Boston Professional Events List


A Risk Based Approach To IT Infrastructure & Cloud Qualification, Compliance & Control


Date
Jun 14, 2018 - 09:00 AM
Organizer
GlobalCompliancePanel
Location
Four Points by Sheraton Boston Logan Airport,

Revere,
MA,
US,
ZIP: 10001
Phone:

A Risk Based Approach To IT Infrastructure & Cloud Qualification, Compliance & Control

 

GxP Regulated companies are dependent on validated GxP computerized applications to conduct their day to day operations. These applications are, in turn, depended upon a qualified infrastructure that can be relied upon to provide control and regulatory compliance.

The consequences of the IT Infrastructure being out of compliance can result in the failure of an entire site or geographic region being brought to a standstill while the compliance issue is resolved. It can also result in regulatory citations during a regulatory inspection as both the infrastructure be out of compliance and also cause the computerized applications that are dependent on it to be out of compliance.

The impact of such compliance issues on a regulated company can be significant: it can result in recalls of products, warning or untitled letters, import alerts, injunctions, seizures, legal action, etc. These regulatory actions can have significant financial impact to the company. However, and most importantly, data integrity issues can lead to potential patient harm!!

Effective IT Infrastructure Qualification on the other hand, confers the following benefits.

  • Ensures GxP compliance
  • Reduces duplication of effort
  • Ensures adherence to standards
  • Enhances the flow of information throughout an information system
  • Promotes adaptability and agility necessary for a changeable environment
  • Ensures interoperability among organizational and external entities
  • Maintains effective change management policies and practices

Although all business activities depend upon the infrastructure, planning and projects to ensure its effective management are typically undervalued to the detriment of the organization. According to IDC, a prominent research firm (cited in an article in DM Review), investments in infrastructure management have the largest single impact on an organization's revenue.

Establishment and maintenance of a controlled infrastructure requires that infrastructure needs to be brought into initial compliance with the company’s established standards, through a planned qualification process, based upon domestic and international best practices and standards. The qualification needs to be documented and confirmed by Quality Assurance. Once the IT Infrastructure is qualified, the compliant state needs to be maintained by documented standard processes and quality assurance activities. The effectiveness of maintaining the qualified state needs to be monitored and periodically verified.


The Seminar:

This Seminar provide a risk based approach to meeting current regulatory expectations for compliant IT Infrastructure platforms, including the need to identify, qualify and control those aspects impacted by GxP quality and data integrity. It provides current best practices for the design, qualification and operation of an IT Infrastructure with emphasis on the qualification requirements of the major components. It addresses compliance with international GxP regulations and can be used both for the establishment of new platforms and extensions or existing platforms whether or not they are currently in support of GxP applications. Finally, this seminar covers a range of IT Infrastructures, from those found in companies operating in a global setting to isolated or semi-isolated GxP Infrastructures.

This Seminar focuses on the horizontal approach to IT Infrastructure Qualification which includes the following benefits:

  • Higher level of standardization throughout the entire lifecycle
  • Minimal overlap in documentation
  • Minimal overlap in qualification
  • Minimal overlap in audits inspections and assessments

The areas addressed by the seminar include:

  • How does IT Infrastructure Qualification fit into GaMP5 lifecycle
  • Quality Management for Infrastructure
  • Risk management for Infrastructure Qualification
  • Installation & Operational Qualification of Infrastructure Components
  • Configuration management and change control of infrastructure components and settings in a highly dynamic environment
  • Involvement of service provider in critical infrastructure processes
  • Security management in relation to access controls, availability of services and data integrity
  • Backup, restore and disaster recovery of IT Infrastructure

Scope:

This seminar addresses compliance with international GxP regulations and considers:
  1. The establishment of new platforms and extensions to existing ones
  2. Existing platforms already in support of GxP applications
Current GxP requirements related to IT infrastructure platforms have been taken into account including:
  1. Good Manufacturing Practice (GMP)
  2. Good Clinical Practice (GCP)
  3. Good Laboratory Practice (GLP)
  4. Good Distribution Practice (GDP)
The seminar covers a range of IT Infrastructures, both cloud and non-cloud, from those found in companies operating globally to isolated or semi-isolated GxP regulated infrastructures. While the seminar references regulated infrastructures, it may also be useful to managers of IT infrastructures which are not regulated by GxP.

Please note that while not within the scope of this seminars, it is recognized that aspects such as business criticality, health and safety, and environmental requirements also may require specific assessment and control.

The table shows what will be covered

Platform Components Generic Qualification Strategy
Hardware and Peripherals Includes all computer equipment, including power supplies, boards, network interface cards, disk storage arrays, printers and other peripherals, etc., needed to execute programs in direct support of applications, and for providing basic IT Infrastructure services.

Hardware and peripherals used in the IT Infrastructure are typically GAMP HW category 1.

Firmware Firmware is often considered an indivisible part of the hardware component. However, in those instances where firmware is updated independently, it should be managed as software in its own right, and typically, would be GAMP SW category 2.
Operating Systems Includes operating systems and communication protocol implementations. Device drivers are usually designed and maintained by hardware suppliers to allow operating variants to effectively interact with their hardware products.

Most operating systems and drivers are GAMP SW category 1.

Note 1: Configuration of operating systems should be documented.

Note 2: Specific operating system features which are important to a GxP application may be validated as part of the application, e.g., the use of operating system user access and privilege functionality where the application software has no such built-in functionality.

Data Management Software Includes file storage software, database management systems, web-services, interface, and communications software, etc. Elements of Data Management Software often support more than one application.

Most Data Management Software is GAMP SW category 1, because they are part of the operating system environment, and typically, are standardized. Some may be other GAMP SW categories depending on complexity and configurability.

Servers Server building blocks or individually configured servers are usually built of standardized components and configured in accordance with specifications. The actual set-up should dictate the chosen qualification strategy.

Therefore, most server building blocks are a combination of GAMP HW category 1, and SW categories 1 or 2.

Clients Client building blocks or individually configured clients, range from 'thin' to 'thick' clients which may process and store data locally. The actual set-up should dictate the chosen qualification life cycle model.

Therefore, most client building blocks are a combination of GAMP HW category 1, and SW categories 1 or 2.

Applications Applications implement processes and may consist of everything from an 'off-the-shelf', standardized software package configured with the user defined parameters to a set of programs and parameters designed to meet unique user requirements.

Applications are GAMP SW categories 3, 4, or 5. The validation of applications is outside the scope of this Guide.

Who will benefit:

  • VP of IT
  • Director of IT
  • Quality Managers
  • Project Managers (for CSV / IT)
  • Validation Specialists
  • Database Administrators
  • System Administrators
  • Directors / Senior Directors of Discovery
  • Directors / Senior Directors of Development
  • Directors / Senior Directors of Commercialization
  • Document Managers
  • Training Managers
  • Regulators
  • Vendors
  • Suppliers
  • Outsource Service Providers

Industries:

  • Pharmaceuticals
  • Biotech
  • Medical Device
  • Radiological Health
  • Blood Products
  • Companion Animals
  • Food
  • Cosmetics
  • Tobacco
  • Academia
JOA180521CEV

Event Categories
Keywords: fun, access , applications, assessment , business , Clinical , communication , design , development , dynami




Comments








Events Calendar

SunMonTueWedThuFriSat
27 28 29 30 31 1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30

Newsletters

Subscribe
VIP Life Time Subscription to our Newsletters!
$399.99
$299.99