logs & Reproducibility: parameter files, environment hashes, and rerun instructions for dashboards.
• Mock Inspection Records: “10 artifacts in 10 minutes” stopwatch evidence, drill rosters, retrieval paths.
• Governance Minutes: threshold breaches, actions, and effectiveness results tied to QTLs and RBM decisions.
• Exit & Portability Proofs: end-to-end export/restore tests and de-provisioning confirmations.

Prove the “minutes to evidence” loop

Include a one-page diagram—request → KPI tile → listing → artifact location—and store stopwatch results from mock sessions. Cite this in your inspection opening; it establishes credibility that your vendor selection translated into operational control.

Templates reviewers appreciate: RFP language, tokens, and scored questions

Paste-ready RFP tokens

Retrieval token: “The solution must demonstrate retrieval of any 10 specified artifacts within 10 minutes during UAT and pre-inspection rehearsals; failures trigger index optimization within 5 business days.”
Skew token: “Visit occurred (CTMS) report filed-approved (eTMF) skew ≤3 calendar days; exceptions require reason codes and governance note within 5 business days.”
Residency token: “Primary data and backups remain in [US/EU/UK] region; cross-region access follows read-only mirrors with auditable logs.”

Scored RFP questions that separate vendors

Ask “show me” questions with artifacts: (1) Provide a Part 11/Annex 11 validation summary with test cases. (2) Demonstrate ‘10 in 10’ on your hosted demo using our sample study. (3) Export a site’s packet and restore to a clean tenant. (4) Show logs for admin permission changes and bulk exports. (5) Prove BYOK rotation without downtime. Score on evidence, not promises.

FAQs

Which eTMF hosting pattern fits a US-only phase 1?

Multi-tenant in a US region is usually sufficient, enabling quick start and lower cost. Confirm Part 11 validation, pen-test results, and uptime SLAs. Keep a contract hook for future EU/UK regions to avoid re-platforming.

How do we satisfy EU/UK data-residency and still collaborate globally?

Use EU/UK data-pinning with read-only mirrors or federated search for cross-region access. Contract SCCs/IDTA, list sub-processors, and require export logs. Prove the model with a test where EU artifacts stay pinned while US users search and view metadata safely.

What workflow features most affect inspection outcomes?

Enforceable filing clocks with reason-coded rejections, drill-through dashboards, acknowledgement tracking for site-facing updates, and explicit version chains. These convert policy into measurable behavior inspectors can sample.

How do we prevent vendor lock-in?

Mandate neutral export formats, no-fee study-close exports, periodic restore tests to a clean tenant, and documented data-deletion procedures. Keep pricing for migrations capped in the MSA and test portability annually.

What proves security beyond certificates?

HSM-backed BYOK with rotation evidence, immutable admin/export logs, red-team/pen-test summaries mapped to remediations, and disaster-recovery drills with RPO/RTO results filed to the TMF.

Do decentralized trial components change eTMF RFP needs?

Yes. Ask for identity assurance, time-sync validation, and version-pinning at ingestion for DCT and eCOA streams, plus PHI minimization controls. Require dashboards to facet on these sources and show timeliness vs SLA.

Why cycle-time kills enrollment—and the exact levers that buy back weeks in US/UK/EU programs

The three hidden clocks that decide whether you randomize on time

Across high-enrolling studies, cycle-time failures track back to three recurring choke points: payer review for benefits and prior authorization, access to diagnostic imaging and labs, and the mundane but brutal mechanics of calendar ownership across clinics, investigators, and participants. These are not “soft” problems; they are measurable clocks with documentation that can be inspected under FDA BIMO. When you instrument the clocks, appoint a single owner for each, and hard-wire proof into your systems, randomization velocity stabilizes and budget burn becomes predictable.

Declare your compliance backbone once—then reuse everywhere

Make the operating model inspection-ready. Electronic records and signatures conform to 21 CFR Part 11 and port to Annex 11; oversight language aligns to ICH E6(R3); safety-letter acknowledgments and SAEs route using ICH E2B(R3) vocabulary; US transparency stays consistent with ClinicalTrials.gov, while EU/UK postings are mirrored through EU-CTR in CTIS. Privacy practices reflect HIPAA (minimum necessary) and GDPR/UK GDPR (data minimization). Every operational decision leaves a searchable audit trail, and recurring obstacles trigger CAPA with explicit effectiveness checks. When you state this foundation in SOPs and site kits—and point to the FDA, EMA, MHRA, ICH, WHO, PMDA, and TGA—you save hours of explanation when auditors arrive.

One playbook, three levers, measurable outcomes

Put a name and a target on each lever. For benefits and payer review, define “benefits check to authorization decision ≤7 business days.” For diagnostics, define “order to result posting ≤10 days (≤5 for fast-track arms).” For calendars, define “eligibility decision to randomized ≤7 days.” Publish weekly tiles and trend the median plus 90th percentile so you can see queue tails. When the tail grows, escalate through QTLs and manage with RBM—not ad hoc emails.

