3-Days Virtual Boot Camp on Computer System Validation (CSV)
Join the Boot Camp to Explore in Depth The Validation of Computer Systems Regulated by FDA!
Instructor :
Carolyn Troiano
Webinar ID:
6633
Date: 05-07 Apr. 23, WED-FRI
Start Time: 9 am PT
Duration: 12 Hrs.
What you will learn
- FDA Compliance: Predicate Rules, Compliance Toolset, Form 483, Warning Letters, FDAISA
- CSV Methods and Models: VVQ, SDLC Methodologies, GAMP5, CVS Vs CSA
- CSV Planning: Validation Strategy Document, Risk Assessment & Mitigation
- System Requirements & Design: User & Functional…
- FDA Compliance: Predicate Rules, Compliance Toolset, Form 483, Warning Letters, FDAISA
- CSV Methods and Models: VVQ, SDLC Methodologies, GAMP5, CVS Vs CSA
- CSV Planning: Validation Strategy Document, Risk Assessment & Mitigation
- System Requirements & Design: User & Functional Requirements Specifications, SDS/CMS
- IQ, OQ, PQ Test Planning and Execution
- Test and Validation Summary Reports: RTM & VSR Purpose and Content
- CSV Operations & Maintenance, CSV Support Components
- Managing FDA-Regulated Data: Part 11 Guideance, ER/ES Requirements, Data Integrity
- Software and Services: COTS, SaaS, PaaS, IaaS, SSO, SaaMD, Spreadsheet Validation
- Vendor Audit: Preparation, Execution and Post-Audit
- FDA Trends: Current Compliance & Enforcement Trends & Critical Thinking
- Inspection Preparation: Inspection Readiness & Industry Best Practices
- 7 CSV Exercises – Take Home (with answers)
Course Description
Computer system validation has been regulated by FDA for more than 30 years, as it relates to systems used in the manufacturing, testing, and distribution of a product in the pharmaceutical, biotechnology, medical device, or other FDA-regulated industries.
The FDA requirements ensure thorough planning, implementation, integration, testing, and management of computer systems that collect, analyze and/or report data.
Electronic records and electronic signatures (ER/ES) came into play through guidelines established by FDA in 1997 and disseminated through 21 CFR Part 11.
This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.
In the early 2000s, FDA recognized they could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk.
The level of potential risk, should the system fail to operate correctly, needed to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process.
System size, complexity, business criticality, GAMP 5 category, and risk rating are the five critical components for determining the scope and robustness of testing required to ensure data integrity and product safety.
FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of the importance for compliance of systems used in regulated industries.
These include all systems that “touch” product, meaning they are used to create, collect, analyze, manage, transfer and report data regulated by FDA.
All structured data, including databases, and unstructured data, including documents, spreadsheets, presentations, and image files, audio and video files, amongst others, must be managed and maintained with integrity throughout their entire life cycle.
In this interactive bootcamp:
- We will explore the best practices and strategic approach for evaluating computer systems used in the conduct of FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process and product quality, and consumer/patient safety.
- We will walk through the System Development Life Cycle (SDLC) approach to validation based on risk assessment and will also discuss 21 CFR Part 11 and the importance of managing electronic records and signatures appropriately.
- We will also walk through the entire set of essential policies and procedures, as well as other supporting documentation and activities that must be developed and followed to ensure compliance.
- We will provide an overview of practices to prepare for an FDA inspection and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services.
- Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment, that can be leveraged to assist in all your GxP work.
Enroll Now!
Computer system validation has been regulated by FDA for more than 30 years, as it relates to systems used in the manufacturing, testing, and distribution of a product in the pharmaceutical, biotechnology, medical device, or other FDA-regulated industries.
The FDA requirements ensure thorough planning, implementation, integration, testing, and management of computer systems that collect, analyze and/or report data.
Electronic records and electronic signatures (ER/ES) came into play through guidelines established by FDA in 1997 and disseminated through 21 CFR Part 11.
