Montrium, profile picture
Uploaded byMontrium
PDF, PPTX574 views

Continuous validation of office 365

The document outlines a webinar discussing continuous validation of Office 365 compliance, emphasizing traditional validation models, key implementation steps, and tools available for continuous validation in a cloud context. It highlights the necessity of adapting validation practices to the evolving nature of cloud systems, especially in life sciences, and provides a structured implementation process for maintaining compliance. The session also includes polls on the audience's current practices and interest in further compliance resources.

Embed presentation

Download as PDF, PPTX
Continuous Validation of Office 365 Compliance Playbook May 30th, 2019 2
3 Today’s Agenda LIVE WEBINAR • Traditional computer system validation models in the cloud • Overview of continuous validation and key steps for implementing continuous validation • Office 365 tools at your disposal to support continuous validation • Examples in action • Q&A
4 House Keeping L I V E W E B I N A R • This webinar is being recorded and will be made available after this session • Feel free to use the chatbox to submit your questions at anytime • Q&A will take place at the end of the webinar • We will send these slides to your email at the end of the webinar
5 Meet Your Speakers Michael Zwetkow— VP Professional Services and Alliances Montrium Oliver Pearce— Director of Commercialization, Montrium
• Founded in 2005 • Working Exclusively in the Life Sciences • Headquartered in Montreal, Canada • EU HQ in Brussels • Clients in North America, Europe & Asia • Leading Content Management Platform • Over 9000 Users in 20+ Countries • Experienced Professional Services Group • Co-authored Office 365 6 About Montrium Connecting People, Processes & Technology A B O U T T H E C O M P A N Y
Computerized System Validation T R A D I T I O N A L G A M P 5 M E T H O D O L O G Y I N T H E C O N T E X T O F T H E C L O U D 7
• Fitness for intended use of a computerized system is verified and documented • Risks associated with using the system are mitigated • Validated state is maintained through effective change control mechanisms Basic Principles of Validation
GAMP5 – CSV Framework for a Configured Product (Category 4) User Requirements Specification Functional Specification Configuration Specification Configured Product Configuration Testing (IQ) Functional Testing (OQ) Requirements Testing (PQ) Specification Verification Change Control Impact Assessment Configuration Management ChangeManagement Supplier SDLC/QMS
Classic Approach System Freeze and Change Control Cloud Approach Continuous Change & Improvements Change in Paradigm
Change can be GOOD • Unintended consequences of the classic model: • System patches & updates are reactive and slow to implement, and are often skipped • When changes are made, they are usually larger in scope, making them riskier • With an extremely mobile workforce, freezing a system instead of keeping it up-to-date presents high risks of data breach and cyber attacks Keep your system static? Keep your system secure? Which is preferable?
Office 365 Challenges from a GxP Perspective Highly configurable and customizable Not designed specifically for GxP purposes Continuously evolving
Poll • Do you currently manage regulated GxP content in Office 365 / SharePoint Online?
The Continuous Validation Concept A L I F E S C I E N C E P E R S P E C T I V E 14
Continuous Validation is… … knowing the state of the system (its current configuration) and ensuring it’s aligned with specifications & user requirements (at all times) … continuous regression testing, with emphasis on higher risk areas of the system (e.g. audit trail capabilities and access control and data protection) … being proactive with respect to upcoming changes from the cloud service provider … having key processes in place for system governance
Continuous Validation of O365 (Conceptual View) Targeted Release Standard Release Test Management
Continuous validation implementation process Step 1 • Establish governance processes Step 2 • Determine intended use & map out GxP business process Step 3 • Identify key features and configuration settings to be tested Step 4 • Define test framework and automated test scripts Step 5 • Provision test environment that is representative of production Step 6 • Execute tests on trigger events
Step 1: Establish governance processes • Who is responsible for reviewing the roadmap and message center and who needs to be informed of upcoming changes? Release Analysis • What actions need to be taken if an incident or system failure occurs? Incident Management • What to do when configuration changes or new feature activation requested by end users? Change Management
Step 2: Establish intended use & map out GxP business process
Step 3: Identify key features and configuration settings to be tested For example: • Audit settings • Time zone and data residency settings • Activated features • Security groups • Custom permission levels • Site structure definition (lists, libraries, content types) • List versioning settings
Step 4: Define test framework and automated test scripts For example: • Use PowerShell to extract current configuration of key system settings and compare them with specifications. This can be done at various system levels, including: • Tenant level • SharePoint Admin level • Site Collection level • List / Library level • Use Robot Framework / Selenium to mimic user activities of GxP business process requirements and verify against user acceptance criteria, for example: • Unauthorized user not able to access restricted area of the system • User is unable to modify or delete declared records • System captures time stamped audit log of key events and user activities
Step 4: Provision test environment that is representative of production • Features can be tested without necessarily having to enable them in production • Provides the ability to perform test in an isolated environment which reduces risks of downtime • Does not clutter the production with test data Targeted release à Can be used in conjunction with a development/test tenant to test new functionality before it gets rolled out to the entire organization Gradual roll-out to O365 customersRoll-out within Microsoft
Step 5: Execute tests on trigger events User driven configuration changes or new feature activation Periodic / pre-defined schedule Vendor driven system updates
SharePoint Online Version Updates 24
Are you considering implementing a continuous validation program at you organization? a) Yes b) No POLL
Tools at your disposal Office 365 Developer Subscription (Enterprise E3 / 90-day perpetual renewal) & Office 365 Release Rings Product Updates (Office 365 Message Center) & Roadmap Communications (Office 365 Roadmap) Automated Provisioning and Monitoring Tools (e.g. PowerShell, SharePoint REST Services, Office365DSC) Test Management and Automation Tools (e.g. Azure DevOps)
Office 365 Message Center
Office 365 Roadmap
Automated site provisioning PowerShell PNP Provisioning Template
Office 365 Desired State Configuration (DSC) What is it? • Office365DSC is an Open-Sourced PowerShell module that allows you to define the configuration of your Office 365 Tenants as code. 30 It has three modes: • ApplyOnly – apply configuration as per specification • ApplyAndMonitor – checks configuration every 15 mins • ApplyAndAutoCorrect - same as above but will automatically apply the configs
31 Office 365 DSC Use Cases • Recreating environment for debugging • « Point-in-time » snapshot • Delta analysis • Disaster Recovery • Monitoring and logging of desired state • Synchronization of environments
Test Management and Automation using Azure DevOps
Examples in action • Video 1: Automated configuration verification of key settings related to the activation of site features and audit log settings • Video 2: Automated functional verification of record declaration feature which prevents users from deleting documents which have been declared as records
Would you like to receive more information on Montrium’s Compliance Toolkits for Office 365? a) Yes, could be useful b) No, thank you 36 POLL
37 The Compliance Playbook Visit https://info.montrium.com/the-compliance-playbook to register JUN 18 Maintaining Oversight for Complete Governance in Office 365
38 The Compliance Toolkits for Office 365 Accelerate your transition to the cloud Microsoft Vendor Assessment Toolkit SharePoint Online Validation Toolkit SharePoint Online Governance Toolkit SharePoint Online Deployment Toolkit SharePoint Online Migration Toolkit
Questions?

