Upload
vantram
View
213
Download
1
Embed Size (px)
Citation preview
1 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Conduct an Audit for your CSV program – Develop a
Validation Maturity Model (VMM) for your organization
and strengthen your compliance
Murali Krishnan Sundararajan
March 31, 2015
2 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Company
Varian Medical Systems was founded in 1948 and is headquartered in Palo Alto, CA.
• Stanford University's professor William Hansen teams with brothers Sigurd and
Russell Varian to develop the klystron tube, used in the early radars
• World's leading manufacturer of medical devices and software for treating cancer
and other medical conditions with radiotherapy, radiosurgery, proton therapy, and
brachytherapy. Varian supplies informatics software for managing comprehensive
cancer clinics, radiotherapy centers, and medical oncology practices. Varian is a
premier supplier of tubes and digital detectors for X-ray imaging in medical,
scientific, and industrial applications and also supplies X-ray imaging products for
cargo screening and industrial inspection.
Approximately 7000 employees, performing business in 40+ Countries
3 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Agenda
Computer System Validation – An overview
Audit Planning and execution
Perform an audit planning and execution mock (Interactive)
Validation Maturity Model
Maturity assessment of your organization (Interactive)
Questions / Open discussions
Key Topics
4 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Agenda
Computer System Validation – An overview
Background
Need and Test for Validation
Validation and SDLC
Validation approach
21 CFR Part 11
Key Topics
5 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Lets start
6 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Background
Laws:
FDA 21 CFR Part 11
EU Directives / Regulations
Regulatory Guidance:
Regulatory Authorities
MHRA Orange Guide
FDA 21 CFR Part 11: Scope & Application
PIC/S, ICH
Accepted Standards
GAMP5 (Good Automated Manufacturing Practice v5)
Organizational Policies
Organizational Procedures
Organizational Work Instructions / Templates
7 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
What is Validation
7
• Documented procedures – SOPs / Validation Plan
• What the system should do – Specifications (approved)
• System does what it should – Records of Testing (approved)
• System is under control – operational SOPs / records of:
Backups, Changes, Training, Access Control, etc.
• Fit for purpose – i.e. doing the job it should • Compliant with all relevant regulatory requirements • Operating in a known and predictable fashion • Operated and maintained in a controlled environment
Documented evidence that the system operates as intended, in accordance with its predetermined specification
Validation requires that the system is …
8 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Need for Validation
As a general rule computer systems used for or performing regulated operations should be validated. These could include:
•System used to control the quality of regulated products during various life cycle stages of the product (development, testing, manufacture).
•Systems that create, modify, store, transmit regulated data such as product safety data, clinical trial data, product efficacy data and that maintain decision making data
•Systems used to maintain data to be made available for agency inspection or submission Delivered Defects
Co
st
• Do
cum
enta
tion
• Ve
rifica
tion
• Re
vie
w
Low High
Low
H
igh
Low
H
igh High Low
Hig
h
Low
Regulatory Requirements
Delivered Defects
Co
st
• Do
cum
enta
tion
• Ve
rifica
tion
• Re
vie
w
Low High
Low
H
igh
Low
H
igh High Low
Hig
h
Low
Regulatory Requirements
9 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Benefits and Consequence
Benefits of Validation
• Higher degree of confidence in computerized systems and business processes supported by these systems
• Clear definition of responsibilities
• Support design, operation and retirement of computerized systems
• Better understanding of the processes and systems
• Identification of deficiencies
• Structured documentation
• Better understanding of what the application / infrastructure can and cannot do
Consequence of neglecting Validation
• Inspectional observations
• Computer System not validated
• Delay of business processes, delay in product approval, plant shut-down and delayed start-up
• Product recall, seizure or prevention of release
• Criminal Injunctions and civil penalties
• Loss of confidence
10 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Challenges in Validation
Compliance with organizational validation policies and practices and regulatory best practices
Establish and maintain the compliance status of the system and of GxP processes
Maintain the validated state of systems and interfaces
Minimize internal and external audit risk
Conduct validation concurrently with development within the time and resource constraints of the overall upgrade project
Design validation in a way that takes advantage of the knowledge of underlying transactions that support regulated business sub-processes
Add value in terms of the quality of the system
Create useful and re-usable quality documentation
11 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Test for Validation
If you move out in a fancy red car this evening, would your organization be able to continue developing / maintaining / using the system without you / expert like you in that space ?
