SharePoint for Pharma - SharePoint & 21 CFR Part 11
A Risk-Based Validation Approach for Life Sciences.
Presented by Paul Fenton, President & CEO of Montrium Inc.
For more information on Montrium please visit:
- www.montrium.com
- www.twitter.com/Montrium
- www.youtube.com/Montrium
or email info@montrium.com
Computer System Validation - The Validation Master PlanWolfgang Kuchinke
Computer System Validation (CSV) is the process used to ensure and document that a computerbased system is operating according to predefined requirements. CSV is necessary when replacing paper records, like
Case Report Forms for clinical trials, with an electronic system within the highly regulated data zone that impacts public health and safety. Necessary validation documents are for example the Standard Operating Procedures (SOPs), which outline how the computer system should be used. Here, we describe in detail the System Validation Master Plan, the most important document in Computer System Validation. In contains topics, like: Validation Policy, Definition of Validation, Rules and Regulations in CSV, Legal basis, FDA 21 CFR Part 11, FDA Guidance for industry, ICH Guideline GCP, Annex 11 EU-GMP, Validation Philosophy, Organisation validation document, Audit Reports, Organisation guidelines, Organisation quality management handbook, etc.
The steps of the Validation Life Cycle are: 1. System Specification, 2. System Classification, 3. Validation Planning, 4. Establishing of the validated state, 5. Maintaining the validated state, 6. System Retirement.
Good Document Control Practices and Procedures: ISO 9001:2015Qualsys Ltd
Read More: quality.eqms.co.uk/eqms-governance-risk-compliance-software-datasheets
Once upon a time, records lived in lever arch-files, filing cabinets and in cardboard boxes. All key documents and records were strictly guarded under lock-and-key by those who knew the rules, and applied them assiduously.
Nowadays, records exist all over the business, well beyond the reach of the traditional warden. With everything digital, records are stored on desktops or mobile devices, on clouds or on servers, on intranets or on social media.
But what impact has this decentralisation of records had on organisations?
In this fast paced, mobile world, documentation is created at break-neck pace.
Not only has the internet, remote working and globalisation completely changed the way documents are created, it has transformed how records are exchanged, viewed, interrogated and collaborated upon.
Despite the issues with lost company records, only a third of organisations feel their document control procedures are integrated enterprise-wide, according to an AIIM Industry Report.
Two in three organisations feel they have failed to integrate document control procedures across the organisation, or have little or no document control policy at all.
Not only do these companies risk litigation costs, loosing customer confidence, bad publicity and loosing confidential customer information, they are failing to exploit important knowledge resources.
EQMS Document Manager helps you to keep control of records. EQMS enables you to:
control access and usage of documented information, as well as the distribution and retrieval of documents.
Follow a systematic approach: e.g. follow the Plan > Do > Check > Act cycle.
Retain records: have documents to prove that you have done what you said you would do.
This supports organisations to meet the requirements of ISO 9001:2015 and other management standards.
Supplier Qualification Management: A New Tool in the Supplier Information and...SAP Ariba
This session introduces the supplier qualification project type, which is now included in the Ariba Supplier Information and Performance Management (SIPM) solution. Supplier qualification management (SQM) allows buyers to qualify suppliers for a particular activity as well as manage a continuous qualification life cycle. Join this session to learn more about how to best use the SQM functionality combined with the supplier profile questionnaire (SPQ), supplier performance management (SPM) projects, and sourcing events.
Metaphor Consulting Provides Vendor Master Training on Material Management Module.
Metaphor Consulting also provide corporate training on below module...
SAP Course’s Offers:
SAP ABAP / BASAIS
SAP BW / BI / BO
SAP HANA
SAP FI / CO
SAP PP / QM
SAP PM / PS
SAP SD / MM
Computer System Validation - The Validation Master PlanWolfgang Kuchinke
Computer System Validation (CSV) is the process used to ensure and document that a computerbased system is operating according to predefined requirements. CSV is necessary when replacing paper records, like
Case Report Forms for clinical trials, with an electronic system within the highly regulated data zone that impacts public health and safety. Necessary validation documents are for example the Standard Operating Procedures (SOPs), which outline how the computer system should be used. Here, we describe in detail the System Validation Master Plan, the most important document in Computer System Validation. In contains topics, like: Validation Policy, Definition of Validation, Rules and Regulations in CSV, Legal basis, FDA 21 CFR Part 11, FDA Guidance for industry, ICH Guideline GCP, Annex 11 EU-GMP, Validation Philosophy, Organisation validation document, Audit Reports, Organisation guidelines, Organisation quality management handbook, etc.
The steps of the Validation Life Cycle are: 1. System Specification, 2. System Classification, 3. Validation Planning, 4. Establishing of the validated state, 5. Maintaining the validated state, 6. System Retirement.
Good Document Control Practices and Procedures: ISO 9001:2015Qualsys Ltd
Read More: quality.eqms.co.uk/eqms-governance-risk-compliance-software-datasheets
Once upon a time, records lived in lever arch-files, filing cabinets and in cardboard boxes. All key documents and records were strictly guarded under lock-and-key by those who knew the rules, and applied them assiduously.
Nowadays, records exist all over the business, well beyond the reach of the traditional warden. With everything digital, records are stored on desktops or mobile devices, on clouds or on servers, on intranets or on social media.
But what impact has this decentralisation of records had on organisations?
In this fast paced, mobile world, documentation is created at break-neck pace.
Not only has the internet, remote working and globalisation completely changed the way documents are created, it has transformed how records are exchanged, viewed, interrogated and collaborated upon.
Despite the issues with lost company records, only a third of organisations feel their document control procedures are integrated enterprise-wide, according to an AIIM Industry Report.
Two in three organisations feel they have failed to integrate document control procedures across the organisation, or have little or no document control policy at all.
Not only do these companies risk litigation costs, loosing customer confidence, bad publicity and loosing confidential customer information, they are failing to exploit important knowledge resources.
EQMS Document Manager helps you to keep control of records. EQMS enables you to:
control access and usage of documented information, as well as the distribution and retrieval of documents.
Follow a systematic approach: e.g. follow the Plan > Do > Check > Act cycle.
Retain records: have documents to prove that you have done what you said you would do.
This supports organisations to meet the requirements of ISO 9001:2015 and other management standards.
Supplier Qualification Management: A New Tool in the Supplier Information and...SAP Ariba
This session introduces the supplier qualification project type, which is now included in the Ariba Supplier Information and Performance Management (SIPM) solution. Supplier qualification management (SQM) allows buyers to qualify suppliers for a particular activity as well as manage a continuous qualification life cycle. Join this session to learn more about how to best use the SQM functionality combined with the supplier profile questionnaire (SPQ), supplier performance management (SPM) projects, and sourcing events.
Metaphor Consulting Provides Vendor Master Training on Material Management Module.
Metaphor Consulting also provide corporate training on below module...
