QMS for Software as a Medical Device [SaMD] Lessons Learned from a Quality Perspective
|
|
- Hugh Gaines
- 8 years ago
- Views:
Transcription
1 QMS for Software as a Medical Device [SaMD] Lessons Learned from a Quality Perspective MedCon 2015 Francis Blacha, Robert Banta
2 Evolution from Physical to Digital Devices From To icloud Platform Mechanical injection pens: --Instructions for Use (IFU) (printed) --Labeling (printed) --Patient Inserts (PI) (printed) --Secondary Packaging (required) --Cartons (required) App running on mobile device Software as a Medical Device (SaMD): --Instructions for Use (IFU) (on screen) --Labeling (on screen) --Patient Inserts (PI) (none) --Secondary Packaging (none) --Cartons (none) 2
3 QS Elements Commonalities & Differences Physical vs Digital Devices Elements Common? Different? Data Integrity Training Product Launch Approvals CAPA Cybersecurity Risk Management Human Factors Purchasing Controls/Supplier Management Digital Connectivity Complaints Recall/Market Withdrawal Change Control/Configuration Management Labelling/IFUs 3
4 QS Elements Commonalities & Differences Physical vs Digital Devices Challenge: Evaluate & enhance Device QMS to enable Development & Commercialization of SaMDs icloud Platform App running on mobile device 4
5 Assessing QMS: Support Development & Commercialization of SaMD Typical linear development life cycle model for physical devices Source: 5
6 Assessing QMS: Support Development & Commercialization of SaMD Typical nonlinear (iterative) development life cycle model for SaMD Source IBM: 6
7 QMS Building Blocks System of Quality Model 1. Integrating Standards: Provide clear expectations on how to achieve quality objectives. The standards describe what and who is responsible. 2. Business Processes: Simple and effective, provide information on how operations are to be performed to meet requirements per the integrated standards. 3. Organizational: Defined roles to assure clear responsibilities and accountabilities. Skills must meet the needs of the specific roles. 4. Governance/Management Oversight: Ensures management is involved when decisions are required at the appropriate accountable levels. 7
8 System of Quality Model Applying the Lilly System of Quality results in consistent outputs: High-quality products Accurate and complete safety and efficacy data through design, execution, monitoring and continuous improvement of Quality These outputs are achieved via: Applying sound scientific principles Balancing product commercialization effort commensurate with risk Facilitating continuous improvement 8
9 Lessons Learned So Far Some Recent Experiences Source: 9
10 Integrated Standards Device Classification Integrated Standards U.S. Medical Device Classification Decision Process Decision Process Determine Intended Use Class III Outcomes PMA Submission & GMP s required Determine Product Codes(s) & Regulation Number(s) Class II 510(k) Submission & GMP s required Device? Yes Class I No submission, but GMP s are required No No submission, GMP exempt, except for specific provisions Mobile App (NOT mobile medical apps) 10
11 Integrated Standards Device Classification Integrated Standards Stand Alone S/W Determine Intended Purpose Device? No EU Device Standalone Software Decision Process 1 Yes Decision Process Active medical device No Drive or influence another device? Yes Classification Rules 9-12 Classified the same as the other device Outcomes & Requirements Class I Class IIa Class IIb (It depends) Annex VII: Tech Documentation Declaration of Conformity AE reporting & complaint handling Recalls Annex II: Quality System Notified Body Cert Tech Documentation Declaration of Conformity AE reporting & complaint handling Recalls 1 MEDDEV 2.1/6 January 2012 NOT a medical device the software does not perform an action on data, or it performs an action limited to storage, archival, Communication, simple search 11
12 Integrated Standards Device Classification Integrated Standards International Medical Device Regulators Forum (IMDRF) Source: 12
13 Integrated Standards Integrated Standards Device Classification IMDRF Framework for Risk Categorization of SaMDs Source: 13
14 Integrated Standards Integrated Standards Standards Analysis Mapping Standards Applicable to SaMDs Source: 14
15 Integrated Standards Standards Analysis Integrated Standards Evaluation of Various Standards Assessed traditional Device Standards associated with software, including: Software Validation Medical Device Software Device QSR Device QSM 15
16 Integrated Standards Standards Analysis Integrated Standards Mapping Standards Applicable to SaMDs 16
17 Standards Analysis Exercise Output was a Roadmap addressing IEC Risk-scaled Deliverables across Design Control Phases Integrated Standards SaMD Medical Device Software Lifecycle Model (IEC 62304: 2006) 17
18 Integrated Standards Analysis Output Integrated Standards Developed a Global Quality Standard that defines SaMD quality requirements for (among others): Design controls Risk management (including cybersecurity) Human Factors Distribution Purchasing Controls Labeling Privacy Data Integrity Product Recall 18
19 Business Processes Human Factors Business Processes SaMD Formative Human Factors Studies Formative HF Study to verify the effectiveness of knowledge gained Essential to have a cross-functional HF team Users interact with software Users/Programmers verify changes Usability experts take user feedback Programmers make design changes based on feedback Rapid iteration of HF Studies allows for easier change/verify cycles in software versus conventional change/verify cycles for physical devices. 19
