1th annu all n ua omput and softw ar e v...

R E G I S T E R A T W W W . C B I N E T . C O M / C S V / 8 0 0 - 8 1 7 - 8 6 0 1

ADVANSTAR PUBLICATIONS

R E G I S T E R B Y F E B R U A R Y 1 4 , 2 0 1 4 A N D S A V E $ 3 0 0 !

R I S K - B A S E D A P P R O A C H E S F O R F D A - R E G U L A T E D

C O M P L E X S Y S T E M S

I N D U S T R Y P E R S P E C T I V E SAlkermes plc / Allergan / BBraun / Bio-Rad Laboratories

Boston Scientific / Cochlear Limited / Covance / Genoptix

McNeil Consumer Healthcare, a Johnson & Johnson Company

Medtronic / Novartis / Pfizer / Philips Healthcare / Stellartech Research

L E A R N F R O M 3 5 E D U C A T I O N A L S E S S I O N S Master Cloud Computing / Validate Mobile Devices

Identify and Mitigate Risk / Overcome Regulatory Challenges

Enhance the QA/IT Relationship / Navigate CSV in a Consent Decree Environment

Manage Quality Agreements between Software Vendors and End Users

Ensure Data Integrity and Mitigate Data Corruption

A P R I L 2 3 - 2 5 / 2 0 14

HYATT LA JOLLASAN DIEGO, CA

1 5 T H A N N U A L

FORUM

N U A L

Computer and Software Validation

R E G U L A T O R Y A D D R E S S

Dr. Kr ishna Ghosh / Compliance Of f icer CDER/FDA (Inv i ted)

R E G I S T E R A T W W W . C B I N E T . C O M / C S V • 8 0 0 - 8 1 7 - 8 6 0 1

DAY O N E W ED N ES DAY, A P R I L 23 , 2 014

12:15 Conference Registration

1:15 Chairman’s Opening Remarks

Joseph Zec, Senior Validation Manager, Philips Healthcare

1:30 Regulatory Challenges of Cloud Implementation and Data IntegrityAs more companies make the move to the cloud, it is crucial to carefully consider the regulatory impact of incorporating this service. Furthermore, significant security concerns need to be addressed regarding data integrity in the cloud. The cloud does not provide the same protection as the traditional and trusted IT infrastructure. Rather, companies become vulnerable to various additional threats and risks, which require mitigation to ensure data integrity.

• Discuss the challenges with cloud implementation

• Ensure data integrity

• Establish best practices for remaining compliant in the cloud

Dr. Krishna Ghosh, Compliance Officer, CDER/ FDA (Invited)

2:15 Navigate the Hierarchy of Computer and Software Validation (CSV) Regulations, Standards and GuidanceThe regulations, standards and guidance for CSV can seem inconsistent and continue to evolve in an uncoordinated fashion. Organizations need to be able to navigate the landscape of constantly changing expectations by regulatory and notified bodies. In this session, attendees gain a better sense of relationships between these governing documents and the bodies that originate and enforce them. Optimization strategies for processes to address this environment are also discussed.

• The regulatory landscape for CSV

* regions with documented CSV governance

* governing bodies originating and enforcing CSV regulations, standards and guidance

* relevant CSV governing documents

* relationships between documents and governing bodies

• Process optimization strategies

Eric Henry, Director, Quality Systems, Medtronic, Inc.

3:00 Networking and Refreshment Break

3:30 The QA/IT Relationship — Go from Antagonism to HarmonyIt is far too common in the life sciences industry for the quality assurance function and the information technology function to be an adversarial one. In this session, explore the reasons for this and hear some practical suggestions for forming a positive partnership between QA and IT. Topics covered include:

• Identify elements that contribute to an adversarial relationship

• Understand the psychological and emotional side of the equation

• Explore the logistical side of the equation

• A recipe for going from antagonism to harmony


Lana Tong, M.S., Senior Quality Engineer, Stellartech Research

4:15 Effectively Communicate with both Internal and External Stakeholders to Ensure Proper Execution of New ProjectsIn this session, hear various communication strategies, techniques and tools to help promote and apply effective communication within your project team. As we all know, getting everyone on the same page with respect to computer system validation projects can be every bit as challenging as herding cats. So, why not find out how some of the techniques listed below may help your projects go smoother, all while realizing the ultimate goal.

• Effective communication tools

• Roles and responsibilities

• Targeted training

Dennis J. Caron, Associate Director, IT CSV, Covance, Inc.

