Hybrid FDA Inspections: What Changed in 2024 and How to Stay Audit-Ready

If you assumed FDA inspections would eventually go back to the way they were before COVID, think again. The shift toward hybrid and remote inspections that started during the pandemic has become a permanent part of how the FDA conducts oversight - and it's having a bigger impact on warning letters than most organizations anticipated.

In FY2024, remote information requests or failures to respond to them accounted for nearly a quarter of all warning letters issued by the FDA. That's a dramatic shift from just five years ago, when physical inspections drove close to 100% of warning letter triggers. The FDA isn't going back to the old model.

This means your organization needs to be prepared for inspections that look very different from what you may have experienced in the past. Whether an inspector shows up on-site, conducts the review entirely remotely, or uses some combination of both, your ability to respond quickly and thoroughly to information requests now directly affects your regulatory standing.

This guide breaks down what changed, how hybrid inspections actually work, and what you need to do to stay audit-ready regardless of format.

A Brief History: How We Got Here

Understanding the context helps explain why this shift is sticking.

Pre-Pandemic (Before 2020)

FDA inspections were almost entirely conducted on-site. Inspectors visited manufacturing facilities, reviewed records in person, observed processes, and interviewed staff. Warning letters were triggered almost exclusively by findings from these physical inspections. Remote oversight existed but played a minor role.

During the Pandemic (2020-2021)

When COVID-19 disrupted travel, the FDA adapted quickly. Remote information requests became the primary tool for continued oversight. Inspectors asked facilities to submit documents, records, and data electronically rather than conducting in-person visits. Sample requests - where the FDA asked facilities to ship product for laboratory testing - also became a significant trigger for warning letters during this period.

Many in the industry assumed this was a temporary workaround. It wasn't.

Post-Pandemic (2022-Present)

The FDA didn't revert to pre-pandemic inspection patterns. Instead, hybrid inspections became the norm - a combination of remote document review, information requests, and selective on-site visits. By FY2024, the FDA had nearly doubled its inspection volume compared to two years prior, with over 62% of inspections conducted at foreign sites.

More importantly, the data shows a clear and deliberate shift in how the FDA triggers enforcement actions. Remote information requests are now a primary enforcement tool, not a backup.

What Is a Hybrid FDA Inspection?

A hybrid inspection combines remote and on-site elements rather than relying exclusively on one format. The specific mix varies depending on the inspection type, the facility's risk profile, and what the FDA is trying to evaluate.

Common Hybrid Inspection Components

Remote elements:

• Initial document requests before any site visit

• Electronic submission of quality records, SOPs, batch records

• Remote review of CAPA records, complaint files, and audit reports

• Video calls or virtual facility tours in some cases

• Follow-up information requests after an on-site visit

On-site elements:

• Physical observation of manufacturing processes

• In-person interviews with quality and production staff

• Review of records in context (seeing where work actually happens)

• Collection of environmental or product samples

• Verification that documented procedures match actual practice

How the FDA Decides Which Format to Use

The FDA doesn't publicly disclose its exact decision-making criteria, but the general factors include:

• Risk profile - Higher-risk facilities or products may warrant more on-site presence

• Previous inspection history - Facilities with prior findings may receive more scrutiny

• Geographic location - Foreign sites may see more remote elements due to travel logistics

• Inspection type - Routine surveillance inspections may lean more remote; for-cause inspections typically include significant on-site components

• Specific concerns - If the FDA has questions about a particular process or record, they may target that element specifically

Remote Information Requests: The Key Enforcement Tool

A remote information request is exactly what it sounds like - the FDA asks your facility to provide specific documents, records, or data without an inspector physically being present.

These requests can come:

• Before a scheduled inspection as part of pre-inspection preparation

• As a standalone review without any planned on-site visit

• After an on-site inspection to follow up on specific questions

• At any time during an ongoing inspection cycle

Here's what makes information requests so consequential: The FDA evaluates not only the quality of the records you submit, but also how quickly and completely you respond. Delays, incomplete responses, or refusal to cooperate can independently trigger warning letters - even if the underlying records would have been acceptable during an on-site review.