More Related Content

PDF
Validating SharePoint for Regulated Life Sciences Applications
byMontrium
 
PDF
SharePoint Configuration Management – Effective Techniques for Regulated Shar...
byMontrium
 
PDF
Executing Validation of GxP Systems Electronically using SharePoint
byMontrium
 
PDF
SharePoint for Pharma - Computer System Life Cycle Management
byMontrium
 
PDF
SharePoint for Pharma - A Risk-Based Validation Approach for Life Sciences
byMontrium
 
PDF
SharePoint And 21 CFR Part 11 Share Fest
bypaulkfenton
 
PPTX
Providing SharePoint Solutions in an FDA Regulated Environment
byDeb Walther
 
PDF
Document Management in the Life Sciences - New Horizons for Small-Medium Ente...
byMontrium
 
Validating SharePoint for Regulated Life Sciences Applications
byMontrium
 
SharePoint Configuration Management – Effective Techniques for Regulated Shar...
byMontrium
 
Executing Validation of GxP Systems Electronically using SharePoint
byMontrium
 
SharePoint for Pharma - Computer System Life Cycle Management
byMontrium
 
SharePoint for Pharma - A Risk-Based Validation Approach for Life Sciences
byMontrium
 
SharePoint And 21 CFR Part 11 Share Fest
bypaulkfenton
 
Providing SharePoint Solutions in an FDA Regulated Environment
byDeb Walther
 
Document Management in the Life Sciences - New Horizons for Small-Medium Ente...
byMontrium
 