5:00 Make the Jump to the Cloud — When is the Right Time?The cloud is the final frontier. The push to integrate or outsource a company's information technologies to the cloud is relentless, as life science companies seek to reduce cost and increase business agility. How much compliance risk can your company accept when handing over controls to an outsider? How does your company ensure compliance with regulatory requirements? What processes and controls does your company need to manage risks? In this session, examine the following risk management controls for making an effective jump to the cloud.

• Risk identification specifically for cloud providers (SaaS, PaaS, IaaS, ASP and BPO)

• Critical internal controls to protect data integrity, privacy and availability

• Audit and continuous monitoring

• Effective enterprise governance, risk and compliance

Victor Huynh, Director, Risk Management Service & I.S. Compliance, Allergan Inc.

5:45 Close of Day One

J O I N U S F O R A N E T WO R K I N G,W I N E A N D C H EES E R EC E P T I O NI M M ED I AT ELY F O L LOW I N G T H E L AS T S ES S I O N

SESSION 1: 21 CFR PART 11 AND ANNEX 11 — KEY PRINCIPLES AND TAKEAWAYS

I. 21 CFR Part 11 — Annex 11 Overview• An overview of 21 CFR Part 11 and

Annex 11 requirements • Key Aspects of 21 CFR Part 11

electronic recordkeeping requirements• Key Aspects of Annex 11 requirements

II. 21 CFR Part 11 — Annex 11 Comparison• Compare key elements of

21 CFR Part 11 vs. Annex 11

III. Interactive ExerciseTrue / False elements of 21 CFR Part 11 / Annex 11

Chris Wubbolt, MS, Principal Consultant, QACV Consulting, LLC

8 : 3 0 C h o o s e B e t w e e n F o u r 9 0 – M i n u t e S e s s i o n s ( 1 – 4 )

7 : 4 5 C o n t i n e n t a l B r e a k f a s t


EYE OPENER DISCUSSIONBring Your Own Device (BYOD) — Validate Your Mobile Devices for Electronic SubmissionsMany companies are turning to BYOD programs, which allow employees access to corporate resources from anywhere. Although convenient,these programs create complex and critical compliance issues. In this session, discuss policies and procedures, asset management questions,information and data leakage prevention, requirements and testing, and mobile device guidance from regulatory bodies.

DAY T WO T H U R S DAY, A P R I L 24 , 2 014

SESSION 2: INTRODUCTION TO RISK-BASED COMPUTER SYSTEMS VALIDATION (CSV) AND INFRASTRUCTURE MANAGEMENT

I. What is CSV and System Development Lifecycle (SDLC)?• CSV and SDLC terminology• IQ/OQ/PQ• Key elements in performing CSV• Relating CSV to the SDLC

II. Determine a Regulatory Focus for Systems Validation• Regulatory requirements of CSV• Navigate FDA’s 21 CFR 11• FDA’s risk-based approach

III. Develop a Validation Strategy• Essential procedures to have in place• Validation master planning• Essential documentation• Test protocols and scripts• Validation summary reports

IV. Determine Risk• What can I use to determine risk?• Criticality vs. complexity• Leverage the supplier audit

Sharon Strause, Senior Consultant, QACV Consulting, LLC

SESSION 3: STREAMLINE THE CSV PROCESS — DON’T THROW THE BABY OUT WITH THE BATHWATER!

I. Introduction• The problem defined• FDA’s perspective

II. Methods for Streamlining the CSV Process• Optimization• Harmonization• A risk-based approach

III. Caution!• Dangers inherent in streamlining• Avoiding the dangers

IV. Interactive ExerciseOptimize the CSV process


“ P E R F E C T F O R S T A Y I N G A B R E A S T O F A L L T H I N G S C S V . ” - David Blackman, Validation Engineer, Waters

1 0 : 3 0 C h o o s e B e t w e e n F o u r 9 0 – M i n u t e S e s s i o n s ( 5 – 8 )

1 0 : 0 0 N e t w o r k i n g a n d R e f r e s h m e n t B r e a k

SESSION 4: SENIOR LEVEL THINK TANK — STRATEGIES FOR THE ADVANCED COMPUTER AND SOFTWARE VALIDATION PROFESSIONAL

In this closed-door session, senior level validation professionals from pharmaceutical, biotech and medical device companies engage in open discussions with colleagues about strategies for managing their most pressing challenges.

