To best ensure regulatory compliance, life sciences organizations (LSOs) should deploy digital tools and focus on IT process documents, user experience (UX), quality culture and redesigning training programs.
the challenges of an effective change control program and how to address oos ...GlobalCompliancePanel
An effective quality system program, along with several regulatory requirements, includes the documentation and evaluation of changes made to validated equipment, utilities, processes and controlled documents.
Effective Complaint Management: The Key to a Competitive Edge for Medical Dev...Cognizant
By establishing strong complaint management processes, medical device firms can make continuous improvements in patient safety, regulatory compliance and customer satisfaction.
From 'Zero Defect Software' to 'First Time Right with Business'Cognizant
Quality Assurance (QA) departments now need to go beyond zero defect software delivery to encompass both IT and business requirements through end-to-end testing protocols. Representing a true step change for IT organizations, business process assurance entails a blend of analytics-driven Business Process Testing (BPT) and User Acceptance Testing (UAT).
Product Complaints: Complaint Handling from Intake to ClosureGRCTS
Overview :
An effective complaint handling system is an extremely important part of any quality system whether you are a medical device or pharmaceutical manufacturer. Manufacturers should understand that any complaint received on a product shall be evaluated and, if necessary, thoroughly investigated and analyzed, and corrective action shall be taken. Manufacturers must ensure that they have a well-designed system to address complaints related to their products. Components of a well-designed system include: process/procedure, trained personnel, and proper record keeping. Complaint handling is no easy task. Management might overlook the importance of customer feedback and be unable to capture all complaints coming from disparate sources. Plus, the additional regulatory reporting requirement related to adverse events may seem overly burdensome to device makers in particular. A strategic risk-based methodology can help streamline the complaint-handling process in medical device manufacturing.
the challenges of an effective change control program and how to address oos ...GlobalCompliancePanel
An effective quality system program, along with several regulatory requirements, includes the documentation and evaluation of changes made to validated equipment, utilities, processes and controlled documents.
Effective Complaint Management: The Key to a Competitive Edge for Medical Dev...Cognizant
By establishing strong complaint management processes, medical device firms can make continuous improvements in patient safety, regulatory compliance and customer satisfaction.
From 'Zero Defect Software' to 'First Time Right with Business'Cognizant
Quality Assurance (QA) departments now need to go beyond zero defect software delivery to encompass both IT and business requirements through end-to-end testing protocols. Representing a true step change for IT organizations, business process assurance entails a blend of analytics-driven Business Process Testing (BPT) and User Acceptance Testing (UAT).
Product Complaints: Complaint Handling from Intake to ClosureGRCTS
Overview :
An effective complaint handling system is an extremely important part of any quality system whether you are a medical device or pharmaceutical manufacturer. Manufacturers should understand that any complaint received on a product shall be evaluated and, if necessary, thoroughly investigated and analyzed, and corrective action shall be taken. Manufacturers must ensure that they have a well-designed system to address complaints related to their products. Components of a well-designed system include: process/procedure, trained personnel, and proper record keeping. Complaint handling is no easy task. Management might overlook the importance of customer feedback and be unable to capture all complaints coming from disparate sources. Plus, the additional regulatory reporting requirement related to adverse events may seem overly burdensome to device makers in particular. A strategic risk-based methodology can help streamline the complaint-handling process in medical device manufacturing.
Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement.
Safety and Regulatory Solutions to Address the Needs of Small and Medium Biop...Covance
Clinical trials are typically outsourced to full-service clinical research organisations (CROs) and many SMEs select them based on a CRO's ability to recruit patients in certain geographies and therapeutic areas. **Disclaimer: This article was previously published. Sciformix is now a Covance company.
When medical device companies consider Agile development methods, they often run into the key criticism that Agile groups produce little to no documentation, and that Agile stands in contradiction to the lifecycle standards outlined in IEC 62304.
Given the stringent regulatory requirements in the health care industry, it is important for bio-pharmal companies to develop innovative Risk Evaluation and Mitigation Strategies (REMS) plans during the commercialization of certain products to ensure an acceptable risk-to-benefit ratio.
This benchmark study published by Best Practices, LLC examines how companies develop and execute successful Risk Evaluation and Mitigation Strategies (REMS) plans for newly-approved drugs in the U.S. market. This study can help bio-pharma companies in creating successful REMS programs.
Download Full Report: http://bit.ly/2aOt5Id
Evolving healthcare trends coupled with a slew of new features and functions to consider can overwhelm anyone charged with the task. Case managers typically are not been involved in the selection process, but that seems to be changing as organizations realize their input can be useful when it comes to choosing the most effective and efficient system.
