Posted by admin on July 12, 2010 · Leave a Comment
As many predicted, the FDA has announced that they will be conducting inspections to evaluate industry’s compliance and understanding of Part 11 after the publication of the ‘Part 11, Electronic Records; Electronic Signatures — Scope and Application’ guidance (Guidance)’.(See FDA Regulations).
It will be interesting to see the results of the evaluation as to what was the impact of the new guidelines. Did we change our approach to Part 11 after the new guidance was issued?
Filed under News · Tagged with
Posted by admin on June 9, 2010 · Leave a Comment
From the article Internal Audits for Pharma and Biotech , the following is the IT section where the author (MICHAEL J. GREGOR, PRESIDENT, COMPLIANCE GURUS INC.) details some of the rational for auditing the IT department and some of the questions and or documents that should be in place.
“The IT department is responsible for data security and data integrity. An underlying network must be qualified in order to ensure the security and integrity of the data that resides on it. In addition to the network, the applications and networked applications must be validated as well. A recent Warning Letter to Genzyme cited the following: “ Your firm failed to maintain computerized systems in a validated state”4 Some key areas to focus your attention are the validation of regulated applications as well as the maintenance and qualification state of the network. Standard operating procedures an auditor should be checking are: change control for both software and hardware, configuration management for the network, computer system validation lifecycle, network qualification, backup restore, disaster recovery, and security. Some questions you should ask as an auditor are: Does your data get backed up regularly? If so,where are the backup tapes stored? Offsite? Do you exercise a Disaster Recovery Plan? Is there physical security for the Data Centers? Can I see your change log for both software and hardware? Can I see a recent example of a computer system validation of a system? These are all good questions to ask when auditing the IT area. Training records for SOPs should also be checked to ensure employees, contractors, and consultants are trained on the procedures they are carrying out. Next, we turn to Manufacturing.”
Posted by admin on May 14, 2010 · Leave a Comment
While there are many people in the industry that would claim that access databases are not designed to meet GxP security and audit trail requirements, there are some others that have found the way to meet those requirements by using some external tools. This article describes the methodology and documentation used to validate Access forms and reports generated to support GxP activities.
Posted by admin on May 14, 2010 · Leave a Comment
Paul Henderson on his article titled Time to Get Positive about Negative Testing, talks about how people in the QA arena are not putting too much importance or importance at all in the value added to projects and quality of Negative Testing. Henderson adds “For example, unusual combinations of data inputs, overflows from long running operation, performance bottlenecks triggered by an unusual combination of events, or unrecoverable system conditions caused by hardware failures or other untested fault conditions”
Most of the testing performed in the FDA regulated industry is done on Commercial Off-The-Shelf Systems (COTS) and negative testing is usually performed by the COTS software vendor which is usually verified through software vendor audits. At the same time, there are cases where is justified to perform negative testing as part of the Operational Qualification (OQ) of the system.
In summary, Henderson makes a very good point that we should always keep in mind during the evaluation of the testing strategy of the particular application.
Posted by admin on May 14, 2010 · Leave a Comment
The Quality Assurance Journal just published their Speaker Abstracts of the Society of Quality Assurance 26th Annual Meeting, Cincinnati, Ohio, USA 25 – 30 April 2010. While going through it, I saw a couple of articles that should be interesting and of importance to the computer systems validation professional. The following list includes some of those articles:
- A Risk-Based Approach to Auditing Laboratory Processes That Includes Electronic Systems
- Electronic Records – Perspectives from FDA and Industry
- Building an Effective Computer Systems Audit Program
- Implementing Agile Software Development Methodology for Regulated Computerized Systems
Abstracts to these articles can be found here.
Next Page »