20 Business Processes Product Recall Business Processes SaMD Recall/Market Withdrawal Commonalities/Differences Plan for physical removal from market Accomplished via print media and traditional mailings Physical removal from market Physical counting of recalled product Problem Identification Risk Assessment & Decision to recall Recall plan & communication planning Issue recall communications Recall / Market Withdrawal Monitor/review recall Effectiveness/ Update stakeholders Recall Complete Plan for SaMD deactivation or forced software upgrade Accomplished via notifications Digital deactivation or forced software upgrade Measured digitally via SaMD connection with cloud 20
21 Business Processes Patient Instructions Business Processes Labels and Instructions for Use (IFU) Physical Device Label attached to device IFU included with packaging Label update via printing of new labels IFU update via printing of new IFU Label and IFU subject to loss, alteration, or replacement without authorization SaMD Label integrated into software and displayed on screen IFU integrated into software and displayed on screen Label updated electronically via software upgrade IFU updated electronically via software upgrade Software label and IFU cannot be lost, altered, or replaced 21
22 Organization: Roles and Responsibilities Organization SaMD require new technical expertise: Mobile Application Software Engineer IT Network Infrastructure Specialist Global Information Security Architect Source: SaMD require identification of right span of control plus clear accountability: Device classification Software safety classification determination Risk management process ownership Patient safety decision ownership Cloud service provider supplier chain ownership 22
23 Organization: Defining Roles and Responsibilities Organization SaMDs require clear lines of accountability for among other items issue escalation/resolution regarding: SaMD commercialization decisions SaMD launch approvals Privacy decisions Data analytics usages Cybersecurity practices (app level and Cloud level) Due diligence of Cloud vendors Source: 23
24 Organization - Capability Example of Team Participants Organization Physical Device Team: Project Manager Regulatory Affairs/Qualified Person Medical Device Development Engineer Medical Device Quality Assurance Representative Human Factors Consultant Medical Affairs Consultant Additional Software skills: Mobile Application Software Developer Global Information Security Architect IT Quality Assurance Representative Cloud Infrastructure Consultant 24
25 Governance/Management Oversight Gov./Mgmt. Oversight Focusing on governance/ management oversight: Management involvement Problem escalation Decision making Auditing Source: 25
26 Governance/Management Oversight Gov./Mgmt. Oversight 26
27 So far Lessons Learned Early identification of the regulatory classification for SaMD both US and OUS Establish global quality standard (quality requirements) Ensure involvement of IT team in oversight of Cloud infrastructure Modify recall/market withdrawal processes to address SaMD technology capability Formative HF Studies enhanced by modifying SaMD code from daily patient interactions Enhance product surveillance processes and patient safety processes to address the unique technology associated with SaMD 27
28 Conclusion System of Quality Model used to enhance device QMS to support development and commercialization of SaMD Created a Quality standard that addresses design control and product commercialization requirements for MMA/SaMDs Integrated Standards Business Processes Increased HF Study design enhancements Modified recall/ market withdrawal Adapted process controls for e-labels/e-ifus Established Cloud change control governance Developed cross-functional due diligence process for selection of Cloud vendors Addressed auditing responsibilities for MMA/SaMDs Governance/ Management Oversight Organization Brought mobile app software SMEs into device design team Added Cloud infrastructure vendor & established supplier controls for Cloud vendor 28
29 Questions? 29
WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE
WHITEPAPER: SOFTWARE APPS AS MEDICAL DEVICES THE REGULATORY LANDSCAPE White paper produced by Maetrics For more information, please contact global sales +1 610 458 9312 +1 877 623 8742 globalsales@maetrics.com
More informationMedical Device Training Program 2015
Medical Device Training Introduction Supplementary training and education is often overlooked by medical device professionals until it is triggered by an upcoming FDA or Notified Body and/or ISO 13485
More informationPHARMACEUTICAL QUALITY SYSTEM Q10
INTERNATIONAL CONFERENCE ON HARMONISATION OF TECHNICAL REQUIREMENTS FOR REGISTRATION OF PHARMACEUTICALS FOR HUMAN USE ICH HARMONISED TRIPARTITE GUIDELINE PHARMACEUTICAL QUALITY SYSTEM Q10 Current Step
More informationReporting Changes to your Notified Body
Reporting Changes to your Notified Body Vicky Medley - Head of QMS, Medical Devices September 2015 1) Requirements & Guidance 2) Reporting Changes - What, When, Why & How 3) Some examples 4) Summary &
More informationHow To Write Software
1 Medical Device Software - Software Life Cycle Processes IEC 62304 2 Credits John F. Murray Software Compliance Expert U.S. Food and Drug Administration Marcie R. Williams Medical Device Fellow Ph.D.
