Best Approach to Auditing Vendors Providing Cloud-Based Services
Best Approach to Auditing Vendors of Software-as-a-Service (SaaS) Solutions
We will discuss the importance of applying industry best practices when auditing a vendor of hardware, software, or other technology or a provider of technology services, such as system implementation, system configuration, system development, system integration, or similar activity.
Computer systems that are used in FDA-regulated environments (i.e., the system “touches” an FDA-regulated product, or a raw material or packaging component used in conjunction with the product during the manufacturing, testing, or tracking processes). Such a system must be validated in accordance with FDA guidelines for computerized systems and documented accordingly. It is important to be able to identify the computer systems used when performing FDA-regulated activities. When a vendor is involved, whether in terms of provisioning hardware and/or software, implementing the system or maintaining it, this must be done in compliance with FDA requirements. A solid computer system validation strategy, along with an understanding of industry best practices, will lead your company to ensure that vendors are held accountable for the delivery of systems and services that will support your efforts to validate computer systems and maintain them in a validated state.
This webinar will also provide guidance on the importance of factoring risk into all FDA-regulated activities and will help you assess the risk of any computer products purchased from third-party vendors. You will also learn how to develop a standard audit process, using templates and checklists to ease the burden of this activity. Documentation is critical to proving that a system does what it purports to do and that a company has thoroughly scrutinized and effectively leveraged any third-party vendor that is involved in these efforts.
We will cover Computer Off-the-Shelf (COTS) software applications, cloud computing, and Software-as-a-Service (SaaS). We’ll discuss the traditional approach to Computer Software Validation (CSV), and contrast it with FDA’s recent draft guidance (September 2022) on Computer Software Assurance (CSA).
CSA focuses on critical thinking and a risk-based approach. It also lends itself well to automated testing and is aligned closely with GAMP®5, Second Edition. Overall, we’ll discuss the industry's best practices and note the pitfalls to avoid when validating systems regulated by the FDA.
Learning Objectives:-
The attendees will learn about the following key areas:
Areas Covered in the Session:-
Background:-
We will discuss the importance of applying industry best practices when auditing a vendor of hardware, software, or other technology or a provider of technology services, such as system implementation, system configuration, system development, system integration, or similar activity.
Computer systems that are used in FDA-regulated environments (i.e., the system “touches” an FDA-regulated product, or a raw material or packaging component used in conjunction with the product during the manufacturing, testing, or tracking processes). Such a system must be validated in accordance with FDA guidelines for computerized systems and documented accordingly.
It is important to be able to identify the computer systems used when performing FDA-regulated activities. When a vendor is involved, whether in terms of provisioning hardware and/or software, implementing the system or maintaining it, this must be done in compliance with FDA requirements. A solid computer system validation strategy, along with an understanding of industry best practices, will lead your company to ensure that vendors are held accountable for the delivery of systems and services that will support your efforts to validate computer systems and maintain them in a validated state.
This webinar will also provide guidance on the importance of factoring risk into all FDA-regulated activities and will help you assess the risk of any computer products purchased from third-party vendors. You will also learn how to develop a standard audit process, using templates and checklists to ease the burden of this activity. Documentation is critical to proving that a system does what it purports to do and that a company has thoroughly scrutinized and effectively leveraged any third-party vendor that is involved in these efforts.
We will cover Computer Off-the-Shelf (COTS) software applications, cloud computing, and Software-as-a-Service (SaaS). We’ll discuss the traditional approach to Computer Software Validation (CSV) and contrast it with the FDA’s recent draft guidance (September 2022) on Computer Software Assurance (CSA). CSA focuses on critical thinking and a risk-based approach. It also lends itself well to automated testing and is aligned closely with GAMP®5, Second Edition.
We will also cover automated testing and ways to increase the efficiency and effectiveness of validation. While the documentation generated by a vendor during their own testing may not be used outright as the sole source of proof of validation, it may be leveraged to reduce the amount of work necessary by the client implementing the system. Overall, we’ll discuss the industry's best practices and note the pitfalls to avoid when validating systems regulated by the FDA.
Why Should You Attend?
This webinar is intended for those working in the FDA-regulated industries, including pharmaceutical, medical device, biological, animal health, organ donation and tobacco. Functions that are applicable include research and development, clinical sample manufacturing, packaging, labeling and distribution, clinical testing and management, adverse events management and post-marketing surveillance.
You should attend this webinar if you are responsible for planning, executing or managing the implementation of any computer system governed by FDA regulations or if you are developing, configuring, maintaining, or supporting such a system.
In particular, we will cover cloud services and SaaS solutions and how to ensure your contract and SLA are as ironclad as possible. There are different ways to hold a vendor accountable, and these are the primary tools for doing so.
Whether a vendor follows a waterfall, agile, or other SDLC approach to software development, testing, and release, this webinar will prepare you to ask the vendor the right questions to be able to leverage their work along with your own.
Who will Benefit?