Learn how to offload some of your validation burden, understand what vendors typically provide, and bridge any gaps in responsibilities.
Who’s responsible for what in the validation process? Get the white paper for more info > > >
As life science organizations depend more heavily on Software-as-a-Service (SaaS) and cloud technology vendors, they should know how to leverage vendor activities like development, testing, documentation, release management, and support. To further encourage it, the Computer Software Assurance (CSA) guidance clearly states that the U.S. Food and Drug Administration (FDA) supports leveraging vendor testing and release management in the validation process.
What to Expect from Vendors
Software and cloud services vendors are an integral part of business for life sciences organizations and GxP vendor qualification is a must. When evaluating a vendor’s capabilities, be sure they provide leverageable assets. Verify that they test customer configurations or use cases and not just core system functionality. Operational qualification (OQ) testing should include new software releases or updates and cover configurations for your use cases. Quality assurance tests should be performed in pre-production, production, and customer environments.
Vendors should be able to provide:
- Software development lifecycle (SDLC) documentation that shows requirements were addressed and met.
- OQ core testing evidence to verify that the system works as expected.
- Traceability between requirements, design, and testing, especially regarding regulatory compliance.
- Quality and compliance support that is specific to the life sciences industry.
- Artifacts like requirements specifications, design documents, and test plans that serve as reference material for issue resolution.
Explore the Responsibility Matrix for deployment activities—it’s in the white paper > > >
Advantages of Outsourcing Validation Efforts
Navigating global regulatory requirements is complicated. Conducting vendor qualification can be overwhelming. But when you outsource validation and ongoing compliance maintenance, you’ll have the advantage of domain expertise, reduced risk, and cost savings.
USDM Life Sciences conducts customer-specific, end-to-end validation that includes:
- Installation qualification (IQ)
- OQ that is risk-based and leverages vendor testing where appropriate
- Performance qualification (PQ), but performed by the customer whenever possible
- Validation plan and summary report
- Automated testing for initial and subsequent releases
- Traceability matrix
In short, USDM manages all releases to keep customers’ systems continuously compliant. Once validated, system configurations can be modified with change control processes.
To learn more about validation requirements and responsibilities, download the white paper. Discover solutions for data integrity challenges. Explore the principles of ALCOA+ for paper-based and electronic records. Find out how CSA helps to streamline the validation process with less documentation and more automated testing.
Contributors to this white paper:
- David Blewitt, VP of Cloud Compliance
- Sandy Hedberg, Director of Quality Assurance and Regulatory Affairs
- Hovsep Kirikian, VP of Strategy and Operations
- Jim Macdonell, VP of Eastern Region, Medical Device Solutions
- John Petrakis, VP of Cloud Assurance