Process Theatre: When Your Procedure Looks Clean but the Records Don't Match

Every quality system has at least one process that looks compliant on paper and isn’t actually being run the way the procedure says it should. The Work Instruction is signed, the form is in the QMS document control system, the procedure walked through fine at the last internal audit. And yet the records the process is supposed to be generating are incomplete, late, missing, or template-filled.

That gap between documented procedure and actual practice is what I call process theatre. The process is performed — sort of. The compliance is performed. The records, when you go look at them, tell a different story than the WI.

This article is about why process theatre persists, four of the patterns I see most often, and what an outside two-day Process Audit catches that internal audit programs typically can’t.

Why process theatre persists

Three things keep it alive in most QMS environments.

Headcount turnover. A process is set up by the person who owned it. The person leaves. The next person inherits the procedure, the records, and the audit history — but not the reasoning behind why the process is the way it is. They keep it running on the surface because changing it requires understanding it, and there’s never time to understand it. So the procedure stays in the QMS, the records keep getting generated in a form, and the substance erodes.

Incentive misalignment. Internal auditors work for the Quality Manager. The Quality Manager works for the Plant Manager or VP Operations. Nobody in that chain wants a Major finding to land on a process they own. So internal audit findings drift toward Minor and OFI. Over time, the internal audit program is producing exactly the findings nobody minds receiving — which means the program isn’t actually finding the things it should be finding.

Drift. A process is set up correctly. Then a small adjustment happens because of a tooling change. Then another adjustment because of a supplier change. Then another because the operator on shift two does it slightly differently than the operator on shift one. Each individual adjustment is defensible. After two years of adjustments, the actual process is no longer what the WI describes. The WI didn’t get updated because nobody was tracking the gap.

These three drivers are why I see the same four patterns of process theatre over and over again. Here they are.

Pattern 1: CAPA theatre

What the procedure says. CAPAs are opened within five business days of identification. Root cause is established within thirty days. Effectiveness is verified within sixty days of corrective action implementation. Each CAPA has a designated owner, a documented investigation, and an effectiveness check with objective evidence.

What the records typically show. Average CAPA closure time is over eighty days. Root cause is often “operator error” with no investigation depth. The effectiveness check is a sign-off on the CAPA form rather than a data review. Several CAPAs in the register have been “open” for over a year. A handful of CAPAs were closed quickly with no documented investigation because the responsible department needed the CAPA off the open list before the customer audit.

Why it persists internally. Late CAPAs make the Quality Manager look bad in the monthly metrics review. The pressure to close CAPAs is real. The pressure to verify effectiveness is theoretical. So CAPAs get closed on schedule and effectiveness is signed off as “verified” because somebody had to sign something.

What an outside read catches. Sampled CAPA records show the average closure time, the percentage of CAPAs with documented root-cause investigations, and the percentage where the effectiveness check has objective evidence backing it. Those three numbers tell you whether the CAPA system is actually a CAPA system or a sign-off ritual. An internal audit working under the Quality Manager rarely lands on those numbers in writing.

Pattern 2: Internal Audit theatre

What the procedure says. Every process in the QMS is audited annually. Findings are logged in the audit register, categorized as Major / Minor / OFI per ISO 17021 audit conventions, and tracked through closure via CAPA. Auditors are trained and independent of the area they audit.

What the records typically show. The audit register has the same four Minor findings repeating year after year — usually around document control, training records, calibration, and a generic “could improve” OFI. No Major findings have been issued in two to three years. Several processes haven’t been audited in over eighteen months because the schedule slipped. The “independent auditor” is technically an Engineer from a different department but reports to the same VP as the area being audited.

Why it persists internally. Internal audit programs that produce Major findings produce headaches. Headaches produce executive questions. Executive questions produce pressure on the Quality Manager. The path of least resistance is an audit program that produces well-controlled findings — and that’s what most programs eventually become.

What an outside read catches. A two-day process audit on the Internal Audit program itself is one of the highest-leverage uses of this service. The deliverable is a comparison: what the audit procedure says the program should produce, versus what the audit register actually contains. The audit register doesn’t lie. If the program is theatre, the records make it obvious. If the program is real, the records prove that too.