Regulatory mapping: US-first detail with EU/UK portability (what reviewers actually test)

US (FDA) angle—event-to-evidence trace in minutes

Inspectors will sample a consented subject and walk backward: benefits verification request, authorization approval, diagnostic orders, scans performed, results received, eligibility decision, and randomization in the IWRS/IRT. They test contemporaneity (are timestamps near real time?), attribution (who executed each step and under what authority?), and retrieval speed. Your operating truth has to live in connected systems—authorization logs, imaging worklists, and a scheduling ledger—cross-referenced by unique subject IDs inside your CTMS and filed to the TMF/eTMF.

EU/UK (EMA/MHRA) angle—capacity, capability, and data minimization

In the UK, the pressure point is often diagnostics and clinic capacity rather than payer hurdles. EU/UK reviewers look for HRA/REC approvals and local capacity/capability proof, governance cadence, and data minimization. The same operational clocks apply; the wrappers differ. Name the same events, keep the same clocks, and ensure clinic calendars and diagnostic blocks are visible in governance. Keep postings synchronized with EU-CTR via CTIS and ensure privacy notes explain what is counted and why.

Process & evidence: a single inspection-ready checklist to collapse delays

Benefits & authorization: turn an opaque queue into a dated ledger

Standing up a pre-auth concierge is only half the story. Make it measurable: a dated intake, payer policy reference, medical-necessity template, PI letter on letterhead, and a resubmission cadence. Capture decision codes and call logs, and store PDFs with subject IDs. Tie each file to your scheduling ledger so coordinators can book immediately upon approval—no more wandering emails.

Diagnostics: order today, scan tomorrow, read by Friday

Buy down the queue with standing blocks, mobile units, or partner facilities. Pre-book imaging for screen-eligible candidates, define a “no later than” horizon, and add a retry window if scans fail quality control. Publish median and 90th percentile lead times at the site board so CRN/NIHR can surge staff before backlogs hit patients.

1. Open a payer ledger: intake date, payer, policy code, clinical rationale, decision, turnaround.
2. Use PI templated medical-necessity letters and update with sponsor language per protocol.
3. Pre-book diagnostic blocks (MRI/CT/labs) tied to screening clinics; release windows defined.
4. Maintain a “scan-to-read” SLA and monitor repeat scans and causes (motion, protocol mismatch).
5. Run a centralized scheduling ledger with owners and escalation paths.
6. Automate alerts for expiring labs/authorizations; re-order before expiry.
7. Version control consent packets; confirm current versions before scheduling consent visits.
8. Record eligibility decisions with timekeeper system and cross-link to TMF locations.
9. Book randomization slot at eligibility—don’t wait for “someone to call back.”
10. File stopwatch evidence: retrieve 10 artifacts in 10 minutes from dashboard to TMF.

Decision Matrix: choose interventions that actually remove the bottleneck

How to document decisions in TMF/eTMF

Create a “Cycle-Time Intervention Log” that records problem → option → rationale → evidence anchors (before/after charts, payer codes, imaging block rosters) → owner → due date → effectiveness result. File in Sponsor Quality and cross-link from the portfolio dashboard so reviewers can follow the thread from number to behavior.

QC / Evidence Pack: the minimum, complete set reviewers expect

• RACI for benefits, diagnostics, and scheduling; risk register and KRI/QTLs dashboard.
• System validation summaries (Part 11/Annex 11), audit trail samples, SOP references.
• Authorization ledger with decision codes, timestamps, and appeal outcomes.
• Imaging block schedules, utilization charts, rescan analysis, and QA checks.
• Scheduling ledger with ownership, escalation path, and “eligibility→randomization” clock.
• Listings of expiring labs/authorizations and automatic renewal workflows.
• Governance minutes showing red thresholds, actions taken, and effectiveness checks via CAPA.
• Transparency alignment note so registry narratives never contradict internal timelines.

Vendor oversight & data privacy (HIPAA vs GDPR/UK GDPR)

When external imaging partners or benefits vendors touch protected data, maintain supplier qualification, least-privilege access, and data-flow diagrams. US programs document HIPAA BAAs; EU/UK programs emphasize GDPR minimization and cross-border transfer safeguards. Store attestations and interface logs in TMF with explicit retention periods.

Practical templates reviewers appreciate: paste-ready language and footnotes

Authorization request token

“Benefits check and authorization requested on [date]; policy [ID] applies; clinical rationale summarized per protocol [section]; PI letter attached; expected decision ≤7 business days; resubmission cadence every 48 hours until determination.”