The content for this summit is driven by the participants, who are surveyed ahead of time about the topics they wish to discuss. This session is open to the first ten senior level professionals who pre-register for the interactive discussion group.

In order to pre-register, you must have over five years of experience in validation and currently work for a pharmaceutical, medical device or biotech company.

Victor Huynh, Director, Risk Management Service & I.S. Compliance, Allergan Inc

SESSION 5: NETWORK INFRASTRUCTURE QUALIFICATION — WHERE DO YOU START AND END?

I. Determine the Magnitude• The 5 W’s

* who are the stakeholders?* what are the elements of NIQ and

risk management of an NIQ?* when should it be completed?* where is information found?* why is NIQ necessary?

• Databases & operating systems* qualification vs. validation* key questions to ask when

doing upgrades• Network management• Cloud computing

II. Interactive Exercise:Review various elements of a network infrastructure and discuss the qualification requirements.

Bonus Material• IVT network qualification standard

Sharon Strause, Senior Consultant, QACV Consulting

SESSION 6: DEVELOP AND IMPLEMENT A ROBUST MASTER PLAN FOR CSV

I. Regulatory Overview• What is a Validation Master Plan?

Why is it important?• What are the expectations from

regulatory authorities?

II. Development of the Document• Format and content• Reviews, approvals and change

management

III. Implementation of the Plan• What are the obstacles? How do you

overcome these obstacles?• Gauge effectiveness

Yau Kai Wong, Associate Director, QA Validation, Novartis Pharmaceuticals Corporation

SESSION 7: EFFECTIVELY VALIDATE YOUR SAAS TO ENSURE COMPLIANCE

I. Requirements• User, business, interface,

layers and access

II. Risk Assessment• Custom code and fields• Atypical usage

III. Audit• Auditing for service, compliance

and validation

IV. Testing• What can you rely on the

vendor to test?• What do you need to test yourself?

V. Change Management• Changes, notification and reaction• Environment management

VI. Interactive DiscussionDiscuss current concerns with SaaS vendors and techniques to help compliantly manage them.

Deborah S. Turner, Associate Director Validation, Alkermes plc

SESSION 8: COMPUTERIZED SYSTEM AUDIT — WHAT ARE THE CONSIDERATIONS?

I. What Does an Audit Mean to Life Science Industries?• Audit concept• Methods of audit

II. What are References for Computerized Systems Audit?• Requirements, guidelines and

internal procedures in computerized system audit

III. What are the Agency Audit Considerations for a Computerized System?• Proactive approaches • Deliverables • Responsibilities

IV. What Does the “Survey” Say? • Discuss an audit survey conducted

among life science industries.

Bonus Material• Example of computerized

system audit check list

Mehron Mirian, B.S, Senior QA-CSV, BBraun Medical, Inc.


1 2 : 0 0 N e t w o r k i n g L u n c h e o n

1 : 0 0 C h o o s e B e t w e e n F o u r 9 0 – M i n u t e S e s s i o n s ( 9 – 1 2 )


SESSION 9: ENTERPRISE SOFTWARE VALIDATION

I. Requirements• Global• Site specific

II. Risk Assessment• Custom code and fields• Atypical usage

III. Maintenance and Change Management• Access control• Environment management• Changes• Notification• Periodic review• Regression testing

IV. Interactive DiscussionDiscuss common challenges to enterprise software validation, what can and often does go wrong and how to successfully address these challenges.

Deborah S. Turner, Associate Director Validation, Alkermes plc

SESSION 10: DIVE DEEP INTO QUALITY AGREEMENTS BETWEEN SOFTWARE VENDORS AND END USERS

I. Overview of Service Level Agreements• An overview of SLAs• Key elements of SLAs

II. Governance• Considerations for governance

between software vendors and sponsors

• Change control considerations• Security considerations

III. Interactive ExerciseDiscussion of issues related to SLAs between vendors and sponsors.


SESSION 11: BUILD, ENHANCE AND MAINTAIN AN EFFECTIVE COMPUTER SYSTEM VALIDATION AUDIT PROGRAM IN THE GXP R&D ENVIRONMENT

I. Taxonomy of the CSV QA Function• The Operational Quality (ITQA) vs. the

Auditing Quality (CSV Audit) Functions in the CSV Space

• Balancing and breaking them out — ITQA and CSV

• Identify the value • Legacy functions, resources,

misunderstanding and management

II. Build the CSV Audit Function• Serve as an audit CSV SME• Internal audits and external audits• Risk analysis — Build and sell your

