No. The FDA does not conduct random Part 11-only inspections. The only reason a stand-alone, “for cause” or PAI-type of Part 11 audit occurs is because the agency has very serious concerns regarding data integrity directly impacting product safety (i.e., impacting public safety). Since 1997, the only examples of stand-alone Part 11 audits that I know of involved one the following:
whistleblower complaint alleging data fraud (triggered a “for cause” inspection)
submission with serious data integrity issues (triggered a pre-approval inspection)
meta-analysis of adverse event reports, clinical trial data, etc. led to a “for cause” inspection of a contract research organization
The problem, of course, is that these situations ended up blind-siding the firms involved and their management. Thus it seemed like it was random. Executives had zero idea that these inspections would occur because the data in question was in a submission, in an adverse event report, or was part of a whistleblower complaint from a disgruntled former employee. This was all data and historical documents that the firm thought it was “done with” and there were no more risks when the FDA knocked on the door.
As I point out to my clients when I help them put in place lean Part 11 controls, the records and documents that trigger Part 11 concerns tend to be all the stuff that people have completed. You are no longer paying attention to such historical info. Ironically, once you’re “done with” the processes and projects that generated the data, that’s when FDA actually starts paying attention. So the key is to have Part 11 controls such as validation, qualification, electronic security, qualified IT vendors, and a FDA records retention policy that work for both active and archived.