3:15 Networking and Refreshment Break. 3:45 Cloud Computing Manage Risk in a

Transcription

1 12:15 Conference Registration 1:15 Conference Chairperson s Welcome and Opening Remarks Deborah S. Turner, Associate Director, Computer and Automation Validation, Alkermes plc 1:30 Celebrating 30 Years of Computer Validation Trends, Regulations and Directives The FDA published its first guidance for inspection of computer systems used in pharmaceutical manufacturing in February It was fondly called the Blue Book due to the color of its cover. We are now in 2013 and the use of computer technology has changed profoundly over the past 30 years. Many more regulations and guidances have been developed by authorities around the world and changes like cloud technology continue to expand the horizons of technology and compliance directives. In this presentation, an eyewitness to the 30 year progression shares insights and analysis of the advances made by the industry, technology and the authorities and discusses common themes across all legislative requirements. Reviewing history can help us understand the context for today s computer validation practices and regulatory conditions. It is not all madness, there really is a method to it. Attendees in this session learn: authorities attempted to keep up with technology trends over the past 30 years Then and now and directives in an engaging manner Teri Stokes, Ph.D., Director, GXP International 2:15 Computer System Validation Then and Now Learning Management in the Cloud Case Non GMP cloud-based HR systems have been available Study for many years. This session looks at B. Braun s journey in moving from an in-house validated training tracking system to learning management in the cloud. the cloud tracking system Dennis Houser, BSIE, MBA, PMP, Director, Corporate HR Systems & Payroll, B. Braun Medical Inc. Heather Carrillo, MBA, PMP, HRIS Analyst, B. Braun Medical Inc. 3:15 Networking and Refreshment Break 3:45 Cloud Computing Manage Risk in a Regulated Environment Many life sciences companies are wary of moving applications into a cloud-based model, as it is not immediately clear how the risks associated with this technology can be assessed, let alone managed. This presentation shows that with an understanding of the different variants of cloud architecture, and a provider that understands the life sciences industry, understanding and managing the risks is relatively straightforward. Dave Hawley, Director, Life Sciences, Business & Decision North America 4:30 Recent CSV Enforcement Learn from Trends and Proactively Avoid Part 11 Citations Translating regulatory and guidance documents into a during their inspections can be a valuable tool. This session provides an in-depth, practical look at: Wen Wang, Senior Validation Engineer, Genoptix 5:15 Write Effective Software Requirement Specifications The output of any software validation project depends on the quality of the requirements. Frequently, software requirement specifications are poorly written, which can lead to significant rework costs and project delays. This presentation provides a comprehensive overview of how to write software requirements that meet quality standards. Gregory W. Pierce, President, EngiSystems Software Validation 6:00 Close of Day One 6:00-7:00 Networking, Wine and Cheese Reception

2 7:15 Continental Breakfast I. Review Traditional Disaster Recovery (DR) and Business Continuity (BC) Activities a. Plan for disasters b. Take stock system inventory c. Identify roles and responsibilities d. Account for logistical problems e. Test and verify the plan f. Consider managed services You and Your Team g. Institute high availability environment network storage Consider Hosted and Cloud- Based Services a. Identify impacts b Mitigate the risks c. Adjust the approach Interactive Session Participants discuss aspects of disaster recovery and business continuity for a case study involving internally and externally hosted applications Mike Byrd, Director of CSV, ProPharma Group, Inc There will be a 30-minute networking and refreshment break at 10:15 A In this closed-door summit, senior-level computer validation and quality managers from pharmaceutical, biotech and medical device companies engage in open discussion with their colleagues about strategies for managing their most pressing challenges. The content for this summit is driven by the participants who are surveyed ahead of time about the topics they wish to discuss. This session is open to the first twenty senior-level professionals who preregister for the interactive discussion group. In order to pre-register, you must have more and currently work for a pharmaceutical, medical device or biotech company. IVT reserves the right to qualify participants for the workshop. Deborah S. Turner, Associate Director, Computer and Automation Validation, Alkermes plc B The objective of this workshop is to gain a solid understanding of risk management definitions, concepts and techniques. You discuss how these can be applied to the development and validation of computer systems. I. What Is Risk Management? risk in order to better apply risk management and techniques of the risk management process concepts and techniques to computer system development and validation Risk Assessment Tools are available to you assessment tool works is best for which type of application assessment tool Risk Management Applied to Right Sizing Your Computer Validation throughout the system lifecycle mitigate risk considerations and determine and risk considerations provided to determine how to apply a #1 During this first interactive exercise, assessment as well as some key risk assessment facilitations skills. V. #2 During this interactive exercise, attendees sit on a panel and discuss how known risks may influence how a computer system is validated. A mock computer system is presented along with some outcomes of risk assessments. Based on this information, participants share with the session facilitator and other members of the workshop how an example computer system s validation plan may be shaped by risk management. Dennis J. Caron, Associate Director, IT Computer Systems Validation (CSV), Covance Inc. Michael Osburn, Associate Director, IT Computer Systems Validation (CSV), Covance Inc.