SAP Course’s Offers:
SAP ABAP / BASAIS
SAP BW / BI / BO
SAP HANA
SAP FI / CO
SAP PP / QM
SAP PM / PS
SAP SD / MM
During Process/Production Order Creation for manufacturing, the systembased on configuration settings, is capable of automatically selecting the Material List/BOM/Recipe as master data into the Process/Production Order.
However:
- If the Material List/BOM/Recipe is undergoing an engineering change that is relevant for the horizon in which the process/production order is to be executed, then
• The system adopts the BOMs/Recipes "as-is" and :
• does not prevent the unreleased, unapproved, work in process changes from being adopted into the Process Order. This functionalitydoes not exist in Standard SAP and is a GAP
There now exists a solution that alleviates the aforesaid GAP in ECC 6.0. For details of the solution, please review the attached Solution Brief.
Document Control
Steps to Building an Effective System
Annual Quality Survey Report
1. Building an Effective System
2. Have the Right Amount of Documentation
3. Outline Your Document Control System
4. Where will you keep your documents?
5. Example Systems
6. Common Problems with Document Control
7. And all the pieces will fall in place
QMS for setting a coordinated activities to direct and control an organization in order to continually improve the effectiveness and efficiency of its performance.
Second Party Audit and External Third Party AuditShantanuThakre3
Second Party Audit:- Second-party audit is when a company performs an audit of a supplier to ensure that they are meeting the requirements specified in the contract.
External Third Party Audit:-
A third-party audit occurs when a company has decided that they want to create a Quality Management System (QMS) that conforms to a standard set of requirements, such as ISO 9001 and hire an independent auditing company to perform an audit to verify that the company has succeeded in meeting these standards.
For the importer of record, compliance means the complete
and accurate recording of all internal processes through
books and records, from procurement to payment (P2P).
Compliance means following Customs laws and regulations
on both imports and exports. Good compliance facilitates
the movement of trade at the border. For the government,
it ensures security through quality trade data, the proper
collection of duties and taxes, the proper application of
preferential duty tariffs, and the protection of target industries
(e.g., textiles). For the importer, it prevents supply chain
bottlenecks, costly production downtime, and errors that can
result in expensive penalties.
The GMP+ B1 Documentation is developed for organizations involved in production, trade and Feed safety services.This documentation kit describes list of various documents like manual, procedures, audit checklist, etc. as per requirements for documentation. Organization can easily edit documentation as per requirments.
An introduction to Life Sciences Computer System Validation, applicable regulation, SDLC phases, software categorisation, risk/ change/ deviation management, validation deliverable, risk based approach, regulatory inspection, audit findings, causes of compliance failure, key concepts in CSV etc.
Manage Your Web Content with SharePoint 2013 Mobility and SearchPerficient, Inc.
With tremendous growth in mobile device usage on the Internet over the past few years, the importance of mobility is evident. Given the shift, companies are looking to develop and execute on strategies that provide a first-class experience for these devices. Organizations are also investing in search and content targeting techniques to provide a richer, more focused experience for customers.
SharePoint is a powerful web content management platform – and it’s even better with the 2013 release. Join Perficient’s Travis Nielsen to see a SharePoint 2013 implementation and learn how to leverage the platform’s new WCM capabilities.
During Process/Production Order Creation for manufacturing, the systembased on configuration settings, is capable of automatically selecting the Material List/BOM/Recipe as master data into the Process/Production Order.
However:
- If the Material List/BOM/Recipe is undergoing an engineering change that is relevant for the horizon in which the process/production order is to be executed, then
• The system adopts the BOMs/Recipes "as-is" and :
• does not prevent the unreleased, unapproved, work in process changes from being adopted into the Process Order. This functionalitydoes not exist in Standard SAP and is a GAP
There now exists a solution that alleviates the aforesaid GAP in ECC 6.0. For details of the solution, please review the attached Solution Brief.
Document Control
Steps to Building an Effective System
Annual Quality Survey Report
1. Building an Effective System
2. Have the Right Amount of Documentation
3. Outline Your Document Control System
4. Where will you keep your documents?
5. Example Systems
6. Common Problems with Document Control
7. And all the pieces will fall in place
QMS for setting a coordinated activities to direct and control an organization in order to continually improve the effectiveness and efficiency of its performance.
Second Party Audit and External Third Party AuditShantanuThakre3
Second Party Audit:- Second-party audit is when a company performs an audit of a supplier to ensure that they are meeting the requirements specified in the contract.
External Third Party Audit:-
A third-party audit occurs when a company has decided that they want to create a Quality Management System (QMS) that conforms to a standard set of requirements, such as ISO 9001 and hire an independent auditing company to perform an audit to verify that the company has succeeded in meeting these standards.
For the importer of record, compliance means the complete
and accurate recording of all internal processes through
books and records, from procurement to payment (P2P).
Compliance means following Customs laws and regulations
on both imports and exports. Good compliance facilitates
the movement of trade at the border. For the government,
it ensures security through quality trade data, the proper
collection of duties and taxes, the proper application of
preferential duty tariffs, and the protection of target industries
(e.g., textiles). For the importer, it prevents supply chain
bottlenecks, costly production downtime, and errors that can
result in expensive penalties.
The GMP+ B1 Documentation is developed for organizations involved in production, trade and Feed safety services.This documentation kit describes list of various documents like manual, procedures, audit checklist, etc. as per requirements for documentation. Organization can easily edit documentation as per requirments.
An introduction to Life Sciences Computer System Validation, applicable regulation, SDLC phases, software categorisation, risk/ change/ deviation management, validation deliverable, risk based approach, regulatory inspection, audit findings, causes of compliance failure, key concepts in CSV etc.
Manage Your Web Content with SharePoint 2013 Mobility and SearchPerficient, Inc.
With tremendous growth in mobile device usage on the Internet over the past few years, the importance of mobility is evident. Given the shift, companies are looking to develop and execute on strategies that provide a first-class experience for these devices. Organizations are also investing in search and content targeting techniques to provide a richer, more focused experience for customers.
SharePoint is a powerful web content management platform – and it’s even better with the 2013 release. Join Perficient’s Travis Nielsen to see a SharePoint 2013 implementation and learn how to leverage the platform’s new WCM capabilities.
Validating SharePoint for Regulated Life Sciences ApplicationsMontrium
Validating SharePoint for Regulated Life Sciences Applications
Presented by Paul Fenton, CEO & President, Montrium
For more information on Montrium please visit:
- www.montrium.com
- www.twitter.com/Montrium
- www.youtube.com/Montrium
or email info@montrium.com
Providing SharePoint Solutions in an FDA Regulated EnvironmentDeb Walther
This talk explains to the IT Professional the reasons behind the FDA regulations and what must be considered when implementing SharePoint in a GxP environment.
Level: 200
Track: IT Pro, Developer
SharePoint 2013 has FAST search built into its core fabric. New site templates and web parts have been added to allow you to build search driven applications. Through these search web parts, we can cross site collection boundaries to surface information, improve navigation and create a seamless experience across the different sites, site collection and web application. We will also demonstrate how to use cross site publishing to leverage multiple content sources. We also discuss several approaches for publishing internet sites.