Case managers who do get this opportunity can be prepared by staying up-to-date on the latest healthcare trends and technology that impact medical management functionality. While it is difficult to keep up with the expanding symbiotic interface between technology and care management workflow processes, case managers must understand how technology solutions can improve processes and patient outcomes.
Claims Process Improvement And AutomationClaire Louis
Presentation to Casualty Actuarial Society November 2007: presents retrospective on claim process improvement; identifies current change drivers; examines future claims process trends
Achieving a Common Information System PlatformAdvanta
The operations leadership of the health plan required industry and business expertise from Advanta to assist the business team and end users while collaborating with the health plan's Information Technology (IT) Department to implement Facets within the HMO product line.
Integrated Safety and Risk Management Solutions - Addressing the Needs of Sma...Covance
Premarketing clinical safety and PV activities, and the technology infrastructure that supports it, are typically outsourced to multiple contract research organisations (CROs) as part of their clinical trial programmes. **Disclaimer: This article was previously published. Sciformix is now a Covance company.
Governance Risk and Compliance - in Higher Education - AustraliaMarissa McCauley
This is a short presentation on governance, risk and compliance in the higher education industry. It also highlights key TEQSA threshold standards expectations from higher education providers.
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...ijait
In the competitive environment, companies have given increasing importance to the IT sector and the
resources it delivers as strategic. As a result, IT becomes a living being within the company. This sector is
being subject to continuous changes in this scenario. These changes can occur within the own IT sector or
whether IT to other sectors of the company. For both scenarios, it is important to have a good change
control to avoid unnecessary trouble and expense. This paper aims to show through a case study, the
benefits and results obtained with the implementation of a process of managing and controlling changes in
the information technology environment of a large government company in Brazil.
Effectively managing contractor compliance within a manufacturing organization can be a challenging endeavor. The involvement of multiple entities, numerous projects, and diverse contractors introduces complexities that can lead to errors, delays, and inaccuracies in ensuring compliance. These shortcomings not only impact contractors but also pose risks to the employer's brand reputation and may result in penalties. By utilizing a powerful Contractor Compliance Management tool, organizations can efficiently track and oversee contractor compliance, mitigating potential risks and ensuring adherence to regulatory requirements. This blog explores the key advantages and features of a Contractor Compliance Management tool and illustrates how it streamlines compliance management processes for manufacturing organizations.
Writing SOPs or procedural documents can be challenging at times. However, writing SOPs is overall a straightforward process. However, enforcing what you already created and implemented in the pipeline is another story. The term SOP is very obvious. We have seen "clearly written description of how specific tasks are to be done." Another satisfactory definition would be "detailed written instructions that achieve the uniformity of the performance of a specific function." Is the firm doing what the regulations specify? Is the firm doing what their procedures specify? If you are medical device or a pharmaceutical manufacturer, these definitions come as no surprise because when it comes to FDA regulations and guidance documents "establish" means to define, to document (in writing or electronically) and to implement.
Safety and Regulatory Solutions to Address the Needs of Small and Medium Biop...Covance
Clinical trials are typically outsourced to full-service clinical research organisations (CROs) and many SMEs select them based on a CRO's ability to recruit patients in certain geographies and therapeutic areas. **Disclaimer: This article was previously published. Sciformix is now a Covance company.
When medical device companies consider Agile development methods, they often run into the key criticism that Agile groups produce little to no documentation, and that Agile stands in contradiction to the lifecycle standards outlined in IEC 62304.
Given the stringent regulatory requirements in the health care industry, it is important for bio-pharmal companies to develop innovative Risk Evaluation and Mitigation Strategies (REMS) plans during the commercialization of certain products to ensure an acceptable risk-to-benefit ratio.
This benchmark study published by Best Practices, LLC examines how companies develop and execute successful Risk Evaluation and Mitigation Strategies (REMS) plans for newly-approved drugs in the U.S. market. This study can help bio-pharma companies in creating successful REMS programs.
Download Full Report: http://bit.ly/2aOt5Id
Evolving healthcare trends coupled with a slew of new features and functions to consider can overwhelm anyone charged with the task. Case managers typically are not been involved in the selection process, but that seems to be changing as organizations realize their input can be useful when it comes to choosing the most effective and efficient system.
