# Delegate controls to the supplier without losing oversight.

Re-testing every batch from a reliable, audited supplier whose certificate of analysis (CoA) already covers the specifications often means redoing work that's already been done. Control delegation lets you rely on the supplier — provided you **rate its risk** and **frame the decision**.

56%

of the control workload sits on moderate-risk cases — most of which can be unlocked through a supplier-qualification effort.

Risk analysis conducted at a French pharmaceutical contract manufacturer (CDMO).

The supplier's **certificate of analysis** (CoA) is valuable data — but only if you can trust it. That's the whole question behind delegation: how to make that trust objective, document it, and then decide which controls to streamline and which to keep.

Supplier trust is felt, but rarely documented.

"This supplier is serious, we can trust them": maybe so, but streamlining a control has to rest on auditable facts, not on a gut feeling. Approval status, audit history and results, product compliance, documentation completeness — these elements often exist, but scattered, never consolidated into a usable risk score.

## Score trust, objectively.

Supplier risk is built from factual criteria already present in your purchasing and quality databases.

### Approval status

Approved, pre-approved or unknown: the foundation of the quality relationship.

### Audits

Age of the last audit, scope covered, lab deviations observed.

### Product compliance

History of complaints and non-conformities on batches received.

### Administrative reliability

Completeness and timeliness of the documents provided at delivery.

### Material criticality

Active ingredient, critical excipient or packaging: the stakes aren't the same.

### Test overlap

Share of tests already run by the supplier and covered by its CoA.

## What to do, depending on the supplier.

| Situation | Recommended action |
| --- | --- |
| Trusted supplier, tests covered by the CoA | Delegate the control, reduce the frequency |
| Trusted supplier, method not under control | Targeted audit of the method, then delegation |
| Supplier to strengthen, low-criticality material | Improve the status (audit, approval) before delegation |
| Unknown status or critical material | Keep the internal control |

Delegation is never a given: it is reassessed at every change in supplier status, audit or performance.

## Supplier qualification, the best lever.

In our field experience, immediate delegation covered only 8% of the workload. But **a further 56% was within reach**, contingent on supplier-qualification work — targeted audits, upgraded approval, recognition of internal controls. In other words: investing effort on the supplier quality assurance side progressively unlocks the bulk of the possible streamlining.

## From qualification to freed-up capacity.

[Quality control

### Streamline QC controls

The full method: 3 risk indices and a decision grid.

Read the article →](/en/blog/reduce-qc-controls-risk-analysis/) [Sinfony × AQE

### Pharma quality assurance

Deviations, CAPA and batch-release flows made reliable in the field.

Discover →](/en/consulting/deviations-aqe/) [Consulting

### Operational performance

Free up capacity across your critical processes, end to end.

See the approach →](/en/consulting/operational-performance/)

## Control delegation: the essentials.

Can you rely on the supplier's CoA under GMP? +

Yes — accepting the supplier's certificate of analysis is permitted when the supplier is qualified, audited, and the decision is justified by a risk analysis. Some controls (identity in particular) generally remain required on receipt; the rest can be streamlined according to risk.

How do you rate a supplier's risk? +

By combining factual criteria: approval status, age and results of audits, product-compliance history, administrative reliability, material criticality and the share of tests already covered by the supplier. These criteria are scored and then compared against an acceptability threshold.

What do you do with a supplier of uncertain status? +

You keep the internal control and launch an improvement plan: audit, upgraded approval, gradual recognition of controls. This is often where the biggest streamlining potential lies — once the supplier is qualified.

Is delegation permanent? +

No. It is reassessed with every change in supplier status, audits or performance. A deviation, a complaint or an unfavorable audit can justify reinstating a control. Traceability of these decisions is essential during inspections.

## Turn supplier trust into freed-up capacity.

Let's structure your supplier risk scoring and your control-delegation policy.