Attendee Takeaways:
1. Understanding how to work with the Product Catalog site template in SharePoint 2013
2. Learn to setup and configure cross site publishing
3. Learn to add responsive design to your site
How to Leverage SharePoint 2013 to Organize, Label, Navigate, and Search Your...J. Kevin Parker, CIP
At the end of this presentation, you should be able to articulate why good information architecture (IA) makes SharePoint better; identify the four systems of IA components; leverage SharePoint features for improved information management; and build dynamic information management solutions in SharePoint without code.
SharePoint And 21 CFR Part 11 Share Festpaulkfenton
Presentation given at the ShareFest conference, Philadelphi - April 8th 2010.
This presentation discusses a risk based approach to validation of SharePoint for regulated environments.
Executing Validation of GxP Systems Electronically using SharePointMontrium
Executing Validation of GxP
Systems Electronically using
SharePoint
For more information on Montrium please visit:
- www.montrium.com
- www.twitter.com/Montrium
- www.youtube.com/Montrium
or email info@montrium.com
SharePoint for Pharma - Computer System Life Cycle ManagementMontrium
SharePoint for Pharma - Computer System Life Cycle Management
Presented by Michael Zwetkow, VP Operations, Montrium Inc.
For more information on Montrium please visit:
- www.montrium.com
- www.twitter.com/Montrium
- www.youtube.com/Montrium
- gplus.to/Montrium
or email info@montrium.com
SharePoint Configuration Management – Effective Techniques for Regulated Shar...Montrium
This presentation will include:
• Recap of Validating SharePoint for Regulated Environments
• SharePoint within the GxP context
• Regulatory Requirements
• Industry Standards
• Corporate Standards
• What is Configuration Management?
• Implementation of formal system specific configuration control procedures
• Configuration deployment and version control techniques
• Integration with the validation and change control process
• Importance of leveraging a risk based approach to QC
• Using SharePoint to manage configuration control
Enjoy
If you have any questions please email info@montrium.com
Tools for Accelerating Validation of Office 365Montrium
It can be overwhelming navigating the evolving requirements pertaining to records management in electronic systems, even for the more experienced validation veteran. In this presentation, discover key insights on Office 365 validation to serve your clinical and regulatory needs.
Ultimately, the responsibility to validate GxP applications is on customers and partners of Microsoft - so we take a look at how to build out a validation plan and control protocols for successful integration with your existing system.
We uncover how Office 365 satisfies specifications of FDA’s 21 CFR Part 11 and EU Annex 11 from both a procedural and technical approach to satisfy regulatory conditions, and how the balance of shared responsibilities between Microsoft and its life sciences customers can satisfy regulatory requirements.
Develop a clearer overview of how to adapt validation techniques to the cloud, as well as key validation expectations and deliverables in Office 365.
The presentation covers the following topics:
-Preparation and adaptation of validation deliverables
-How to build a validation plan: scope and risk rationale
-Risk-based validation planning
-Regulatory compliance impact assessments for Office 365
-Components to be qualified and validated in the cloud
-Developing a validation summary report
Presentation describes the importance of IT validation from the perspectives of the FDA and our company. It explains GAMP 5, the Validation Life Cycle, good documentation practices, document naming conventions, Change Control, Problem Management, Periodic Evaluation, FDA 483 Warning Letters and 21 CFR Part 11 and a unique Validation Life Cycle.
How to Manage Your Requirements Efficiently - by Kovair SoftwareKovair
Kovair supports Requirements Management of many flavors - Standard as well as Proprietary methodologies or processes. All the capabilities necessary for effective and effortless Requirements Management are built-in in Kovair and are accessible through a highly user-friendly web interface. Kovair’s rich implementation of requirements gathering, parsing, management, traceability, base lining and intelligent reporting in a process-driven methodology enables project teams to effectively manage and map requirements.
Top 10 critical changes to audit in your it infrastructureNetwrix Corporation
Change auditing is one of the most important aspects of maintaining a secure and compliant IT infrastructure.
This webinar will help you understand why auditing is important, identify 10 most critical changes to audit and see how you can streamline your auditing using NetWrix Change Reporter Suite.
Change auditing is one of the most important aspects of maintaining a secure and compliant IT infrastructure.
This webinar will help you understand why auditing is important, identify 10 most critical changes to audit and see how you can streamline your auditing using NetWrix Change Reporter Suite.
Information and Records Management in SharePoint - An In-depth ReviewSimon Rawson
In this presentation, Simon covers the EDRM functions of SharePoint 2010/13 and regulatory requirements for Records Management. Suzette covers the National Archives of Australia (NAA) Information Checkup 2.0 and how Australian Government agencies can use it as a self-check tool.
The presentation was originally developed as a hands on training course for Synergy Corporate Technologies where it formed one of the modules of the 5-day SharePoint 2010 Administration course.
This version of the presentation has been updated to include the new EDRM functions available in SharePoint 2013.
The presentation goes into considerable depth about the EDRM functions in SharePoint – and therefore this is not a light read!
Validation and Business Considerations for Clinical Study MigrationsPerficient, Inc.
There are a variety of essential validation and business considerations that should be evaluated when migrating clinical studies from one database to another (with or without existing data). Having a clear understanding of downstream study processes and receiving input from cross-functional teams are just some of the keys to a successful migration.
In this SlideShare we discuss several case studies that provide insight into:
The steps followed during a study migration process, from validation and business perspectives
Validation considerations for migrating into an empty database, as well as a database that already contains data
Suggested documentation for the migration process
Business continuity considerations to ensure a smooth study migration for all team members
Best practices and lessons learned
Microsoft master data services mds overviewEugene Zozulya
Master data management (MDM) is a technology discipline in which business and IT work together to ensure the uniformity, accuracy, stewardship, semantic consistency and accountability of the enterprise's official shared master data assets.
Master data management tools can be used to support master data management by removing duplicates, standardizing data (mass maintaining), and incorporating rules to eliminate incorrect data from entering the system in order to create an authoritative source of master data.
Microsoft Master Data Services (MDS) is the SQL Server solution for master data management. Master data management (MDM) describes the efforts made by an organization to discover and define non-transactional lists of data, with the goal of compiling maintainable master lists. An MDM project generally includes an evaluation and restructuring of internal business processes along with the implementation of MDM technology. The result of a successful MDM solution is reliable, centralized data that can be analyzed, resulting in better business decisions.
Other Master Data Services features include hierarchies, granular security, transactions, data versioning, and business rules.
Master Data Services includes the following components and tools:
- Master Data Services Configuration Manager, a tool you use to create and configure Master Data Services databases and web applications.
- Master Data Manager, a web application you use to perform administrative tasks (like creating a model or business rule), and that users access to update data.
- MDSModelDeploy.exe, a tool you use to create packages of your model objects and data so you can deploy them to other environments.
- Master Data Services web service, which developers can use to extend or develop custom solutions for Master Data Services.