global audit plan

III. Enhancing the CSV Audit Function• Identify where the most

value is generated• Procedure development• Qualification audits • Focus on process and then

verify it with data• R&D vs. cGMP• Risk tools• Audit checklists and tools

IV. Group Discussion — CSV Audit Function • Apply these concepts in your

specific situation

Bonus Material• Graphical audit mind map —

Your audit checklist/tickler on a single page

Timothy J. Kuhn, Global Regulatory Quality – CSV Audit, Allergan

SESSION 12: BIOTECH MANUFACTURING SOFTWARE VALIDATION

I. Software Testing on the Manufacturing Line• Regulatory expectations for medical

manufacturing validation, CFRs 11, 211.68, 820.70

• Types of manufacturing systems• Explore GAMP and other past

validation methodologies• Optimism and

requirements development• Interface with ergonomics,

safety and process controls

II. Develop and Execute Usability Testing• QA role in the process• The Plan — How the validation

engineer can add value• Requirements and hazard analysis to

avoid the risk rabbit-hole• Design review• Protocol (ex. IQ/OQ) and execution• Report GDP issues• Other related documents, work

instructions, calibration and preventive maintenance

III. Interactive ExerciseDiscuss strategies for user testing in both early phases and late phases of product development.

Bonus Material• Example IQ/OQ type format

protocol template

Edith Maverick Folger, Senior Software QE, Boston Scientific

2 : 3 0 N e t w o r k i n g a n d R e f r e s h m e n t B r e a k

3 : 0 0 C h o o s e B e t w e e n F o u r 9 0 – M i n u t e S e s s i o n s ( 1 3 – 1 6 )

SESSION 13: MANAGING CSV IN A CONSENT DECREE ENVIRONMENT

I. Introduction• Plan, develop and implement a

CSV process in a consent decree environment

II. The CSV Process• Planning phase• Development phase• Validation phase• Operational phase• Retirement phase

III. Special Cases• Spreadsheet verification and validation• Shared system validation

IV. Governing Documentation• Standards and SOPs• Templates• Document management

V. CSV Roles and Responsibilities • CSV governance and oversight• System validation

specific responsibilities

VI. Interactive DiscussionOpen question and answer

Jim Gunning, Associate Director, CSV QA, McNeil Consumer Healthcare, a Johnson & Johnson Company


SESSION 14: QUALIFY VIRTUAL ENVIRONMENTS: FROM R&D TO PRODUCTION — MINIMIZE YOUR R ISKS, SAVE BIG

I. Define Virtual Environments, Features and Benefits to Leverage the Benefits of Virtual Platforms and Minimize the Risks• Virtual 101 —

Hardware without the hardware• Built it once, build it right — What do

you need? How do you justify it?• Pick the right team to virtually

ensure success • The Magic of VM’s —

Capture your old platform and move it to a new server without revalidating

II. Better, Faster and Cheaper — Get it All in Your VM World• Determine how much

validation is needed• Discover how to get IT and the

quality teams working together

III. Hidden Risks, Hidden Benefits — Now That You Have Your Virtual Environment, Make the Most of It• Change control — Do’s and don’ts• Shared databases — What are the risks?• Performance enhancements —

Add RAM, storage and processors with no down time

• What are the benefits of VM’s in the cloud? How will it impact your choice of server platforms?

• Wrap up — Questions and Answers

Bonus Material• Sample validation templates• Hand out “How to Plan and Execute a

Successful On-site Virtual Platform”

Richard Tornai, Global IT Manager, Bio-Rad Laboratories

SESSION 15: PERIODIC REVIEW OF VALIDATED SYSTEMS — EXPECTATIONS SURROUNDING THE TIMING AND THE INFORMATION THAT IS REVIEWED

I. Purpose of the CSV Periodic Review• When to perform PR• PR process• Benefits of CS PR• Trigger to perform PR• Use of risk management tools

to assess impact to validated systems

II. What to Review• Computer system validation status

(includes re-qualification / re-validation if any)

• Review about computer system security

• Back up and restoration details• Deviations includes unplanned down

time, troubles / system logs• Changes to computerized systems

(includes changes to company standards, polices & procedures) and up gradations to systems since last review