More informationICH guideline Q10 on pharmaceutical quality system
September 2015 EMA/CHMP/ICH/214732/2007 Committee for Human Medicinal Products Step 5 Transmission to CHMP May 2007 Transmission to interested parties May 2007 Deadline for comments November 2007 Final
More informationUS & CANADA: REGULATION AND GUIDELINES ON MEDICAL SOFTWARE AND APPS OR
US & CANADA: REGULATION AND GUIDELINES ON MEDICAL SOFTWARE AND APPS OR A MEDICAL DEVICE IS A MEDICAL DEVICE IS A MEDICAL DEVICE AHWP Medical SW Workshop Taipei, Taiwan November 3, 2012 John G. Abbott,
More informationGuidance for Industry. Q10 Pharmaceutical Quality System
Guidance for Industry Q10 Pharmaceutical Quality System U.S. Department of Health and Human Services Food and Drug Administration Center for Drug Evaluation and Research (CDER) Center for Biologics Evaluation
More informationMedical Device Software Do You Understand How Software is Regulated?
Medical Device Software Do You Understand How Software is Regulated? By Gregory Martin Agenda Relevant directives, standards, and guidance documents recommended to develop, maintain, and validate medical
More informationUpdate: Proposed Medical Device Regulation (MDR) & IVD Regulation (IVDR)
Update: Proposed Medical Device Regulation (MDR) & IVD Regulation (IVDR) Paul Brooks Healthcare Solutions Disclaimer The new regulations are not finalized and subject to change http://medicaldevices.bsigroup.com/en-us/resources/whitepapers-and-articles/
More informationThe Shifting Sands of Medical Software Regulation
The Shifting Sands of Medical Software Regulation Suzanne O Shea Ralph Hall September 10, 2014 What Software is Regulated by FDA? FDA regulates medical devices. FDA regulates software that meets the definition
More informationSoftware within the medical device regulatory framework in the EU
Software within the medical device regulatory framework in the EU E-HEALTH WEEK (AMSTERDAM, 10 JUNE 2016) Erik Hansson, Deputy Head of Unit, DG GROWTH - Health Technology and Cosmetics, European Commission
More informationHow To Know If A Mobile App Is A Medical Device
The Regulation of Medical Device Apps Prepared for West of England Academic Health Science Network and University of Bristol June 2014 June 2014 1 Table of Contents 1 Purpose...3 2 Scope...3 3 The Regulation
More informationHow to Use the Design Process to Manage Risk: Elements of Design Controls and Why It Matters
environmental failure analysis & prevention health technology development How to Use the Design Process to Manage Risk: Elements of Design Controls and Why It Matters Kevin L. Ong, Ph.D., P.E. Managing
More informationConducting a Gap Analysis on your Change Control System. Presented By Miguel Montalvo, President, Expert Validation Consulting, Inc.
Conducting a Gap Analysis on your Change Control System Presented By Miguel Montalvo, President, Expert Validation Consulting, Inc. Standards, Regulations, Guidelines related to Change Control Management
More informationAddressing Risk in Partner / Contractor Selection and Onboarding. Michael Davidson VP Quality Systems and Compliance March 2014
Addressing Risk in Partner / Contractor Selection and Onboarding Michael Davidson VP Quality Systems and Compliance March 2014 Industry Trends Pfizer Overview Pfizer s Approach Risk Based Robust Due Diligence
More informationISO 13485:201x What is in the new standard?
ISO 13485:201x What is in the new standard? Eric Finegan, Quality Mgr, BTE Technologies, Inc. 2015-09-10 1 Presentation Slides This slide deck is the presentation performed on 2015-09-10. A more detailed
More informationRisk based 12/1/2015. Digital Health Bakul Patel Associate Director for Digital Health Office of Center Director.