Migrating from a monolith to microservices – is it worth it?Katherine Golovinova
IURII IVON, EPAM Solution Architect, Microsoft Competency Center Expert.
The term ‘microservices’ has become so popular that many people see it as a silver bullet for all architectural problems, or at least as a trend that should be followed. If your project is a monolith today, does it make sense to move towards microservices? This presentation overviews painful issues to be considered when migrating from a monolith to microservice architecture, ways to solve them, and ideas on the feasibility of such migration.
Similar to SharePoint for Pharma - A Risk-Based Validation Approach for Life Sciences (20)
Monitoring Beyond COVID-19: Setting Yourself Up for the New-NormalMontrium
The Covid-19 pandemic has forced the pharmaceutical and medical device industries to explore methods beyond the traditional on-site monitoring and auditing of clinical trial sites. It has enabled companies to leverage both existing technologies and quickly adopt new methodologies to ensure data integrity and patient safety.
With these changes, companies are able to identify opportunities for both increased quality and efficiencies in their clinical trials.
In this webinar, we will discuss:
Opportunities and the challenges of the “new normal” in the management and oversight of clinical trials
Insights into how we think technology will evolve in the future to better support new risk based approaches to oversight
AI's growing role in clinical trial oversight
Best Practices for Implementing Robust Governance Processes in Office 365Montrium
With Office 365 cloud services, it’s up to customers to manage GxP data governance, authorize access, and configure settings to ensure data integrity. However, given Office 365’s highly customizable nature, many teams face frustrations when establishing governance provisions.
To combat the challenges that come with a continuously evolving system, we will share how you can establish/adapt governance processes to accommodate for smaller, frequent changes. During the webinar, you will learn how Office 365 customers' data benefits from having multiple layers of granular control within a robust governance model to support the management of GxP content.
The webinar covers the following topics:
Overview of IT Governance
Risk-based approach tied to Governance: identifying and mitigating risks in the cloud
Methodology for a good Office 365 Governance strategy
Office 365 Governance with Technical Controls
Compliance Monitoring Overview
Strategies to Facilitate GxP Processes Deployment in Office 365Montrium
Moving your existing environment to manage regulated content in a new Office 365 environment requires a rigorous amount of attention to detail, and any overlook can lead to more significant problems down the road. Whether you’re coming from working within legacy applications or pre-existing infrastructure, you must take the right precautions.
When deploying GxP processes in Office 365, you will need to leverage a deployment approach that can address both technical considerations while accounting for the distinctions in your organizational culture and specific user requirements.
How to Get Started with GxP Processes in Office 365 - The Discovery PhaseMontrium
The webinar covers the following topics:
-How the GxP Design and Delivery Landscape is Changing (digitization of processes, cloud adoption, agile adaptation, better relationships with service providers)
-Business Analysis for Office 365 and the Cloud (methods applied in a Discovery that meet life science trends)
-Discovery Goals (relationships, vision, delivery and enablement of GxP solutions in Office 365)
-Discovery Walkthrough (methodology, sessions, best practices)
How to prepare for an audit and maintain oversight within your e qmsMontrium
In this webinar, not only will we take you through what you’ll need to do to prepare for an audit, but we will also share what you can do to contribute to continuously improve and maintain oversight of your QMS.
Transforming eTMF Management: Moving to a Data-Driven ApproachMontrium
We are moving towards a digital age of automation in clinical trials where electronic management of content and data to document activities and decisions is the industry-wide norm.
This means that the concept of TMF is also evolving and is no longer just a document repository, but rather a collection of systems holding content and data. As a result, there is a strong business case from moving away from just archiving documents to actively managing TMF content and information using techniques and practices borrowed from clinical data management.
In this webinar, we will look at how you can use queries, data review and process-based approaches to ensure that your TMF tells an accurate and complete story of what occurred in your study. We will also discuss the greater scope of TMF relevant information and systems and how you can best integrate these sources into a more holistic environment to greatly facilitate inspections and clinical trial oversight.
Best practices for preparing for and surviving inspectionsMontrium
We will be exploring the best practices for preparing and surviving TMF inspections. We'll start by diving into why inspection readiness should be continuous, and share some key strategies to ensure your team has a successful inspection.
Best practices for preparing for and surviving inspectionsMontrium
We will be exploring the best practices for preparing and surviving TMF inspections. We'll start by diving into why inspection readiness should be continuous, and share some key strategies to ensure your team has a successful inspection.
Implementing Metrics & Completeness Reporting in TMF ManagementMontrium
Completeness is a key measurement for TMF to assess inspection readiness, however most organizations and eTMF systems are unable to calculate it accurately. The reason for this is primarily due to a lack of information or knowledge of study design and events that have occurred or that will occur in the study.
In this webinar, we will discuss strategies for calculating accurate completeness as well as review other key metrics that enable you to assess your TMF health and inspection readiness.
Empowering Active TMF Management With an eTMF SystemMontrium
Active TMF Management is critical when conducting a trial. Managing your trial documentation on an on-going basis will allow organizations to have greater oversight on the completeness, empower team members to submit content in timely manner, and ultimately be continuously inspection ready all the while monitoring the quality of your documents.
In our upcoming webinar, we will be exploring how to use an eTMF system to its full capacity by empowering active TMF Management. We'll start by understanding the measurable benefits gained by managing an active TMF and the disadvantages of having a passive TMF repository.
We will also dive deeper into some of the features Montrium has developed as part of our eTMF which empowers clinical teams and gives organization's the tool to have a successful study.
During this webinar, you'll learn:
• What challenges are present when using an eTMF solely as a repository?
• What it means to have active TMF Management with an eTMF System
• How to empower clinical teams to collaborate and treat TMF as a living document
• What tools an eTMF provides to allow for active management
• What benefits active TMF management provides
• Introduction to Montrium's eTMF
• Plus much more...
With Office 365 cloud services, it’s up to customers to manage data governance, authorize access, and configure settings to ensure data integrity. Montrium's Professional Services team has extensive experience working to mitigate the frustrations that teams face when establishing governance provisions for Office 365.
In this webinar, your host Chrysa will discuss how Office 365 customers' data benefits from having multiple layers of granular control within a robust governance model to support the management of GxP content.
-The webinar will cover the following topics:
-Office 365 governance strategy and model overview
-Documents that contribute to SharePoint Online governance
-Governance considerations for GxP and non-GxP use
-Identifying and mitigating risks in the cloud
-And much more...
The Webinar will cover the following topics:
• What challenges are present when using an eTMF solely as a repository?
• What it means to have active TMF Management with an eTMF System
• How to empower clinical teams to collaborate and treat TMF as a living document
• What tools an eTMF provides to allow for active management
• What benefits active TMF management provides
• Introduction to Montrium's eTMF
• Plus much more...
Automation of document management paul fenton webinarMontrium
In the life sciences, most of the documents we create end up as records. Now, as we move towards a paperless era in today’s GxP environment and leverage digital content management technology, we are also starting to change the way that we author, collaborate, manage, exchange, and archive our documents.