• Computer system retirement details• Complaints related to the system• Computer system access list

and adjustment • CAPA (includes any regression

testing for a system)• Tracking

III. Report of PR

IV. RemediationYau Kai Wong, Associate Director, QA Validation, Novartis Pharmaceuticals Corporation

4 : 3 0 C l o s e o f D a y T w o


SESSION 16: INTEGRATE AUTOMATION TOOLS TO OPTIMIZE THE COMPUTER SYSTEM VALIDATION (CSV) PROCESS

I. Integrate Automation Tools to Optimize the CSV Process • Utilization of CSV and automation tools

to optimize the CSV process • Validation project management

throughput — avoid costly downtime

II. Industry Standard• Manufacturing execution/electronic

batch records integration • Explore innovative process control • Simplify users and technical team

interactions with systems and controls• Integration with other systems, etc. to

support business goals

III. Interactive ExerciseParticipate in hands-on case studies of actual CSV processes that went terribly wrong and yielded warning letters and consent decrees.

Bonus Material• Relevant warning letters• Relevant industry regulatory trends

Gaurav Walia, M.S., Pharmaceutical Consultant for Consent Decrees

“ S E S S I O N I N C L U D E S S U B J E C T M A T T E R E X P E R T S

F R O M I T , Q U A L I T Y A N D B U S I N E S S : A W E S O M E

S H A R I N G A N D C O L L A B O R A T I O N .”

- Joyce C. Morrow, GVBQO Manager, Automation Compliance COE, Merck

IV T Net work is a valuable resource for val idat ion and compl iance profess ionals. As a member, you’ l l benef i t f rom instant access to IV T’s Journal of Val idation Technology and Journal of GXP Compl iance.

P lus, you can choose f rom over 160 t ra in ing products inc luding v ideos, SOPS, val idat ion master p lans, protocols, regulator y handbooks, webinars, protocols and so much more!

SPECIAL CONFERENCE OFFER Jo in at w w w.iv tnet work.com us ing promo code CH2014 to save 10% of f membership!

BECOME AMEMBER OF

IVTNETWORK!

A G R E A T P L A C E T O M E E T Y O U R M A R K E TTake advantage of the best opportunity to meet potential clients face-to-face.

Build relationships while demonstrating thought leadership and sharing expertise. For more information on how to position your company as a sponsor or exhibitor, contact Robert Boucini at 339.298.2150 or email at [email protected]

C O N F E R E N C E S P O N S O R S

DeliveringExcellence

1 0 : 0 0 N e t w o r k i n g a n d R e f r e s h m e n t B r e a k


8 : 0 0 C o n t i n e n t a l B r e a k f a s tDAY T H R EE FR I DAY, A P R I L 25 , 2 014

8 : 3 0 C h o o s e B e t w e e n F o u r 9 0 – M i n u t e S e s s i o n s ( 1 7 - 2 0 )

SESSION 17: PRACTICAL APPROACH TO MEET FDA REGULATIONS AND MANAGE COMPLIANCE RISKS WHEN OUTSOURCING TO THE CLOUD

I. Implement a Practical Risk Assessment of Cloud Providers• Define risk profiles for IaaS, PaaS, SaaS,

ASP, ITO and BPO• Establish five risk dimensions

for cloud providers • Time-based risk assessment vs.

traditional risk assessment• Communicate risks to business

and IT management• Transfer risks through effective legal

contracts and quality agreements

Interactive Session: Castle Defense Game — Identify, detect and control risks when outsourcing to ACME Web Services

II. Establish an Effective Vendor On-boarding and Monitoring Process• Why is on-boarding better

than auditing?• Simple vendor on-boarding process• Leverage independent certification

and audit reports?• Develop a "FICO" score for

cloud providers?• Find out who really has your data?• Conduct continuous monitoring

Interactive Session: FICO Scoring for ACME Web Services — Determine "FICO" score for a cloud provider

III. Qualification and Validation of Cloud Infrastructure and Applications for Part 11• Qualify IaaS and ITO• Validate PaaS, SaaS, ASP, and BPO• Closed-system vs. open-system• Meet Part 11 controls

Interactive Session: "Who wants to be a millionaire?" —Learn how to describe Part 11 controls in the cloud

Bonus Material• Vendor on-boarding checklist• General risk profiles for IaaS, PaaS,

SaaS, ASP, ITO and BPO

Victor Huynh, Director, Risk Management Service & IS Compliance, Allergan, Inc.

SESSION 18: INCREMENTAL, LAYERED VALIDATION IN A GXP SETTING FOR SEMI -TECHNICAL OR NON-TECHNICAL TEAMS

I. The Role of the Clinical Data Manager/Programmer• eDC/eCRF overview• Operational challenges for the

data management and programming function

• Being Semi-technical — Is the data management/programming an “IT developer role”?

