BB-1 Virtual Auditing in the Cloud
Abstract:
Virtual Audits are Here! Now, with advancements in technology, auditors can assess an organization virtually, without having to spend time traveling or incurring travel-related expenses. However, there are several questions that arise:
1. Are virtual audits safe and effective?
2. When are virtual audits viable?
3. What technology(ies) are available?
4. What is lost or gained with a virtual audit?
5. Do virtual audits comply with regulatory requirements?
6. Will virtual audits replace traditional audits?
7. How long should a virtual audit last?
8. How can companies offer, support, and control virtual audits?
These are just some of the questions that are raised when the topic of "virtual audits" is raised. This presentation will not only raise these questions to inspire attendees to seriously consider the topic, but answers will be given. Bold statements may be made to encourgage conversation such as, "is it appropriate for auditors to use body language as an effective tool for assessing auditees?", something that is lost in a virtual audit.
Regardless if it is embraced or not, virtual audits are real and a rapidly becoming a common practice. It is important to be well versed in the topic and capable of stating your position, for or against, whatever that may be, with the ability to properly influence decision makers. This presentation is designed to provide attendees with this ability, regardless of position.
Category:
IT Compliance
Level of Content:
Intermediate
BB-2 Cloud and SaaS in GxP – Getting It Right from the Start
Title:
Cloud and SaaS in GxP – Getting It Right from the Start
Abstract:
Cloud computing models and SaaS (software as a service) applications are increasingly being adopted by regulated companies, such as those producing pharmaceuticals, biological products, and medical devices, as well as organizations conducting clinical trials and GLP studies. However, this is still new territory when it comes to compliance, inspections, and software validation.
For organizations considering the move to a new computing model, the following areas are crucial to address before making the transition:
Cloud computing model selection: Implementation of Cloud computing models can provide many benefits, but also introduce some new, significant risks. Regulations such as 21 CFR 11 and Annex 11 can impact the model you choose and the subsequent actions needed to retain compliance.
Vendor Selection: Transitioning to a Cloud computing model will result in shifting responsibilities from internal IT and Quality Assurance professionals to the vendor’s staff. It’s important to ask the right questions during risk-based audits or in supplier qualification questionnaires to ensure regulatory compliance, system reliability, and business stability.
Vendor Agreements: And finally, a formal agreement, e.g., Service Level Agreement (SLA), is needed. Contracts containing the right terms, KPIs, and responsibilities can be powerful tools for mitigating the quality, regulatory, and operational risks introduced by out-sourced computing models.
Category:
IT Compliance
Level of Content:
Intermediate
BB-3 21 CFR part 11 - 20 Years Later
Abstract:
In August of 1997 the FDA released 21 CFR part 11 to the industry. The regulation was met with confusion as to exactly what it meant, who was responsible for the compliance (vendors or end users), and how to make every computer system compliant. The FDA then released guidance documents, the industry grasped on to legacy systems, and software developers started incorporating part 11 compliance functionality. And then came the Scope and Guidance in 2003 and there was light at the end of the tunnel. Fast forward to today; where we have come since the beginning? How has technology changed? Do we know what it all means, or are there still questions to ask? And now with cloud systems, virtual employees, and everything going digital, do we know who is responsible for all those records? Are we any closer to compliance than we were in 1997?
Key Take-Aways:
• Understand where part 11 has taken the industry
• Learn how technology has adapted to the regulations
• Discover different approaches for how companies have complied with the regulation
• See how you can leverage experience and industry knowledge to be compliant
Category:
IT Compliance
Level of Content:
Intermediate
Moderators
Sr. Mgr, QA IT, Global Quality Systems, Seqirus, Inc.
Ms. Patricia Miller is a Senior Manager of QA IT in the Global Quality Systems Group at Seqirus, Inc. in Holly Springs, NC, where she oversees the compliance and data integrity of regulated computerized systems across the entire company, including the R&D and manufacturing systems...
Read More →
Speakers
Praxis Life Sciences
Deb Bartel is a Partner at Praxis Life Sciences where she is responsible for the company’s Computer System Validation (CSV) and Software Quality Assurance (SQA) practice. Since becoming a part of Praxis in 2007, she has provided guidance to clients in the pharmaceutical, biotech...
Read More →
Sr. Manager, Prof. Svcs., ValGenesis, Inc.
Just mention auditing, validation, CSV, technology, Artificial Intelligence / Machine Learning, cybersecurity, scuba diving, or animals (especially dogs & elephants) and we'll have a great conversation.
CSols, Inc.
John Zenk is the Validation Services Manager at CSols, Inc., the Premier Laboratory Informatics Consultancy, where he leads a team of consultants specializing in the validation of laboratory informatics systems. He has been involved with computer software validation in GLP...
Read More →