3 C In this interactive workshop, attendees explore the various types of cloud services, learn how each might be leveraged to support GxP systems and understand the measures that need to be taken to minimize risk and ensure compliance. I. Cloud Computing Paradigms implementations cases for each each model Elements of a Cloud Compliance Framework change management Qualification and Validation of a Cloud Computing Platform look for and documentation #1 Attendees work through case studies to develop a framework for planning, executing and controlling company assets in a cloud computing environment. V. #2 Attendees are asked to bring their current cloud computing questions and challenges. Workshop leaders plan to select several challenges and work as a group to identify potential solutions using key concepts from the session. Colleen Turner, Director, IT Validation Services, Bristol-Myers Squibb Colleen Harney, Associate Director, IT Validation Services, Bristol-Myers Squibb 1 I. What are the Business Advantages of Master Data Management (MDM)? Qualify or Validate MDM systems and Data Services? I. How the FDA Creates and Uses Spreadsheets spreadsheets data integrity controlled templates prior to spreadsheet validation and versioning qualification and validation Validate Data Services against MDM Standards to be validated against every Techniques to Properly Validate Spreadsheets things up Develop a MDM Validation Strategy In this group exercise, different master data sets are presented for groups to choose from (product master, customer master, recipe master and presented with a data service scenario (an application that needs to provision of facts and assumptions, and works to develop a suitable risk-based validation strategy. David Hawley, Director, Business & Decision Life Sciences Attendees select a small spreadsheet with some tough challenges to demonstrate how to handle each case quickly, efficiently and effectively. Attendees also have the opportunity to download some sample templates of both spreadsheets and the validation documents that go with them. Ty Mew, President, Ofni Systems I. What do the Requirements Mean? regulations How to Demonstrate Compliance assessment questionnaire records functionality signature functionality Bonus Material Matthew Poeta, Senior Technologist, IT Compliance, Genzyme (a Sanofi Company)

4 CHOOSE FROM 4 I. Why Create and Execute Protocol Test Plans/Scripts? been met use How Do We Know What to Test? ranking current testing requirements Handle Non-Conformances/ Incidents participants develop a test script for a new software application based on user requirements. The participants execute the test script Matthew Poeta, Senior Technologist, IT Compliance, Genzyme (a Sanofi Company) 5 I. The Purpose of a Master Plan for Computer Validation Roles for System Teams, Sponsors, and Quality Elements of a Master Validation Plan for Computer Validation Interactive Case Work Form approach to computer validation is a regulated environment Bonus Material: Chapter 6 from new book Computer Validation: A Common Sense Guide by Dr. Teri Stokes. Book available at Amazon.com Teri Stokes Ph.D., Director, GXP International 7 I. Develop Human-Based/ Static Testing Strategies functional testing Develop Test Scenarios tables, etc. requirements tell you Analyze Testing future strategies to management Participants examine and discuss testing strategies that go beyond executing test scripts to identify system deficiencies. Attendees look at ways to identify issues before the first line of code is created. Mark Cole, Deputy Director, IS Quality, Compliance and Security, Sanofi Pasteur

