FDA Modernization and Restructuring of the SDLC for Computer System Validation (CSV) and Compliance

Why Should You Attend:

You will learn about FDA’s approach to modernizing technology, and how that will benefit both the Agency and industry. We will discuss ways to modernize the System Development Life Cycle (SDLC) approach to Computer System Validation (CSV) by using automated testing tools that will result in a continuous validation of software products.

We will also discuss the important aspects of CSV and how to apply them in a new and modern technological environment.

We will also discuss FDA’s more recent push to Software Quality Assurance (SQA) and away from traditional Computer System Validation (CSV), which is based on the System Development Life Cycle (SDLC) methodology. FDA is stressing the importance of industry understanding what is required to be in compliance and thinking critically about new ways to achieve that. We will cover automated testing and continuous validation as key components of the SQA approach.

Computer system validation has been regulated by FDA for more than 30 years, as it relates to systems used in the manufacturing, testing and distribution of a product in the pharmaceutical, biotechnology, medical device or other FDA-regulated industries. The FDA requirements ensure thorough planning, implementation, integration, testing and management of computer systems used to collect, analyze and/or report data.

Electronic records and electronic signatures (ER/ES) came into play through guidelines established by FDA in 1997, and disseminated through 21 CFR Part 11 . This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.

In the early 2000s, FDA recognized they could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk. The level of potential risk, should the system fail to operate properly, needed to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process. System size, complexity, business criticality, GAMP 5 category and risk rating are the five key components for determining the scope and robustness of testing required to ensure data integrity and product safety.

FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of importance for compliance of systems used in regulated industries. These include all systems that “touch” product, meaning they are used to create, collect, analyze, manage, transfer and report data regulated by FDA. All structured data, including databases, and unstructured data, including documents, spreadsheets, presentations, images, audio and video files, amongst others, must be managed and maintained with integrity throughout their entire life cycle.

So what is next for the modernization of the processes involved in compliance for FDA-regulated systems, keeping in mind the guidance documents provide thus far? The FDA is embarking on a modernization program to update their technology and processes for working with industry to assure regulated products meet FDA compliance. There are numerous programs underway, including partnerships with other agencies and industry to move forward as technology continues to improve. The FDA plans to take advantage of these technologies, just as industry is focused on the same goal. The key is making sure these are employed in a way that promotes public health, providing more improved FDA-regulated products with fewer negative side effects and issues. Plans will also enable FDA to work with industry to move products to market faster, further improving public health.

We will explore the best practices and strategic approach for evaluating the current processes involved in assuring computer systems used in the conduct FDA-regulated activities are modernized and streamlined. Cloud computing, Software as a Service (SaaS), automated computer system testing and mobile devices are just part of the mix we can expect to explode in the near term.

Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment that can be leveraged to assist in all your GxP work.

Areas Covered in the Webinar:

• Learn how to identify “GxP” Systems
• Learn about FDA’s current program for modernization of technology, and how this will impact industry
• Learn about FDA’s Technology Modernization Action Plan (TMAP), including what work is underway and what is planned in the near term
• Discuss the current state of Computer System Validation (CSV) approach based on FDA requirements
• Learn about the System Development Life Cycle (SDLC) approach to validation and how this can be modernized through a more agile approach, including automated testing for continuous validation
• We will discuss cloud computing and Software as a Service (SaaS) systems that can be embraced and validated effectively
• Discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures, including ways to improve efficiency and effectiveness
• Understand how to maintain a system in a validated state through the system’s entire life cycle in a more cost-effective manner
• Learn how to assure the integrity of data that supports GxP work, despite changes and advances in new technology
• Discuss the importance of “GxP” documentation that complies with FDA requirements
• Learn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
• Know the regulatory influences that lead to FDA’s current thinking at any given time
• Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycle
• Q&A

Who Will Benefit:

This webinar is intended for those involved in planning, execution and support of computer system validation activities, working in the FDA-regulated industries, including pharmaceutical, medical device, biologics, tobacco and tobacco-related products (e-liquids, e-cigarettes, pouch tobacco, cigars, etc.). Functions that are applicable include research and development, manufacturing, Quality Control, distribution, clinical testing and management, sample labeling, adverse events management and post-marketing surveillance.

Examples of who will benefit from this webinar include:

• Information Technology Analysts
• Information Technology Developers and Testers
• QC/QA Managers and Analysts
• Analytical Chemists
• Compliance and Audit Managers
• Laboratory Managers
• Automation Analysts
• Manufacturing Specialists and Managers
• Supply Chain Specialists and Managers
• Regulatory Affairs Specialists
• Regulatory Submissions Specialists
• Risk Management Professionals
• Clinical Data Analysts
• Clinical Data Managers
• Clinical Trial Sponsors
• Computer System Validation Specialists
• GMP Training Specialists
• Business Stakeholders/Subject Matter Experts
• Business System/Application Testers
• Vendors responsible for software development, testing and maintenance
• Vendors and consultants working in the life sciences industry who are involved in computer system implementation, validation and compliance

Manufacturing, Testing, Packaging and Distribution companies in the following industries that are regulated by FDA are required to follow GxPs:

• Pharmaceutical
• Medical Device
• Biologicals
• Tobacco (based on the Tobacco Control Act of 2009)
• E-Liquid/Vapor (based on the “Deeming” Act of 2016)
• E-Cigarette (based on the “Deeming” Act of 2016)
• Cigar (based on the “Deeming” Act of 2016)
• Third-Party companies that support those in the above industries
• Medical Device software developers
• Software as a Medical Device (SaaMD) software developers

Free Materials:

• During the webinar we will discuss FDA Guidance Documents and GAMP5, the Good Automated Manufacturing Practices
• We will discuss the method for assessing risk, based on probability, severity, detectability and mitigation
• There will also be an overview of Policies and Procedures, including a checklist of topics

Carolyn Troiano
ERP Project Manager, City of Richmond

Carolyn Troiano has more than 35 years of experience in computer system validation and compliance in the pharmaceutical, medical device, tobacco and other FDA-regulated industries. She is currently an independent consultant, advising companies on computer system validation and large-scale IT system implementation projects.

Frequently Asked Questions:

1. From the activities on FDA roadmap for the next few years, can you give us a status which one has been achieved and which ones still in progress?
2. Fitting waterfall approach into Agile methodology: creating requirements as we go throughout sprints will not always allow us to test approved requirements in a given script and get them lock. The next sprint may impact those requirements, and thus we may have to revisit them. As a result, full validation can take longer with Agile methodology if documents need to be revised in multiple iterations. Advise?
3. How do I convince people to change the old process of IQ, OQ, PQ? If an OQ passes, you don't need an IQ?
4. Is change to part 11 in the scope of FDA to be in accordance with the evolution of industries (e.g. SaaS)?

Follow us :