As mentioned in our last blog post on IT quality, the costs associated with poor quality outweigh the costs of investing in validated, quality systems. IT quality and validation deliver systems which are fit for their purpose and comply with pharmaceutical regulation requirements. This week, ARITHMOS outlines a strategic vs. maintenance approach to Computer System Validation best practices.
First of all, Sponsors should know that computer system validation in the pharmaceutical industry is applied from discovery through to manufacturing and supply. The GxP standards – including Good Laboratory Practice (GLP), Good Clinical Practice (GCP), Good Manufacturing Practice (GMP) and Good Distribution Practice (GDP) – are applicable throughout the drug life cycle, and Sponsors should be asking themselves:
- Do we have documentary evidence to prove our systems work as expected?
- Are our systems developed, used and supported in a controlled manner?
- Are we in compliance with 21 CFR Part 11 and/or EU Annex 11 and do we know how they differ for our drug development in Europe vs. US?
- Have we assessed our systems in accordance with GAMP 5?
- Are our systems validated according to industry and international standards?
Sponsors can take a strategic or maintenance approach to Computer System Validation – or even a hybrid model of strategic implementation and and continuous follow up.
The strategic approach to CSV means appropriate and expert planning, risk assessment and defining user requirements to guarantee the best approach. This includes business analysis by an expert consultant to include a gap and risk assessment, validation and mitigation plans, strategic planning and initial training.
Once a computer system is validated, it is important to maintain the system’s IT quality to avoid malfunctioning systems and to keep up-to-date on changing regulatory requirements. Risks associated with not maintaining IT quality include:
- New vulnerabilities will no longer be collected, reported or analyzed
- High risk of cyber attack on data integrity and data confidentiality (especially is working on a cloud-based environment)
- Potential violation of data security laws
- Non-compliance with industry standards
A maintenance approach to CSV would ensure technologies are safe and accurate for end users through a documented process for ensuring the system continuously does what it is designed to do. In a maintenance approach, services would include on-going project management, periodic review, change control, internal audit support and continuous training.
ARITHMOS has a team of expert consultants who provide strategic advice on the right validation plan for your computerized system in the pharma industry. We also provide on-going project support for maintenance activities including offering a flexible pricing model: either on a case-by-case basis or a fixed fee monthly rate.
Contact ARITHMOS’ CSV experts for a pre-assessment meeting to see which approach works best for your company. Contact us at firstname.lastname@example.org.