Case managers who do get this opportunity can be prepared by staying up-to-date on the latest healthcare trends and technology that impact medical management functionality. While it is difficult to keep up with the expanding symbiotic interface between technology and care management workflow processes, case managers must understand how technology solutions can improve processes and patient outcomes.
Claims Process Improvement And AutomationClaire Louis
Presentation to Casualty Actuarial Society November 2007: presents retrospective on claim process improvement; identifies current change drivers; examines future claims process trends
Achieving a Common Information System PlatformAdvanta
The operations leadership of the health plan required industry and business expertise from Advanta to assist the business team and end users while collaborating with the health plan's Information Technology (IT) Department to implement Facets within the HMO product line.
Integrated Safety and Risk Management Solutions - Addressing the Needs of Sma...Covance
Premarketing clinical safety and PV activities, and the technology infrastructure that supports it, are typically outsourced to multiple contract research organisations (CROs) as part of their clinical trial programmes. **Disclaimer: This article was previously published. Sciformix is now a Covance company.
Governance Risk and Compliance - in Higher Education - AustraliaMarissa McCauley
This is a short presentation on governance, risk and compliance in the higher education industry. It also highlights key TEQSA threshold standards expectations from higher education providers.
CHANGE MANAGEMENT: IMPLEMENTATION AND BENEFITS OF THE CHANGE CONTROL IN THE I...ijait
In the competitive environment, companies have given increasing importance to the IT sector and the
resources it delivers as strategic. As a result, IT becomes a living being within the company. This sector is
being subject to continuous changes in this scenario. These changes can occur within the own IT sector or
whether IT to other sectors of the company. For both scenarios, it is important to have a good change
control to avoid unnecessary trouble and expense. This paper aims to show through a case study, the
benefits and results obtained with the implementation of a process of managing and controlling changes in
the information technology environment of a large government company in Brazil.
Effectively managing contractor compliance within a manufacturing organization can be a challenging endeavor. The involvement of multiple entities, numerous projects, and diverse contractors introduces complexities that can lead to errors, delays, and inaccuracies in ensuring compliance. These shortcomings not only impact contractors but also pose risks to the employer's brand reputation and may result in penalties. By utilizing a powerful Contractor Compliance Management tool, organizations can efficiently track and oversee contractor compliance, mitigating potential risks and ensuring adherence to regulatory requirements. This blog explores the key advantages and features of a Contractor Compliance Management tool and illustrates how it streamlines compliance management processes for manufacturing organizations.
Learn how to start a data governance initiative to ensure developing successful frameworks by leveraging the best practices outlined in this inforgraphic.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.gueste080564
The use of spreadsheets in financial reporting and operational processes, is a key tool for some corporations, and is an integral part of the information and decision-making framework.
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.renetta
The use of spreadsheets in financial reporting and operational processes, is a key tool for some corporations, and is an integral part of the information and decision-making framework.
Technology Controls in Business - End User Computingguestc1bca2
The Use of Spreadsheets: As it relates to Section 404 of the Sarbanes-Oxley Act.
The use of spreadsheets in financial reporting and operational processes, is a key tool for some corporations, and is an integral part of the information and decision-making framework.
To meet the requirements for lab 10 you were to perform Part 1, STakishaPeck109
To meet the requirements for lab 10 you were to perform: Part 1, Step 2: evaluate the policy document against the summarized NIST best practices, identify by number which, if any, of the eight best practices the policy satisfies, and for each practice that you identify, provide a reference to the statement in the policy that aligns with that best practice; Part 1 Step 3: suggest how you would revise the policy to directly align with the standards and provide specific statements that you would add/modify in the policy; Part 1, Step 4: describe whether the policy document is best titled as a policy or whether it would be better described using another element of the policy framework. Part 2, Step 3: describe the process that the Center uses to ensure that its standards represent the consensus of the cybersecurity community; Part 2, Step 5: identify the section of the recommendations that achieves this goal; Part 2, Step 7: for each of the five best practices in the previous step, classify the practice as: satisfied (indicate recommendation number that achieves the best practice), violated (indicate recommendation number that violates the best practice) or not addressed.
Unfortunately it looks like you were off target for this assignment; you needed to:
Part 1, Step 2: identify by number the best practices (given in the lab) that are satisfied by the policy - partial credit given;
Part 1 Step 3: provide specific statements on how you would revise the policy; you needed to align your statements with the best practices (e.g. Best Practice 2: add to Section 4.2) - partial credit given;
Part 1, Step 4: describe whether the policy document is best titled as a policy or whether it would be better described using another element of the policy framework; this "policy" is better described as a standard (see technical implementation details);
Part 2, Step 3: describe the process that the Center uses to ensure its standards represent the consensus of the cybersecurity community; see the Consensus Guidance portion of the document - partial credit given;
Part 2, Step 5: identify the section of the recommendations that achieves the goal of Step 3 - partial credit given;
Part 2, Step 7: classify the five best practices; indicate the recommendation number for each - partial credit given.