• Environments — Is it a development environment, a production environment, or both?

• Environment naming to ensure the appropriate safeguards are engaged

II. Concept of “Layered” Validation for Clinical Data Management/Programming• Core Concept —

Where to put the detail?• Layer 1 — Database validated state• Layer 2 — Core system validation• Layer 3 — Study specific validation• Layer 4 — Change control• Layer 5 — Periodic assessment

III. Build a Better Way• Move beyond the vendor’s

validation package

• Data management/programming building their own databases

• Develop a methodology for the efficient design, build , and test of clinical databases

• Requirements gathering• Testing and documentation• Manage change

IV. Interactive ExerciseParticipants apply this same methodology to another scenario.

Timothy J. Kuhn, Global Regulatory Quality – CSV Audit, Allergan

SESSION 19: SUPPLIER MANAGEMENT

I. Strategies for Success• Selection of a vendor• Establish the contract• Negotiate the contract

II. Audits• Before — Selection process• During — Make sure the

contract is working• After — Build the relationship

III. Final Phase• Deliverables — Who does what?• Quality assurance versus

quality control

Sharon Strause, Senior Consultant, QACV Consulting


In this session, validation professionals from pharmaceutical, biotech and medical device companies engage in open discussions with

colleagues about strategies for managing their most pressing challenges related to risk management.


SESSION 20: THINK TANK — CRITICAL ELEMENTS OF A R ISK ANALYSIS

1 0 : 3 0 C h o o s e B e t w e e n T h r e e 9 0 – M i n u t e S e s s i o n s ( 2 1 - 2 3 )

SESSION 21: 21 AGILE VS. WATERFALL — ADVANTAGES AND DISADVANTAGES OF THE TWO DEVELOPMENT METHODOLOGIES

I. Waterfall Methodology• Basic elements• Pros/cons

II. Agile Methodology• Basic elements• Pros/cons

III. Waterfall vs. Agile Comparison• Comparison of waterfall and agile

SDLC methodologies


SESSION 22: MANUFACTURING EXECUTION SYSTEM (MES) AND REVIEW BY EXCEPTION (RBE) — THE PATH TO RELEASE THE PRODUCT R IGHT THE FIRST TIME

I. What is a Manufacturing Execution System?• MES concept• Methods of implementation• Establish standardized processes• Speed up distribution of information

II. What does Computerized Review mean?• Focus of RBE• Critical operating data• Critical and non-critical exceptions• Regulatory guideline• System reassessment

Daniel O. Trivino, B.S, MES Administrator, BBraun Medical, Inc.

Mehron Mirian, B.S, Senior QA-CSV, BBraun Medical, Inc.

SESSION 23: UNDERSTAND DATA INTEGRITY CONTROL AND THE ROLE OF THE BUSINESS AND IT TO MITIGATE THE R ISK OF DATA CORRUPTION

I. Data Integrity Controls• Regulatory and business drivers for a

robust data integrity control program• Common business and IT controls

II. Control Design• Integrate risk and cost into the design

of data integrity controls

III. Data Integrity Implications to Third Party and Cloud Hosting Strategies

IV. Prevent and Mitigate Data Corruption• Common sources of data corruption• Business continuity planning to

mitigate impact of data corruption

• Data migration verification approaches to mitigate data loss and ensure data integrity

Justin J. Fisher, Senior Manager, Business Technology Risk Management and Compliance, Pfizer

1 2 : 0 0 N e t w o r k i n g L u n c h e o n

“ G R E A T F O R U M F O R S H A R I N G B E S T P R A C T I C E S . ” - Donato Silvestri, Associate Director, Bayer

IVT reserves the right to qualify participants for the workshop.


1 : 0 0 C h o o s e B e t w e e n T h r e e 9 0 – M i n u t e S e s s i o n s ( 2 4 - 2 6 )

SESSION 24: VALIDATE THE CHANGE CONTROL PROCESS — SYSTEMS AND PERSONNEL

I. What is a Change Control Process?• Why do we need it?• Does it need to be validated?• Where does the change control

system fit?

II. Challenges of Introducing a Process• Define the process• Manage business expectations

• Validate the system• Educate the business• Train personnel

III. Define Change Control Across Multiple Platforms• COTS vs. Bespoke systems• Infrastructure, internal and external• Vendor hosted/cloud based systems

IV. Interactive Exercise: Manage Compliance Globally Discuss the challenges faced providing ongoing education, training personnel and managing regional changes in a global environment.