Pattern 3: Design Control theatre

What the procedure says (medical device example, 21 CFR 820.30). Design is controlled through a five-gate review process. Each gate has a documented input list, a documented output list, an input-output traceability matrix, a risk assessment, and a gate review meeting with attendance recorded. Design changes are controlled through a change-management procedure with impact assessment and re-verification.

What the records typically show. Gate review meeting minutes use a template that’s identical from gate to gate, often with the same boilerplate language. The input-output traceability matrix has rows that are signed off but not actually filled in. Risk assessments at each gate reference the same hazard list with no evolution between gates. Design deviation requests stack up between gates with conditional approvals that never close. Gate decisions are made before the gate review meeting and the meeting becomes the documentation step.

Why it persists internally. Design Control is one of the most heavily inspected areas in any FDA audit. The pressure to look compliant is high. The pressure to actually be compliant requires engineering time the project can rarely afford. So the deliverable shape becomes a documentation exercise rather than an engineering exercise — the gates produce paper, the development team produces design changes, and the relationship between the two erodes.

What an outside read catches. The records review is the entire game here. Pull the gate review minutes, the traceability matrices, the risk assessment evolution, and the deviation log for one product. Read them end-to-end. The story they tell is either consistent with the procedure, or it isn’t. An internal auditor with limited time often samples one document per gate and signs off. An independent two-day process audit reads the whole story.

Pattern 4: Training records theatre

What the procedure says. Operators are trained on each Work Instruction before they run the process. Training effectiveness is verified. Retraining occurs when the WI is revised. Training records are maintained, current, and reviewed during internal audit.

What the records typically show. A training matrix exists, but it shows training at the WI level, not at the revision level. Operator XYZ was trained on the CAPA WI three years ago when the WI was at revision 2.7. The current revision is 4.2. Three rev changes have come and gone. There’s no record of operator XYZ being retrained. The procedure says she should have been retrained at every rev change. The matrix says she was originally trained. Both are technically true. Neither answers the question.

Why it persists internally. Training records are tedious to maintain at the revision level. Most training matrices show “trained” or “not trained” at the WI level because that’s what the matrix template was built to track. Updating the matrix to track training-by-revision requires either better software or more careful manual work, and neither is usually the Quality team’s top priority.

What an outside read catches. Sample five WIs that have had a revision change in the last two years. Look at the operators currently certified to run those processes. Compare the rev they were last trained on against the current rev. If the deltas are small, the program is working. If the deltas are large, the program is producing training-by-paper rather than training-by-substance. The report names specific operators and specific revisions because that’s the level the standard requires.

What an outside read catches that internal audit usually doesn’t

The differences come down to four things.

Records sample drawn independently. An outside auditor doesn’t know which CAPAs the Quality Manager would prefer to be sampled. The sample is drawn against an objective plan — usually a 30-record sample across a 90-day window, documented in the report so you can replicate it later.

Practice-vs-procedure delta as the explicit deliverable. Internal audit reports tend to be findings against the standard. An independent process audit produces a side-by-side: here’s what the WI says, here’s what the records show, here’s the delta. The delta is the finding. That’s harder to write and harder to argue with.

No internal political pressure. I don’t work for your Quality Manager. I don’t report to your VP Operations. The finding is what it is. If the CAPA system has eighty-day average closure with no effectiveness data, the report says that. If it has thirty-day closure with documented effectiveness verification, the report says that too. Either outcome is useful.

Two-day turnaround. Internal audit programs work on an annual cycle. A process audit lands in two business days from records receipt. If you have a customer audit in three weeks, the report arrives in time to act on.

If any of the four patterns above feel familiar — and they will, because every QMS has at least one of them — book a 20-minute scoping call. Name the process you’re worried about, name the standard, and we’ll confirm the scope and the records you’d send. Engagement letter in 24 hours, records in by the end of the week, gap report on your desk two business days later.

— Mark Mayeux QESaaS — Quality Engineering Solutions as a Service