Best Practices for Auditing a Vendor of Computer Systems Regulated by FDA

Course Description

Computerized systems that are used in FDA-regulated environments (i.e., the system “touches” an FDA-regulated product, or a raw material or packaging component used in conjunction with the product during the manufacturing, testing or tracking processes).  Such a system must be validated in accordance with FDA guidelines for computerized systems and documented accordingly.

It is important to be able to identify computer systems used when performing FDA-regulated activities.  When a vendor is involved, whether in terms of provisioning hardware and/or software, implementing the system or maintaining it, this must be done in compliance with FDA requirements.  A solid computer system validation strategy, along with an understanding of industry best practices, will lead your company to ensure that vendors are held accountable for delivery of systems and services that will support your efforts to validate computer systems and maintain them in a validated state.

This CPE webinar will also provide guidance on the importance of factoring risk into all FDA-regulated activities, and will help you assess the risk of any computer products purchased from third-party vendors. 

Major topics covered in this CPE course:

• Strategic approach to vendor audit
  
• Key areas of vendor performance that are necessary to ensure they will meet your compliance requirements
• How to investigate 21 CFR Part 11 (electronic records/electronic signatures) compliance
• Procedural controls needed to support areas where there may be technical control gaps or weaknesses
• Ways to leverage your vendor’s experience and expertise to assist with Installation Qualification and Operational Qualification
• How to carefully document all activities related to your vendor to ensure compliance
• Best industry audit practices to ensure FDA compliance

Learning Objectives

• To explain how to identify “GxP” Systems
  
• To discuss the Computer System Validation (CSV) approach based on FDA requirements
• To discuss about the System Development Life Cycle (SDLC) approach to validation
• To describe the importance of performing a thorough vendor audit to ensure oversight to the products and services they deliver
• To discuss the key characteristics to review when performing an onsite vendor audit
• To explain how to use a Vendor Questionnaire as part of a vendor audit
• To discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures
• To describe how to maintain a system in a validated state through the system’s entire life cycle
• To discuss how to assure the integrity of data that supports GxP work
• To discuss the importance of “GxP” documentation that complies with FDA requirements
• To discuss about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
• To discuss the key components of 21 CFR Part 11 compliance for electronic records and signatures
• To discuss the regulatory influences that lead to FDA’s current thinking at any given time

Recommended For

• This CPE webinar is recommended for CPAs, CISA, CISM, CRISC, and all the titles of ISACA as this CPE course will help you understand in detail Computer System Validation (CSV) and how to apply the System Development Life Cycle (SDLC) Methodology when validating computer systems.
  

Who Should Attend?

Webinar Qualifies For

• 1.5 CPE Credit for Information Technology Certified Associate (ITCA)
• 1 CPE Credit of Information Technology for Certified Public Accountants (CPA-US)
• 1.5 CPE Credit for Certified Information Systems Auditor (CISA)
• 1.5 CPE Credit for Certified Information Security Manager (CISM)
• 1.5 CPE Credit for Certified in Risk and Information System Control (CRISC)
• 1.5 CPE Credit for Certified Data Privacy Solutions Engineer (CDPSE)

FAQs content