What's hot

PDF
Unit 6 Software Configuration Management
byKanchanPatil34
 
PDF
Validation : Project Management
byDipen Shroff
 
PPTX
Software Configuration Management.pptx
byMaSheilaMagboo
 
PPT
Configuration Management
byelliando dias
 
PPT
Software Configuration Management
byChandan Chaurasia
 
PDF
IT Validation Training
byRobert Sturm
 
PDF
Overview of Computerized Systems Compliance Using the GAMP® 5 Guide
byProPharma Group
 
PDF
Computer System Validation - The Validation Master Plan
byWolfgang Kuchinke
 
PPTX
computer system validation
byGopal Patel
 
PPT
Gamp Riskbased Approch To Validation
byRajendra Sadare
 
PPTX
Myths of validation
byJeff Thomas
 
PDF
Configuration management
byKobi Vider
 
PDF
Case Study – Deploying SharePoint Based eTMF in the Cloud
byMontrium
 
PDF
Network Infrastructure Validation Conference @UPRA (2003)
byRaul Soto
 
PDF
The semantic web an inside look at the creation of control loop foundation
byEmerson Exchange
 
PDF
Why Are Life Science Companies Moving to Office 365?
byMontrium
 
PPTX
Effectively Manage Counterfeit Parts with a Quality Solution
byTIP Technologies
 
PPTX
Software Configuration Management
byJeyanthiR
 
PDF
Controlling SOA in Support of Operational Improvement (ISPE PE Vol 31 No 4 - ...
byDavid Stokes
 
PDF
Bli.it concepts-regarding-gamp-guide-en
byBLI.IT
 
Unit 6 Software Configuration Management
byKanchanPatil34
 
Validation : Project Management
byDipen Shroff
 
Software Configuration Management.pptx
byMaSheilaMagboo
 
Configuration Management
byelliando dias
 
Software Configuration Management
byChandan Chaurasia
 
IT Validation Training
byRobert Sturm
 
Overview of Computerized Systems Compliance Using the GAMP® 5 Guide
byProPharma Group
 
Computer System Validation - The Validation Master Plan
byWolfgang Kuchinke
 
computer system validation
byGopal Patel
 
Gamp Riskbased Approch To Validation
byRajendra Sadare
 
Myths of validation
byJeff Thomas
 
Configuration management
byKobi Vider
 
Case Study – Deploying SharePoint Based eTMF in the Cloud
byMontrium
 
Network Infrastructure Validation Conference @UPRA (2003)
byRaul Soto
 
The semantic web an inside look at the creation of control loop foundation
byEmerson Exchange
 
Why Are Life Science Companies Moving to Office 365?
byMontrium
 
Effectively Manage Counterfeit Parts with a Quality Solution
byTIP Technologies
 
Software Configuration Management
byJeyanthiR
 
Controlling SOA in Support of Operational Improvement (ISPE PE Vol 31 No 4 - ...
byDavid Stokes
 
Bli.it concepts-regarding-gamp-guide-en
byBLI.IT
 

Similar to Continuous validation of office 365

PDF
Tools for Accelerating Validation of Office 365
byMontrium
 
PDF
Governance Strategies for Office 365
byMontrium
 
PDF
Test Automation using UiPath Test Suite - Developer Circle Part-1.pdf
byDiana Gray, MBA
 
PDF
How to Get Started with GxP Processes in Office 365 - The Discovery Phase
byMontrium
 
PPTX
CenturyLink's Game-Changing Strategies for Increasing Project Quality
byWorksoft
 
PPTX
Modernising Change Management with Enterprise DevOps
byPuppet
 
PPT
kalyanasundaram,sripriya_tcoepresentation
byQA Programmer
 
PPT
kalyanasundaram,Gopi_tcoepresentation
byGopi Raghavendra
 
PPTX
Unleashing the Power of Office 365
bySoftchoice Corporation
 
PDF
Microsoft DevOps Journey
byMayank Srivastava
 
PPTX
What Makes A World Class Microsoft 365 Intranet & Digital Workplace - Workshop
byRichard Harbridge
 
PPTX
Five Ways to Ensure 100% Adoption of Office 365
byChristian Buckley
 
PPT
SDLC Control
bybenji00
 
PPTX
Unleashing the Power of Office 365
byMartin Pietrzak
 
PDF
The Complete Guide to Building an Effective Enterprise Testing Strategy.pdf
bykalichargn70th171
 