Digital Health Bakul Patel Associate Director for Digital Health Office of Center Director Center for Devices and Radiological Health 1 Oversight Approach Platform independent Promote innovation Promote
More informationICH Q10 - Pharmaceutical Quality System
WCC PDA Dinner Meeting Jan 2012 ICH Q10 - Pharmaceutical Quality System Neil Wilkinson NSF-DBA www.nsf-dba.com ICHQ10.1 WCC PDA Dinner Meeting Jan 2012 Your Presenter Partner at NSF-DBA USA Training, Consultancy,
More informationICT Competency Profiles framework Job Stream Descriptions
ICT Competency Profiles framework Job Stream Descriptions Cluster: Software Products Analysis Design: In the field of analysis, you apply investigative skills to business, technical or organizational problems
More informationType of Personal Data We Collect and How We Use It
Philips Lumify App Privacy Notice This Privacy Notice was last changed on September 1, 2015. Philips Electronics North America Corporation ("Philips") strongly believes in protecting the privacy of the
More informationDiagnostic Tests. Brad Spring Director, Regulatory Affairs
Regulatory Challenges in the Development of Diagnostic Tests Industry Perspective Brad Spring Director, Regulatory Affairs September 28, 2011 Balancing Evidence of Safety & Effectiveness and Time to Market
More informationASSESSMENT OF QUALITY RISK MANAGEMENT IMPLEMENTATION
PHARMACEUTICAL INSPECTION CONVENTION PHARMACEUTICAL INSPECTION CO-OPERATION SCHEME PI 038-1 26 March 2012 AIDE-MEMOIRE ASSESSMENT OF QUALITY RISK MANAGEMENT IMPLEMENTATION PIC/S March 2012 Reproduction
More informationRegulatory Considerations for Medical Device Software. Medical Device Software
Medtec Ireland 2015 Wireless Medical Devices Regulatory Considerations for Medical Device Software Kenneth L. Block, RAC October 7, 2015 Galway, Ireland Offices: Dallas, Texas (12 employees) Tokyo, Japan
More informationRealizing business flexibility through integrated SOA policy management.
SOA policy management White paper April 2009 Realizing business flexibility through integrated How integrated management supports business flexibility, consistency and accountability John Falkl, distinguished
More informationISE Northeast Executive Forum and Awards
ISE Northeast Executive Forum and Awards October 3, 2013 Company Name: Project Name: Presenter: Presenter Title: University of Massachusetts Embracing a Security First Approach Larry Wilson Chief Information
More informationFSSC 22000. Certification scheme for food safety systems in compliance with ISO 22000: 2005 and technical specifications for sector PRPs PART II
FSSC 22000 Certification scheme for food safety systems in compliance with ISO 22000: 2005 and technical specifications for sector PRPs PART II REQUIREMENTS AND REGULATIONS FOR CERTIFICATION BODIES Foundation
More informationRECALLS in EUROPE. Past, present, near & further future. Gert Bos BSI Medcon May 2012
RECALLS in EUROPE Past, present, near & further future Gert Bos BSI Medcon May 2012 A C P D Vigilance, vigilant: Continually watchful or on guard; always prepared for possible danger Content 2 Current
More informationWhitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff
Whitepaper Data Governance Roadmap for IT Executives Valeh Nazemoff The Challenge IT Executives are challenged with issues around data, compliancy, regulation and making confident decisions on their business
More informationIn order to achieve this goal and to address the concerns from NGOs with regards to reporting tools, we have carried out these actions:
WG1: Reporting Tools Background info The definition of reporting tools, according to the statement of purpose of the CEO Coalition to make the Internet a Better Place for Children is: robust mechanisms
More informationEXPLORING THE CAVERN OF DATA GOVERNANCE
EXPLORING THE CAVERN OF DATA GOVERNANCE AUGUST 2013 Darren Dadley Business Intelligence, Program Director Planning and Information Office SIBI Overview SIBI Program Methodology 2 Definitions: & Governance
More informationNSF-DBA Medical Device Diploma. Learning through doing with experts at your side
NSF-DBA Medical Device Diploma Learning through doing with experts at your side Medical Device Diploma The Medical Device Diploma Learning through doing with experts at your side NSF-DBA launch a ground
More informationIVD Regulation Overview. Requirements to Assure Quality & Effectiveness
IVD Regulation Overview Requirements to Assure Quality & Effectiveness CLIAC Jan. 2002 Statutory and Regulatory Requirements Statute: Food, Drug, and Cosmetic Act Food and Drugs Act of 1906 Food and Drug
More informationHow To Write A Contract For Software Quality Assurance
U.S. Department of Energy Washington, D.C. NOTICE DOE N 203.1 Approved: Expires: 06-02-01 SUBJECT: SOFTWARE QUALITY ASSURANCE 1. OBJECTIVES. To define requirements and responsibilities for software quality
More informationSchweppes Australia Head Office Level 5, 111 Cecil Street South Melbourne Victoria 3205. www.schweppesaustralia.com.au
