Best Practices for Auditing a Vendor of Computer Systems Regulated by FDA

Learning Objectives

• To explain how to identify “GxP” Systems
• To discuss the Computer System Validation (CSV) approach based on FDA requirements
• To discuss the System Development Life Cycle (SDLC) approach to validation
• To describe the importance of performing a thorough vendor audit to ensure oversight of the products and services they deliver
• To discuss the key characteristics to review when performing an onsite vendor audit
• To explain how to use a Vendor Questionnaire as part of a vendor audit
• To discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing, and operational maintenance procedures
• To describe how to maintain a system in a validated state through the system’s entire life cycle
• To discuss how to assure the integrity of data that supports GxP work
• To discuss the importance of “GxP” documentation that complies with FDA requirements
• To discuss the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
• To discuss the key components of 21 CFR Part 11 compliance for electronic records and signatures
• To discuss the regulatory influences that lead to FDA’s current thinking at any given time

Course Description

Computerized systems that are used in FDA-regulated environments (i.e., the system “touches” an FDA-regulated product, or a raw material or packaging component used in conjunction with the product during the manufacturing, testing, or tracking processes).  Such a system must be validated by FDA guidelines for computerized systems and documented accordingly.

It is important to be able to identify computer systems used when performing FDA-regulated activities.  When a vendor is involved, whether in terms of provisioning hardware and/or software, implementing the system, or maintaining it, this must be done in compliance with FDA requirements.  A solid computer system validation strategy, along with an understanding of industry best practices, will lead your company to ensure that vendors are held accountable for the delivery of systems and services that will support your efforts to validate computer systems and maintain them in a validated state.

This CPE webinar will also guide you on the importance of factoring risk into all FDA-regulated activities and will help you assess the risk of any computer products purchased from third-party vendors. 

Major topics covered in this Online CPE Webinar course on Information Technology:

• A strategic approach to vendor audit
• Key areas of vendor performance that are necessary to ensure they will meet your compliance requirements
• How to investigate 21 CFR Part 11 (electronic records/electronic signatures) compliance
• Procedural controls are needed to support areas where there may be technical control gaps or weaknesses
• Ways to leverage your vendor’s experience and expertise to assist with Installation Qualification and Operational Qualification
• How to carefully document all activities related to your vendor to ensure compliance
• Best industry audit practices to ensure FDA compliance

Overview

• FDA compliance

  5 mins
• Audit preparation

  13 mins
• Audit Execution

  50 mins
• Maintaining a system in a validated state

  61 mins
• Disaster recovery planning

  82 mins