We will explore the best practices and strategic approach for evaluating computer systems used in conducting FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process, and product quality, and consumer/patient safety. We will walk through the System Development Life Cycle (SDLC) approach to validation, based on risk assessment, and will also discuss 21 CFR Part 11 and the importance of managing electronic records and signatures appropriately.We will review various approaches to validation, including the traditional Computer System Validation (CSV) approach. We will also discuss Computer Software Assurance (CSA), FDA’s draft guidance for validation. Where CSV is document-driven, CSA is guided by critical thinking, with documentation being the final proof that the work was done correctly. We will discuss waterfall and agile methodologies for development, testing, configuration, and validation. We will cover automated testing and how it can be incorporated into validation testing. We will also cover technology, including on-premise systems, Computer-Off-the-Shelf (COTS) software, cloud services, and Software-as-a-Service (SaaS) solutions. The best approaches for validating systems in these environments will be discussed.We will also walk through the entire set of essential policies and procedures, as well as other supporting documentation for operational activities that must be developed and followed to ensure compliance. We will provide an overview of practices to prepare for an FDA inspection, and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services.Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment that can be leveraged to assist in all your GxP work.Areas CoveredLearn how to identify “GxP” SystemsDiscuss the Computer System Validation (CSV) approach based on FDA requirementsLearn about the System Development Life Cycle (SDLC) approach to validationUnderstand how to comply with key FDA and international CSV regulations and guidance, such as 21 CFR Part 11 and Annex 11 The purpose and content of each validation deliverable, including the Validation Plan, Requirements Specification, Test Plan, Validation Tests (IQ, OQ, PQ), Requirements Traceability Matrix, Test Summary, and Validation Report, etc.Comprehend the risk-based validation techniques and how to leverage these techniques to create efficient yet compliant validation approaches Learn appropriate validation strategies for many types of applications, including Cloud/SaaS, COTS, spreadsheets, and custom-developed systems Become aware of best practices and inspector expectations for computer system validation and software quality assurance (SQA) programsDiscuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing, and operational maintenance proceduresUnderstand how to maintain a system in a validated state through the system’s entire life cycleLearn how to assure the integrity of data that supports GxP workDiscuss the importance of “GxP” documentation that complies with FDA requirementsLearn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated stateUnderstand the key components of 21 CFR Part 11 compliance for electronic records and signaturesKnow the regulatory influences that lead to the FDA’s current thinking at any given timeLearn how to conduct a risk assessment on computer systems that will provide the basis for developing a validation rationaleUnderstand the need to include an assessment of a computer system’s size, complexity, business criticality, GAMP 5 category, and risk, should it fail, to develop a cohesive and comprehensive validation rationaleLearn how to best prepare for an FDA inspection or audit of a GxP computer systemUnderstand the importance of performing a thorough vendor audit to ensure oversight of the products and services they deliverFinally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycleQ&AWho Should AttendInformation Technology AnalystsInformation Technology Developers and TestersQC/QA Managers and AnalystsAnalytical ChemistsCompliance and Audit ManagersLaboratory ManagersAutomation AnalystsManufacturing Specialists and ManagersSupply Chain Specialists and ManagersRegulatory Affairs SpecialistsRegulatory Submissions SpecialistsRisk Management Professionals, Clinical Data AnalystsClinical Data ManagersClinical Trial SponsorsComputer System Validation SpecialistsGMP Training SpecialistsBusiness Stakeholders/Subject Matter ExpertsBusiness System/Application TestersVendors and consultants working in the life sciences industry who are involved in computer system development, implementation, testing, validation, maintenance, and complianceWhy Should You Attend We have used our real-world experience to design a computer system validation course that not only meets FDA, ICH, and Eudralex expectations for risk-based validation but also prepares you to implement these practices in your company. The standard operating procedures and validation templates used in class have already been proven at other companies. We are focused on your comprehension and application of the CSV techniques that will result in efficient, effective, and inspection-ready validation initiatives.Topic Background Computer system validation has been regulated by the FDA for more than 40 years, as it relates to systems used in the manufacturing, testing, and distribution of a product in the pharmaceutical, biotechnology, medical device, or other FDA-regulated industries. The FDA requirements ensure thorough planning, implementation, integration, testing, and management of computer systems used to collect, analyze, and/or report data.Electronic records and electronic signatures (ER/ES) came into play through guidelines established by the FDA in 1997 and disseminated through 21 CFR Part 11. This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.In the early 2000s, the FDA recognized that it could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk. The level of potential risk, should the system fail to operate properly, needs to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process. System size, complexity, business criticality, GAMP®5 category, and risk rating are the five key components for determining the scope and robustness of testing required to ensure data integrity and product safety.FDA’s recent focus on data integrity during computer system validation inspections and audits has brought this issue to the forefront of importance for compliance of systems used in regulated industries. These include all systems that “touch” the product, meaning they are used to create, collect, analyze, manage, transfer, and report data regulated by the FDA. All structured data, including databases, and unstructured data, including documents, spreadsheets, presentations, image files, audio and video files, amongst others, must be managed and maintained with integrity throughout their entire life cycle.