The very nature of document management is transforming as more and more data becomes part of the document management landscape. In this webinar, we explore how technology is transforming our GxP records management environments and what the future may hold for automating processes
Over 5 unique webinar sessions, we’ll share everything you need to know about transitioning to Office 365 and SharePoint Online. These webinars will feature actionable strategy, exemplified by real-world case studies, and practical game plans to help you develop a clear strategy for managing GxP content in the cloud.
The Compliance Playbook Webinar Series is geared towards those looking to migrate from file shares and other legacy EDMS systems - to becoming more agile with Office 365.
We'll take you through:
- Why are Life Sciences Organizations moving to Office 365
- Strategies for Conducting Vendor Assessments of Cloud Vendors
Validation in Office 365: Tools for Acceleration
- Validation in Office 365: Continuous Validation
- Maintaining Oversight for Complete Governance in Office 365
Practical Steps to Selecting and Implementing an eTMFMontrium
There are many benefits to moving to an electronic Trial Master File (eTMF) and many organizations are either thinking of moving, or are already in the process of doing so.
However, there are a great deal of things to consider before being able to successfully move to an electronic platform which are often overlooked, often resulting result in unsuccessful or sub-optimal eTMF implementations.
This webinar takes you through some of the practical steps that you need to go through to successfully implement and benefit from an eTMF.
Since its release in 2010, The DIA’s TMF Reference Model has proven to be extremely valuable to the life sciences industry. In this content-packed webinar, we will provide a history and overview of the Model, present its structure, and the various sub-groups and resources available. The Model is not intended to be used “off-the-shelf" but can be implemented according to certain expectations and requirements of life science sponsors (pharma, bio, device), investigative sites (academic, for-profit, nonprofit) and CROs / third-party team members alike.
Paul Fenton, CEO of Montrium and CGI Life Science’s Fran Ross, both Members of the TMF Reference Model Steering Committee, will discuss strategies for implementing the Model and how it can be used to ensure tight controls of GxP required content for inspection. Finally, the session will present the TMF Reference Model Exchange Mechanism Standard which extends the Model's capability to facilitate eTMF interoperability and content exchange.
In this presentation, we explore the TMF fundamentals and an introduction to better managing your TMF. We'll start by diving into the world of TMF management, how to properly leverage the regulations, which documents constitute as TMF-worthy and what basic metrics you can track to increase the efficiency of your trial.
Finally, we will also discuss some of the features Montrium has developed to facilitate the management of the Trial Master File in a fundamental way.
This presentation covers the following topics:
-Fundamentals of TMF management process
-How to use the regulations to ensure success
-What cross functional groups hold TMF worthy documents
-TMF management challenges and how you can alleviate them
-Base metrics to track and what they mean to your organization
-How an eTMF helps TMF Management
You can follow along with this presentation via our webinar:
https://info.montrium.com/tmf-fundamentals-an-introduction-to-better-trial-master-file-management
TMF Fundamentals - An Introduction to Better Trial Master File Management - M...Montrium
In this presentation, we explore the TMF fundamentals and an introduction to better managing your TMF. We'll start by diving into the world of TMF management, how to properly leverage the regulations, which documents constitute as TMF-worthy and what basic metrics you can track to increase the efficiency of your trial.
Finally, we will also discuss some of the features Montrium has developed to facilitate the management of the Trial Master File in a fundamental way.
This presentation covers the following topics:
-Fundamentals of TMF management process
-How to use the regulations to ensure success
-What cross functional groups hold TMF worthy documents
-TMF management challenges and how you can alleviate them
-Base metrics to track and what they mean to your organization
-How an eTMF helps TMF Management
You can follow along with this presentation via our webinar:
https://info.montrium.com/tmf-fundamentals-an-introduction-to-better-trial-master-file-management
Strategies for Conducting GxP Vendor Assessment of Cloud Service Providers - ...Montrium
Want to deploy a new technology solution but not sure where to begin? These slides cover key considerations for choosing a vendor with cloud compliance and validation in mind. With the Office 365 subscription-based service gaining considerable momentum in the life sciences, it's important to stay ahead of the technological and regulatory curve and consider how an EDMS system will bring improvements to managing your GxP content.
Here we cover the following topics:
-Vendor assessment of Microsoft
-Subscription basics of Office 365
-Review of ISO/SOC audit reports
-Ensuring that no critical observations are made
-Security and quality controls in place
You can follow along with this presentation via webinar format:
https://info.montrium.com/strategies-for-conducting-gxp-vendor-assessment-of-cloud-service-providers
Why Are Life Science Companies Moving to Office 365?Montrium
The webinar will cover the following topics:
-Moving away from costly and inefficient legacy systems
-Key GxP features and capabilities available in the cloud
-Case studies of Office 365 across the life sciences landscape
-What comes with a continuous Office 365 Validation Subscription?
-Montrium methodology, tools, and documentation available to you
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
The Art of the Pitch: WordPress Relationships and Sales
SharePoint for Pharma - A Risk-Based Validation Approach for Life Sciences
1. SharePoint for Pharma -
SharePoint and 21 CFR Part 11
A Risk-Based Validation Approach
for Life Sciences
Presented by
Paul Fenton
VP Pharmaceutical Processes
and Technology
April 23rd 2010
www.montrium.com COPYRIGHT MONTRIUM 2009
2. SharePoint for
Pharma Series
• Webinar series that aims to highlight the different
aspects of validating and using SharePoint in GxP
environments
• Should provide attendees with a good grounding
for their SharePoint projects
• Slides can be distributed upon request. Details on
how to request slides will be distributed to attendees
following each webinar
• Feel free to ask questions in the questions panel
• Thank you for your interest!
www.montrium.com COPYRIGHT MONTRIUM 2009
3. Overview
• Objectives of validation
• Regulatory requirements
• How to identify electronic records
• Deploying controlled and non-controlled MOSS environments
• Risk evaluation methods and scoping the validation strategy
• Step by Step overview of the risk-based validation process
following the GAMP5 model
• Implementing effective configuration and change control
procedures for MOSS
• Maximizing quality and ROI
• Lessons learned and best practices
• Upcoming webinars
www.montrium.com COPYRIGHT MONTRIUM 2009
4. What is Computer
Systems Validation?
• A formal process to ensure that:
• systems consistently operate as they
were intended
• user, business and regulatory system
requirements are met
• information is secure and properly
managed by the system
• procedures and processes are in place for
the use and management of the system
www.montrium.com COPYRIGHT MONTRIUM 2009
5. What the regulations
say…
• FDA: 21 CFR Part 11
§11.10(a) Validation of systems to ensure
accuracy, reliability, consistent intended
performance, and the ability to discern invalid
or altered records.
• ICH E6 – GCP
§5.5.3(a) Ensure and document that the
electronic data processing system(s) conforms
to the sponsor’s established requirements
for completeness, accuracy, reliability and
consistent intended performance (i.e.
validation)
www.montrium.com COPYRIGHT MONTRIUM 2009
6. What the
regulationssay….