Want to assess how well your organization would handle a remote information request? Schedule a free consultation to discuss inspection readiness for your specific situation.

Why Remote Inspections Are Generating Warning Letters

The data from FY2024 is clear: remote information requests are now a significant enforcement trigger. Here's why organizations are struggling with this format.

Reason 1: Unprepared for the Speed of Response

On-site inspections have a built-in timeline. An inspector arrives, spends days or weeks on-site, and reviews records in real time. Organizations have some opportunity to locate documents, clarify issues, and provide context during the visit.

Remote information requests don't work that way. The FDA sends a request with a deadline - often tight - and expects a complete, organized response by that date. Organizations that don't have efficient document retrieval and review processes scramble to meet these timelines and often submit incomplete packages.

Reason 2: Records That Look Fine in Person Don't Survive Scrutiny Out of Context

When an inspector reviews records on-site, they can ask questions, see the physical environment, and understand context. A record that might have a minor gap could be explained verbally or supplemented with additional documentation during the visit.

In a remote review, the FDA sees only what you send them. Records go through without context, without the ability to ask clarifying questions in real time, and without the benefit of seeing how your facility actually operates. Gaps, inconsistencies, or unclear documentation that might have been resolved during an on-site conversation become formal findings in a remote review.

Reason 3: Failure to Respond Is Itself a Violation

This is critical: if you receive an FDA information request and don't respond - or respond inadequately - the FDA can issue a warning letter based on your non-response alone, regardless of whether your actual quality system is sound.

Organizations that treat information requests as optional or deprioritize them relative to day-to-day operations put themselves at serious regulatory risk. The FDA views non-cooperation as a red flag.

Reason 4: Documentation Gaps That Were Tolerable Before Are No Longer

When inspectors could see the whole picture on-site, minor documentation inconsistencies were sometimes noted as observations but not escalated. In a remote review, documentation is all the FDA has. Every gap, every missing signature, every procedure that doesn't quite match what your records show becomes more visible - and more consequential.

What the FDA Actually Looks At During Remote Reviews

Understanding what the FDA prioritizes in remote information requests helps you prepare more effectively. Based on inspection patterns and enforcement trends, these are the record categories that receive the most scrutiny.

Quality System Records

• Quality manual and QMS documentation

• SOPs and work instructions - especially whether they're current, approved, and accessible

• Document control records showing revision history and approval status

• Training records demonstrating staff competency

CAPA Records

This connects directly to the broader CAPA scrutiny discussed in our January post. In a remote review, the FDA evaluates:

• Whether nonconformances were properly identified and documented

• Whether root cause analysis was conducted and is credible

• Whether corrective actions address the identified root causes

• Whether effectiveness verification was completed

Complaint Handling Records

• Complaint logs showing all received complaints

• Investigation records for each complaint

• MDR (Medical Device Reporting) determinations and submissions

• Trending and pattern analysis across complaints

Production and Process Records

• Batch records or device history records

• In-process inspection and testing records

• Deviation records and associated corrective actions

• Equipment calibration and maintenance records

Supplier Records

• Supplier qualification documentation

• Supplier audit reports

• Incoming inspection records

• Supplier nonconformance handling

Design Controls (for Class II and III Devices)

• Design history files

• Verification and validation records

• Design review documentation

• Risk management files

How to Stay Audit-Ready for Any Inspection Format

The good news is that the fundamentals of inspection readiness haven't changed - your QMS needs to be well-documented, consistently followed, and defensible. What has changed is how those fundamentals get evaluated. Here's how to prepare for hybrid and remote inspections specifically.