Schweppes Australia Head Office Level 5, 111 Cecil Street South Melbourne Victoria 3205 www.schweppesaustralia.com.au Quality Management Systems 1. Quality Management Systems develop, implement, verify
More informationAn Overview of ISO/IEC 27000 family of Information Security Management System Standards
What is ISO/IEC 27001? The ISO/IEC 27001 standard, published by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), is known as Information
More informationUNDERSTANDING THE EC DIRECTIVE 98/79/EC ON IN VITRO DIAGNOSTIC MEDICAL DEVICES
UNDERSTANDING THE EC DIRECTIVE 98/79/EC ON IN VITRO DIAGNOSTIC MEDICAL DEVICES A WHITE PAPER ON THE REQUIREMENTS, REGULATIONS AND OPPORTUNITIES CONTAINED IN EC DIRECTIVE 98/79/EC AND A BRIEF COMPARISON
More informationIntroduction into IEC 62304 Software life cycle for medical devices
Introduction into IEC 62304 Software life cycle for medical devices Christoph Gerber 4. September 2008 SPIQ 9/5/2008 1 Agenda Current Picture Regulatory requirements for medical device software IEC 62304
More informationSample Quality Management Plan
This reference documents project-specific quality assurance and quality control procedures appropriate to the size, complexity, and nature of the project. Quality improvements are also documented and may
More informationRegulatory Landscape For Mobile Medical Apps (MMAs)
Regulatory Landscape For Mobile Medical Apps (MMAs) Date: December 6, 2013 Place: Erie County Bar Association, MidDay Learning Program Where value is law. Monika Bhatt mbhatt@hodgsonruss.com Blog: GatewayFDA.com
More informationGOOD DOCUMENTATION AND QUALITY MANAGEMENT PRINCIPLES. Vimal Sachdeva Technical Officer (Inspector), WHO Prequalification of Medicines Programme
GOOD DOCUMENTATION AND QUALITY MANAGEMENT PRINCIPLES Vimal Sachdeva Technical Officer (Inspector), WHO Prequalification of Medicines Programme Contents 1. Why good documentation is essential? 2. What constitutes
More informationRegulatory Affairs Professional Development Framework AN OVERVIEW
Regulatory Affairs Professional Development Framework AN OVERVIEW TABLE OF CONTENTS Abstract...2 Introduction...2 Approach...3 Professional Development Framework...3 Professional Levels...3 Domains...4
More informationChanges to Medical Device Regulations
Changes to Medical Device Regulations How these will affect distributors? IMSTA Breakfast Briefing, 24 October 2013 Niall MacAleenan Medical Device Lead, IMB. Slide 1 Content Revision of the medical device
More informationEU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32. A call for views and evidence
EU Directive on Network and Information Security SWD(2013) 31 & SWD(2013) 32 A call for views and evidence 22 nd May 2013 Contents Contents... 2 Overview: The EU Directive on Network and Information Security...
More informationAnnex 2. WHO guidelines on quality risk management. 1. Introduction 62. 2. Glossary 67 3. Quality risk management process 70
Annex 2 WHO guidelines on quality risk management 1. Introduction 62 1.1 Background and scope 62 1.2 Principles of quality risk management 64 2. Glossary 67 3. Quality risk management process 70 3.1 Initiating
More informationRisk Assessment of Outsourcing Pharmaceutical Packaging
Risk Assessment of Outsourcing Pharmaceutical Packaging Dr Afshin Hosseiny November 2004 Slide Number 1 11/04 Why Outsource? Technical requirements Capacity requirements Speed of Setting up Location -
More informationDeveloping a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA
Developing a Mobile Medical App? How to determine if it is a medical device and get it cleared by the US FDA In this presentation: App stats: Explosive growth Examples already cleared by the US FDA Is
More informationComplacency is not an Option
Complacency is not an Option Frank Deane, Ph.D., President, Global Manufacturing, Eli Lilly and Company 2 Agenda Lilly s manufacturing quality transformation journey Lilly s quality system Control strategy
More information1. Understanding Big Data
Big Data and its Real Impact on Your Security & Privacy Framework: A Pragmatic Overview Erik Luysterborg Partner, Deloitte EMEA Data Protection & Privacy leader Prague, SCCE, March 22 nd 2016 1. 2016 Deloitte
More informationMedical Device Software Standards for Safety and Regulatory Compliance
Medical Device Software Standards for Safety and Regulatory Compliance Sherman Eagles +1 612-865-0107 seagles@softwarecpr.com www.softwarecpr.com Assuring safe software SAFE All hazards have been addressed
More informationASTRAZENECA GLOBAL POLICY QUALITY AND REGULATORY COMPLIANCE
ASTRAZENECA GLOBAL POLICY QUALITY AND REGULATORY COMPLIANCE THIS POLICY OUTLINES THE TOP LEVEL REQUIREMENTS TO SUPPORT PRODUCT QUALITY IN THE DEVELOPMENT, MANUFACTURE AND DISTRIBUTION OF ACTIVE PHARMACEUTICAL
More informationTaking the pain out of Risk and Compliance Management Systems. Presented by Andrew Batten 23 April 2015
Taking the pain out of Risk and Compliance Management Systems Presented by Andrew Batten 23 April 2015 Operational Improvement Technology Solutions Providing consultancy services Gap assessments Food standard
More informationProgram Management: Opportunity or CLM?