PPTX
Microsoft Teams and Planner Global Azure Bootcamp
byHeather Newman
 
PPTX
Future Proofing Your Office 365 Strategy
byRichard Harbridge
 
PDF
Test Management for Cloud-based Applications
byTechWell
 
PDF
High-flying Cloud Testing Techniques
byTechWell
 
PDF
Continuous Delivery: The One Question You Must Answer
byDevOps.com
 
Tools for Accelerating Validation of Office 365
byMontrium
 
Governance Strategies for Office 365
byMontrium
 
Test Automation using UiPath Test Suite - Developer Circle Part-1.pdf
byDiana Gray, MBA
 
How to Get Started with GxP Processes in Office 365 - The Discovery Phase
byMontrium
 
CenturyLink's Game-Changing Strategies for Increasing Project Quality
byWorksoft
 
Modernising Change Management with Enterprise DevOps
byPuppet
 
kalyanasundaram,sripriya_tcoepresentation
byQA Programmer
 
kalyanasundaram,Gopi_tcoepresentation
byGopi Raghavendra
 
Unleashing the Power of Office 365
bySoftchoice Corporation
 
Microsoft DevOps Journey
byMayank Srivastava
 
What Makes A World Class Microsoft 365 Intranet & Digital Workplace - Workshop
byRichard Harbridge
 
Five Ways to Ensure 100% Adoption of Office 365
byChristian Buckley
 
SDLC Control
bybenji00
 
Unleashing the Power of Office 365
byMartin Pietrzak
 
The Complete Guide to Building an Effective Enterprise Testing Strategy.pdf
bykalichargn70th171
 
Microsoft Teams and Planner Global Azure Bootcamp
byHeather Newman
 
Future Proofing Your Office 365 Strategy
byRichard Harbridge
 
Test Management for Cloud-based Applications
byTechWell
 
High-flying Cloud Testing Techniques
byTechWell
 
Continuous Delivery: The One Question You Must Answer
byDevOps.com
 

More from Montrium

PDF
How to prepare for an audit and maintain oversight within your e qms
byMontrium
 
PDF
Strategies to Facilitate GxP Processes Deployment in Office 365
byMontrium
 
PDF
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
byMontrium
 
PDF
Automating the Regulatory Submission Process - Reducing Time and Increasing Q...
byMontrium
 
PDF
Implementing the TMF Reference Model
byMontrium
 
PDF
Outsourcing TMF Management
byMontrium
 
PDF
Practical Steps to Selecting and Implementing an eTMF
byMontrium
 
PDF
Empowering Active TMF Management With an eTMF System
byMontrium
 
PDF
Empowering active tmf management
byMontrium
 
PDF
Implementing Metrics & Completeness Reporting in TMF Management​
byMontrium
 
PDF
How to Build a Business Case for an eTMF
byMontrium
 
PDF
Tmf Fundamentals - webinar
byMontrium
 
PDF
TMF Fundamentals - An Introduction to Better Trial Master File Management - M...
byMontrium
 
PPTX
Best practices for preparing for and surviving inspections
byMontrium
 
PDF
Best Practices for Implementing Robust Governance Processes in Office 365
byMontrium
 
PDF
Automation of document management paul fenton webinar
byMontrium
 
PDF
Transforming eTMF Management: Moving to a Data-Driven Approach
byMontrium
 
PDF
Future of eTMF Webinar - Montrium
byMontrium
 
PDF
Best practices for preparing for and surviving inspections
byMontrium
 
PDF
Monitoring Beyond COVID-19: Setting Yourself Up for the New-Normal
byMontrium
 
How to prepare for an audit and maintain oversight within your e qms
byMontrium
 
Strategies to Facilitate GxP Processes Deployment in Office 365
byMontrium
 
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...
byMontrium
 
Automating the Regulatory Submission Process - Reducing Time and Increasing Q...
byMontrium
 
Implementing the TMF Reference Model
byMontrium
 
Outsourcing TMF Management
byMontrium
 
Practical Steps to Selecting and Implementing an eTMF
byMontrium
 
Empowering Active TMF Management With an eTMF System
byMontrium
 
Empowering active tmf management
byMontrium
 
Implementing Metrics & Completeness Reporting in TMF Management​
byMontrium
 
How to Build a Business Case for an eTMF
byMontrium
 
Tmf Fundamentals - webinar
byMontrium
 
TMF Fundamentals - An Introduction to Better Trial Master File Management - M...
byMontrium
 
