View
441
Download
8
Embed Size (px)
DESCRIPTION
Executive Summary Regulated pharmaceutical, biotech and medical device companies are challenged to develop manufacturing capabilities quickly and cost-effectively while at the same time safeguarding product quality and patient safety. Validation has been an essential part of regulated industries for over 20 years, yet as the field has evolved, little has changed in the business, or manual, approach to validation.
Citation preview
Computer System Validation
Strategies for Achieving and
Maintaining Part 11 Compliance
in Today's Current Practices
Gary D. Kimmel
Senior Director
Quality Assurance and
Compliance Service
Today’s Presenter
Introductions
• Introduction of Team Members
• Pilgrim Software
• Nancy Defilippis
• Jim Dalton
• Jeff Fenske
• Business Intelligence Solutions
• Gary Kimmel
• Jon Nugent
What we’re covering today:
Perspective from the FDA: Computer Validation
Overview of Computer Systems Validation
What System to Validate
Validation Requirements
Computerized System Validation Documentation
A Practical Approach to Implementing CAPA
Perspective from FDA
Computer Validation -
A documented process that
demonstrates a system was
developed, implemented,
operated, and maintained
in a controlled manner and
results in assurance that
the system consistently
meets specifications and is
suitable for intended use.
Overview of
Computer Systems Validation
• Computer System - Includes hardware, software,
peripheral devices, personnel, and documentation; e.g.,
manuals and Standard Operating Procedures.
The scope of validation includes implementation of
hardware, software, policies, procedures, and training of
personnel on automated information systems (AIS) that
house FDA-regulated data.
Validation Requirements
• Guidelines leave Validation open to interpretation
• Developing and following internal standards
• Auditable to standards
• Personal accountability
• Time and resource constraints needed for
execution
• Volume of documentation
What Systems to Validate
The validation of computer
systems performing
regulated operations provides
confirmation by examination
and provision of objective
evidence.
Computer system
specifications conform to
user needs and intended
uses, and that all
requirements can be
consistently fulfilled.
Installation Qualification (IQ)
• The IQ includes the verification of the
installation requirements, verification of the
equipment specifications, and verification of
the actual installation.
• The IQ protocol should verify that the system
meets the System Design Specification
expectations.
Operational Qualification (OQ)
• The OQ is tied to the Functional
Requirements Specification (FRS). All
functions identified in the FRS must
be tested. Testing includes Unit
Testing and Integration Testing.
Performance Qualification (PQ)
• The PQ is based on the User
Requirements Specification (URS).
Since these tests provide evidence for
user acceptance, trained key users of
the system must be involved in PQ
testing and in review and approval.
Computer System Validation
Documentation
• Computer System Validation SOPs
– Document Management
• SOPs and Forms / Reports
Management
– Security (Logical and Physical)
– Employee Training
– Backup and Restore
– System testing (Validation and
Verification)
– Change Control and Configuration
Management
– Problem Resolution
– Periodic Review and Monitoring
– Disaster Recovery
A Practical Approach to
Validation Document Management
In the current paper-based
validation process, tracking
validation status of any
system, equipment or
instrument is time
consuming and very often
submerged in a sea of
paper.
Overall, validation managers
and supervisors spend an
inordinate amount of time
searching out both
validation status and
documents during the
process.
Standard Operating Procedures (SOPs)
Audits
• Purpose is to identify processes,
procedures, and objective evidence of a
quality system and inspect for
compliance.
• The audit typically verifies the adequacy
of controls generally focusing on
documented processes, procedures,
and existing documentation for all
system life cycle activities.
• Should be completed for a vendor that
will provide a product or hosting
services
Remediation Activities
• Remediation activities
are those tasks that
are required to be
completed to amend
previous Validation
activities (commonly
as a result of an audit)
Who: Who is involved with the
CAPA Process.
What: What events trigger the
CAPA process.
When: When do you conduct the
CAPA.
Why: Why is the CAPA
performed.
Where: Where do you start the
CAPA process.
.
Corrective and Preventive Action
• In most organizations, the Quality
Assurance and Compliance
Department (QA) will lead the CAPA
process along with all applicable
departments (Operations,
Manufacturing and/or Packaging
Maintenance, QC, etc.) involved in the
problem(s) and/or how to rectify the
problem.
• QA has the final responsibility and
authority to sign off the CAPA Report.
CAPA
CAPA System Triggers:
There
numerous
examples of
what events
can trigger a
CAPA
• Consumer Complaint(s)
are received for the
same problem(s):
Product, Materials,
Labeling, Contamination
• Plant or FDA Product
Recall initiation
• Internal QA Audits find
major system
discrepancies
CAPA System Measurement
• To get to the
root cause of
the problem,
fix it, and
assure that it
never happens
again!
CAPA System Analysis
The CAPA is
completed when
all systems,
process,
specifications,
validation,
training, etc. have
been signed off by
Quality Assurance.
CAPA System Improvement
Successful Computerized Validation
• How will you know if you have
had a successful CAPA and
Validation effort?
– A successful implementation
with no “bugs” introduced to
your Production environment
– A well documented path
from the initial validation to
the change control process
– A successful audit with no
major compliant or findings
References
• Home page - http://www.pilgrimsoftware.com
• http://www.busintellsol.com
• FDA Glossary of Terms
http://www.fda.gov/ora/inspect_ref/igs/gloss.html
• Guidance for Industry Part 11, Electronic Records; Electronic
Signatures – Scope and Application
http://www.fda.gov/cder/guidance/5667fnl.htm
• 21 CFR Part 11 Electronic Records, Electronic Signatures
http://www.accessdata.fda.gov/scripts/cdrh/cfdocs/cfCFR/CF
RSearch.cfm?CFRPart=11
13 0
Business Intelligence Solutions | 1.800.782.0580 | www.busintellsol.com