Program Management: Opportunity or CLM? Agenda It s a game do you know the rules? So who wants to be a Program Manager? Definitions Check list for what it REALLY takes Questions 2 It s a game do you know
More informationThe following is intended to outline our general product direction. It is intended for informational purposes only, and may not be incorporated into
The following is intended to outline our general product direction. It is intended for informational purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any
More informationTranslation Service Provider according to ISO 17100
www.lics-certification.org Certification Scheme S06 Translation Service Provider according to ISO 17100 Date of issue: V2.0, 2015-11-15 Austrian Standards plus GmbH Dr. Peter Jonas Heinestraße 38 1020
More informationPrivacy Governance and Compliance Framework Accountability
Privacy Governance and Framework Accountability Agenda Global Data Protection and Privacy (DPP) Organization Structure Privacy The 3 Lines of Defense (LOD) Model: Overview Privacy The 3 Lines of Defense
More informationR000. Revision Summary Revision Number Date Description of Revisions R000 Feb. 18, 2011 Initial issue of the document.
2 of 34 Revision Summary Revision Number Date Description of Revisions Initial issue of the document. Table of Contents Item Description Page 1. Introduction and Purpose... 5 2. Project Management Approach...
More informationAssurance of Open Source Projects
Assurance of Open Source Projects Dr Graham Oakes Founder and Principal, Graham Oakes Ltd Contents The value of Open Source Software (OSS) Two types of OSS project The challenges of implementing OSS systems
More informationCloud Computing in GxP Environment
Cloud Computing in GxP Environment Kathy Gniecko Hoffmann LaRoche 3rd April 2014, Stevenage 1 Introductions 18 years Experience in Pharma across all aspects of CSV. Prior to CSV experience in Pharma Research,
More informationProject Management Plan for
Project Management Plan for [Project ID] Prepared by: Date: [Name], Project Manager Approved by: Date: [Name], Project Sponsor Approved by: Date: [Name], Executive Manager Table of Contents Project Summary...
More informationFAMI-QS Certification Rules for Operators. Rules for Operators
Rules for Operators TABLE OF CONTENTS 1. Application for certification and FAMI QS associate membership...2 2. Assessment of operators...3 2.1. Audit planning...3 2.2. Frequency of audits and re certification...5
More informationThe CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II).
Page 1 of 7 The CIPM certification is comprised of two domains: Privacy Program Governance (I) and Privacy Program Operational Life Cycle (II). Domain I provides a solid foundation for the governance of
More informationSoftware as a Medical Device (SaMD): Possible Framework for Risk Categorization and Corresponding Considerations. Proposed Final IMDRF WG(PF)/N12 R10
Software as a Medical Device (SaMD): Possible Framework for Risk Categorization and Corresponding Considerations Proposed Final IMDRF WG(PF)/N12 R10 Bakul Patel, IMDRF WG Chair Goals International convergence
More informationSRA International Managed Information Systems Internal Audit Report
SRA International Managed Information Systems Internal Audit Report Report #2014-03 June 18, 2014 Table of Contents Executive Summary... 3 Background Information... 4 Background... 4 Audit Objectives...
More informationDesign Controls: Are They Worth the Effort?