Imaging block token

“Standing MRI/CT blocks reserved [Mon/Wed 8–10 AM]; release window 24 hours prior; utilization target ≥80%; overflow to partner facility with MSA # [ID]; QA checklist completed at order entry.”

Scheduling token

“Eligibility decision documented at [timestamp/system]; randomization slot reserved [date/time]; coordinator owner [name]; escalation if not randomized within 7 days.”

Footnotes that end definitional debates

Under every chart/listing, add footnotes for timekeeper system (CTMS/eSource), timestamp granularity (UTC + site local), exclusions (withdrawals prior to eligibility), and change-control IDs when definitions evolve. These lines prevent 80% of audit arguments before they start.

Modern realities: decentralized flows, patient tech, and inclusive operations

Remote steps and patient-reported data

When your design includes home health or mobile components, validate identity, time-sync, and device logistics. If eligibility relies on patient-entered data via eCOA or remote visits supported by DCT, add safeguards: who verifies, how often, and what triggers a confirmatory clinic visit. Treat remote capacities and probabilities separately in your funnel math; investment should flow to the lever that buys the most velocity.

Equity and load reduction

Transportation, time off work, and childcare are real reasons people disappear between eligibility and the randomization calendar. Put evening/weekend clinics and travel vouchers where the data says they will convert. Track impact explicitly so you can defend spend and scale what works.

Align operations vocabulary with analysis needs

Use consistent naming tokens for visits and windows so operational clocks map cleanly to analysis windows later. Even if the analysis team works separately, keeping shared language avoids reconciliation churn during interim looks.

Bringing it together: how to run the cadence so delays never reappear

The weekly loop you can run in any program

Every Monday: show authorization ledger aging and approval rate; show imaging block utilization and 90th percentile turnaround; show scheduling ledger queue age and randomizations/week. Each red tile triggers a named action—appeals surge, block expansion, coordinator hours increase—and a dated follow-up. On Friday, file a one-page effectiveness note and move on.

Drill-through and reproducibility prove control

Make portfolio tiles drill to listings and listings drill to artifacts inside the TMF. Save run parameters and environment hashes so you can rerun the same listing with the same result. Rehearse “10 records in 10 minutes” quarterly and file the stopwatch evidence.

What “good” looks like in 60 days

When this playbook sticks, payer decisions drop below 7 days, imaging turnaround compresses below 10, eligibility-to-randomization stays at or under 7, and variance stabilizes. The story becomes boring—in the best way—and your team can spend time on protocol quality instead of queue firefighting.

FAQs

What single change lifts randomizations fastest in the US?

A focused authorization concierge with templated PI letters and a dated ledger. It collapses consent→eligibility by removing payer uncertainty, and its effect is visible in two cycles. Pair it with automatic alerts for expiring labs and you stop preventable resets.

How do UK sites beat imaging backlogs without overspending?

Reserve standing blocks and escalate through CRN/NIHR for surge staffing, then add a partner facility MSA for overflow. Publish utilization and median turnaround weekly so pressure is visible and support arrives before patients wait.

What proves scheduling isn’t the hidden culprit?

A single ledger with an owner, queue age, and a rule that eligibility triggers immediate slot reservation. If queue age rises, you add randomization blocks or coordinator hours. When auditors ask, drill from tiles to bookings to the artifact trail.

Do decentralized tools help or hurt cycle-time?

Both—if unmanaged. Remote steps expand capacity and reduce travel friction, but they require identity assurance, time-sync, and clear rules for when clinic confirmation is required. Treat remote capacity as its own lever and measure it.

How should we fund these interventions without blowing budget?

Direct spend to the lever with the best “randomizations per week per $1k” return. In many indications, imaging block expansion beats media spend; in others, coordinator surge hours beat appeals staffing. The data tells you where to buy time.

What should go into the CAPA if delays recur?

Define the defect (e.g., payer ledger aging >10 days), root cause (policy mismatch, incomplete clinical rationale), fix (template update, training, staffing), proof (before/after charts), and effectiveness check (sustained median <7 days for 4 weeks). File the CAPA and tie it to governance minutes.

Why feasibility must predict enrollment—not just describe the site—and how to make it inspection-ready

From “profile of a site” to “probability of randomization”

Traditional questionnaires catalog capabilities—beds, scanners, prior trials—but rarely answer the business-critical question: how many randomized participants by when? A predictive feasibility framework flips the script. You ask targeted questions tied to patient flow, pre-screen attrition, scheduling capacity, and local bottlenecks; you score those answers with transparent rules; and you output an enrollment forecast with a confidence range and a contingency plan. This approach builds credibility with study leadership and withstands sponsor and regulator scrutiny because each number is traceable to verifiable artifacts in the TMF/eTMF.