This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.
In the early 2000s, FDA recognized they could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk.
The level of potential risk, should the system fail to operate correctly, needed to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process.
System size, complexity, business criticality, GAMP 5 category, and risk rating are the five critical components for determining the scope and robustness of testing required to ensure data integrity and product safety.
FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of the importance for compliance of systems used in regulated industries.
These include all systems that “touch” product, meaning they are used to create, collect, analyze, manage, transfer and report data regulated by FDA.
All structured data, including databases, and unstructured data, including documents, spreadsheets, presentations, and image files, audio and video files, amongst others, must be managed and maintained with integrity throughout their entire life cycle.
In this interactive bootcamp:
- We will explore the best practices and strategic approach for evaluating computer systems used in the conduct of FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process and product quality, and consumer/patient safety.
- We will walk through the System Development Life Cycle (SDLC) approach to validation based on risk assessment and will also discuss 21 CFR Part 11 and the importance of managing electronic records and signatures appropriately.
- We will also walk through the entire set of essential policies and procedures, as well as other supporting documentation and activities that must be developed and followed to ensure compliance.
- We will provide an overview of practices to prepare for an FDA inspection and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services.
- Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment, that can be leveraged to assist in all your GxP work.
Enroll Now!
Why you should attend
We have used our real-world experience to design a computer system validation course that not only meets FDA, ICH, and Eudralex expectations for risk-based validation, but also prepares you to implement these practices in your company!
The standard operating procedures and validation templates used in class have already been proven at other companies.
We are focused on your comprehension and application of the CSV techniques that will result in efficient, effective, and inspection-ready validation initiatives.
Join the Boot Camp to explore in depth the validation of computer systems regulated by FDA. We will cover multiple approaches, techniques, and tools that can improve efficiency and effectiveness of validation activities!
You will go through the phases of validation, including deliverables and FDA requirements:
- Learn how to identify “GxP” Systems
- Discuss the Computer System Validation (CSV) approach based on FDA requirements
- Learn about the System Development Life Cycle (SDLC) approach to validation
- Understand how to comply with key FDA and international CSV regulations and guidance, such as 21 CFR Part 11 and Annex 11
- The purpose and content of each validation deliverable, including the Validation Plan, Requirements Specification, Test Plan, Validation Tests (IQ, OQ, PQ), Requirements Traceability Matrix, Test Summary, and Validation Report, etc.
- Comprehend the risk-based validation techniques and how to leverage these techniques to create efficient yet compliant validation approaches
- Learn appropriate validation strategies for many types of applications, including Cloud/SaaS, COTS, spreadsheets, and custom developed systems
- Become aware of best-practices and inspector expectations for computer system validation and software quality assurance (SQA) programs
- Discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures
- Understand how to maintain a system in a validated state through the system’s entire life cycle
- Learn how to assure the integrity of data that supports GxP work
- Discuss the importance of “GxP” documentation that complies with FDA requirements
- Learn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
- Understand the key components of 21 CFR Part 11 compliance for electronic records and signatures
- Know the regulatory influences that lead to FDA’s current thinking at any given time
- Learn how to conduct a risk assessment on computer systems that will provide the basis for developing a validation rationale
- Understand the need to include an assessment of a computer system’s size, complexity, business criticality, GAMP 5 category and risk, should it fail, to develop a cohesive and comprehensive validation rationale
- Learn how to best prepare for an FDA inspection or audit of a GxP computer system
- Understand the importance of performing a thorough vendor audit to ensure oversight to the products and services they deliver
- Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycle
- Q&A
Join Now!
We have used our real-world experience to design a computer system validation course that not only meets FDA, ICH, and Eudralex expectations for risk-based validation, but also prepares you to implement these practices in your company!
The standard operating procedures and validation templates used in class have already been proven at other companies.
We are focused on your comprehension and application of the CSV techniques that will result in efficient, effective, and inspection-ready validation initiatives.