1. Build a Document Retrieval Process

When an FDA information request comes in, you need to be able to locate, review, and package specific records quickly. This requires:

Organized document management - Your controlled documents and quality records need to be findable. If your team has to search through shared drives, filing cabinets, or disconnected systems to locate records, you're already behind.

Designated response coordination - Assign a point person (or small team) responsible for coordinating FDA responses. This person should know where records live, who needs to review them before submission, and what the timeline looks like.

Pre-identified record sets - For common inspection topics (CAPA, complaints, supplier quality, design controls), identify in advance which records would be requested. Don't wait for the request to start figuring out where everything is.

2. Ensure Your Records Can Stand Alone

In a remote review, your records need to tell a complete, coherent story without verbal explanation. This means:

Complete documentation - Every record should include all required information. Missing signatures, incomplete fields, or procedures that reference documents you haven't included create questions the FDA can't resolve remotely.

Consistent terminology - Use the same language in your procedures, records, and forms. Inconsistencies between what your SOP says and what your records show will stand out in a document-only review.

Clear traceability - An inspector reviewing records remotely needs to be able to follow the chain from identification of an issue through investigation, corrective action, and verification without asking questions. Build that traceability into your records.

Accurate revision status - Every document submitted should be clearly identified with its current revision. Submitting outdated documents - even accidentally - is a significant finding.

3. Practice Responding to Information Requests

Don't wait for a real FDA request to test your ability to respond. Run internal exercises:

Simulate a request - Pick a topic area (CAPA, complaints, supplier quality) and pretend you've received an FDA information request for those records. See how long it takes to locate, review, and package everything.

Time yourself - FDA deadlines are often tight. If it takes your team more than a day or two to pull together a response package, you need to improve your process.

Review what you'd submit - Before sending anything to the FDA, have someone outside your immediate team review the package. Do the records tell a clear story? Are there gaps? Would an outside reviewer have questions?

Debrief and improve - After each exercise, identify what worked and what didn't. Fix the gaps before a real request arrives.

4. Keep Your On-Site Readiness Sharp Too

Hybrid inspections include on-site elements, and some inspections are still conducted entirely on-site. Don't let your focus on remote readiness erode your ability to handle a traditional inspection.

Facility cleanliness and organization - An inspector who visits your facility is evaluating whether your physical environment matches your documented quality system.

Staff availability and preparedness - Key personnel need to be available for interviews and able to speak knowledgeably about their roles and responsibilities.

Process observation readiness - Your manufacturing and testing processes should be operating in accordance with your procedures at all times, not just when you know someone is watching.

5. Respond to Information Requests Promptly and Completely

If you receive an actual FDA information request, treat it as a priority:

Acknowledge receipt - Let the FDA know you received the request and are working on a response. Don't leave them waiting in silence.

Meet the deadline - If you genuinely need more time, communicate that proactively with a realistic revised timeline. But don't miss the deadline without explanation.

Be thorough - Send everything that was requested. Partial responses require follow-up and signal to the FDA that you're not cooperating fully.

Be organized - Label and index your submission so the reviewer can find what they need. An unorganized package of documents makes the FDA's job harder and yours look worse.

Be honest - If you have gaps in your records or known issues, it's better to acknowledge them with a plan to address them than to submit records that don't hold up to scrutiny. The FDA responds more favorably to organizations that demonstrate self-awareness and corrective intent.

Need help building an inspection readiness program that covers both remote and on-site scenarios? Our Preparation for Certifications and Inspections services include mock audits, document readiness assessments, and staff preparation to keep your organization ready for any inspection format.

The Connection to QMSR and ISO 13485

If you're preparing for the FDA's QMSR transition (effective February 2, 2026), hybrid inspection readiness is directly relevant.

ISO 13485 - which forms the foundation of the QMSR - requires robust documentation, traceability, and record-keeping throughout your quality system. These are exactly the elements the FDA evaluates during remote reviews. An organization that implements ISO 13485 properly will have the documentation infrastructure needed to respond effectively to remote information requests.

