Purchase any WEBINAR and get
10% Off
CODE: SAVE10
T&C applicable, please referFAQ
Validity : 21st Jun'25 to 01st Jul'25
Best Practices for Auditing a Vendor of Computer Systems Regulated by FDA
This webinar will cover the following key areas:
- FDA Inspection/Audit/Compliance
- Good “Variable” Practice (GxP); (Manufacturing (GMP), Laboratory (GLP), Clinical (GCP))
- FDA-Regulated System; “GxP” System
- Computer System Validation (CSV)
- Validation Planning, Execution and Reporting
- GAMP°5 “V” Model
- GAMP°5, 2nd Edition
- PDA Technical Report 31
- GAMP°5 Software Categories
- System Risk Assessment
- Requirements, Design, Configuration, IQ and UAT
- System Development Life Cycle (SDLC) Methodology
- Waterfall and Agile SDLC Methodologies
- Computer Software Assurance (CSA)
- Critical Thinking
- Automated Testing
- Commercial-Off-the-Shelf (COTS), Cloud, Software-as-a-Service (SaaS) Solutions
- Maintaining a System in a Validated State
- 21 CFR Part 11
- Electronic Records/Electronic Signatures (ER/ES)
- Data Integrity
- Security, Access, Change Control and Audit Trail
- Vendor Audit
- FDA Trends in Compliance and Enforcement
Overview of the webinar
FDA requires that all computer systems used to produce, manage and report on “GxP” (GMP, GLC, GCP) related products be validated and maintained in accordance with specific rules. This webinar will help you understand the FDA’s current thinking on vendor audit in terms of what is required and who is accountable for the work.
Ultimately, you must be able to validate the system in accordance with FDA requirements. If electronic records and/or electronic signatures (ER/ES) are incorporated into the system, FDA’s CFR Part 11 guidance on ER/ES must be followed. You will also need to meet FDA’s data integrity requirements. The approach to validation will vary based on whether it is an on-premise solution or a cloud-based system.
This webinar will focus on the key areas that are most important when evaluating your vendor’s policies, procedures, practices and certifications. We will discuss the different System Development Life Cycle (SDLC) methodologies followed by vendors and how to evaluate their work.
Overall, your audit of the vendor must at least meet the same expectations you would have should the FDA audit your computer systems. All of their work must be defensible and must be provided transparently. GAMP°5, 2nd Edition and PDA Technical Report 31 are valuable resources for determining key areas to focus on and questions to ask.
Understand this is not a one-time effort. You will need to repeat the audit periodically, depending on the system, data and operational area in which it is used. CDER can be consulted to determine what that period is, but most companies audit their vendors at least every two (2) years.
Ultimately, the vendor audit is your chance to be a partner with the vendor and influence the development of their system over time. You are paying substantially for their products and services, and so you should have a voice in the future changes and direction.
Who should attend?
- Information Technology Analysts
- Information Technology Developers and Testers
- QC/QA Managers and Analysts
- Analytical Chemists
- Compliance and Audit Managers
- Laboratory Managers
- Automation Analysts
- Manufacturing Specialists and Managers
- Supply Chain Specialists and Managers
- Regulatory Affairs Specialists
- Regulatory Submissions Specialists
- Clinical Data Analysts
- Clinical Data Managers
- Clinical Trial Sponsors
- Computer System Validation Specialists
- GXP Training Specialists
- Business Stakeholders/Subject Matter Experts
- Business System/Application Testers
- Vendors providing software/ services
Why should you attend?
In a case where you are planning to purchase products and/or services from an IT vendor, you must be assured that they will be able to defend their practices and work much in the same way you would defend your systems during an FDA audit.
Understand the viability of the vendor, assignment of responsibilities, and enough about their operations, policies, procedures and certifications to enable you to engage them for work.
Understand whether you need to focus on validation, 21 CFR Part 11 and data integrity requirements set forth by FDA. Understand the system infrastructure and how it will be provisioned and supported. Learn about their process for preparing a contract and SLA, making sure these are iron-clad and you can hold the vendor accountable.
Speak with other clients and understand the quality and effectiveness of their product and/or service delivery. Note any cases where a client may have been challenged to defend their validated system provisioned and supported by this vendor. You must be able to do so.
Faculty - Ms.Carolyn Troiano
Carolyn Troiano has more than 40+ years of experience in computer system validation in the pharmaceutical, medical device, animal health and other FDA-regulated industries. She is currently managing a large, complex data migration, analytics and reporting program at a major financial institution.
During her career, Carolyn worked directly, or as a consultant, for many top-tier pharmaceutical companies in the US and Europe. She was responsible for computer system validation across all GxP functions at a major pharmaceutical company. Carolyn developed validation programs and strategies back in the mid-1980s, when FDA guidelines were first issued. She was an industry reviewer for 21 CFR Part 11, the FDA's electronic record/electronic signature (ER/ES) regulation. She has taught ER/ES compliance, along with computer system validation and risk management/compliance at a number of Fortune 100 firms. Her experience includes work with FDA-regulated systems used in all areas of research, development, manufacturing, quality testing and distribution.
Carolyn has participated in industry conferences, providing very creative and interactive presentations. She is currently active in the Association of Information Technology Professionals (AITP), and Project Management Institute (PMI) chapters in the Richmond, VA area. Carolyn also volunteers for the PMI's Educational Fund as a project management instructor for non-profit organizations.