Applying the Security Policy Framework to an Access Control Environment (3e)
Access Control and Identity Management, Third Edition - Lab 10
Student: Email:
HARSHAVARDHAN POCHARAM [email protected]
Time on Task: Progress:
100%
Report Generated: Sunday, June 20, 2021 at 9:45 AM
Guided Exercises
Part 1: Evaluate a Security Policy
2. Evaluate the policy document against the NIST best practices summarized above. Identify by
number which, if any, of the eight best practices the policy satisfies. For each practice that you
identify, provide a reference to the statement in the policy that aligns with that best practice.
In line with relevant policy, the information s ...
Improving Risk Evaluation and Mitigation StrategyCognizant
For life sciences companies, improving risk evaluation and mitigation strategy (REMS) is critical to adhere to FDAAA and other regulatory hurdles; here's our Microsoft SharePoint-based approach for improving document management and sharing and upgrading REMS.
Managing contractor compliance effectively inside a manufacturing organisation can be a difficult task. Multiple businesses, different projects, and diverse contractors present difficulties that can lead to errors, delays, and inaccuracies in assuring compliance. These flaws affect not only contractors, but also the employer's brand name and may result in sanctions. Organisations can quickly track and oversee contractor compliance by utilising a robust contractor compliance management tool, reducing potential risks and assuring adherence to regulatory requirements. This blog delves into the primary benefits and features of a Contractor Compliance Management application, demonstrating how it streamlines compliance management operations for industrial organisations.
Similar to How Digital Can Improve Regulatory Compliance for Life Sciences (20)
Using Adaptive Scrum to Tame Process Reverse Engineering in Data Analytics Pr...Cognizant
Organizations rely on analytics to make intelligent decisions and improve business performance, which sometimes requires reproducing business processes from a legacy application to a digital-native state to reduce the functional, technical and operational debts. Adaptive Scrum can reduce the complexity of the reproduction process iteratively as well as provide transparency in data analytics porojects.
It Takes an Ecosystem: How Technology Companies Deliver Exceptional ExperiencesCognizant
Experience is evolving into a strategy that reaches across technology companies. We offer guidance on the rise of experience and its role in business modernization, with details on how orgnizations can build the ecosystem to support it.
The Work Ahead: Transportation and Logistics Delivering on the Digital-Physic...Cognizant
The T&L industry appears poised to accelerate its long-overdue modernization drive, as the pandemic spurs an increased need for agility and resilience, according to our study.
Enhancing Desirability: Five Considerations for Winning Digital InitiativesCognizant
To be a modern digital business in the post-COVID era, organizations must be fanatical about the experiences they deliver to an increasingly savvy and expectant user community. Getting there requires a mastery of human-design thinking, compelling user interface and interaction design, and a focus on functional and nonfunctional capabilities that drive business differentiation and results.
The Work Ahead in Manufacturing: Fulfilling the Agility MandateCognizant
According to our research, manufacturers are well ahead of other industries in their IoT deployments but need to marshal the investment required to meet today’s intensified demands for business resilience.
The Work Ahead in Higher Education: Repaving the Road for the Employees of To...Cognizant
Higher-ed institutions expect pandemic-driven disruption to continue, especially as hyperconnectivity, analytics and AI drive personalized education models over the lifetime of the learner, according to our recent research.
Engineering the Next-Gen Digital Claims Organisation for Australian General I...Cognizant
In recent years, insurers have invested in technology platforms and process improvements to improve
claims outcomes. Leaders will build on this foundation across the claims landscape, spanning experience,
operations, customer service and the overall supply chain with market-differentiating capabilities to
achieve sustainable results.
Profitability in the Direct-to-Consumer Marketplace: A Playbook for Media and...Cognizant
Amid constant change, industry leaders need an upgraded IT infrastructure capable of adapting to audience expectations while proactively anticipating ever-evolving business requirements.
Green Rush: The Economic Imperative for SustainabilityCognizant
Green business is good business, according to our recent research, whether for companies monetizing tech tools used for sustainability or for those that see the impact of these initiatives on business goals.