5 8 THE TIMING AND THE INFORMATION THAT IS REVIEWED I. Purpose of the CSV Periodic Review (PR) assess impact to validated systems What to Review (includes changes to company adjustment to the computer system access the current periodic review and status for the actions identified Report of PR Remediation Yau Kai Wong, Associate Director, QA Validation, Novartis Pharmaceuticals Corporation CHOOSE FROM THREE 9 I. Introduction to Process Measurement * software quality * compliance to external regulations, standards and guidance * consistency of process execution * efficiency Explore Various Measurement Methodologies and trending trend analysis Evaluate and Act on Measurement Results Participants develop a measurement program for a spreadsheet validation process. Joseph Zec, Software Quality Senior Manager, Quality & Regulatory, Philips Healt h Ca r e 10 I. Mobility of mobility app environments Validation Approach and free look at the challenges presented by the use of mobile applications to conduct activities required by the Michael Romeu-Lugo, CISA, Global IT Senior Manager, Quality and Compliance, Teleflex Incorporated 11 I. Select the Right System Vendor Validation Packages Level Set Your Validation Effort Change Management V. Deborah S. Turner, Associate Director, Validation, Alkermes plc

6 CHOOSE FROM I. Define Validation Type and Applicability vs. validation * infrastructure * applications * plant floor manufacturing equipment * regulatory applicability Interpret the Key Principles and Processes of ISPE s GAMP 5 and ASTM E 2500 and with Implementation of Your Validation Program What Are the Required Elements? software categorization per methodology change control Bonus Information impacting data privacy and product information Judith Samardelis, Senior Manager, IS Compliance and Quality Release, MedImmune I. Define the Purpose, Scope and Structure of an Electronic Archive and why is backup media not an approach to archiving and for establishing an archive Archiving Principles, Archivist Values and The Electronic Document Difference indexing and catalogue values and best practices a long term retention requirements specification formed by participants from similar types of organizations retention as is checklist to perform a needs analysis for planning their requirements for an electronic archive in an organization like their own Bonus Material: recent book Computer Validation: A Common Sense Guide. Available at Cooperation and Development Archives that Operate in Compliance Teri Stokes, Ph.D., Director, GXP International 14 I. Social Media and The Life Sciences Industry A common definition Social Media Labeling Attendees review a social media proposal, identify its risks and propose the controls to address them. Michael Romeu-Lugo, CISA, Global IT Senior Manager, Quality and Compliance, Teleflex Incorporated Dan Callari, Senior Customer Facing Manager, Teleflex Incorporated

7 15 I. Requirements Audit Testing Change Management V. Participants discuss current concerns help compliantly manage them. Deborah S. Turner, Associate Director Validation, Alkermes plc 16 I. Purpose of Audit How to Select an Appropriate Cloud Service Provider about the cloud cloud computing and service provider Audit Process Actual audit Yau Kai Wong, Associate Director, QA Validation, Novartis Pharmaceuticals Corporation 17 I. Characterize CSV Process Changes * non-value added deliverables * value added compliance approvals * phase gate review Characterize Process Monitoring Programs techniques Participants develop a monitoring program to eliminate a phase gate review. Joseph Zec, Corporate Software Steward, Senior Manager, Corporate Software QA, Boston Scientific Corp CONFERENCE SPONSORS Delivering Excellence A GREAT PLACE TO MEET YOUR MARKET Take advantage of the best opportunity to meet potential clients face-to-face. Build relationships while demonstrating thought leadership and sharing expertise. For more information on how to position your company as a sponsor or exhibitor, contact Taylor Biggers at or taylor.biggers@cbinet.com.