Join the Boot Camp to explore in depth the validation of computer systems regulated by FDA. We will cover multiple approaches, techniques, and tools that can improve efficiency and effectiveness of validation activities!
You will go through the phases of validation, including deliverables and FDA requirements:
- Learn how to identify “GxP” Systems
- Discuss the Computer System Validation (CSV) approach based on FDA requirements
- Learn about the System Development Life Cycle (SDLC) approach to validation
- Understand how to comply with key FDA and international CSV regulations and guidance, such as 21 CFR Part 11 and Annex 11
- The purpose and content of each validation deliverable, including the Validation Plan, Requirements Specification, Test Plan, Validation Tests (IQ, OQ, PQ), Requirements Traceability Matrix, Test Summary, and Validation Report, etc.
- Comprehend the risk-based validation techniques and how to leverage these techniques to create efficient yet compliant validation approaches
- Learn appropriate validation strategies for many types of applications, including Cloud/SaaS, COTS, spreadsheets, and custom developed systems
- Become aware of best-practices and inspector expectations for computer system validation and software quality assurance (SQA) programs
- Discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures
- Understand how to maintain a system in a validated state through the system’s entire life cycle
- Learn how to assure the integrity of data that supports GxP work
- Discuss the importance of “GxP” documentation that complies with FDA requirements
- Learn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
- Understand the key components of 21 CFR Part 11 compliance for electronic records and signatures
- Know the regulatory influences that lead to FDA’s current thinking at any given time
- Learn how to conduct a risk assessment on computer systems that will provide the basis for developing a validation rationale
- Understand the need to include an assessment of a computer system’s size, complexity, business criticality, GAMP 5 category and risk, should it fail, to develop a cohesive and comprehensive validation rationale
- Learn how to best prepare for an FDA inspection or audit of a GxP computer system
- Understand the importance of performing a thorough vendor audit to ensure oversight to the products and services they deliver
- Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycle
- Q&A
Join Now!
Areas Covered
DAY 1: 4-Hrs
Module 1: Computer System Validation (CSV) and the System Development Life Cycle (SDLC) Methodology
- FDA Compliance and Guidance
- Other Regulations and Guidance (EMA, EU, MHRA)
- Exercise: Exploring the Regulations using the fda.gov website
Module 2: CSV Methods and Models
- GxP Systems
- Computer System Validation (CSV)
- Validation, Verification, and Qualification
- Common SDLC Methodologies
- GAMP 5 “V” Model
Module 3: Software and Services
- Computer Off-the-Shelf (COTS) Software
- Cloud Systems
- FDA’s “Case for Quality”
- Software as a Service (SaaS)
- Case Study: Cloud SaaS
- Platform as a Service (PaaS) & Infrastructure as a Service (IaaS)
- Single Sign On (SSO)
- Medical Devices and Software as a Medical Device (SaaMD)
- Software Quality Assurance (SQA) Plan
- Mobile Devices and Medical Application
- Spreadsheet Validation
Module 4: 21 CFR Part 11, FDA’s Guidance for ER/ES
- 21 CFR Part 11 Guidance
- Electronic Records/Signatures (ER/ES) Requirements
- Exercise: FDA Guidance for ER/ES
- Vendor Audit
Module 5: Data Integrity and Governance
- Data Life Cycle Approach
- Data Integrity
- Data Governance
DAY 2: 4-Hrs
Module 6: CSV Planning
- Validation Strategy Document (VSD)
- Validation Strategy Components
- Rationale for Validation Testing
- GAMP 5 System Categorization
Module 7: CSV Supporting Components
- Good Documentation Practices (GDPs) Training