• FDA: CSUCI
§F5 Change Control - The integrity of the data and the
integrity of the protocols should be maintained when
making changes to the computerized system, such as
software upgrades, including security and performance
patches, equipment, or component replacement, or new
instrumentation. The effects of any changes to the
system should be evaluated and some should be
validated depending on risk. Changes that exceed
previously established operational limits or design
specifications should be validated. Finally, all changes to
the system should be documented.
www.montrium.com COPYRIGHT MONTRIUM 2009
7. Other important
guidance documents
• PIC/S Annex 11 – PI 011-3 Good
Practices for Computerised Systems
in Regulated GxP Envrionments
(2007)
• US FDA: General Principles of
Software Validation; Final Guidance
for Industry and FDA Staff (2002)
www.montrium.com COPYRIGHT MONTRIUM 2009
8. What is expected?
• That procedures should be in place to
ensure that systems used in regulated
activities are adequately validated
• That systems should be maintained in a
validated state through effective change
control mechanisms
• That sponsors take a risk based approach
to computer systems validation (CSV)
• That individuals involved in CSV activities
and the maintenance of validated systems
have adequate experience and training
www.montrium.com COPYRIGHT MONTRIUM 2009
9. How to identify
electronic records
• 21 CFR Part 11 defines electronic records as:
• Records that are required to be maintained
under predicate rule requirements and that
are maintained in electronic format in place of
paper format
• Records that are required to be maintained
under predicate rules, that are maintained in
electronic format in addition to paper format,
and that are relied on to perform regulated
activities
www.montrium.com COPYRIGHT MONTRIUM 2009
10. How to identify
electronic records
• 21 CFR Part 11 defines electronic records as:
• Records submitted to FDA, under predicate
rules (even if such records are not specifically
identified in Agency regulations) in electronic
format
• Electronic signatures that are intended to be
the equivalent of handwritten signatures,
initials, and other general signings required by
predicate rules
www.montrium.com COPYRIGHT MONTRIUM 2009
11. Electronic Records
within MOSS
• Records within the context of MOSS
could be:
• Documents (excluding descriptive
metadata) required to be maintained
by predicate rule
• Metadata (Columns) used to perform
regulated activities (or make regulated
decisions)
• InfoPath forms used to document
regulated activities
www.montrium.com COPYRIGHT MONTRIUM 2009
12. Electronic Records
within MOSS
• Electronic / Digital Signatures used
to sign records required by
predicaterules
• Audit Trails generated for electronic
records being generated and/or
managed in MOSS
www.montrium.com COPYRIGHT MONTRIUM 2009
13. How to identify
electronic records
• Points to consider:
• Does the record exist in electronic format only with no
paper source?
• Is the record required by predicate rule?
• Does the record drive a regulated process or decision?
• If the answer to any of the above is ‘Yes’ then 21 CFR
Part 11 applies and your system must be validated
• You should document this in a validation assessment
document or validation plan. You should also clearly
identify the scope of validation in this document
• This document can help structure your MOSS
deployment into controlled and non-controlled
environments
www.montrium.com COPYRIGHT MONTRIUM 2009
14. Controlled vs. Non-
Controlled MOSS
Architecture
• MOSS can be used across the enterprise for many
different applications and groups
• It is imperative to make a clear separation between
controlled (validated) and non-controlled environments
• This can be achieved by deploying an independent web
application/site collection or controlled sites for
regulated documents and processes
• There are advantages and disadvantages to both
models due to limitations of MOSS
• These architecture models aim to offer both flexibility
and control and reduce validation / change control scope
www.montrium.com COPYRIGHT MONTRIUM 2009
15. Controlled vs. Non-
Controlled –
Integrated Option
Central Admin
•Features and Solutions (Scope must be controlled) Admin
•Administered Forms (Scope must be controlled) DB
•Controlled Content Types Validated Web Application •Controlled Security Groups
•Controlled Columns Top Level Site Collection (Controlled)•Controlled Templates
•Controlled Lists
Content
DB
Controlled Record Center or
Uncontrolled
Functional Sites – Document
Functional Sites
Custom Validated Custom
Repository –
•Uncontrolled Content Types Send-To /
Hyperlinks
Send-To / Validated
•Uncontrolled Columns Hyperlinks
•Uncontrolled Lists
•Uncontrolled Security Groups •Controlled Site and Library •Information Management
•Uncontrolled Templates structures Policies
•Non-validated Features and •Validated Features and •Records Mgt Site Structures
Solutions Solutions •Record Mapping
•Non-validated Workflows • Validated Workflows
• Validated Dashboards
www.montrium.com COPYRIGHT MONTRIUM 2009
16. Controlled vs. Non-
Controlled – Isolated
Option
Central Admin
•Features and Solutions (Scope must be controlled) Admin
•Administered Forms (Scope must be controlled) DB
Uncontrolled Web
Validated Controlled Web Application
Application •Controlled Content Types •Controlled Security Groups
•Uncontrolled Templates •Controlled Columns •Controlled Templates
•Uncontrolled Content Types •Controlled Lists
•Uncontrolled Columns Content
•Uncontrolled Lists DB
•Uncontrolled Security Groups
Content Controlled Record Center or
DB
Functional Sites – Document
Uncontrolled Validated Custom
Send-To /
Repository –
Functional Sites
Hyperlinks
Hyperlinks Validated
•Non-validated Features and •Controlled Site and Library •Information Management
Solutions structures Policies
•Non-validated Workflows •Validated Features and •Records Mgt Site Structures
Solutions •Record Mapping
• Validated Workflows
• Validated Dashboards
www.montrium.com COPYRIGHT MONTRIUM 2009
17. Example of Controlled
and Non-Controlled
Environment
Central Admin
/ TLS
Uncontrolled Controlled
Workspace Workspace
RegOps Records
ClinOps PV CMC HR ClinOps PV CMC RegOps
Center
Validated Environment
www.montrium.com COPYRIGHT MONTRIUM 2009
18. Risk Evaluation and
Scoping the
Validation Strategy
• Agencies are actively encouraging the use of risk based
approaches for the validation of computerized systems used
in GxP environments
• The use of a risk based approach allows us to focus on high
risk areas whilst reducing the validation effort and
improving quality
• When starting the deployment of MOSS in regulated
environments, it is important to evaluate risk so as to
focus validation efforts on high risk areas
• Risk should be measured at two levels:
• General procedural risk
• Detailed functional risk
www.montrium.com COPYRIGHT MONTRIUM 2009
19. Risk Evaluation and
Scoping the
Validation Strategy
• Risk can be identified as either
regulatory risk or business risk
• You should clearly specify that you
intend to adopt a risk based approach
in your validation plan and also explain
the rationale behind the approach
• Ensure that risk assessment is carried
out by a knowledgeable team
• Be strict as everything can end up being
high-risk with enough debate….
www.montrium.com COPYRIGHT MONTRIUM 2009
20. Risk based approach
101 – Identify Scope
• Step 1 - When defining the scope of your MOSS deployment
clearly identify regulated procedures and records that will be
generated or managed by the system
MOSS Examples:
1. MOSS will be used to generate submission ready electronic PDF
records that will be submitted to FDA as part of our INDs
2. MOSS will be used to control the drug shipment authorization
process for clinical sites
3. MOSS will be used to generate CAPA records for our GMP facility
4. MOSS will be used to manage audit report observations
IMPORTANT: If MOSS will not be used for processes or records
that are governed by predicate rules…there is no regulatory
requirement to validate!
www.montrium.com COPYRIGHT MONTRIUM 2009
21. Risk based approach
101 – Risk Type /
GxP Determination
• Step 2 - Associate a type of risk (regulatory or business) to
each record or process based on the following criteria:
A. Is the record or procedure governed or required by predicate rule?
B. Does the procedure or record have an impact on subject safety?
C. Does the procedure or record have an impact of product quality?
D. Does the procedure or record have an impact on data integrity?
E. Does the procedure or record have a important impact on our ability to carry out
the daily tasks of our business?
