Choose a Purchase Option


Computer System Validation (CSV) Training Description

FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of importance for compliance of systems used in regulated industries. These include all systems that “touch” product, meaning they are used to create, collect, analyze, manage, transfer and report data regulated by FDA. All structured data, including databases, and unstructured data, including documents, spreadsheets, presentations, images, audio and video files, amongst others, must be managed and maintained with integrity throughout their entire life cycle. It is a risk-based approach to Computer System Validation (CSV) and maintenance of a system in a validated state that leads to the best results and compliance with FDA’s expectations.


Why Should You Attend

This seminar will help you understand in detail Computer System Validation (CSV) and how to apply the System Development Life Cycle (SDLC) Methodology when validating computer systems subject to FDA regulations. This is critical in order to develop the appropriate validation strategy and achieve the thoroughness required to prove that a system does what it purports to do, and a key element is a thorough risk assessment.  It also ensures that a system is maintained in a validated state throughout its entire life cycle, from conception through retirement, making it critical to continue assessing risk as changes are made. We will discuss the phases within the SDLC, and how these form the basis for any CSV project. The importance of the sequence of steps will also be covered.

We will also cover the recent draft guidance from FDA on Computer Software Assurance (CSA), which is based on critical thinking in approach. We’ll talk about agile vs. waterfall, automated testing, Cloud, COTS, and Software-as-a-Service. We’ll also touch on 21 CFR Part 11, FDA’s guidance on electronic records/signatures to discuss the importance of including aspects of er/es technology during validation and maintenance of a system.

Agenda

Module 1: CSV Methods and Models 

  • GxP Systems
  • Computer System Validation (CSV) 
  • Common SDLC Methodologies 
  • GAMP®5 “V” Model
  • Computer System Validation (CSV) vs. Computer Software Assurance (CSA)
  • Critical Thinking
  • Waterfall vs. Agile Methodology

Module 2: Software and Services

  • Computer Off-the-Shelf (COTS) Software
  • FDA’s “Case for Quality”
  • Cloud Systems
  • Software as a Service (SaaS)
  • Platform as a Service (PaaS) & Infrastructure as a Service (IaaS)
  • Single Sign On (SSO)
  • Medical Devices and Software as a Medical Device (SaaMD)
  • Mobile Devices and Medical Application
  • Spreadsheet Validation 

Module 3: CSV Planning

  • Validation Strategy Document (VSD)
  • Validation Strategy Components
  • Rationale for Validation Testing
  • GAMP®5 System Categorization
  • Risk Assessment
  • Risk Mitigation
  • Exercise: Risk Assessment

Module 4: System Requirements and Design

  • Requirements Development
  • User Requirements Specification (URS)
  • Functional Requirements Specification (FRS)
  • System Design/Configuration Management Specification (SDS/CMS)
  • Exercise: Application and Design

Module 5: IQ, OQ, PQ Test Planning & Execution

  • IQ, OQ, PQ Purpose and Contents
  • CSV Test Execution
  • CSV Test Summary Report

Module 6: Test and Validation Reports

  • Requirements Traceability Matrix (RTM) Purpose and Contents
  • Validation Summary Report (VSR) Purpose and Contents
  • System Acceptance and Release Notification

Module 7: CSV Operations and Maintenance

  • Maintaining a System in a Validated State
  • Disaster Recovery Planning
  • Business Continuity Planning
  • Record Retention
  • System Retirement Challenges
  • Legacy Systems and Integration
  • Data Migration

Module 8: CSV Supporting Components

  • Good Documentation Practices (GDPs)
  • Training
  • Organizational Change Management (OCM)
  • CSV Policies and Procedures

Module 9: Managing FDA-Regulated Data

  • 21 CFR Part 11 Guidance
  • Electronic Records/Signatures (ER/ES) Requirements
  • Data Life Cycle Approach
  • Data Integrity
  • Data Governance

Module 10: Vendor Audit

  • Audit Preparation
  • Audit Execution
  • Post-Audit

Module 11: FDA Trends

  • Regulatory Influences
  • Regulatory Trends
  • Current Compliance and Enforcement Trends

Module 12: Inspection Preparation 

  • FDA Inspection Readiness 
  • Industry Best Practices

Q&A

Additional material that can be read through and completed off-line after the presentation is completed:

CSV Exercises (These can be done after the session)

  • Exercise 1: CSV
  • Exercise 2: Validation Master Plan (VMP) Writing
  • Exercise 3: FDA Requirements for ER/ES
  • Exercise 4: Interviews and URS/FRS Writing
  • Exercise 5: IQ, OQ, PQ Test Protocol Writing
  • Exercise 6: RTM Writing
  • Exercise 7: Be the Consultant

Who Will Benefit

Personnel in the following roles will benefit:

  • Information Technology Analysts
  • Information Technology Managers
  • QC/QA Managers
  • QC/QA Analysts
  • Clinical Data Managers
  • Clinical Data Scientists
  • Analytical Chemists
  • Compliance Managers
  • Laboratory Managers
  • Automation Analysts
  • Manufacturing Managers
  • Manufacturing Supervisors
  • Supply Chain Specialists
  • Computer System Validation Specialists
  • GMP Training Specialists
  • Business Stakeholders responsible for computer system validation planning, execution, reporting, compliance, maintenance and audit
  • Consultants working in the life sciences industry who are involved in computer system implementation, validation and compliance
  • Auditors engaged in internal inspection

Learning Objectives

  • Learn how to identify “GxP” Systems
  • Discuss the Computer System Validation (CSV) approach based on FDA requirements
  • Learn about the System Development Life Cycle (SDLC) approach to validation
  • Learn about COTS, cloud, SaaS and other types of systems and how they can be validated and maintained in a validated state.
  • Understand FDA’s new draft guidance on Computer Software Assurance (CSA) and how to apply this to your approach to validation, focusing on critical thinking.
  • Discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures
  • Understand how to maintain a system in a validated state through the system’s entire life cycle
  • Learn how to assure the integrity of data that supports GxP work
  • Discuss the importance of “GxP” documentation that complies with FDA ·      requirements
  • Learn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
  • Understand the key components of 21 CFR Part 11 compliance for electronic records and signatures
  • Know the regulatory influences that lead to FDA’s current thinking at any given time
  • Learn how to conduct a risk assessment on computer systems that will provide the basis for developing a validation rationale
  • Understand the need to include an assessment of a computer system’s size, complexity, business criticality, GAMP 5 category and risk, should it fail, to develop a cohesive and comprehensive validation rationale
  • Learn how to assess risk, based on probability of occurrence, severity of impact, detectability and mitigation, along with technical and procedural controls that can help minimize risk
  • Learn how to best prepare for an FDA inspection or audit of a GxP computer system
  • Understand the importance of performing a thorough vendor audit to ensure oversight to the products and services they deliver
  • Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycle
  • Q&A
Faculty Carolyn Troiano

Faculty Carolyn Troiano

Award winning FDA Compliance Expert for Validation, 21 CFR Part 11 (Electronic Records/Signatures) and Data Integrity

My experience includes 34+ years in IT/ Business, Marketing & Compliance leadership and management roles at a variety of Fortune 100 companies, across multiple industries.

My successes include building and managing teams and business units at multiple “greenfield” sites in the pharmaceutical, biotechnology and IT consulting industries, as well as in the public sector. I have weathered numerous layoffs, mergers and acquisitions, and demonstrated my very strong leadership skills in helping staff get through difficult times.