
A PSMF Can Look Current While Its Annexes Fall Behind
A PSMF can appear current while its annexes no longer reflect the live pharmacovigilance system.
This is where inspection risk often begins.
The main body of the PSMF may change slowly. Annexes do not.
Vendor arrangements change. Affiliate responsibilities change. Product lists change. Safety data sources change. Audit outcomes create new actions. SOP inventories are revised.
Each update may be managed properly within its own function. The challenge is proving that the related annex update was identified, reviewed, approved, and incorporated into the PSMF through a controlled process.
Under EMA GVP Module II, the PSMF must remain permanently available for inspection and be provided within seven calendar days when requested by a competent authority. When annex information is spread across emails, spreadsheets, shared drives, and disconnected systems, maintaining an accurate and current PSMF becomes significantly more difficult.
The issue is not simply whether information exists.
The issue is whether the organization can demonstrate that annexes remained current as the pharmacovigilance system evolved.
Key Takeaway: Dynamic annexes are often the most difficult part of the PSMF to maintain because they contain operational information that changes frequently. Inspection challenges typically arise when organizations cannot demonstrate how annex updates were identified, reviewed, approved, and recorded. Annex I, version history, audit trails, reviewer oversight, and controlled workflows all play a critical role in maintaining traceable and inspection-ready annex records.
Why Dynamic PSMF Annexes Create More Inspection Risk Than the Main PSMF Body
Many of the most dynamic areas of the pharmacovigilance system are documented within annexes rather than the main body of the PSMF.
These may include product inventories, safety data sources, vendor arrangements, affiliate responsibilities, delegated pharmacovigilance activities, organizational structures, audit information, and SOP updates.
Unlike governance descriptions in the main PSMF body, these records may change continuously.
A product update may originate within Regulatory Affairs. A vendor update may originate within Legal. An affiliate change may originate within a local pharmacovigilance function. An audit finding may originate within Quality Assurance.
Each change may be managed correctly within its own process. The challenge is ensuring the corresponding annex remains current and traceable.

Where PSMF Annex Governance Starts to Break Down
Annex maintenance rarely fails because information is unavailable.
More often, governance becomes difficult to demonstrate.
Common examples include annex updates being recorded after the operational change occurred, approvals being stored outside the PSMF process, multiple versions of annexes existing across different repositories, and source systems containing information that differs from the active annex.
These situations do not automatically indicate a failing pharmacovigilance system.
However, they can make it difficult to demonstrate oversight, traceability, and control during inspections.
Inspectors are not only assessing whether annex information exists. They are assessing whether the organization can demonstrate how that information remained current.
Why Annex I Often Becomes Critical Evidence
Annex I is where annex governance becomes visible.
EMA GVP Module II requires documented change control processes and specifies that changes to the PSMF should be recorded, including the date, responsible person, and nature of the change.
For annex information, change history should remain available and traceable.
This means Annex I should not become a retrospective documentation exercise.
Change Log entries should be recorded contemporaneously during the workflow.
When updates are captured at the point of change, organizations can demonstrate a clearer and more defensible record of governance. When changes are reconstructed later, demonstrating traceability becomes more difficult.
Recent EU pharmacovigilance updates have further emphasized the need for clear documentation of major or critical deviations within the PSMF until they are resolved. For dynamic annexes, this makes timely, traceable update records even more important.
For a deeper look at how PSMF updates should be recorded, reviewed, and governed, read our guide on PSMF Change Tracking.
Dynamic Annexes Need Controlled Governance
Periodic reviews remain important, but dynamic annexes often change between review cycles.
Operational changes do not wait for the next quarterly review.
A vendor arrangement may change next week. A product approval may occur tomorrow. An affiliate responsibility may change next month.
The challenge is ensuring that annex updates move through a controlled governance process as changes occur.
| Process Activity | Manual Annex Maintenance | Controlled Annex Governance |
|---|---|---|
| Update Trigger | Recorded after operational changes | Captured during workflow |
| Review | Managed through emails | Reviewer actions remain visible |
| Change Records | Added later | Recorded contemporaneously |
| Version Control | Maintained manually | Historical versions preserved |
| Oversight | Depends on follow-up | Current status remains visible |
The objective is not simply to keep annexes updated.
The objective is to demonstrate how updates were governed.

Where External Data Sources Support Annex Accuracy
Dynamic annexes are only as reliable as the source information behind them.
This is especially important for annexes that depend on product portfolios, vendor information, affiliate records, safety data sources, and organizational information.
For example, Annex H can become difficult to maintain for organizations managing large product portfolios. Product approvals, withdrawals, and status changes may occur frequently. If these updates are managed in one system but reflected manually in the PSMF later, the risk of inconsistency increases.
PSMF Manager's External Data Sources feature helps bring source information into controlled workflows while preserving reviewer oversight. Changes can be synchronized into the platform, previous records remain archived, audit trails are created as part of the workflow, and reviewers maintain visibility before updates become part of the controlled PSMF record.
Synchronization supports governance.
It does not replace review.
How Controlled Workflows Keep Annexes Current
Within PSMF Manager, annex updates follow a controlled workflow:
- Source data updated
- Data collected through controlled workflows or External Data Sources
- Change request initiated, with AI-suggested Change Log content where applicable
- Reviewer checks, edits, and approves
- Audit trail records actions and archives previous versions
- Updated content becomes part of controlled PSMF records
- PDF version generated
- QPPV approval completed
- Version lock applied
This helps maintain visibility and traceability from the original change through final approval and controlled document generation.
Where AI Can Support Annex Management
AI can support annex governance when used within controlled workflows.
Within PSMF Manager, version comparison and the identification of differences are available without requiring AI. These capabilities help reviewers understand what has changed between versions and assess whether related annex content needs to be updated.
Where applicable, AI can assist by suggesting Annex I Change Log content based on the identified change. Reviewers remain responsible for checking, editing, and approving the suggested entry before it becomes part of the controlled PSMF record.
AI does not approve changes, replace reviewers, replace QPPV oversight, or independently generate the final PSMF.
Human review and approval remain central throughout the process.
Keeping Dynamic Annexes Inspection Ready
The greatest maintenance challenge within many PSMFs is not the main body.
It is the collection of dynamic annexes that continuously reflect changes across the pharmacovigilance system.
Inspection readiness depends on more than keeping annexes updated.
It depends on demonstrating how updates were governed.
Contemporaneous Change Log entries, reviewer oversight, audit trails, version history, QPPV visibility, and controlled workflows help create the traceability inspectors expect to see.
PSMF Manager supports this through Tracked Changes, Version History, External Data Sources, Ask AI, Global and Local PSMFs, and controlled PDF generation.
Request a demo of PSMF Manager today to see how controlled workflows, audit trails, and version governance can help maintain an inspection-ready PSMF.