Declare the compliance backbone once—then reuse it everywhere

Ensure your instrument is born audit-ready. Electronic processes align to 21 CFR Part 11 and port neatly to Annex 11; oversight uses ICH E6(R3) terminology; safety signaling references ICH E2B(R3); registry narratives remain consistent with ClinicalTrials.gov in the US and map to EU-CTR postings through CTIS; privacy counts and EHR-based feasibility respect HIPAA and GDPR. All workflows emit a searchable audit trail and route anomalies through CAPA. Anchor your stance with compact in-line links to the FDA, the EMA, the UK’s MHRA, the ICH, the WHO, Japan’s PMDA, and Australia’s TGA so reviewers don’t need a separate references list.

Outcome metrics everyone buys

Define three outcome targets up front: (1) a 13-week enrollment forecast with 80% confidence bounds; (2) a Site Conversion Ratio (pre-screen → consent → randomization) with expected screen failure rate by key inclusion/exclusion; and (3) a startup latency estimate from greenlight to first-patient-in. These become the backbone of your decision meetings, weekly operations, and inspection narrative.

Regulatory mapping—US first, with EU/UK portability baked in

US (FDA) angle—how assessors actually probe feasibility

US reviewers sampling under FDA BIMO look for line-of-sight from a claim (“we can recruit 4/month”) to evidence (EHR cohort counts, referral agreements, past trial conversion, coordinator capacity). They test contemporaneity (when was the data pulled?), attribution (who ran the query?), and retrievability (how quickly can you open the listing and relevant approvals). Your questionnaire and scoring notes should therefore reference data sources explicitly (EHR cube, tumor board logs, screening calendars) and point to where those artifacts live in TMF.

EU/UK (EMA/MHRA) angle—same science, different wrappers

EU/UK review emphasizes transparency, site capacity and capability, and data minimization. If your instrument uses ICH language, locks down personal data, and provides jurisdiction-appropriate wording, it ports with minor wrapper changes. Include quick-switch text for NHS/NIHR contexts (site governance timing, clinic templates) and emphasize public register alignment.

The question domains that truly predict enrollment (and what bad answers look like)

Patient flow & local epidemiology

Ask for counts with filters, not vague “we see many patients.” Example prompts: eligible patients seen last 12 months; new-patient inflow/month; proportion with stable contact details; proportion likely insured for required procedures; competing trials in the same indication; typical time from referral to consent. Red flags: counts reported without time window or filters; “data not available”; copy-pasted figures identical to other sites.

Pre-screen & screening operations

Who runs pre-screens? What tools? What hours? What’s the coordinator:PI ratio on screening days? Ask for scheduling constraints (MRI, infusion chair, endoscopy) and average lead times. Red flags: “PI will screen” (capacity bottleneck); single coordinator across multiple trials; no protected clinic time.

Consent behavior and screen failures

Request historical conversion for similar burden/benefit profiles and ask for top three consent barriers (travel, placebo fears, work conflicts). Ask for mitigation levers the site actually controls (transport vouchers, evening clinics). Red flags: “We do not track” or blanket “80% will consent.”

Startup latency signals

Contracting/IRB turnaround medians, pharmacy mapping lead time, device/software onboarding speed, and past first-patient-in latencies. Red flags: “varies” without numbers; pharmacy “as soon as possible.”

Data and systems readiness

Probe whether site has exportable screening logs, audit-ready calendars, and role-based access to study systems. Ask if their CTMS can exchange site-level forecasts and actuals programmatically. Red flags: manual spreadsheets only; no controlled screening log schema.

1. Require 12-month EHR cohort counts filtered by key criteria (with data steward sign-off).
2. Collect conversion history for similar trials (pre-screen → consent → randomization).
3. Capture coordinator capacity (hours/week) and protected clinic slots for screening.
4. Quantify diagnostic/procedure wait times that gate eligibility timelines.
5. Document startup latencies (contracts, IRB/REC, pharmacy mapping) with medians/IQR.
6. Identify top 3 local consent barriers and site-controlled mitigations.
7. Confirm availability of exportable screening logs with unique IDs.
8. Request formal competing-trial list within 30 miles and site strategy to differentiate.
9. Obtain written referral pathways (internal, network, community partners).
10. Record who owns forecasting (role) and the weekly cadence for updates.

The scoring sheet: weights, confidence, and a defendable math story

Build a weighted model you can explain in two minutes

Keep it simple and transparent. Assign weights to five domains: Patient Flow (30%), Screening Capacity (20%), Startup Latency (15%), Competing Trials (15%), Consent Behavior (20%). Convert site answers to normalized sub-scores (0–100) with clearly published rules. Example: if coordinator hours/week ≥16 and there are two protected screening half-days, Screening Capacity earns ≥85.

From score to forecast with confidence

Translate composite score to an initial monthly forecast using historical analogs, then apply a confidence factor based on data quality (stale EHR pulls, missing logs, unverified referrals). Publish 80% bounds, not a point fantasy. Low data quality widens the interval and downgrades site priority even if the mean looks attractive.

