Back to the course description
Below is the agenda for our Computer System Validation for Cloud and COTS Applications course.
Module 1: Computer System Validation (CSV) Regulations
- CSV Purpose and Benefits
- Validation definition
- Which systems require validation
- Global CSV regulations and guidelines, e.g., FDA, ICH, EudraLex, PIC/S, WHO
- Specific COTS, Cloud, and SaaS requirements
- FDA Predicate Rules
Module 2: FDA 21 CFR Part 11
- Which systems require Part 11 compliance
- Electronic Records Requirements
- Electronic Signatures Requirements
- Closed Systems Requirements
- Open Systems Requirements
- Part 11 Guidance and Enforcement
Module 3: Annex 11
- Which systems require Annex 11 compliance
- Risk Management requirements
- Software and service provider requirements
- Validation requirements
- Data protection requirements
- Electronic signature requirements
- Business continuity requirements
Module 4: Implementation Models
- COTS and OOTB models
- Cloud models
- SaaS, PaaS, and IaaS models
- Additional models
Module 5: CSV Methodology
- Validation “V” model, e.g., GAMP
- Validation, Verification, and Qualification
- Validation approaches for COTS, Cloud, and SaaS models
- Validation Responsibilities with COTS, Cloud, and SaaS models
Module 6: Requirements
- User Requirements Specification (URS)
- Functional Requirements Specification (FRS)
- Requirements writing best practices
- URS and FRS content
- Example URS and FRS for a purchased system
Module 7: Risk Assessment and Mitigation
- Risk management terminology
- Risk assessment methodology
- Risk mitigation practices
- Risk-based computer system validation
- Example Risk Assessment for a purchased system
Module 8: Validation Plan
- QMS to support validated systems
- Scaling and sequencing validation activities
- Acceptance criteria
- Validation Plan contents
- Example risk-based Validation Plan for a purchased system
Module 9: Design and Development
- Design contents
- Design reviews and Code reviews
- Coding standards
- Example Design for a purchased system
Module 10: Validation Test Writing
- Testing techniques
- Test Plan purpose and contents
- IQ, OQ, and PQ
- IQ structure and contents
- OQ and PQ structure and contents
- Validation test writing best practices
- Example Test Plan for a purchased system
- Example IQ for a purchased system
- Example OQ and PQ for a purchased system
Module 11: Validation Test Execution
- Validation test execution process
- Validation testing documentation
- Validation test execution best practices
- Validation testing failures
- Example Validation Incident Report for a purchased system
- Example executed OQ and PQ for a purchased system
Module 12: Trace Matrices
- Trace matrices contents
- Example Trace Matrix for a purchased system
Module 13: Validation Report
- Validation Report contents
- Validation Plan deviations
- Example Validation Report for a purchased system
Module 14: Supplier Assessment
- Assessment timing
- Supplier assessment methods
- Risk-based method selection
- Supplier assessment topics
- Supplier audit process and best practices
- Leveraging audit results in risk-based validation
Module 15: Service Level Agreements
- Important of Service Level Agreements (SLAs)
- SLA role in risk mitigation
- Contents of SLAs
Module 16: CSV Failure Consequences
- FDA enforcement options
- FDA Warning Letter statistics for software
- Examples FDA Warning Letters for purchased systems
Module 17: Program Implementation
- CSV program implementation steps
- Supplier assessment program implementation steps