- Organizational Change Management (OCM)
- CSV Policies and Procedures
Module 8: Risk-Based CSV
- Risk Assessment
- Risk Mitigation
- Exercise: Validation Master Plan (VMP) Writing
Module 9: System Requirements and Design
- Requirements Development
- User Requirements Specification (URS)
- Functional Requirements Specification (FRS)
- Exercise: Interviews and URS/FRS Writing
- System Design/Configuration Management Specification (SDS/CMS)
Module 10: IQ, OQ, PQ Test Planning and Execution
- IQ, OQ, PQ Purpose and Contents
- CSV Test Execution
- Exercise: IQ, OQ, PQ Test Protocol Writing
- CSV Test Summary Report
DAY 3: 4-Hrs
Module 11: Requirements Traceability Matrix (RTM)
- RTM Purpose and Contents
- Exercise: RTM Writing
Module 12: Test and Validation Reports
- Validation Summary Report (VSR) Purpose and Contents
- System Acceptance and Release Notification
Module 13: Change Management
- Maintaining Validation Status
- Change Control Process
- Security and Access
- Audit Trail Review
- Incident Reporting
- Periodic System Review
- Disaster Recovery Planning
- Business Continuity Planning
Module 14: System Retirement
- Record Retention
- System Retirement Challenges
- Legacy Systems and Integration
- Data Migration
Module 15: FDA Warning Letters
- Regulatory Influences
- Regulatory Trends
- Critical Thinking
- Current Compliance and Enforcement Trends
- FDA Inspection Readiness
- Exercise: Be the Consultant
- Industry Best Practices
Exercises: Independent Study
The following exercises will be included in the course content and can be completed at each attendee’s discretion.
If completed before the end of the Boot Camp, the attendee may ask questions during any Q&A session. If completed after the Boot Camp, the attendee may ask questions via Compliance Meet and a response will be sent as quickly as possible.
Note that both questions and answers are provided for each exercise.
- Exercise: Exploring the Regulations using the fda.gov website
- Exercise: FDA Guidance for ER/ES
- Exercise: Validation Master Plan (VMP) Writing
- Exercise: Interviews and URS/FRS Writing
- Exercise: IQ, OQ, PQ Test Protocol Writing
- Exercise: RTM Writing
- Exercise: VSR Writing
- Exercise: Be the Consultant – Example of a Data Integrity Audit by FDA at a pharmaceutical manufacturer
CSV Final Exam: Completed at the discretion of the attendee. Note that both questions and answers are provided for each exercise. (100 Questions/Answers)
DAY 1: 4-Hrs
Module 1: Computer System Validation (CSV) and the System Development Life Cycle (SDLC) Methodology
- FDA Compliance and Guidance
- Other Regulations and Guidance (EMA, EU, MHRA)
- Exercise: Exploring the Regulations using the fda.gov website
Module 2: CSV Methods and Models
- GxP Systems
- Computer System Validation (CSV)
- Validation, Verification, and Qualification
- Common SDLC Methodologies
- GAMP 5 “V” Model
Module 3: Software and Services
- Computer Off-the-Shelf (COTS) Software
- Cloud Systems
- FDA’s “Case for Quality”
- Software as a Service (SaaS)
- Case Study: Cloud SaaS
- Platform as a Service (PaaS) & Infrastructure as a Service (IaaS)
- Single Sign On (SSO)
- Medical Devices and Software as a Medical Device (SaaMD)
- Software Quality Assurance (SQA) Plan
- Mobile Devices and Medical Application
- Spreadsheet Validation
Module 4: 21 CFR Part 11, FDA’s Guidance for ER/ES
- 21 CFR Part 11 Guidance
- Electronic Records/Signatures (ER/ES) Requirements
- Exercise: FDA Guidance for ER/ES
- Vendor Audit
Module 5: Data Integrity and Governance
- Data Life Cycle Approach
- Data Integrity
- Data Governance
DAY 2: 4-Hrs
Module 6: CSV Planning
- Validation Strategy Document (VSD)
- Validation Strategy Components
- Rationale for Validation Testing
- GAMP 5 System Categorization
Module 7: CSV Supporting Components
- Good Documentation Practices (GDPs) Training
- Organizational Change Management (OCM)
- CSV Policies and Procedures