Design Controls: Are They Worth the Effort? Compliance-Alliance conducted a survey to measure the effects of FDA s design control regulation on the industry. Most respondents believe the controls have
More informationVendor Management Challenge Doing More with Less
Vendor Management Challenge Doing More with Less Megan Hertzler Assistant General Counsel Director of Data Privacy Xcel Energy Boris Segalis Partner InfoLawGroup LLP Session ID: GRC-402 Insert presenter
More informationTHE PRESIDENT S NATIONAL SECURITY TELECOMMUNICATIONS ADVISORY COMMITTEE
THE PRESIDENT S NATIONAL SECURITY TELECOMMUNICATIONS ADVISORY COMMITTEE BIG DATA ANALYTICS SCOPING REPORT July 20, 2015 DRAFT THE PRESIDENT S NATIONAL SECURITY TELECOMMUNICATIONS ADVISORY COMMITTEE BIG
More informationWebsite (Digital) & Mobile Optimisation. 10 April 2014. G-Cloud. service definitions
Website (Digital) & Mobile Optimisation 10 April 2014 G-Cloud service definitions TABLE OF CONTENTS Service Overview... 3 Business Need... 3 Our Approach... 4 Service Management... 5 Pricing... 5 Ordering
More informationSetting Up A Complaint Handling System. Presented by Sue Jacobs Principal Consultant, QMS Consulting, Inc. Complaint Systems
Setting Up A Complaint Handling System Presented by Sue Jacobs Principal Consultant, QMS Consulting, Inc. January 2008 ~ Orlando, Florida QMS Consulting, Inc. 2008 1 Complaint Systems Written Procedures
More informationGOVERNANCE DEFINED. Governance is the practice of making enterprise-wide decisions regarding an organization s informational assets and artifacts
GOVERNANCE DEFINED Governance is the practice of making enterprise-wide decisions regarding an organization s informational assets and artifacts Governance over the use of technology assets can be seen
More informationLogging In: Auditing Cybersecurity in an Unsecure World
About This Course Logging In: Auditing Cybersecurity in an Unsecure World Course Description $5.4 million that s the average cost of a data breach to a U.S.-based company. It s no surprise, then, that
More informationEstablish Collaborative Strategies to Better Manage a Global Vendor Network Devise a Proper Float Plan
Establish Collaborative Strategies to Better Manage a Global Vendor Network Devise a Proper Float Plan CBI s Biopharmaceutical Forum on Clinical and Commercial Global Supply Chain Excellence Sandy Onorato
More informationMedical Device Directive 2007/47/EC What is New? Are we moving towards Drug Rules?
Medical Device Directive 2007/47/EC What is New? Are we moving towards Drug Rules? CEMO Congress, Paris, February 3rd, 2011 Dr. Martine Dehlinger-Kremer Vice President Global Regulatory Affairs Agenda
More informationCloud and Big Data Standardisation
Cloud and Big Data Standardisation EuroCloud Symposium ICS Track: Standards for Big Data in the Cloud 15 October 2013, Luxembourg Yuri Demchenko System and Network Engineering Group, University of Amsterdam
More informationAgile Master Data Management TM : Data Governance in Action. A whitepaper by First San Francisco Partners
Agile Master Data Management TM : Data Governance in Action A whitepaper by First San Francisco Partners First San Francisco Partners Whitepaper Executive Summary What do data management, master data management,
More informationThis interpretation of the revised Annex
Reprinted from PHARMACEUTICAL ENGINEERING The Official Magazine of ISPE July/August 2011, Vol. 31 No. 4 www.ispe.org Copyright ISPE 2011 The ISPE GAMP Community of Practice (COP) provides its interpretation
More informationCHAPTER 7 Software Configuration Management
CHAPTER 7 Software Configuration Management ACRONYMS CCB CM FCA MTBF PCA SCCB SCI SCM SCMP SCR SCSA SEI/CMMI SQA SRS USNRC INTRODUCTION Configuration Control Board Configuration Management Functional Configuration
More informationQuality Assurance. Disclosure for Lilli Møller Andersen. No relevant financial relationships exist for any issue mentioned in this presentation
Quality Assurance Disclosure for Lilli Møller Andersen No relevant financial relationships exist for any issue mentioned in this presentation Agenda Quality Assurance Quality Management System Quality
More informationFrequently Asked Questions. Unannounced audits for manufacturers of CE-marked medical devices. 720 DM 0701-53a Rev 1 2014/10/02
Frequently Asked Questions Unannounced audits for manufacturers of CE-marked medical devices 720 DM 0701-53a Rev 1 2014/10/02 What is an unannounced audit?... 6 Are unannounced audits part of a new requirement?...
More informationNew Guidelines on Good Distribution Practice of Medicinal Products for Human Use (2013/C 68/01)
Safeguarding public health New Guidelines on Good Distribution Practice of Medicinal Products for Human Use (2013/C 68/01) Tony Orme, Senior GDP Inspector Inspection, Enforcement and Standards Division
More informationSafeguarding public health The Regulation of Software as a Medical Device
Safeguarding public health The Regulation of Software as a Medical Device Dr Head of New and Emerging Technologies Medicines and Healthcare Products Regulatory Agency (MHRA) Crown Copyright 2013 About
More informationCybersecurity Framework. Executive Order 13636 Improving Critical Infrastructure Cybersecurity
Cybersecurity Framework Executive Order 13636 Improving Critical Infrastructure Cybersecurity National Institute of Standards and Technology (NIST) Mission To promote U.S. innovation and industrial competitiveness
More informationarenasolutions.com Whitepaper Reduce Regulatory Delays by Formalizing Design Control Processes
Whitepaper Reduce Regulatory Delays by Formalizing Design Control Processes Reduce Regulatory Delays by Formalizing Design Control Processes The path to market for a medical device is fraught with potential
More informationSTS Federal Government Consulting Practice IV&V Offering
STS Federal Government Consulting Practice IV&V Offering WBE Certified GSA Contract GS-35F-0108T For information Please contact: gsa70@stsv.com 2007 by STS, Inc. Outline Background on STS What is IV&V?