Best practices for preparing for and surviving inspections
byMontrium
 
Best Practices for Implementing Robust Governance Processes in Office 365
byMontrium
 
Automation of document management paul fenton webinar
byMontrium
 
Transforming eTMF Management: Moving to a Data-Driven Approach
byMontrium
 
Future of eTMF Webinar - Montrium
byMontrium
 
Best practices for preparing for and surviving inspections
byMontrium
 
Monitoring Beyond COVID-19: Setting Yourself Up for the New-Normal
byMontrium
 

Recently uploaded

PPTX
VSWarehouse for Genome Centers: Scalable, Secure Whole-Genome Infrastructure ...
byGolden Helix
 
PPTX
Emerging Targets in NSCLC beyond EGFR, ALK & ROS .pptx
bySumitKumar452
 
PDF
Partograph: It is a composite graphical recording of cervical dilatation and ...
byMayuriGamit2
 
PDF
Microencapsulation and their Application in Novel Drug Delivery
byGOKULAKRISHNAN S
 
PPTX
Instructional-Media-and-Methods-in-Nursing-Education.pptx
bysujithansg
 
PDF
Filling in the Gaps in Hemophilia Guideline Recommendations: Evidence-Based S...
byi3 Health
 
PPTX
Biotransformation Of Cortisone By Using Rhodococcus rhodnii
bySadaqat Ahmed
 
PPTX
Oncology Physiotherapy_ A Key Piece in Cancer Care Puzzle.pptx
byasmitashresthapt
 
PPTX
LOW BACK PAIN_BY. R.YUVASHRI BPT FINAL YEAR
byarunmanikandan6
 
PPTX
ENZYMOLOGY: IUBMB SYSTEM: COENZYMES: COFACTORS
byESIC MEDICAL COLLEGE AND HOSPITAL ANDHERI EAST MUMBAI
 
PPTX
Prostate Genetics 1 December Talk CCSN.pptx
byCanadian Cancer Survivor Network
 
PPTX
6.Avascular necrosis (c) General orthopedic disorders.pptx
byBolan University of Medical and Health Sciences ,Quetta
 
PPTX
A critical appraisal of a research article
byManoj Khadka
 
PPTX
ACTIVE ASSISTED EXERCISE.pptx file by gokul
byGOKULAKRISHNAN JANARTHANAN
 
PDF
preoperative assessment Pheochromocytoma 2025.pdf
byAssist. Prof. Radhwan Hazem Alkhashab
 
PPTX
DEC 2025ONCOLOGY CARTOONS BY DR KANHU CHARAN PATRO
byKanhu Charan
 
PPTX
FAMILY PLANING METHOD AND PROGRAMME IN BRIEF
byKrantiKhobragade
 
PPTX
9.Deformities of humanbody last units of surgery I.pptx
byBolan University of Medical and Health Sciences ,Quetta
 
PPTX
THYROID GLAND ANATOMY PHYSIOLOGY AND DISORDER
byKrantiKhobragade
 
PPTX
PERCEPTION.pptx I SEMESTER STUDENTS BY SHILPA HOTAKAR
bySHILPA HOTAKAR
 
VSWarehouse for Genome Centers: Scalable, Secure Whole-Genome Infrastructure ...
byGolden Helix
 
Emerging Targets in NSCLC beyond EGFR, ALK & ROS .pptx
bySumitKumar452
 
Partograph: It is a composite graphical recording of cervical dilatation and ...
byMayuriGamit2
 
Microencapsulation and their Application in Novel Drug Delivery
byGOKULAKRISHNAN S
 
Instructional-Media-and-Methods-in-Nursing-Education.pptx
bysujithansg
 
Filling in the Gaps in Hemophilia Guideline Recommendations: Evidence-Based S...
byi3 Health
 
Biotransformation Of Cortisone By Using Rhodococcus rhodnii
bySadaqat Ahmed
 
Oncology Physiotherapy_ A Key Piece in Cancer Care Puzzle.pptx
byasmitashresthapt
 