Conversely, if your current documentation has gaps, the QMSR transition is an opportunity to fix them before the FDA finds them during an inspection.

The organizations that will fare best under the QMSR aren't just those with the right certifications on paper - they're the ones whose quality systems are solid enough to withstand scrutiny from any angle, including remote review.

What This Means for Different Industries

Medical Device Manufacturers

The FDA's device inspection program has been actively incorporating hybrid elements. With the QMSR transition approaching, device manufacturers should expect increased remote oversight as the FDA evaluates compliance with the new framework. Design controls and risk management records are particularly likely to face remote scrutiny.

Pharmaceutical Manufacturers

The FY2024 data shows pharmaceutical inspections increasing significantly, with a strong emphasis on remote information requests. API manufacturers - especially those supplying compounding pharmacies - are under heightened scrutiny. If your facility has any connection to that supply chain, assume remote review is likely.

Laboratory Testing Facilities

GLP labs conducting nonclinical studies are subject to Bioresearch Monitoring (BIMO) inspections by the FDA. These inspections increasingly incorporate remote elements, particularly for initial document review. Data integrity records and electronic system controls are common targets.

Tissue Banks

Tissue banking facilities regulated under 21 CFR Part 1271 face inspection requirements that increasingly include remote components. Donor records, processing records, and quality system documentation are all candidates for remote review.

How Roystonea Compliance Can Help

Staying audit-ready when the inspection format can change without warning requires a quality system that's solid from the inside out. At Roystonea Compliance, we help organizations in medical devices, pharmaceuticals, laboratory testing, and tissue banking build inspection readiness that holds up regardless of format.

Our Preparation for Certifications and Inspections services include:

• Remote inspection readiness assessment - Evaluate whether your records could withstand FDA scrutiny without in-person context

• Document retrieval and response process development - Build efficient systems for locating and packaging records when information requests arrive

• Mock information request exercises - Simulate FDA remote review scenarios to identify gaps before they matter

• On-site inspection preparation - Mock audits, staff interviews, and facility readiness reviews

• Record quality review - Identify documentation gaps, inconsistencies, or traceability issues that would stand out in a remote review

• Staff preparation - Train key personnel on responding to inspectors, whether in person or remotely

Whether you're preparing for a specific upcoming inspection or building long-term audit readiness, we can help you close the gaps that hybrid inspections are designed to find.

Ready to test your inspection readiness? Schedule your free consultation and let's identify where your organization stands.

Frequently Asked Questions

Can the FDA conduct an entire inspection remotely without ever visiting my facility? Yes. For some inspections - particularly routine surveillance reviews or follow-ups on specific issues - the FDA may complete its evaluation entirely through document review and information requests without an on-site visit. This is becoming more common, not less.

What happens if I can't meet the FDA's deadline for an information request? Communicate proactively. Contact your FDA district office before the deadline, explain the situation, and propose a realistic revised timeline. Ignoring the deadline or failing to respond at all is far worse than asking for a reasonable extension.

Does this apply to my certification body audits too, or just FDA? ISO certification bodies (for ISO 13485, ISO 9001, etc.) have also shifted toward more remote audit elements since the pandemic. Stage 1 audits are frequently conducted remotely. While the dynamic differs from FDA inspections, the underlying need for well-organized, complete documentation applies equally.

How is this different from what we already do to prepare for inspections? The core preparation is the same - strong documentation, consistent processes, trained staff. The difference is speed and context. Remote reviews happen faster, with less opportunity to clarify or supplement, and your records have to tell the story without verbal explanation. If your preparation assumes an inspector will be on-site to ask questions and see your operation in action, you need to add remote readiness to your program.

Should I proactively reach out to the FDA about any known issues before they request information? This is a nuanced decision that depends on the specific situation. In some cases, proactive disclosure demonstrates good faith and a quality culture. In others, it may not be appropriate. If you're weighing this decision, consult with a regulatory compliance professional before taking action.