Sheri Hampson, MBA, Change Control and Validation Manager, IT, Cochlear Limited

SESSION 25: BEST PRACTICES FOR VALIDATING YOUR e - LEARNING SYSTEM AND ALIGNING TRAINING WITH THE INVESTIGATION PROCESS

I. Best Practices for Validating Your e-Learning System• Identify e-Learning needs for your

organization• Select the programs and initiatives

that are appropriate for delivery by e-Learning

• Align e-Learning initiatives with current business issues

• Gather data and business analytical tools to decide what key computerized systems tie into the e-Learning systems

• Use business metrics to help evaluate and validate e-Learning priorities

• Involve the many stakeholders and internal constituencies

• Assess the effectiveness of a fully automated e-learning system vs. a hybrid approach Assess and determine overall system effectiveness and criteria for success such

II. Align Training with the Investigation Process• Performance Alignment and Linkage

Process (PAL) -- How to identify, measure and sustain alignment throughout your training and performance process

• Verify that skills gained from training are implemented in day-to-day performance

III. Interactive ExerciseParticipate in hands-on case studies of actual CSV processes that went terribly wrong and yielded warning letters and consent decrees.



SESSION 26: USABIL ITY/HUMAN FACTORS — TEST FOR SUCCESS

II. Why Usability Testing as well as Functional Testing?• Usability continues to be a blind

spot in medical device design• Required by IEC 60601-1-6

(3rd edition) and IEC 62366• Good usability characteristics make

happier, more productive customers• Intuitive user interfaces reduce risk

II. Develop and Execute Usability Testing• Usability deliverables and the other

project documents involved• Development stage — usability

testing vs. usability validation with DV• The protocol — A survey• The usability file, like the Hazard

Analysis File, but not the same• Confidentiality and ethics• Usability report —

qualitative and quantitative

III. Interactive ExerciseParticipants practice creating strategies for user testing in both early phases and late phases of product development.

Bonus Material• Example of a usability plan

protocol and survey• Relevant articles

Edith Maverick Folger, Senior Software QE, Boston Scientific

“ A S A C O M P L E T E N E W B I E T O V A L I D A T I O N , M Y H E A D I S N O W

F I L L E D W I T H I D E A S I C A N ’ T W A I T T O T R Y T O I M P L E M E N T . ”

Vladlen Rotshteyn, Regulatory Systems Specialist, Regeneron


4 : 3 0 C l o s e o f C o n f e r e n c e

2 : 3 0 N e t w o r k i n g a n d R e f r e s h m e n t B r e a k

3 : 0 0 C h o o s e B e t w e e n T h r e e 9 0 – M i n u t e S e s s i o n s ( 2 7 - 2 9 )

SESSION 27: LESSONS LEARNED — OVERCOME COMMON CSV CHALLENGES

I. Common Obstacles and Challenges• Universal pain• One person’s perception

is another’s reality • Where is the alignment regulation?

II. Get to Root Cause• Why is it so complex and

unpredictable?• People, process and partnership out of

sync

III. Build Right Strategy and Plan for Success• CSV methodology/tools• Roles and responsibilities• Team dynamics and momentum• Metrics and measure• Process improvement and continuous

learning

Wen Wang, Senior Validation Engineer, GXP Quality and Compliance, Genoptix

SESSION 28: INTEGRATE A GLOBAL PERSPECTIVE INTO A HARMONIZED R ISK-BASED CSV PROGRAM

I. Enterprise Evaluation of CSV Processes· Evaluate the maturity of

your CSV models· Evaluate global regulations and

expectations of a CSV process· Stakeholder and global diversity

management

II. Align CSV Harmonization to Process Governance· Integrate traditional waterfall

and agile approaches· Ensure your CSV model has what

your other processes need* impact analysis

III. Risk-based Approach to CSV· Integrate risk-based decision making

into the CSVL· Risk-based computer system

development lifecycle model* planning* requirements and design* verification/testing

Justin J. Fisher, Senior Manager, Business Technology Risk Management and Compliance, Pfizer

SESSION 29: STRATEGIES FOR SYSTEM REPLACEMENT AND RETIREMENT

I. Computer System Validation (CSV) and System Life Cycle (SLC)• Design and deploy in compliance

with specific performance and quality standards

• Ensure a high degree of assurance of the trustworthiness of the electronic records and computer system functionality