Module 8: Risk-Based CSV
- Risk Assessment
- Risk Mitigation
- Exercise: Validation Master Plan (VMP) Writing
Module 9: System Requirements and Design
- Requirements Development
- User Requirements Specification (URS)
- Functional Requirements Specification (FRS)
- Exercise: Interviews and URS/FRS Writing
- System Design/Configuration Management Specification (SDS/CMS)
Module 10: IQ, OQ, PQ Test Planning and Execution
- IQ, OQ, PQ Purpose and Contents
- CSV Test Execution
- Exercise: IQ, OQ, PQ Test Protocol Writing
- CSV Test Summary Report
DAY 3: 4-Hrs
Module 11: Requirements Traceability Matrix (RTM)
- RTM Purpose and Contents
- Exercise: RTM Writing
Module 12: Test and Validation Reports
- Validation Summary Report (VSR) Purpose and Contents
- System Acceptance and Release Notification
Module 13: Change Management
- Maintaining Validation Status
- Change Control Process
- Security and Access
- Audit Trail Review
- Incident Reporting
- Periodic System Review
- Disaster Recovery Planning
- Business Continuity Planning
Module 14: System Retirement
- Record Retention
- System Retirement Challenges
- Legacy Systems and Integration
- Data Migration
Module 15: FDA Warning Letters
- Regulatory Influences
- Regulatory Trends
- Critical Thinking
- Current Compliance and Enforcement Trends
- FDA Inspection Readiness
- Exercise: Be the Consultant
- Industry Best Practices
Exercises: Independent Study
The following exercises will be included in the course content and can be completed at each attendee’s discretion.
If completed before the end of the Boot Camp, the attendee may ask questions during any Q&A session. If completed after the Boot Camp, the attendee may ask questions via Compliance Meet and a response will be sent as quickly as possible.
Note that both questions and answers are provided for each exercise.
- Exercise: Exploring the Regulations using the fda.gov website
- Exercise: FDA Guidance for ER/ES
- Exercise: Validation Master Plan (VMP) Writing
- Exercise: Interviews and URS/FRS Writing
- Exercise: IQ, OQ, PQ Test Protocol Writing
- Exercise: RTM Writing
- Exercise: VSR Writing
- Exercise: Be the Consultant – Example of a Data Integrity Audit by FDA at a pharmaceutical manufacturer
CSV Final Exam: Completed at the discretion of the attendee. Note that both questions and answers are provided for each exercise. (100 Questions/Answers)
Who is this course for
- Information Technology (IT) Analysts
- IT Developers, IT Support Staff
- QC/QA Managers and Analysts
- Manufacturing Personnel
- Clinical Data Managers and Scientists
- Compliance Managers and Auditors
- Lab Managers and Analysts
- Supply Chain Personnel
- Computer System Validation Specialists
- GMP Training Specialists
- Business Stakeholders using Computer Systems regulated by FDA
- Regulatory Affairs Personnel
- Software Development Companies and Personnel (develop software for the medical device industry)
- Consultants in the Life Sciences and Tobacco Industries
- Information Technology (IT) Analysts
- IT Developers, IT Support Staff
- QC/QA Managers and Analysts
- Manufacturing Personnel
- Clinical Data Managers and Scientists
- Compliance Managers and Auditors
- Lab Managers and Analysts
- Supply Chain Personnel
- Computer System Validation Specialists
- GMP Training Specialists
- Business Stakeholders using Computer Systems regulated by FDA
- Regulatory Affairs Personnel
- Software Development Companies and Personnel (develop software for the medical device industry)
- Consultants in the Life Sciences and Tobacco Industries
Instructor Profile
Carolyn Troiano has more than 40 years of experience in the tobacco, pharmaceutical, medical device and other FDA-regulated industries. She has worked directly, or on a consulting basis, for many of the larger pharmaceutical and tobacco companies in the US and Europe, developing and executing compliance strategies and programs.