Policy Administration Modernization: Four Paths for InsurersCognizant
The pivot to digital is fraught with numerous obstacles but with proper planning and execution, legacy carriers can update their core systems and keep pace with the competition, while proactively addressing customer needs.
The Work Ahead in Utilities: Powering a Sustainable Future with DigitalCognizant
Utilities are starting to adopt digital technologies to eliminate slow processes, elevate customer experience and boost sustainability, according to our recent study.
AI in Media & Entertainment: Starting the Journey to ValueCognizant
Up to now, the global media & entertainment industry (M&E) has been lagging most other sectors in its adoption of artificial intelligence (AI). But our research shows that M&E companies are set to close the gap over the coming three years, as they ramp up their investments in AI and reap rising returns. The first steps? Getting a firm grip on data – the foundation of any successful AI strategy – and balancing technology spend with investments in AI skills.
Operations Workforce Management: A Data-Informed, Digital-First ApproachCognizant
As #WorkFromAnywhere becomes the rule rather than the exception, organizations face an important question: How can they increase their digital quotient to engage and enable a remote operations workforce to work collaboratively to deliver onclient requirements and contractual commitments?
Five Priorities for Quality Engineering When Taking Banking to the CloudCognizant
As banks move to cloud-based banking platforms for lower costs and greater agility, they must seamlessly integrate technologies and workflows while ensuring security, performance and an enhanced user experience. Here are five ways cloud-focused quality assurance helps banks maximize the benefits.
Getting Ahead With AI: How APAC Companies Replicate Success by Remaining FocusedCognizant
Changing market dynamics are propelling Asia-Pacific businesses to take a highly disciplined and focused approach to ensuring that their AI initiatives rapidly scale and quickly generate heightened business impact.
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...Cognizant
Intelligent automation continues to be a top driver of the future of work, according to our recent study. To reap the full advantages, businesses need to move from isolated to widespread deployment.
The Work Ahead in Intelligent Automation: Coping with Complexity in a Post-Pa...
How Digital Can Improve Regulatory Compliance for Life Sciences
1. How Digital
Can Improve
Regulatory
Compliance for
Life Sciences
Life sciences organizations should
apply digital tools and techniques
to define, refine or redefine IT
process documents, plus provide
meaningful training, to ensure
employee awareness and boost
regulatory compliance.
Executive Summary
In today’s world, where pharmaceuticals and
medical device organizations — collectively called
life sciences organizations (LSOs) — are increas-
ingly working with global partners and service
providers, it is critical that employees are fully
aware of, and adhere to, all regulatory compliance
requirements. Even though regulatory compli-
ance training is mandatory before the start of any
LSO’s IT project, the mandate often stops at the
“how” part of the compliance process rather than
including the “why.”
The issue assumes greater significance in con-
tract research organizations (CROs)/contract
manufacturing organizations (CMOs) and IT ser-
vice providers. Here, individuals often move from
varied and nonregulated industries into LSOs,
wherein the lack of “control” over their activities
and deliverables can result in noncompliance.
To effectively ensure that critical applications
which manage food, drugs, patient and clinical
data (GxP applications) comply with industry
and government regulations, LSOs must focus
Cognizant 20-20 Insights | June 2018
COGNIZANT 20-20 INSIGHTS
2. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 2
on established standards such as Title 21 Code
of Federal Regulations (CFR) Part 11 (Electronic
Records and Electronic Signatures) in process-
ing electronic data that U.S. FDA predicate rules
1
require. They must also maintain good automated
manufacturing practices (GAMP) and validate IT
applications to comply with industry and manda-
tory regulation.
This white paper identifies and describes the
actions LSOs must take regarding their people
and process documentation to ensure sustained
compliance.
REGULATORY COMPLIANCE
CHALLENGES
Employees responsible for regulatory compli-
ance, particularly in start-ups and LSOs with
less-than-optimal quality management sys-
tems, may have different interpretations of the
established processes. When mandatory process
documents and trainings designed to achieve
regulatory compliance do not consider user
experiences, they can lead to inconsistencies,
disinterest, frustration, deviations and dissatis-
faction for end users.
The U.S. Food and Drug Administration (FDA)
is serious about noncompliance. In 2017, it had
issued 236
2
Good Manufacturing Practices (GMP)
warning letters (see Figure 1).
How the FDA Treats Noncompliance
Warning Letters Issued by the U.S. FDA
• Violation: Failure to establish and follow
appropriate written procedures,
designed to prevent microbiological
contamination in drug products
purporting to be sterile (21 CFR 211.113(b).
