Hear directly from the FDA, and get clarity on the new CSA draft guidance
The FDA issued its draft of the Computer Software Assurance (CSA) Draft Guidance for comments on September 13, 2022, opening a 60-day window for industry professionals to provide feedback. This draft signals a meaningful shift in how the agency expects regulated companies to assure the software that supports production and the quality system.
USDM has been studying, training, and implementing this risk-based CSA methodology for our customers for a few years. In this on-demand webinar, our panel of experts — including Francisco Vicenty, Program Manager for the Case for Quality at the FDA — discussed the draft and the changes and implications impacting medical device, pharma, and biotech organizations.
What you'll learn
- How CSA differs from the traditional computer system validation (CSV) approach.
- What CSA means in practice for regulated life sciences organizations.
- How to use automated testing as part of your CSA methodology.
- The FDA's perspective on the CSA value proposition, straight from the Case for Quality program.
- Answers to frequently asked questions about the paradigm shift.
What the discussion covered
The panel walked through what is different from the traditional CSV approach, what CSA means to regulated life sciences organizations, and how automated testing fits into a CSA methodology. The session also addressed frequently asked questions about why the industry is moving toward a risk-based model.
CSA is a risk-based way of thinking that focuses assurance effort where patient safety and product quality risk is highest, rather than applying uniform documentation to every system. For organizations operating under 21 CFR Part 11 and broader data integrity expectations, that means less time on low-value paperwork and more focus on critical thinking and testing that actually reduces risk.
Documents distributed in the webinar: CSA White Paper & CSA Datasheet.
USDM's point of view
CSA is one of the most consequential regulatory shifts for life sciences software in years. Done well, it reduces validation burden and accelerates time-to-value without weakening compliance — but it requires the discipline to apply risk-based thinking consistently. USDM has been implementing this risk-based methodology for customers since before the draft guidance was published, and our view is that CSA pairs naturally with a managed approach to keeping systems compliant over time, such as USDM Cloud Assurance.
Watch the on-demand webinar
Francisco discusses the CSA value proposition:
To view more frequently asked questions about CSA, read this blog.
FAQ: Computer Software Assurance (CSA)
What is Computer Software Assurance (CSA)?
CSA is a risk-based methodology described in the FDA's draft guidance for assuring software used in production and the quality system. It focuses assurance effort on the areas of highest risk to patient safety and product quality rather than applying the same level of documentation to every system. Learn more about computer software assurance.
How is CSA different from traditional CSV?
As the panel discussed, CSA shifts emphasis away from exhaustive documentation toward critical thinking, risk assessment, and testing that meaningfully reduces risk. The webinar contrasts CSA directly with the traditional computer system validation (CSV) approach.
When was the CSA draft guidance released and how long was the comment period?
The FDA issued the CSA Draft Guidance for comments on September 13, 2022, and invited industry professionals to provide comments over a 60-day period.
Can automated testing be used as part of a CSA methodology?
Yes. One of the session's key topics is how organizations can incorporate automated testing as part of their CSA methodology to make assurance more efficient and repeatable.
How does CSA relate to 21 CFR Part 11 and data integrity?
CSA is applied within the same regulatory landscape as 21 CFR Part 11 and data integrity in life sciences. A risk-based approach helps teams direct their effort toward the controls that most protect record integrity and patient safety.
Talk to USDM about CSA
If you're evaluating how to adopt a risk-based CSA approach — or how to keep validated systems compliant as they change — contact our team to discuss your environment.
Speakers:
Francisco Vicenty, Case for Quality Program Manager, FDA
Cisco Vicenty is currently the program manager for the Case for Quality (CfQ) within the Office of Product Evaluation and Quality, Center for Devices and Radiological Health (CDRH), FDA. The Case for Quality has been a strategic priority to improve device quality, access, and outcomes for patients. Cisco has worked as a manager within compliance at CDRH and previously worked in quality and reliability within the semiconductor industry.
Sandy Hedberg, Director of Quality & Regulatory Affairs, USDM Life Sciences
Sandy Hedberg has over 20 years of experience in Quality and Regulatory Affairs in the medical device, pharmaceutical, and biologics industries. She has assisted companies with responses to consent decrees and audit findings to the FDA. She is well versed in risk analysis, the creation of quality procedures, computer system validation, auditing, and authoring regulatory submissions.
Diane Gleinser, VP of Life Science Services and Solutions, USDM Life Sciences
Diane has over three decades of experience in the life sciences industry and leads a highly skilled team of implementation and compliance engineers. Her in-depth knowledge of the regulatory landscape and unwavering passion has been instrumental in rooting USDM’s focus on regulatory compliance for life sciences customers.