Can you take any requirement and trace through the system documentation how it is implemented and tested?
If the system were completely destroyed, could you rebuild it from its documentation, to perform exactly as it performs today?
Can you find a document that you need to demonstrate regulatory compliance in less than 10 minutes?
12 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation and SDLC
ASAP Project Progress
Va
lid
ati
on
Pro
jec
t P
rog
res
s
Project
Preparation
Business
Blueprint
Realization Final
Preparation
GoLive/Support
System Design
Specification
IQ Development
Functional Requirements
Specification
OQ Production
Validation
Master Plan
IQ QA/Validation
OQ
QA/Validation
Generate SOPs
IQ Production
Validation
Determination
Validation Summary
Report Verify
Production
Cutover
PQ
Production
Vendor
Assessment
Traceability Matrix
Risk Assessment for Validation
Incident Management
Validation Project Plan
13 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation approach
User Requirements Specifications
User Acceptance Testing (PQ)
Performs as specified
Functional Design
Specifications System / Integration
Testing (OQ)
Operates as designed
Technical Design
Specifications
Requirements Traceability Matrix
Requirements
Design
Installed as specified Installation
Qualification (IQ)
Product Installation
Tests
14 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation Deliverables
Functional Specification
ERES Report
Validation Report
Validation Plan
Functional Risk Assessment
PQ Testing
Test Scripts
Initial Risk Assessment
IQ Testing
Technical Specification
Managed
Services
OQ Testing
Requirement Traceability
Matrix
User Requirement Specification
Plan
Specify Verify
Report
15 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
CSV Supporting Processes
16 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
21 CFR Part 11
Part 11
Compliance
Technology
•System Validation
•Regulated/ Non
regulated data
•Defined workflow
•Role based
access control
•User Id/
Password
authentication
•Records Security
•Data accuracy & integrity
•System integrity
•Audit trail
•Signature requirements
•Signature security
•Transaction authenticity
17 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Agenda
Need for CSV Audit
Prioritization and Audit Planning
Scheduling
Execution and Reporting
Remediation
Interactive Exercise
Key Topics
18 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Need for a CSV Audit
It is always a good idea to perform an audit by ourselves rather than waiting for Regulatory agencies to find a non compliance
It provides us with a good amount of time and resources to correct if there are any issues prevailing in the system
Provides a clear understanding of where the organization stands in terms of compliance maturity and helps to grow further
Avoid any commonly occurring errors in the project implementations and changes
19 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Prioritization
Schedule Big rocks Assess the Impact
20 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Audit Planning
Focused on
specific application. For
ex, audit on DMS
Time period : 2-3 days
Focused on
applications from specific business function. For ex,
audit on applications in
Quality function
Time period : 2-3 weeks
Spanning across the organization
for all the applications.
Based on
prioritization needs
Time period : 2-3 months
Audit for the entire
organization
including people,
process and
technology
Based on
prioritization needs
Implementation
plan for Audit
remediation
Time period : 4-5 months
Audit for the entire
organization
including people,
process and
technology
Applications
spanning across
all categories
Implementation
plan for Audit
remediation
Time period :
Year long engagement
Plan A
Focused
Plan B
Departmental
Plan C
Considerable
Plan D
All-Inclusive
Limited Audit
Extensive Audit Plan E
Large scale
21 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Application and System Landscape
Desktop Client
O/S
Application
Server
O/S
DBMS
Application
Qualified Validated
Network
Topology of System Landscape
Application and underlying Infrastructure
• Identify the entire system landscape for each application which supports Quality systems
• Determine multiple layers of landscape including application, database, operating system, server, network and so on
• Perform a risk analysis and create a risk segment across the landscape
22 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Audit Scheduling
Planning
1. Perform a thorough audit planning (Need for audit, outcome, available resources and so on)
2. Identify stakeholders
3. Create a day wise audit plan
4. Management commitment and formal Governance
Execution
1. Execute audit plan.
2. Mitigate any change in schedule.
3. Audit the key elements (Landscape, Documentation, IT IN control, ERES)
4. Part 11 Assessment
5. Policies and Procedures
Remediation
1. Documented audit report
2. Formal handoff
3. Defined CAPA processes
4. Monitoring and escalation
5. Close out issues
23 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Roles and Responsibilities
Application Owner
Regulatory
Audit Administrator
Management Representative
• Solely responsible for providing the relevant information on Processes and Documentation during the audit
• Responsible for remediating the audit findings
• Works in conjunction with Audit administrator to identify the key expectations of the audit .
