In-house Compliance Workshop

Learn through case studies and direct interaction with pears and the speaker.
For general information on location, organization and costs of in-house compliance workshops, click here

Compliance Workshop 101

Computer System Validation for (Bio)Pharmaceutical and Device Industry

Put Computer System Validation in practice through real world examples and case studies

Course objectives

• Understand regulatory requirements for software and computer system validation
• Understand the process throughout the entire validation lifecycle from planning to retirement
• Learn how to effectively implement validation of commercial software and computer systems
• Learn how to validate configurable and customized software and systems, e.g., MS Excel
• Learn how to validate existing systems
• Learn how to document software and computer system for FDA and equivalent international agencies.

Contents Overview

• FDA and international requirements and enforcement
• FDA warning letters and how to avoid them
• Basics of software and computer system validation
• Going through the computer system validation lifecycle from planning to retirement: DQ, IQ, OQ, PQ
• Assessment of suppliers
• Qualification of infrastructure and validation of networked systems
• Validation of Excel applications
• Configuration management and change control
• Time and events based review and revalidation
• Reduce costs through risk based validation
• Auditing computer systems: preparing for FDA compliance
• Documentation requirements

Detailed Agenda

 

FDA and International Requirements and Enforcement

• FDA regulations: CFR Parts 211, 58, 820, and Part 11
• FDA computer system validation guidance documents
• Examples of FDA 483's and Warning Letters
• International regulations and guidelines: EU GMPs, Annex 11, PIC/S
• Industry guides: GAMP, PDA, IEEE

Validation lifecycle from planning to retirement (I)

• System development lifecycle: V-model, 4-Q model
• Developing a validation master plan
• Developing a validation project plan
• Developing requirement specifications
• Validation at the vendor and vendor assessment
• Installation and configuration (IQ)
• Testing for operation (OQ), what, how much, how to document
• Ensuring on-going performance

Validation lifecycle from planning to retirement (II)

• Ensuring initial and on-going system performance (PQ)
• Validation of existing systems
• Review and revalidation: event and time based
• The validation summary report
• Responsibilities for validation
• Key procedures and templates

Functional testing (how much is enough)

• What to test
• Link to user requirements (traceability matrix)
• Developing test protocols
• Leveraging tests between systems
• Using and validating automated test tools
• Documenting tests

Auditing Computer Systems

• Developing an SOP for audits of computer systems.
• Assigning responsibilities
• Conducting the audit: : review procedures, walk through the computer system area
• Most critical questions to ask
• Documenting detailed audit findings
• The audit summary report
• Effective follow up
• Presenting evidence of the audit to the FDA
• Learning for FDA inspections

Configuration Management and Change Control

• Defining configuration management vs. change control
• Reviewing a change control procedure
• Change control for hardware, operating systems and application software
• The change control process for planned and unplanned changes
• Versioning of software and computer systems
• What to test after changes
• How to document changes

Network Infrastructure Qualification

• The GAMP/ISPE Good Practices Guide and IVT standard
• Principles of network infrastructure qualification
• Compliance concepts for infrastructure vs.
• Qualification of PC clients, servers, data centers
• How to ensure highest system uptime with on-line monitoring
• Documentation requirements
• Going through a life inspection
• Software tools for infrastructure qualification

Validating and Use of Excel Applications

• Typical compliance problems with spreadsheets
• How to design spreadsheets for compliance.
• How to ensure and validate spreadsheet integrity
• Validation of standard Excel functions?
• Validation of 'ad hoc' spreadsheet applications.
• How to document planning, specifications, installation, testing and changes .

Risk based validation of software and computer systems

• Guidance from regulatory and industry task forces: ISO, ICH, GHTF, NIST, GAMP/ISPE
• Practical approach for risk assessments
• How to develop a risk based software and computer validation program
• Validation tasks for risk categories for each life cycle phase, from planning to routine use
• Validation tasks segmented by system complexity

Putting it all together for different applications

•  Laboratory systems (LIMS, Electronic lab note books, chromatography systems)
• Electronic document management systems
• Clinical data acquisition systems
• Manufacturing systems (MES, EBR, PLC, SCADA, DCS)
• Medical devices

Collaborative Exercises, Discussions and Examples

Practical examples, case studies and collaborative exercises will be dispersed into and between the presentations. At least 50% will be dedicated to practical sessions with life examples. The outcome will be made available for all attendees on a special workshop reference website. Practical sessions include:

• Development of user requirement specifications
• Requirements for vendors
• Documenting computer systems
• Developing a test plan
• Responsibilities for different validation tasks
•  Functions to be tested for computer systems with different complexity
• Going through an audit checklist
• Developing an audit plan for an off-the-shelf system
• Handling security patches
• Define tasks and steps for different change scenarios
• Identify the risk of computer systems and define key validation tasks
• Attendees will be presented several FDA GLP Warning letters. Attendees will suggest responses and preventive and corrective actions.

10+ Reference Documents for Easy Implementation

This material will help  attendees to quickly implement what they have learned in the seminars

• Master plans for Computer System Validation
• Example project plan that can be used as example for any system
• SOPs for validation of excel spreadsheets, validation of commercial systems
• Complete validation examples for an electronic document management system: validation plan, specifications, vendor assessment, IQ, OQ, PQ, and validation report.
• Example test protocols for different software and computer systems.
• 10 Warning letters and/or Inspectional observations related computer validation
• FDA and international regulations and guidelines for computer validation and electronic records&signatures

Who should attend

• Everybody dealing with computer validation and electronic records
• IT/IS Managers and administrators
• QA managers and personnel
• Quality control managers and staff
• Analysts and lab managers
• Validation specialists
• Software developers
• Members of change control boards Metrology group members
• Regulatory affairs
• Human resources (HR) managers and staff
• Training departments
• Documentation department
• Consultants

About the speaker: Dr. Ludwig Huber

• Chairman, presenter and panel discussion member at US-FDA Industry Training sessions and conferences
• Team and/or review member of PDA's task forces "21 CFR Part 11", of US-FDA internal documents, and of the GAMP special interest group on Laboratory Equipment
• Presenter of the Year of the Institute for Validation and Technology
  Director and chief editor of www.labcompliance.com, the global on-line resource for validation and compliance issues.
• Author of the books “Validation and Qualification in Analytical Laboratories, and "Validation of Computerized Analytical and Networked Systems", Interpharm Press
• For more information on Ludwig Huber, click here.

Dr. Ludwig Huber is a frequent presenter at IVT conferences and has been awarded as the 'Presenter of the Year' out of 170 speakers. This photo is from IVT's conference on Network Qualification with Ludwig Huber as plenary speaker.