Prevent “gaming” and enforce evidence

For any claim that materially affects the score, require an artifact (EHR cohort screenshot, scheduling report). Add a “credibility” modifier that can subtract up to 10 points for poor evidence. Publish these rules so sites know the bar and the study team can defend down-selection.

Process & evidence: make it rerunnable, traceable, and inspection-proof

Wire data sources into operations

Automate EHR cohort pulls where possible and capture steward attestations with time windows. Store screening logs in a controlled schema with unique IDs and role-based access; route changes through change control. Tie forecasting into CTMS so weekly updates flow without spreadsheets, and enable drill-through from portfolio dashboards to the underlying site listings.

Define oversight hooks (KRIs & actions)

Track KRIs such as consent drop-off, screen failure drivers, and visit lead-time. Use a small set of thresholds with unambiguous actions: if forecast accuracy misses by >30% two cycles in a row, shift budget to better-performing sites or escalate mitigations. Escalation outcomes should feed program risk governance and your QTLs view.

QC / Evidence Pack: what to file where

• RACI, risk register, KRI/QTLs dashboard for feasibility and enrollment.
• System validation (Part 11 / Annex 11), audit trail samples, SOP references.
• Safety interfaces (EHR alerts, adverse event routing) noted per ICH E2B(R3).
• Forecast lineage and traceability (source listings → composite score → portfolio view) using CDISC-aligned terms and example SDTM visit naming where relevant.
• CAPA records for systemic data quality or forecasting issues with effectiveness checks.

The inspection-ready feasibility questionnaire: paste-ready, high-signal items

Patient flow & eligibility filters (quantitative)

Provide 12-month counts of patients meeting inclusion A/B/C and exclusion X/Y/Z; new-patient inflow per month; percent with confirmed contact info; payer mix relevant to required procedures; typical time from diagnosis to specialist appointment; competing trials list and overlap rate.

Screening engine (operational)

Coordinator hours/week; protected clinic half-days for screening; coordinator:PI ratio; diagnostic wait times for eligibility; availability of evening/weekend clinics; access to mobile diagnostics.

Consent behavior (behavioral)

Historical conversion rates by similar burden trials; top 3 consent barriers; mitigations site controls (transport, parking, tele-consent); languages supported; community outreach partnerships.

Startup latency (timeline)

Medians (IQR) for contracts, IRB/REC, pharmacy mapping, system onboarding; last three trials’ first-patient-in latencies; typical bottlenecks and fixes that worked.

Data & systems (traceability)

Screening log system; export capability; role-based access; evidence storage; reconciliation cadence to CTMS; ability to provide weekly forecast deltas with reasons.

Modern realities: decentralized, digital, and human—baked into the score

Decentralized and patient-tech readiness

If your design includes remote activities (DCT) or patient-reported outcomes (eCOA), weight a readiness sub-score: identity assurance, device logistics, broadband coverage, staff training for remote support, and cultural/linguistic suitability of materials. Ask sites how many remote visits/week they can support and what their help-desk coverage looks like.

Equity and community factors

Include indicators that proxy for reaching under-represented populations: local partnerships, clinic hours outside 9–5, availability of interpreters, and transportation solutions. These questions both improve accrual and strengthen your public-facing commitments.

Budget and incentive realism

Ask whether proposed per-patient budgets cover coordinator time, diagnostics, and retention touchpoints. Undercooked budgets lead to quiet disengagement; your scoring sheet should penalize this risk unless the sponsor is willing to adjust.

Turn answers into forecasts—and manage reality every week

The weekly loop

Require sites to submit forecast/actuals deltas with reasons and next-week plan. Consolidate at program level and use simple visuals: funnel (pre-screen→consent→randomization), capacity bar (coordinator hours), and a risk list keyed to KRIs. Keep narrative short; actions matter more than prose.

Re-weight quickly when the field changes

When a competing trial opens or a diagnostic line clears, adjust weights for that domain and publish the new composite quickly. The math is simple; the discipline is keeping a single source of truth and filing the rationale.

Close the loop to quality & safety

Feasibility that ignores safety or data quality is self-defeating. If rapid growth at a site correlates with consent deviations or adverse event under-reporting, throttle back and invest in training. Your governance minutes should show these cause-and-effect checks.

FAQs

How many questions should a predictive feasibility form include?

Keep it to 25–35 high-signal items across five domains (Patient Flow, Screening Capacity, Startup Latency, Competing Trials, Consent Behavior). Each question should either drive the score or populate a decision table—if it does neither, cut it.

How do we validate the scoring sheet?

Back-fit the model to 2–3 completed studies in a similar indication and compare predicted vs actual monthly randomizations. Adjust weights where residuals are persistent. Re-validate after protocol or process changes that affect conversion or capacity.