MOSS Examples:
1. MOSS will be used to generate submission ready electronic PDF records that will be
submitted to FDA as part of our INDs – Regulatory risk (A)
2. MOSS will be used to control the drug shipment authorization process for clinical sites –
Regulatory Risk (B)
3. MOSS will be used to generate CAPA records for our GMP facility – Regulatory Risk (C)
4. MOSS will be used to manage audit report observations – Regulatory and Business
Risk (A-E)
IMPORTANT: If a procedure or record has no regulatory risk associated, it may be
excluded from the validation effort provided that adequate rationale is provided
www.montrium.com COPYRIGHT MONTRIUM 2009
22. Risk based approach
101 – Risk Scenarios
• Step 3 – Define risk scenarios for each process or
record identified. Scenarios should include:
• Potential risk
• Likelihood of occurrence/detection
• Impact
• Palliative actions
MOSS Example:
1. MOSS will be used to control the drug shipment authorization process for clinical sites –
Regulatory Risk (B)
Risk Scenario A:
• Risk: IRB approval has not been received and a subject is enrolled in study and
treated
• Likelihood: Medium – Due to combination of procedural and system controls
• Impact: High – Treating subjects without IRB approval considered a serious
deviation
• Palliative Action: Ensure that drug cannot be shipped to site before IRB approval
has been received through system and procedural controls
www.montrium.com COPYRIGHT MONTRIUM 2009
23. Risk based approach
101 – Link System
Functions to Scope
• Step 4 – Once processes and records have been classified by
procedural risk, they must be linked to the system functionality
defined in the user requirements specification (URS):
MOSS Example:
Process / Record URS ID Requirement
MOSS will be used to UR3.1. The system should allow the automatic generation of
generate submission PDF v1.4. files
ready electronic PDF
UR3.2. The system should allow the electronic signature of
records that will be
records
submitted to FDA as
part of our INDs UR3.3. The system should be able to invalidate electronic
signatures if the signed record is modified
UR3.4. The system should manage the version number of
records
UR3.5. The system should be capable of rendering final
records read-only
www.montrium.com COPYRIGHT MONTRIUM 2009
24. Risk based approach
101 – GAMP Risk
Evaluation method
Probability Detectability
Medium
Medium
High
High
Low
Low
Risk Class
2 1 1 M H H
Risk Class
Priority
Severity
High 1 Risk
3 2 1
Medium L M H
2
Low
3 3 2
3 L L M M
Severity = Impact on Patient Safety, Detectability = Likelihood that the
Product Quality or Data Integrity fault is detected before harm
Probability = Likelihood of fault occurs
occurring
Priority = Risk Class xDetectability
Risk Class = Severity x Probability
www.montrium.com COPYRIGHT MONTRIUM 2009
25. Risk based approach
101 – Decide on risk
acceptability level
• Step 5 – Based on the type of system and the high
level risk assessment we must decide on what level
of risk must be tested for during validation
• Custom built systems or components tend to present a higher
level of risk than OTS systems
• It may be appropriate to exclude business risk from testing
• The validation plan should specify the acceptable risk levels
with rationale
MOSS Example:
1. All OTS MOSS functions that have a risk rating of low or medium will not be formally
tested during validation. These functions are deemed to be adequately tested by the
vendor.
2. All custom applications deployed within the MOSS environment that have GxP impact
and a risk rating of medium or high will be formally tested during validation. Low risk
functions and functions that do not have GxP impact will be informally verified during the
build phase.
www.montrium.com COPYRIGHT MONTRIUM 2009
26. Risk based approach
101 – Evaluate
System Functions
• Step 6 – Once processes and records have been linked to system
functions, a risk evaluation of each function involved is undertaken:
MOSS Example:
Process / URS Requirement Risk Scenario Severity / Test
Record ID Probability / Y/N
Detectability
Low (L), Medium
(M), High (H)
MOSS will UR3.1 The system should allow PDF Files are
be used to . the automatic generation generated in M L H No L
generate of PDF v1.4. files the incorrect
submission format
ready
electronic
UR3.2
.
The system should allow
the electronic signature of
Record cannot
be signed
L M H No
L
PDF records
records
that will be
submitted UR3.3 The system should be Signature
to FDA as . able to invalidate remains valid H M L Yes H
part of our electronic signatures if after record
INDs the signed record is modification
modified
www.montrium.com COPYRIGHT MONTRIUM 2009
27. Risk based approach
101 - Completion
• The result of the functional risk assessment
provides us with the foundation for the various
tests that we should execute against the
installed MOSS environment
• The same methodology should be applied
when performing change control
• Risk assessment should be reviewed by the
system stake holders and QA for
completeness before moving on to the next step
of validation
www.montrium.com COPYRIGHT MONTRIUM 2009
28. Step by Step CSV
Model
• GAMP5 is a standard that was established by ISPE
• The standard provides a framework for achieving
compliant GxP computerized systems
• This standard is widely recognized and understood by
industry
• GAMP provides guidance for the validation of different
categories of systems
• MOSS would be considered a Configured Off the Shelf
system within the context of GAMP
• It is expected that these systems have already
undergone significant validation during development
by the vendor
• Configured off the shelf systems require less
validation effort than customized systems
www.montrium.com COPYRIGHT MONTRIUM 2009
30. CSV Documents –
Validation Plan
• Governs the validation process for a system
• Outlines:
• Roles and responsibilities
• Validation approach and risk rationale
• System scope and pre-requisite requirements
• Documentation deliverables for the system
• The plan should be high level and flexible whilst
clearly specifying what is required to achieve
compliance
• If MOSS is to be deployed in a controlled and non-
controlled configuration, the plan should clearly state
that only the controlled environment will be
validated
www.montrium.com COPYRIGHT MONTRIUM 2009
31. CSV Documents – User
Requirements
Specification
• Document that defines:
• business (end user) requirements
• functional requirements
• performance requirements
• regulatory requirements (including 21 CFR Part 11
requirements)
• system architecture and security requirements
• Requirements should be precise and measurable
• Used as the basis for developing test scripts
• Try to prioritize requirements (Must, Should, Want)
• Try and minimize requirements and avoid stating the
obvious for known OTS systems such as MOSS
www.montrium.com COPYRIGHT MONTRIUM 2009
32. CSV Documents –
Traceability Matrix
• It is strongly recommended that a traceability
matrix is maintained throughout the lifetime of
the system
• The trace matrix:
• Links test scripts to user and functional requirements
• Ensures that all requirements are adequately tested
• Indicates the risk classification for each testable
requirement
• Should be considered a living document and therefore
versioned and updated during change control
www.montrium.com COPYRIGHT MONTRIUM 2009
33. CSV Documents –
Functional
Specification
• Functional specifications allow us to describe how
system functions will meet user requirements
• The functional specification clearly describes:
• The purpose of each function
• The inputs
• The process
• The outputs
• Functional specifications are not required for the
installation and configuration of baseline MOSS
• Functional specifications should be developed for:
• Validated InfoPath forms
• Validated workflows
• Custom web parts, features and solutions
• Integration with any third party applications or services
www.montrium.com COPYRIGHT MONTRIUM 2009
34. CSV Documents –
Configuration
Specification
• The configuration specification clearly documents:
• The baseline MOSS parameters and architecture required
for installation of the product and any 3rd party add-ons
• The structure of the controlled environment, notably:
• Site and library settings
• Libraries
• Content types
• Columns
• Security groups and user rights
• Template and workflow deployment
• The specification can be versioned and used to
document the execution of the configuration in MOSS
• The specification should be updated each time
changes are required through change control
www.montrium.com COPYRIGHT MONTRIUM 2009
35. CSV Documents –
Configuration
Testing (IQ)
• Ensures that all software modules are installed correctly
• Lists step by step process for the installation and configuration of
all software modules
• Defines expected results at each control point of the installation
• Ensures that all documentation is in place and that the system is
adequately protected
• Ensures proper verification of the structural elements i.e. sites,
content types etc.