• Failure to thoroughly investigate any
unexplained discrepancy or failure of a
batch or any of its components to meet
any of its specifications, whether or not
the batch has already been distributed
(21 CFR 211.192).
Company: *** Ltd.
(Date: Jan. 19, 2017)
• Violation: Failure to establish and
maintain procedures for validating
device design as required by
21CFR 820.30(g).
• Failure to develop, conduct, control,
and monitor production processes to
ensure that a device conforms to its
specifications, as required by
21 CFR 820.70(a).
• Failure to establish and maintain
procedures for receiving, reviewing and
evaluating complaints by a formally
designated unit, as required by
21 CFR 820.198(a).
Company: ***
(Date: Aug. 23, 2017)
• Violation: Failure to establish and
maintain procedures for verifying the
device design to confirm that the
design output meets the design input
requirements, as required by
21 CFR 820.30(f).
• Failure to establish and maintain a
Design History File (DHF) for each type
of device, as required by
21 CFR 820.30(j).
• Failure to establish and maintain
procedures to control the design of the
device in order to ensure that specified
design requirements are met, as
required by 21 CFR 820.30(a).
Company: *** Inc.
(Date: Sept. 25, 2017)
Figure 1
3. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 3
The best way to incorporate UX
into IT process documentation
and regulatory compliance
training is to include simple
examples of how any activity
needs to be performed, as well as
the adverse impact of violations.
4. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 4
Regulatory agencies, such as the U.S. FDA, follow
an investigation operations manual and the rel-
evant compliance program guidance manual to
inspect LSOs. If the aforementioned noncom-
pliance examples resulted from the way the IT
systems are governed and managed (or the lack
thereof), then it may result in adverse impacts
like the following:
• Compromised patient safety or loss of thera-
peutic effect.
• Issuance of a consent decree
3
enforced by
federal courts.
• Financial and reputational risks.
• Product recalls.
• Expensive remediation efforts.
RECOMMENDATIONS FOR
ACHIEVING REGULATORY
COMPLIANCE
Achieving regulatory compliance is mandatory,
not optional. If all your resources must con-
sistently adhere to predefined processes, we
recommend that you relook at your current way
of documenting IT processes and training to min-
imize the chance of deviation and increase the
likelihood of regulatory compliance.
Compliance Starts with Quality Culture
and User Experience
High regulatory compliance can be achieved only
by designing/redesigning QMS processes and
trainings with user experience (UX) in mind (see
Figure 2). A robust UX can help an organization
ascend the ladder of quality culture from nascent
to mature.
The best way to incorporate UX into IT process
documentation and regulatory compliance train-
ing is to include simple examples of how any
activity needs to be performed, as well as the
adverse impact of violations.
Although regulations and mandates drive the
regulatory compliance processes, we recom-
mend LSOs leverage UX as an additional lever
for designing compliance training processes that
deliver favorable outcomes.
Processes that are tedious and confusing for end
users will lead to:
• Disinterest.
• Frustration.
• Inconsistencies.
• Deviations.
• Dissatisfaction.
Designing in Compliance from the Get-Go
Key Driver Adapting to RequirementMaintaining the ConnectBridge The Gap
Processes should be defined/
refined/redefined considering
the user experience, rather
than the quality management
perspective alone.
It is imperative that training
programs/processes be redesigned
from a people’s perspective so
that everyone understands the
principles behind regulatory needs.
A platform for regular interaction
between the compliance expert
and participants to address
queries in real-time scenarios.
Relying more on process
automation using digital tools.
Use gamification techniques.
User Experience
(UX)
Redesign Training
Programs/
Processes
Mentorship
Sessions
Leverage
Digital
Figure 2
5. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 5
Focus on Redesigning IT Process Assets
Beyond IT systems, LSOs must also consider
compliance from a people perspective. Pro-
cesses impacting regulatory compliance should
be designed/redesigned with UX in mind, rather
than merely a quality management point of view.
This can be achieved by the following means:
• Simplify existing processes to optimize ease-
of-use.
• Keep the UX in mind and customize the pro-
cess FAQs.
• Make the process model responsive for con-
tinuous user feedback.
• Focus on real-time examples while redesign-
ing processes.
Simplified, Easy-to-Use Processes
The success of any process is in implementation
and compliance. To achieve these goals, doc-
uments should be simple and easy to use. For
example, change management processes should
be designed to make it easy to understand the
relevance of each step and to follow the process
properly. The importance of each step, in addi-
tion to the effort/time involved in completing it,
should also be considered when designing/rede-
signing processes.