What evidence must accompany high-impact claims?

Any claim that moves a sub-score >10 points should have a supporting artifact: EHR cohort screenshots with steward signature and date window, scheduling reports, signed referral MOUs, or historical screening logs. File these where your team and inspectors can drill through from the scorecard.

How do we include remote elements fairly?

Create a DCT/ePRO readiness sub-score that tests identity, logistics, staff support, and connectivity. Sites that can support remote visits reliably should score higher because they can convert more interested candidates and maintain retention.

What’s a defensible way to present the forecast?

Provide an 80% confidence interval around the monthly point estimate and clearly state assumptions (referral volume, consent rate, diagnostic capacity). Publish weekly deltas with short reasons and show actions taken when reality diverges from plan.

How do we prevent optimistic responses without proof?

Use a credibility modifier and publish it. If evidence is missing or stale, subtract up to 10 points, widen the confidence interval, and decrease priority in site selection. Re-score promptly when evidence arrives.

Outcome-first activation: open sites fast, safely, and in a way that survives FDA/MHRA scrutiny

What “activation” must prove on day one

Activation is not a flip of a calendar—it’s a verifiable condition set that proves people, processes, and places are ready for human research. On day one, a sponsor should be able to demonstrate that ethics and regulatory approvals are current, contracts and budgets are executed, staff are trained and delegated to the tasks they perform, facilities and pharmacy are qualified, investigational product (IP) handling is controlled, and the “greenlight” communication is documented, traceable, and understood. US assessors frequently test this with event-to-evidence sampling aligned to FDA BIMO expectations, while UK reviewers triangulate HRA/REC approvals with site capacity and capability checks. If you can move from claim to artifact in seconds, you’re operational; if you cannot, you’re still preparing.

A single compliance backbone you can cite everywhere

State your controls up front and reuse that statement consistently. Electronic records and signatures conform to 21 CFR Part 11 (portable to Annex 11); platforms and integrations are validated; the audit trail is reviewed against a sampling plan; deviations route through CAPA with effectiveness checks; oversight follows ICH E6(R3); safety information exchange acknowledges ICH E2B(R3); public registry narratives align with ClinicalTrials.gov and are portable to EU-CTR via CTIS; privacy safeguards map to HIPAA and GDPR/UK GDPR. Anchor alignment with concise, in-line authority links—FDA, EMA, MHRA, ICH, WHO, PMDA, and TGA—so reviewers don’t need to hunt a separate references section.

Design activation as a repeatable micro-workflow

High-performing teams use a compact checklist with SLA clocks, clear ownership, and traceable evidence. Each prerequisite produces an artifact (e.g., IRB/REC approval letter, training certificates, calibration reports, pharmacy readiness memo, greenlight email) and an accompanying system entry that shows who did what, when, and under which authority. When a step misses its SLA, the reason code is captured and trended; if the same issue recurs, it escalates to a program-level signal on the QTLs dashboard and is addressed via risk-based monitoring (RBM) governance.

Regulatory mapping: US-first activation signals with UK portability

US (FDA) angle—what reviewers sample first

US assessors commonly begin with the signed Form 1572, site-specific IRB approvals (initial and amendment letters), current ICF versions, financial disclosures (3454/3455), CVs and licenses, GCP training, delegation of authority, pharmacy readiness, temperature mapping and calibration, receipt and handling of safety communications, and the definitive greenlight memo or email. They test three dimensions: contemporaneity (was each document in place before use and filed on time?), attribution (who signed, with what authority, and when?), and retrievability (how quickly can you show the proof?). They also check for alignment between protocol/IB changes, site training, and subject-facing materials.

EU/UK (EMA/MHRA) angle—same science, different wrappers

In the UK, activation pivots on HRA/REC approvals, local capacity and capability (C&C), pharmacy review, R&D sign-off, and—where applicable—MHRA CTA permissions. In the EU, EU-CTR submissions and CTIS statuses provide the transparency layer. Although labels and wrappers differ, the evidence narrative is the same: ethics/authority approval → readiness checks → trained people → documented greenlight → first-subject-possible.

Process & evidence: the inspection-ready Site Activation Checklist

Documents and set-ups you must have before greenlight

Ethics & regulatory approvals: IRB/REC initial approval and amendments; where applicable, UK HRA approvals and R&D confirmations; CTA acknowledgments for CTIMPs. These letters should explicitly reference protocol/amendment identifiers and dates.

Investigator attestations: Signed 1572 (US), up-to-date CVs and licenses for PI/sub-Is, core GCP training, and protocol-specific training with sign-in sheets or LMS certificates. Training must pre-date task performance.

Financial disclosure: 3454/3455 forms (or UK equivalents), with conflicts documented and mitigated. Keep a rapid route for updates if financial relationships change mid-study.