• Build quality into a computer system during its conceptualization, development and operational life

II. Strategies for System Replacement — Evaluation of Current Systems• Assess repair and preventative

maintenance• Recent inspection findings• Upgrade considerations

• Software Licensing Agreements (SLAs) for minor/major upgrades and firmware upgrades

• Preservation of archive records, duration of retention and archiving options

• Electronic records/record life cycle

III. Strategies for System Replacement• A formal IQ and regression testing • Emergencies that require an

immediate or emergency change • Test procedural control

employed regularly and inform relevant personnel

IV. Strategies for System Retirement• Retirement phase• System retirement • Decommissioning plan

V. Interactive ExerciseParticipate in hands-on case studies of actual CSV processes that went terribly wrong and yielded warning letters and consent decrees.



1 5 T H A N N U A L

FORUMComputer and Software Validation Risk-Based Approaches for FDA-regulated Complex Systems

COMPUTER AND SOFTWARE VALIDATION PI14045

VENUE: Hyatt Regency La Jolla3777 La Jolla Village DrSan Diego, CA 92122Phone Reservations: 1-888-421-1442Hotel Direct Line: 858-552-1234

ACCOMMODATIONS: To receive CBI’s special discounted hotel rate online or by phone, please go to:

• Online: www.cbinet.com/csv• Phone reservations: 888-421-1442 and mention IVT’s Computer and Software Validation.

BOOK NOW! The Hyatt Regency La Jolla is accepting reservations on a space and rate availability basis. Rooms are limited so please book early. All travel arrangements subject to availability.

REGISTRATION FEE: ADVANTAGE PRICING STANDARD Conference $2,299 $2,599

Register by February 14, 2014 and SAVE $300. Fee includes continental breakfast,

lunch, wine and cheese reception, refreshments and conference documentation. Please make

checks (in U.S. funds drawn on a U.S. bank) payable to: CBI. (No personal checks accepted.)

PLEASE NOTE: All advertised discounts are taken from the final, Standard Rate.

TEAM DISCOUNT:

Attend this conference FREE if you bring 3 registered colleagues from your organization or external to

your organization (enables cross-company teams). All team registrations must be made at the same time

to qualify. Please contact 800-817-8601 for further information.

SATISFACTION GUARANTEED: CBI stands behind the quality of its conferences. If you are not satisfied with the quality of the

conference, a credit will be awarded towards a comparable CBI conference of your choice. Please contact

800-817-8601 for further information. Advanced preparation for CBI conferences is not required.

SUBSTITUTION AND CANCELLATION: Your registration may be transferred to a member of your organization up to 24 hours in advance of the conference. Cancellations received in writing on or before 14 days prior to the start date of the event will be refunded, less a $295 administrative charge. No refunds will be made after this date; however, the registration fee less the $295 administrative charge can be credited to another CBI conference if you register within 30 days from the date of this conference to an alternative CBI conference scheduled within the next six months. In case of conference cancellation, CBI’s liability is limited to refund of the conference registration fee only. CBI reserves the right to alter this program without prior notice. Please Note: Speakers and agenda are subject to change. In the event of a speaker cancellation, every effort to find a suitable replacement will be made without notice. The opinions of the conference faculty do not necessarily reflect those of the companies they represent or CBI.

SCAN HERE

4 WAYS TO REGISTER NOW!

PHONE800-817-8601 339-298-2100 outside the U.S.

[email protected]

WEBSITEwww.cbinet.com/csv

LIVE CHAT www.cbinet.com/csv

Advanstar 600 Unicorn Park Drive Woburn, MA 01801

R E G I S T E R A T W W W . C B I N E T . C O M / C S V / 8 0 0 - 8 1 7 - 8 6 0 1

CHOOSE BREAKOUT SESSIONS BELOW

THURSDAY, APRIL 24, 20148:30 – 10:00 1 2 3 4

10:30 – 12:00 5 6 7 8

1:00 – 2:30 9 10 11 12

3:00 – 4:30 13 14 15 16

FRIDAY, APRIL 25, 20148:30 – 10:00 17 18 19 20

10:30 – 12:00 21 22 23 1:00 - 2:30 24 25 26 3:00 - 4:30 27 28 29

R E G I S T E R B Y F E B R U A R Y 1 4 , 2 0 1 4 A N D S A V E $ 3 0 0 !

APRIL 23-25, 2014 HYATT LA JOLLA SAN DIEGO, CA

1th annu all n ua omput and softw ar e v...

Documents