LOW BACK PAIN_BY. R.YUVASHRI BPT FINAL YEAR
byarunmanikandan6
 
ENZYMOLOGY: IUBMB SYSTEM: COENZYMES: COFACTORS
byESIC MEDICAL COLLEGE AND HOSPITAL ANDHERI EAST MUMBAI
 
Prostate Genetics 1 December Talk CCSN.pptx
byCanadian Cancer Survivor Network
 
6.Avascular necrosis (c) General orthopedic disorders.pptx
byBolan University of Medical and Health Sciences ,Quetta
 
A critical appraisal of a research article
byManoj Khadka
 
ACTIVE ASSISTED EXERCISE.pptx file by gokul
byGOKULAKRISHNAN JANARTHANAN
 
preoperative assessment Pheochromocytoma 2025.pdf
byAssist. Prof. Radhwan Hazem Alkhashab
 
DEC 2025ONCOLOGY CARTOONS BY DR KANHU CHARAN PATRO
byKanhu Charan
 
FAMILY PLANING METHOD AND PROGRAMME IN BRIEF
byKrantiKhobragade
 
9.Deformities of humanbody last units of surgery I.pptx
byBolan University of Medical and Health Sciences ,Quetta
 
THYROID GLAND ANATOMY PHYSIOLOGY AND DISORDER
byKrantiKhobragade
 
PERCEPTION.pptx I SEMESTER STUDENTS BY SHILPA HOTAKAR
bySHILPA HOTAKAR
 

Continuous validation of office 365

  • 2.
  • 3.
    3 Today’s Agenda LIVE WEBINAR •Traditional computer system validation models in the cloud • Overview of continuous validation and key steps for implementing continuous validation • Office 365 tools at your disposal to support continuous validation • Examples in action • Q&A
  • 4.
    4 House Keeping L I VE W E B I N A R • This webinar is being recorded and will be made available after this session • Feel free to use the chatbox to submit your questions at anytime • Q&A will take place at the end of the webinar • We will send these slides to your email at the end of the webinar
  • 5.
    5 Meet Your Speakers Michael Zwetkow— VP Professional Servicesand Alliances Montrium Oliver Pearce— Director of Commercialization, Montrium
  • 6.
    • Founded in2005 • Working Exclusively in the Life Sciences • Headquartered in Montreal, Canada • EU HQ in Brussels • Clients in North America, Europe & Asia • Leading Content Management Platform • Over 9000 Users in 20+ Countries • Experienced Professional Services Group • Co-authored Office 365 6 About Montrium Connecting People, Processes & Technology A B O U T T H E C O M P A N Y
  • 7.
    Computerized System Validation T RA D I T I O N A L G A M P 5 M E T H O D O L O G Y I N T H E C O N T E X T O F T H E C L O U D 7
  • 8.
    • Fitness forintended use of a computerized system is verified and documented • Risks associated with using the system are mitigated • Validated state is maintained through effective change control mechanisms Basic Principles of Validation
  • 9.
    GAMP5 – CSVFramework for a Configured Product (Category 4) User Requirements Specification Functional Specification Configuration Specification Configured Product Configuration Testing (IQ) Functional Testing (OQ) Requirements Testing (PQ) Specification Verification Change Control Impact Assessment Configuration Management ChangeManagement Supplier SDLC/QMS
  • 10.
    Classic Approach System Freeze and ChangeControl Cloud Approach Continuous Change & Improvements Change in Paradigm
  • 11.
    Change can beGOOD • Unintended consequences of the classic model: • System patches & updates are reactive and slow to implement, and are often skipped • When changes are made, they are usually larger in scope, making them riskier • With an extremely mobile workforce, freezing a system instead of keeping it up-to-date presents high risks of data breach and cyber attacks Keep your system static? Keep your system secure? Which is preferable?
  • 12.
    Office 365 Challenges from aGxP Perspective Highly configurable and customizable Not designed specifically for GxP purposes Continuously evolving
  • 13.
    Poll • Do youcurrently manage regulated GxP content in Office 365 / SharePoint Online?
  • 14.
    The Continuous Validation Concept AL I F E S C I E N C E P E R S P E C T I V E 14
  • 15.
    Continuous Validation is… …knowing the state of the system (its current configuration) and ensuring it’s aligned with specifications & user requirements (at all times) … continuous regression testing, with emphasis on higher risk areas of the system (e.g. audit trail capabilities and access control and data protection) … being proactive with respect to upcoming changes from the cloud service provider … having key processes in place for system governance
  • 16.
    Continuous Validation ofO365 (Conceptual View) Targeted Release Standard Release Test Management
  • 17.
