A ProPharma Group knowledge center & resource
My Account  |  Cart
Contact Us
A ProPharma Group knowledge center & resource

Third Party IT Vendor Audits

Regulators require organizations to assess and approve suppliers of critical IT infrastructure and software applications. Hire an experienced, certified auditor to audit IT providers on your behalf.

Regulatory Agencies Expect that Your Software Vendors are Validated

Regulations such as FDA 21 CFR 820 and EU Annex 11 require documented evaluations of critical suppliers, including software vendors.

The FDA's General Principles of Computer System Validation recommends auditing the design, development and testing methodologies of off-the-shelf software vendors.

International regulators have similar expectations. For example, Eudralex’s Annex 11 states that "audit information relating to suppliers or developers of software and implemented systems should be made available to inspectors on request."

Let us handle your IT Vendor Audits

When you don't have the time or experience to audit your software vendors and IT infrastructure providers, we can step in to perform the audit on your behalf. Our certified quality auditors can work with you to:

Establish the audit standards, audit criteria, agenda and checklist

 Arrange the audit with your software vendor or IT infrastructure provider

 Author the audit report

Manage the opening meeting, discovery stage, and closing meeting

 Meet with you to ensure that you understand the audit report and its implications

Let us Audit Your Software Vendor

Please fill in your information and we'll get in touch with you.

Have Confidence That Your IT Vendors are Compliant

Our auditors have been on both sides of the audit table. This experience allows us to perform efficient, effective software vendor audits, so both you and your IT vendor can get back to business. And, you will have the documentation to support your validation strategy and demonstrate regulatory compliance.

AdobeStock_609603092

Mini Audit Case Study

Situation
Audit Scope
What We Did
Results
Close Open Situation

Situation

  • Client: CRO conducting clinical studies sponsored by large pharmaceutical companies
  • Current System: Purchased, off-the-shelf software to manage the study data.
  • Future System: CRO wanted to move to a SAAS (software-as-a-service) model for study management.
  • Resources: CRO had experience auditors, but no expertise in auditing software vendors.
 
AdobeStock_1715500314
Close Open Audit Scope

Audit Scope

SAAS provider's Clinical Trial Management System, system maintenance, and support practices, and QMS.

 
AdobeStock_614800397
Close Open What We Did

What We Did

  • Provided CRO with the appropriate approach and questions to use for auditing a clinical trial management system vendor.
  • Audited the SAAS vendor - with participation from CRO staff.
  • Documented the audit outcomes and corrective action requests.
 
AdobeStock_621257611
Close Open Results

Results

  • Based on passing audit results, a system risk assessment of the SAAS clinical trial management system justified reducing validation activities.
  • CRO had the software vendor audit documentation needed for their own audits by large pharmaceutical companies.
  • CRO was able to take advantage of the SAAS model for the clinical trial management system without increase the risk to patients.
 
AdobeStock_714056211