More informationBringing Legacy Medical Devices into Usability Compliance. Shannon Clark 4/29/2015
Bringing Legacy Medical Devices into Usability Compliance Shannon Clark 4/29/2015 Agenda What is a legacy device? Background on Usability Engineering Standards What is the roadmap for bringing legacy devices
More informationRegulated Mobile Applications
Regulated Mobile Applications Sion Wyn Conformity +[44] (0) 1492 642622 sion.wyn@conform-it.com Waters, Wilmslow, November 2014 1 Introduction According to industry estimates, 500 million smartphone users
More informationProfessional Practice Eight - Business Continuity Plan Exercise, Audit, and Maintenance
Professional Practice Eight - Business Continuity Plan Exercise, Audit, and Maintenance The goal of this professional practice is to establish an exercise, testing, maintenance and audit program. To continue
More informationInternational Medical Device Regulators Forum (IMDRF) US FDA Center for Devices and Radiological Health - Update
International Medical Device Regulators Forum (IMDRF) US FDA Center for Devices and Radiological Health - Update Kimberly A. Trautman Associate Director, International Affairs Office of the Center Director
More informationHaulsey Engineering, Inc. Quality Management System (QMS) Table of Contents
Haulsey Engineering, Inc. Quality Management System (QMS) Table of Contents 1.0 Introduction 1.1 Quality Management Policy and Practices 2.0 Quality System Components 2.1 Quality Management Plans 2.2 Quality
More informationDRAFT GUIDANCE. This guidance document is being distributed for comment purposes only. Document issued on: July 2015
Third-Party Auditor/Certification Body Accreditation for Food Safety Audits: Model Accreditation Standards Draft Guidance for Industry and Food and Drug Administration Staff DRAFT GUIDANCE This guidance
More informationREGULATORY IMPACT ANALYSIS (RIA)
REGULATORY IMPACT ANALYSIS (RIA) European Union (Lifts and Safety Components for Lifts) Regulations, 2016 (S.I. No. of 2016) Page 1 Contents 1.Foreword...2 2.Policy context...2 3.Objectives...3 4.Options...3
More informationThird-Party Cybersecurity and Data Loss Prevention
Third-Party Cybersecurity and Data Loss Prevention SESSION ID: DSP-W04A Brad Keller Sr. Vice President Santa Fe Group Jonathan Dambrot, CISSP CEO, Co-Founder Prevalent Networks 3rd Party Risk Management
More informationComplianceSP TM on SharePoint. Complete Document & Process Management for Life Sciences on SharePoint 2010 & 2013
TM ComplianceSP TM on SharePoint Complete Document & Process Management for Life Sciences on SharePoint 2010 & 2013 Overview With increasing pressure on costs and margins across Life Sciences, the industry
More informationWelcome to the Audit, Control & Security Stream. Sponsored by:
Welcome to the Audit, Control & Security Stream Sponsored by: Realizing the Value of your Controls Platform Gerald West Manager, Security and Controls Assurance Serco Agenda Introduction Strategies (the
More informationPage 1 of 5. IS 335: Information Technology in Business Lecture Outline Computer Technology: Your Need to Know
Lecture Outline Computer Technology: Your Need to Know Objectives In this discussion, you will learn to: Describe the activities of information systems professionals Describe the technical knowledge of
More informationInteragency Science Working Group. National Archives and Records Administration
Interagency Science Working Group 1 National Archives and Records Administration Establishing Trustworthy Digital Repositories: A Discussion Guide Based on the ISO Open Archival Information System (OAIS)
More informationSA Tool Kit release life cycle
Release management Release management process is a software engineering process intended to oversee the development, testing, deployment and support of software releases. A release is usually a named collection
More informationCP14 ISSUE 5 DATED 1 st OCTOBER 2015 BINDT Audit Procedure Conformity Assessment and Certification/Verification of Management Systems
Certification Services Division Newton Building, St George s Avenue Northampton, NN2 6JB United Kingdom Tel: +44(0)1604-893-811. Fax: +44(0)1604-893-868. E-mail: pcn@bindt.org CP14 ISSUE 5 DATED 1 st OCTOBER
More informationDocument management concerns the whole board. Implementing document management - recommended practices and lessons learned
Document management concerns the whole board Implementing document management - recommended practices and lessons learned Contents Introduction 03 Introducing a document management solution 04 where one
More informationCombination Products. Presented by: Karen S. Ginsbury For: IFF March 2014. PCI Pharma
Combination Products Presented by: Karen S. Ginsbury For: IFF March 2014 Types of products Biological and medical device (freeze dried + syringe dual volume) Medical device and plasma devised product (syringe)
More information