    Continuous validation implementation process Step1 • Establish governance processes Step 2 • Determine intended use & map out GxP business process Step 3 • Identify key features and configuration settings to be tested Step 4 • Define test framework and automated test scripts Step 5 • Provision test environment that is representative of production Step 6 • Execute tests on trigger events
  • 18.
    Step 1: Establishgovernance processes • Who is responsible for reviewing the roadmap and message center and who needs to be informed of upcoming changes? Release Analysis • What actions need to be taken if an incident or system failure occurs? Incident Management • What to do when configuration changes or new feature activation requested by end users? Change Management
  • 19.
    Step 2: Establishintended use & map out GxP business process
  • 20.
    Step 3: Identifykey features and configuration settings to be tested For example: • Audit settings • Time zone and data residency settings • Activated features • Security groups • Custom permission levels • Site structure definition (lists, libraries, content types) • List versioning settings
  • 21.
    Step 4: Definetest framework and automated test scripts For example: • Use PowerShell to extract current configuration of key system settings and compare them with specifications. This can be done at various system levels, including: • Tenant level • SharePoint Admin level • Site Collection level • List / Library level • Use Robot Framework / Selenium to mimic user activities of GxP business process requirements and verify against user acceptance criteria, for example: • Unauthorized user not able to access restricted area of the system • User is unable to modify or delete declared records • System captures time stamped audit log of key events and user activities
  • 22.
    Step 4: Provisiontest environment that is representative of production • Features can be tested without necessarily having to enable them in production • Provides the ability to perform test in an isolated environment which reduces risks of downtime • Does not clutter the production with test data Targeted release à Can be used in conjunction with a development/test tenant to test new functionality before it gets rolled out to the entire organization Gradual roll-out to O365 customersRoll-out within Microsoft
  • 23.
    Step 5: Executetests on trigger events User driven configuration changes or new feature activation Periodic / pre-defined schedule Vendor driven system updates
  • 24.
  • 25.
    Are you consideringimplementing a continuous validation program at you organization? a) Yes b) No POLL
  • 26.
    Tools at yourdisposal Office 365 Developer Subscription (Enterprise E3 / 90-day perpetual renewal) & Office 365 Release Rings Product Updates (Office 365 Message Center) & Roadmap Communications (Office 365 Roadmap) Automated Provisioning and Monitoring Tools (e.g. PowerShell, SharePoint REST Services, Office365DSC) Test Management and Automation Tools (e.g. Azure DevOps)
  • 27.
  • 28.
  • 29.
    Automated site provisioning PowerShellPNP Provisioning Template
  • 30.
    Office 365 DesiredState Configuration (DSC) What is it? • Office365DSC is an Open-Sourced PowerShell module that allows you to define the configuration of your Office 365 Tenants as code. 30 It has three modes: • ApplyOnly – apply configuration as per specification • ApplyAndMonitor – checks configuration every 15 mins • ApplyAndAutoCorrect - same as above but will automatically apply the configs
  • 31.
    31 Office 365 DSC Use Cases •Recreating environment for debugging • « Point-in-time » snapshot • Delta analysis • Disaster Recovery • Monitoring and logging of desired state • Synchronization of environments
  • 32.
    Test Management andAutomation using Azure DevOps
  • 33.
    Examples in action •Video 1: Automated configuration verification of key settings related to the activation of site features and audit log settings • Video 2: Automated functional verification of record declaration feature which prevents users from deleting documents which have been declared as records
  • 36.
    Would you liketo receive more information on Montrium’s Compliance Toolkits for Office 365? a) Yes, could be useful b) No, thank you 36 POLL
  • 37.
    37 The Compliance Playbook Visithttps://info.montrium.com/the-compliance-playbook to register JUN 18 Maintaining Oversight for Complete Governance in Office 365
  • 38.
    38 The Compliance Toolkitsfor Office 365 Accelerate your transition to the cloud Microsoft Vendor Assessment Toolkit SharePoint Online Validation Toolkit SharePoint Online Governance Toolkit SharePoint Online Deployment Toolkit SharePoint Online Migration Toolkit
  • 39.