• Facilitates the audit processes
• Create a comprehensive audit plan and schedule with all relevant stakeholders informed
• Perform the audit as scheduled, discuss audit observations and provide the team with the audit findings
• Act as a point of escalation during the audit processes
• Monitor the Audit findings and support in remediation process
24 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Holistic Approach
Documentation Requirements
1. User Requirement Specification
2. Functional Requirement Specification
3. Software Design Specification
4. Access Control documentation
5. Documentation Standards
Quality and Compliance
1. Risk Assessment and Management
1. Qualification Processes (Plan, Scripts and Reports for IQ and OQ)
2. Standard Operating Procedures (Backup and Restore, Disaster Recovery, Physical and Logical Security
Process Governance
1. IT IN control Assessment
2. Data / Information Security and Privacy
3. Security and Access Controls
4. Disaster Recovery
5. Controls on Patches and configuration changes
End to End Validation
25 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation Assessment
Key deliverables to be audited
• Risk assessment
• Validation Master Plan
• Requirements depending on the GAMP category
• Qualification (IQ, OQ and PQ)
• Test scripts and Results
• Traceability matrix
• Validation report
• Dates recorded in the document
• Language in requirement
• Script approval before execution (IQ, OQ, PQ)
• Traceability is the key for any validation
• Validation Plan to be reviewed thoroughly before signing of the validation report
Key checkpoints for the audit
26 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
IT In Control Assessment
Physical Security
Configuration Management
27 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Documentation
CAR Test
• Documents to be verified for CAR test (Consistency, Accuracy and Reliability)
• Verify if the documentation is complete and adequate
• Audit based on the traceability of document / processes
• Verify the previous audit closure and related CAPA
Recording
• Document each audit process in the final report (Audit Plan, Schedule, Roles and Responsibility, Systems audited, landscape, Audit observations, specific discussion points relevant to the audit)
• Record all the documentation references in the audit report
• Each observation / recording should have a concurrence from the team / individual being audited
28 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Electronic Records
• Electronic records are key for any documentation / quality processes
• Closed and Open systems • Signature Manifestations
What to check • Version history • CAR Test • Password authentication • Validation of the document
management system
Audit Trail - a secure, computer generated, time-stamped electronic record that allows reconstruction of the course of events relating to the creation, modification, and deletion of an electronic record
29 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Electronic Signatures
Check authorization
Document Pos. Material Quantity
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639 50.0
50 80000711 10
Signing
Store
Scholl
*******
User :
Password:
Document Pos. Material Quantity
10 80000311 1100.0
20 80000620 100.2
30 80000636 110.3
40 80000639 50.0
50 80000711 10
User ID / Login password
Document,
user info,
local time stamp
Application
IIIIIIIIIIIIIIIIIIIII Comment :
30 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Electronic Records and Electronic Signatures
• Signed electronic records must contain information associated with the signing that indicates the printed name of the signer, the date and time of the signing, and the meaning associated with the signature
• Electronic signatures and handwritten signatures applied to electronic records shall be
linked to their respective electronic records to ensure that the signatures cannot be removed, copied, or transferred to falsify an electronic record.
• Each electronic signature will be unique to an individual and should not be reused by,
or assigned to, another individual. • Before an organization establishes, assigns or certifies an individual’s electronic
signature, the organization shall verify the identity of the individual. • Persons using electronic signatures shall certify to the FDA that they are using
electronic signatures intended to be the legally binding equivalent of a traditional handwritten signatures.
31 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Part 11 Key Procedural controls
Part 11 Procedural control requirements
4A Validation procedures and Verification Procedure Part 11 procedure
4B Backup & Recovery and Records Retention Procedure Disaster recovery
4C System and user access procedure 4C Access Procedure / User Id Management & Control Procedure 4D Audit trail procedure 4E Training procedure
4F and 6D Company policy on using electronic signatures.
4F Documentation control procedure
6D HR Hiring and verification for user id. 6D Proof of Signature Procedure 6E Access Procedure / User Id Management & Control Procedure 6F Password management procedure
6G, 6H User Id device management procedure
32 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Audit Process
Audit Formal Kick off
Planned Audit Execution
Team commitment
Formal Audit Report
Management response and commitment
Closing Meeting
33 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Remediation Planning
Identify Diagnose Design Implement
Ris
k
• Identify the intensity of the issue
• Categorize the issue based on the severity and risk.