• It is recommended to develop an IQ protocol which governs the
overall installation and configuration process
• Develop IQ scripts for the installation of baseline MOSS and 3rd
party add-ons in all validated environments
• Develop IQ scripts for the execution of the configuration
specification for structural MOSS elements
www.montrium.com COPYRIGHT MONTRIUM 2009
36. CSV Documents –
Functional Testing
(OQ)
• Consists of end to end positive and negative testing that all
system components i.e. hardware and software are operating
as intended
• Tests are executed on base functionality by end users and IT
• Tests are governed by a test protocol which clearly describes
the test and deviation management procedures that must be
followed
• Tests should be broken down into test scripts by functional
area, linked to baseline system functions, and be approved
before execution
• All test results should be clearly documented using good
documentation practices (ALCOA)
• Tests serve as a mechanism to verify that the system is
operating correctly in its installed environment
www.montrium.com COPYRIGHT MONTRIUM 2009
37. CSV Documents –
Requirements
Testing (PQ)
• Requirements testing consists of positive testing of business
specific configuration and user requirements
• Tests are executed on business specific functionality such as
workflows or InfoPath forms that were identified as being
testable during the risk assessment exercise
• Tests are governed by a test protocol which clearly describes the
test and deviation management procedures that must be followed
• Tests should be broken down into test scripts by process and be
linked to user and functional requirements, and be approved before
execution
• All test results should be clearly documented using good
documentation practices (ALCOA)
• Tests are typically executed by end users and serve as a user
acceptance mechanism
www.montrium.com COPYRIGHT MONTRIUM 2009
38. Final Validation
Summary Report
• Describes how the validation went, verifies
that all deviations are closed, and provides for
the final approval of the CSV document package
to allow the system to go into production
• Individual summary reports for each step of
the verification process or a comprehensive
report covering all steps may be produced
• The summary report should clearly show that
the validation plan and protocols were followed
and that the acceptance criteria for putting
the system into production have been met
www.montrium.com COPYRIGHT MONTRIUM 2009
39. Configuration control
and maintaining the
validated state
• Configuration control should be governed by a formal MOSS
specific procedure in addition to any general provisions of the IT
Configuration control SOP
• This procedure should govern the update of the configuration
specification
• The configuration specification should be used to clearly document
updates / additions to MOSS
• Any changes to the validated controlled environment must also be
documented using change control
• Should significant changes or additions be made, a new
validation project may be required
• For workflows, forms or features/solutions it is imperative to
correctly evaluate impact and risk and produce adequate test
scripts properly integrate the additional elements into the current
environment
www.montrium.com COPYRIGHT MONTRIUM 2009
40. Maximizing quality
and ROI
• Validation can be expensive and time consuming if it is
not done correctly
• By defining a clear validation strategy and by leveraging
risk assessment techniques, we are able to focus the
validation effort on what is really important
• Consider acquiring tried and tested test scripts and/or
validation packages for MOSS / third party add-ons so as to
reduce the amount of preparation time and improve quality
• Make sure that all individuals involved in the validation
effort are fully trained and understand the CSV process
• Isolated controlled environments facilitate validation and
configuration control
• Use virtual environments so as to facilitate replication
between production and test environments
www.montrium.com COPYRIGHT MONTRIUM 2009
41. Lessons learned and
best practices
• Create a ‘Big Picture’ of your MOSS deployment so as to ensure
that you are able to adequately accommodate all of your controlled
and non-controlled needs
• Use a risk based approach to focus and reduce validation efforts
– be strict otherwise everything becomes high risk…
• Remember that MOSS is an off-the-shelf product and that you
should limit validation scope to high risk business and regulatory
requirements as much as possible
• Establish a MOSS validation team to oversee and manage the
validation process and changes to the controlled MOSS environment
• Implement SOPs and WIs which clearly define how the
environment is configured and administered and which level of
documentation / re-validation is required by type of change
• Use a step by step deployment methodology to keep things
manageable
www.montrium.com COPYRIGHT MONTRIUM 2009
42. It is easy to drown
in the details…
Try and keep it
SIMPLE!
www.montrium.com COPYRIGHT MONTRIUM 2009
43. What’s next…
• Montrium will present the second webinar in its
SharePoint for Pharma series on Configuration
Control of SharePoint in Regulated Environments on
Friday May 7th 2010 at 11am EST
• This webinar will cover:
• Implementation of formal system specific configuration control
procedures
• Importance of defining clear taxonomies and standards across the
enterprise
• Configuration deployment and version control techniques
• Integration with the validation and change control process
• Importance of leveraging a risk based approach to QC
• Using SharePoint to manage configuration control
We look forward to seeing you there!
www.montrium.com COPYRIGHT MONTRIUM 2009
44. Contact Details
Paul Fenton
Montrium Inc.
361 St-Joseph West,
Montreal (QC) H2V 2P1
Canada
Tel. 514-223-9153 ext. 206
pfenton@montrium.com
www.montrium.com
You can also find me on LinkedIn…
www.montrium.com COPYRIGHT MONTRIUM 2009