Informed consent readiness: Current ICF versions with IRB/REC stamps, language/translation approvals, short-form processes where used, and documentation that old versions are withdrawn from circulation.

Facilities & pharmacy: Temperature mapping plans and results, equipment calibration certificates, IMP storage qualification, accountability logs configured, and a signed pharmacy readiness memo that explicitly permits receipt/dispense.

Contracts & indemnity: Executed CTA/budget, insurance/indemnity letters, and any institutional clauses around data protection or indemnities.

Systems & access: EDC/ePRO/IWRS credentials provisioned by role; least-privilege enforced; signature/initials logs; user de-provisioning tested.

Timeliness and attribution controls

Define unambiguous SLA clocks. A common approach is “IRB/REC approval → greenlight ≤15 business days” and “training completion → first exposure ≤30 days.” Make “signature before use” an enforced rule at the system level. Store proof that every individual on the delegation log completed required training before performing any task and that sign-offs pre-date use. Where subject-facing materials change, maintain a quick-turn check to ensure only current ICFs are in circulation.

1. Confirm current IRB/REC approval; file letter and approved ICF version(s).
2. File signed 1572 (US) and 3454/3455 or UK equivalents; verify currency of CVs/GCP certificates.
3. Execute site contracts and budget; file indemnity/insurance documents.
4. Verify pharmacy readiness (mapping, calibration, alarms, accountability, unblinding plan).
5. Complete role-based training; file delegation of authority and signature/initials list.
6. Establish safety reporting flow; document acknowledgment of latest safety letters.
7. Provision EDC/ePRO/IWRS with least privilege; verify de-provisioning process.
8. Run a mock consent process using the current ICF; record issues and corrective actions.
9. Issue a documented greenlight memo/email; file with timestamp and recipients.
10. Record first-subject-possible and reconcile activation in CTMS versus TMF.

Decision Matrix: choose the right activation path when constraints collide

How to document decisions in TMF/eTMF

Create a “Site Activation Decision Log” showing question → option → rationale → evidence anchors (emails, trackers, approvals) → owner → due date → effectiveness result. File in TMF Administrative/Site Management and cross-link from CTMS site notes so auditors can follow the decision trail without narrative detours.

QC / Evidence Pack: what to file where so assessors can trace every claim

• Approvals packet (IRB/REC, HRA/R&D, CTA acknowledges) with current ICF(s) and explicit version mapping.
• Investigator credentials: 1572 (US), financial disclosures, CVs, licenses, and core plus protocol-specific training.
• Pharmacy readiness: mapping, calibration, alarm tests, IMP accountability, and a signed readiness memo.
• Contracts & indemnity: executed agreements, insurance/indemnity letters, and any data-protection annexes.
• Training & delegation: curriculum, completions, delegation log, and signature/initials list.
• Systems access: RBAC matrix, provisioning/de-provisioning logs, and change history for critical roles.
• Greenlight and first-subject-possible: memo/email with recipients; CTMS TMF reconciliation proof.
• Safety communications: latest letters and site acknowledgments within defined windows.

Prove “minutes to evidence” with drill-through

Expose four tiles—Median Days to File, Backlog Aging, First-Pass QC, and Live Retrieval SLA—and ensure each tile drills to a listing with artifact IDs, owners, timestamps, and eTMF locations. Make the listing open the artifact in place. File stopwatch evidence of “10 artifacts in 10 minutes” and governance minutes showing how drill results drove improvement. Evidence that is hard to find isn’t evidence—it is an invitation to widen the inspection.

Common pitfalls & quick fixes during activation

Using the wrong ICF version at screening

Pin the “current ICF” to a hot shelf, include a stamped copy in a screening-day packet, and require a pre-screen verification. Withdraw superseded versions from circulation and run a daily spot-check. If an error occurs, re-consent promptly and assess whether a deviation/CAPA is required.

Signatures after use or missing training

Block retroactive signing via system configuration wherever possible. Institute a hard gate: no task assignment unless training is current and the individual is present on the delegation log. When exceptions occur, require reason codes and QA approval, then trend recurrence to measure the effectiveness of the fix.

Pharmacy “nearly ready” when it’s actually not

Make pharmacy a separate readiness track with explicit SLAs: mapping completed, alarms tested, SOPs reviewed, and a signed readiness memo from a named accountable person. Do not ship or release IP until this memo is filed. When feasible, enforce the rule through IWRS/IRT configuration so system behavior prevents human shortcuts.

Greenlight that isn’t understood

Use a standardized memo/email template that lists prerequisites satisfied, activities permitted, any conditional limits, and the first-subject-possible date. Include recipients and a distribution log. In the UK, state clearly whether only pre-screening/screening is permitted pending a C&C confirmation.