RC
A
• Root Cause Analysis
• Identify the stakeholders
• Initiate CAPA
Colla
bo
rate
• Design the CAPA for each audit finding
• Involve all key stakeholders responsible for the remediation
• Obtain Consensus
Mitig
ate
• One individual responsible for each CAPA
• Monitor the progress
• Management review
34 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Holistic view of Audit Planning and Execution
Scheduling
• Project Plan for Audit
• Defined Roles and Responsibilities
• Identify roles and responsibilities
• Refine plan
Audit Planning
• Big rocks • Audit Plan • Formal Kickoff
Task
s
Execution
• Closing meeting minutes
• Individual application assessments
• Audit report
• Documentation • IT In control
assessment
Remediation
• Root Cause Analysis
• CAPA • Implementation
Plan
• Close out meeting
• Management response
Focused on specifi
c application. For
Focused on applications from
specific
Spanning
across the
organization for all
the applications.
Audit
for the
entire
organi
zation
includi
ng
people
,
Audit
for the
entire
organi
zation
includi
ng
people
Plan A
Focus
ed
Plan B
Departmental
Plan C
Considerable
Plan D
All-Inclusive Limited Audit
Extensive Audit Plan E
Large scale
• Finalized Audit Plan
• Documented list of applications and landscape
De
liver
able
s
35 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Agenda
Validation Maturity Model
People
Process
Technology
Assessment and Validation Journey
Key Topics
36 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation Maturity Model
People
Level 1 Level 2 Level 3 Level 4
Increasing Maturity
Process
Technology
Little or no awareness
Systems and process for each business function
Electronic documentation and reporting
No streamlined process
Few awareness with no structured organization
Better awareness and structured organization
Periodic training and well directed compliance
Varied systems in place
No Validation and Change management tools
Paper based system with few tools
Completely streamlined and integrated operations
Technology enabled compliance
37 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
3 Pillars of Maturity Model
1
2
• Foundational aspect of Validation Maturity Model
• Focused around training and organizational governance
• Well informed and matured organization
• Global Organizations with multiple business functions
• Improved SDLC processes
• Validation as an integrated phenomenon
3 • Electronic Records and Electronic Signature
• Paperless Validation and Test execution
• Performing validation without realizing its complexities
38 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
People
Level 1 Level 2 Level 3 Level 4
Increasing Maturity
•Nobody is aware of the processes, SOPs and Protocols
•No formal project organization for Compliance and Validation
•Not all the stakeholders are aware of the processes, SOPs and Protocols
•Project Organization for Compliance in place with parallel activities of business
•All the stakeholders are aware of the processes, SOPs and Protocols
•Well defined Project Organization for Compliance with dedicated resources and roles and responsibilities
•Periodic training and certification programs around compliance.
•Well established Compliance organization with high level of authorities, roles and responsibilities
39 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Senior management commitment is a key success factor in training
Read and understand procedural training
Training
Integral part of any Quality systems
Foundation of organizational capability around manufacturing a quality product
On the job training, In house training, External training and role based training
Measurement of training effectiveness and make changes accordingly
Training records are key documentation during an audit
40 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Compliance Organization
Defined roles and responsibility
Important to have a structured compliance organization with a great deal of directives and authority
Direct access to the leadership
Decision making authority
41 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Challenges
It is very difficult to maintain and improve the compliance where in an organization which ….Involves many teams
Focus on improving product line and customer satisfaction Core Business
Regulatory
Quality Product quality and non conforming product
Information
Technlogy Supporting business through Technology
Finance Revenue improvement in each initiative
Submissions, Filing and Audits
….has their own priorities
42 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Fragmented organization and priorities
Inadequate knowledge around Regulatory expectations
Lack of proper compliance prioritization
Finance Core Business
Regulatory Quality
…causing difficulty in maintaining compliance
Information Technology
Legal
43 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Process
Level 1 Level 2 Level 3 Level 4
Increasing Maturity
•Compliance and Validation through structured frameworks and processes
•Reducing redundancies in the process and automating activities around compliance
•No streamlined process and SOPs for managing changes
•New systems happen based on the discussions and varies from one to other
•Streamlined process and SOPs for managing changes with manual document
•Systems in place for new systems but it varies according to individual programs.