Availability of Process FAQs
FAQs should be designed after discussion with
teams/stakeholders for each process to minimize
dependence on experienced trainers/mentors.
This will substantially reduce effort subsequently,
allowing increased focus on core activities.
Making Process Model Responsive to Continu-
ous User Feedback
Existing processes should be reviewed with all
stakeholders every three years at minimum,
unless there is a significant need to change in the
meantime due to regulatory mandates. This pro-
cess model should be flexible enough to take the
inputs from stakeholders and to refine/redefine
the processes using interactive online forums, as
needed.
Use Real-Life Examples/Scenarios When
Redesigning Processes
IT process documents should incorporate plen-
tiful real-life examples, including bottlenecks or
exceptions, acceptable durations of activities,
and details about ownership or responsibilities of
tasks and activities.
In an IT change management process document,
for example, the change management workflow
using swim lanes, actors, list of actions, approval
time frames, etc. should be included, along with
details about managing this workflow in the tool.
This will make users fully aware of details in the
change management process, including actors,
actions, and how to avoid or minimize adverse
consequences.
6. How Digital Can Improve Regulatory Compliance for Life Sciences | 6
Cognizant 20-20 Insights
Focus on Redesigning Training Programs
Orientation Programs: A Regulatory
Prerequisite
To bridge the gap between the “how” and “why”
of any compliance-related process, it is imper-
ative that all IT personnel attend orientation
sessions on the principles behind regulatory
needs, in addition to mandatory training.
The scope of this session should cover important
regulations and compliance needs mandated by
various agencies. This session should do the fol-
lowing:
• Be instructor-led.
• Comprise real-life examples to improve user
engagement.
• Explain how and why examples are imple-
mented in LSOs.
• Highlight the risks or failures of noncompli-
ance.
The Merit of Mentorship Sessions
Mentorship sessions provide a platform for regu-
lar interaction between experts and participants.
The key benefits include the following:
• Address compliance-related queries using
real-time project scenarios.
• Ensure that mentees understand their roles in
regulatory compliance.
• Provide feedback on existing processes.
Mentorship sessions will enable participants to
adapt to specific regulatory requirements and
improve compliance to QMS processes.
Customized Process Training
Internal process regulators/reviewers should be
assigned to identify and handle regulatory compli-
ance trainings, at the initial level. Since different
users are at different levels of understanding,
process training should do the following:
• Be simple and clear.
• Elaborate how an activity needs to be
performed.
• Explain why the process is designed in a
particular way.
• Elucidate all (basic to complex) queries on
regulatory compliance.
Taking an Optimized Approach to Training
A comprehensive and effective approach to
training is critical to ensure alignment with pro-
cess and governance. This includes the following:
• Full support and endorsement by manage-
ment.
• Properly designed and coordinated courses.
• Designation of an accountable individual as
training leader.
• Recognition of training programs as continu-
ous education opportunities.
To bridge the gap between the “how” and “why”
of any compliance-related process, it is imperative
that all IT personnel attend orientation sessions
on the principles behind regulatory needs, in
addition to mandatory training.
7. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 7
To assess and refine the training programs, and
ensure agility and scalability, we recommend
the following steps to the training management
team:
• Build a training assessment plan:
»» Mandate role-based training.
»» Specify average training hours
(e.g., 60 to 70 hours per year).
»» Reward participation.
»» View nonparticipation seriously and
initiate consequence management.
• Define a training objective by ensuring that
the strategy’s “why” is communicated clearly,
and ensure the availability of a best-in-class
training team. Include experts from:
»» Within the department.
»» Outside the department.
»» External to the company
(from the industry).
All possible orientation aids, including presenta-
tions and active interactions, should be leveraged
and deployed by the instructor.
APPLY ‘DIGITAL’ TO ACHIEVE
YOUR OBJECTIVES
To reach the organization’s regulatory compli-
ance objectives, we suggest the following steps:
• Automate processes using digital tools:
Automating key processes will reduce manual
intervention and minimize errors. For exam-
ple, manual user access management will
be error-prone and lead to noncompliance,
exposing organizations to unwarranted risks.
Automating the user access management
process mitigates these risks and enhances
compliance.
• Employ gamification: To make the processes
and trainings more interesting, design/rede-
sign QMS processes and training curricula
using gamification concepts and techniques.
• Use swim-lane techniques to pictorially rep-
resent process workflows.
• Create e-learning modules for refresher
courses, in addition to classroom sessions and
mentors.