Modern realities: decentralized capture, patient technology, and privacy

Decentralized and patient-reported flows

When decentralized components (DCT) or patient-reported tools (eCOA) are live at activation, extend the checklist: identity assurance at enrollment and device handover, time synchronization validation, help-desk coverage, privacy notices, and data-flow diagrams for subject data paths. Include training for site staff on troubleshooting common device issues and store attestations that staff can support subjects appropriately.

Data privacy and least-privilege from day one

Provision only what is necessary for each role; mask PHI by default where not needed for a task; log exports; and confirm that UK/EU GDPR notices are localized while US workflows respect HIPAA’s “minimum necessary.” Add a short privacy note to the activation packet so reviewers can see the safeguards without wading through policy binders.

Cross-functional visibility improves outcomes

Changes to operational instructions may originate from device software revisions, manufacturing adjustments, or stability considerations. Where relevant, include a brief note on comparability impacts (e.g., label changes, training updates) and cross-link to the relevant operational document. Inspectors value clear line-of-sight across functions; it reduces the chance of “orphaned” changes.

Practical templates reviewers appreciate: paste-ready language and footnotes

Sample activation tokens you can drop into SOPs and checklists

Greenlight token: “All prerequisites documented and current (IRB/REC approval, current ICF, 1572, financials, contracts, pharmacy readiness, training & delegation). Greenlight issued on [date/time] to [distribution list]. First-subject-possible = [date]. Conditional limits: [if any].”

Timeliness token: “IRB/REC approval → greenlight ≤15 business days; training completion → first exposure ≤30 days. Exceptions require reason code and QA approval; persistent exceptions trigger governance review.”

Reconciliation token: “CTMS activation date TMF greenlight filed-approved skew ≤2 days; exceptions logged with owner, reason, and corrective action.”

Footnotes that pre-answer inspector questions

At the bottom of your activation listing and charts, include footnotes declaring the clock source (which system is timekeeper), defined exclusions (e.g., sponsor-approved blackout windows), and the action that a red threshold triggers. This prevents circular debates over definitions and keeps the conversation on risk management.

Linking activation to downstream integrity: why biostat and data standards care

Activation decisions ripple into analysis readiness

Seemingly operational details—training dates, ICF versioning, pharmacy qualifications—affect downstream data credibility. Biostatisticians rely on clean visit timing and protocol version applicability to interpret data correctly. Aligning activation artifacts to standardized terminology makes downstream traceability easier, even when the TMF does not store analysis files directly.

Speak the same language across teams

When your activation records, site communications, and training lists use terms that align with CDISC domains and anticipated SDTM/ADaM outputs (e.g., consistent visit naming, amendment identifiers, and timing conventions), you reduce later reconciliation churn. Consistent terms across TMF, CTMS, and analysis planning documents shorten review cycles and prevent avoidable queries.

FAQs

What are the non-negotiable documents for US site activation?

At minimum: IRB approval with current ICF, signed 1572, financial disclosures (3454/3455), current credentials and GCP training for the investigator team, a populated delegation of authority with signature/initials list, executed contracts/budget, a pharmacy readiness memo with mapping/calibration evidence, and a dated greenlight memo emailed to a defined distribution list and filed to the TMF. Where safety letters were recently issued, file site acknowledgments within the defined window.

How does UK activation differ from US?

UK sites require HRA/REC approval, local capacity and capability confirmation, pharmacy/R&D review, and—where applicable—MHRA CTA permissions before subject dosing. Role labels and forms differ (e.g., no 1572), but the narrative is the same: approvals → readiness → training/delegation → greenlight → first-subject-possible. Maintain explicit mapping of UK documents to your US-first checklist so nothing falls through the cracks.

What is a defensible activation timeline?

Many sponsors target ≤15 business days from final approval to greenlight and ≤30 days from training completion to first exposure. These are not one-size-fits-all: tighten thresholds for high-risk programs, and always capture reason codes for exceptions. The key is trendability and demonstrated control, not perfection.

How do we prevent screening with the wrong ICF?

Pin the current ICF to a hot shelf, include it in screening packets, require a pre-screen confirmation step, and withdraw superseded versions from circulation immediately. Any use of a superseded form should trigger re-consent and a deviation/CAPA assessment with effectiveness checks in the next cycle.

What proves pharmacy readiness beyond paperwork?

Temperature mapping covering realistic load, alarm tests with logged results, calibration certificates for monitoring devices, SOP walk-through records, IMP accountability configured in advance, and a dated readiness memo signed by a named accountable person. If possible, block IWRS/IRT release until the memo is filed.

How should we show CTMSTMF alignment at activation?

Maintain a reconciliation listing that shows CTMS activation date, the TMF greenlight filed-approved date, the resultant skew, owner, and comments. Keep skew ≤2–3 days; exceptions require reason codes and QA notes. Demonstrate re-runs of the listing with identical results to prove reproducibility.