•Highest level of Compliance achieved with completely automated systems and reduced cost of Compliance
•No single findings from any of the audits around Compliance
44 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation Challenges across the Organization
Customers
Suppliers
Regulatory Agency
Supply Chain
Sales
IT
Manufacturing Customer
Service
Neglected priorities due to prescriptive nature of regulations
From suppliers to customers
Global spread with different business functions
Elements that spread across the organization like CAPA, Quality and so on
Managing validation for advancements in technology
45 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Streamlined Organization
Suppliers
Supply Chain
Sales
IT
Manufacturing Customer Service
Customers
Regulatory Agency
Process
Strong foundation of procedures – from regulatory guidance
Process for governing external parties
Single unified approach for all the processes
• Integrated controls established across the organization
• Consistency in the process
Established process around technology advancements
46 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
External Audit Management
Lead to …
• Key role in the audit
• Involved and informed on External audit process
• Improved compliance
• No audit findings / observations
Process Driven Organization
Analysis
Analyze 483s and related
information.
Identify common cause
for issues
Informed
To be informed in
organizational process,
system changes and new
processes
Benchmarking
Industry best practices
and constant growth
towards compliance
Champions Primary owners across the
organization driving audit
success
47 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Technology
Level 1 Level 2 Level 3 Level 4
Increasing Maturity
•Electronic documentation and approvals
• Part 11 compliant
• Permits electronic capture and reporting
•No tools for handling change management and document management
•Change Management and document management being handled through paperwork
•System for handling change management and document management
•Approvals and workflows – paper based
•Parallel manual processing of documents
•Technology enabled Compliance and Validation
•Automated Audits, Corrective actions and Preventive actions
•Automated Validation and Test Automation
48 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Need for Validation Automation
Enterprise
Islands
of data
Execute
Review
Approve
Create
Audits
Peer
Review
ERES
Infrastructure
Inventory
Application
Data Mgmt
Part 11
DMS
Server
LIMS
LIMS
Validation Manager
Process
Data
Process
Data
Validation
Data
Process
Data
ERP Process
Data DMS
Validation
Protocol
?
?
?
?
? ?
?
?
? ?
Difficult to Track Inefficient Collaboration
Time consuming Audits
49 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Common issues
Difficulty in Tracking Validation status
Difficulty in reusing the requirements and test script
Difficulty in assessing the impact of changes
Islands of data and in different formats
Difficulty in enforcing consistency, policies and procedures
50 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Validation Automation tool function
• Inventory Report with real-time validation status.
• Dynamic Gantt chart with real time status for projects
• Inherit approved requirements and documents across multiple projects and sites
• Dynamic and integrated traceability to manage single integrated system
• Validation Framework, Template approach, Projects with quality gate checks.
51 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Value delivered
• Track validation of status in real time
• Holistic view of implementation status
• Always prepared for meetings and Audits
• Reduces the time and effort requirement for validation deliverables and testing
• 100% electronic and complaint with Part 11 and Annex 11 requirements
• Provides complete genealogy of any deliverable with forward and backward traceability
• Helps to enforce consistency, validation policies and procedures derived from SOPs and policy documents
52 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Business Impact
Before Automation After Automation
Inconsistent Documentation Template driven documentation Improves consistency
Workflow driven Approvals Tracked and alerted through e-mail
Review and Approval Delays
Dynamic audit trails provide real time validation status and metrics
Ineffective Tracking
Automated alert notifications to SMEs regarding periodic reviews
Missed periodic reviews
A click of the mouse and everything is ready
Time consuming audit preparation
Difficult to enforce validation standards and policies
Helps to enforce validation standards, policies and procedures
Scanning documents and electronic management
100% Paperless validation process including electronic execution
53 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Test Automation
Major challenge in Validation is test execution – more time spent
Third generation Test Automation tools
Creating and Managing the test library
Integrated Validation Creates Test scripts based on the execution
Needs collaboration
54 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Compliance Journey
• Difficulty in facing regulatory audits.
• Siloed approach towards compliance
• Partial / No technology enabled
validation
• Completely informed and trained team
• Efficient compliance management
process
• End to end paperless validation and
test execution.
• Leader in the Validation space
Structured and streamlined Compliance
across the organization
Where we are today Where we want to be:
55 | VARIAN MEDICAL SYSTEMS COMPANY CONFIDENTIAL
Murali Krishnan Sundararajan – Varian IT Validation
56 | March 3, 2009 HP and Partner Confidential. For Internal Use and Distribution Only.