• Enable course access through mobile
devices.
• Leverage smartboards in classrooms and
brainstorming sessions to capture ideas for
further analysis and improvement.
The benefits of improved regulatory compliance
can be measured by:
• Enhanced compliance with regulations and
mandated processes — leading to no (or mini-
mal) risks to IT systems and end users.
• Reduced risk of financial penalties, adverse
impact on market share and unannounced
agency audits.
• Greater compliance levels can be attained
when process adherence is a pleasant expe-
rience.
• Higher organizational alignment can be
achieved when users get compliance right,
the first time.
• Loss avoidance, both financial and reputa-
tional.
8. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 8
Quick Take
Turning Adherence Observations
& Data into Results
A global leader in pharmaceuticals product R&D was hard-pressed to trans-
late data quality observations and hard data into insights during monthly
audits of its IT incident/problem management process. The company found
that the team members lacked the clarity on the “why” aspect of the compli-
ance process, which undermined its ability to build a fact-based assessment
of adherence levels. To reduce the gaps, the following actions were taken:
• Redesigned IT process:
»» Workflows were created on the IT incident/problem management pro-
cess, with examples.
»» User feedback sessions on IT processes were organized to happen
every six months.
»» IT processes were mandated to be reviewed and amended wherever
needed.
• Redesigned training program:
»» Workflows were used in training sessions, using presentations with
appropriate animations, to enable the team members to comprehend
the reasons for the workflow itself.
• Mentorship sessions:
»» A quality mentorship program was introduced wherein new team mem-
bers could reach out to mentors experienced in QMS for clarification on
all compliance-related issues.
Benefits included:
• Internal audit observations were reduced by 50%.
• Risk of noncompliance was reduced by ~20%.
• Rate of first-time compliance was improved by 8%.
9. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 9
Jancy Mascarenhas
Consultant, Cognizant
Consulting’s Process &
Quality Consulting Practice
Jancy Mascarenhas is a Consultant within Cognizant Consulting’s
Process & Quality Consulting Practice. She is a member of the
International Society of Pharmaceutical Engineering (ISPE) Asso-
ciation, India, is ITIL v3 Foundation certified, and is a ISO20000
lead auditor certified professional. Jancy has over 12 years of IT
experience in service management across the banking and the life
sciences industries, specializing in auditing, software quality assur-
ance, IT quality and regulatory compliance. She can be reached at
Jancy.Muthiah@cognizant.com.
ABOUT THE AUTHORS
FOOTNOTES
1 Predicate rule is any requirement set forth in the Federal Food, Drug and Cosmetic Act, the Public Health Service Act or any
U.S. FDA regulation other than Part 11.
2 www.fda.gov/ICECI/EnforcementActions/WarningLetters/2017/default.htm.
3 A consent decree in the life sciences industry is a written order from a judge that prohibits a company from marketing and
selling its new products until its noncompliances on existing products are corrected and the LSO is approved by the federal
agency.
REFERENCES
• www.fda.gov/default.htm.
• www.ema.europa.eu/ema/.
• www.gov.uk/government/organisations/medicines-and-healthcare-products-regulatory-agency.
ACKNOWLEDGMENTS
The authors would like to thank Kenneth Strode, Senior Regulatory Compliance Officer who works in Cognizant’s Life Sciences
Regulatory Compliance Office and Legal, Global Compliance, Privacy & Ethics, for his valuable input and feedback.
10. Cognizant 20-20 Insights
How Digital Can Improve Regulatory Compliance for Life Sciences | 10
Rajesh
Anantharaman
Consultant, Cognizant
Consulting’s Process &
Quality Consulting Practice
Rajesh Anantharaman, CISA is a Consultant within Cognizant Con-
sulting’s Process & Quality Consulting Practice. He has over 13 years
of experience in the medical devices and life sciences industry,
specializing in software quality assurance, quality systems, quality
engineering, supplier development, auditing, IT quality and compli-
ance, regulatory compliance and equipment validation. Rajesh can
be reached at Rajesh.Anantharaman@cognizant.com.
ABOUT THE AUTHORS (cont.)
Ramachandran S
Senior Manager, Cognizant
Consulting’s Process &
Quality Consulting Practice
Ramachandran S is a Senior Manager within Cognizant Consult-
ing’s Process & Quality Consulting Practice. He has decades of
experience in the banking and IT space. Ramachandran’s area
of specialization is setting up the testing processes for cus-
tomers across numerous geographies. He can be reached at
Ramachandran.S@cognizant.com.