Life Sciences Expertise
Computer Software Assurance for Production and Quality System Software
To harmonize with international standards, the U.S. Food and Drug Administration (FDA) released its Computer Software Assurance (CSA) draft guidance in September 2022.
The FDA switched focus from compliance to quality and encourages the use of automation and new technologies. USDM practices a modern, streamlined approach to Computer System Validation (CSV) and is updating Cloud Assurance to include a true risk-based CSA approach. We can help you develop your CSA approach, too.
What is Computer Software Assurance?
In 2011, the Center for Devices and Radiological Health (CDRH) initiated the Case for Quality, a program that identified barriers in the General Principles of Software Validation guidance released in 2002. This guidance focuses on software, which is an integral part of the medical device; however, it does not clearly address the many software systems that support the quality of a medical device. The FDA’s new draft guidance, Computer Software Assurance for Production and Quality System Software, allows manufacturers to minimize their existing CSV efforts and documentation burden. Its focus is on more efficient approaches (including automation) to improve their overall process and product quality. This guidance is founded on a true risk-based approach that focuses on critical thinking when deploying non-product software systems.
Compliance and technology for a competitive advantage
Understanding your organization’s compliance and technology maturity helps you to know where you are today, and where your people, processes, and technology need to be to compete tomorrow.
Too little effort and you compromise product quality and patient safety. Too much effort and you overwhelm your Quality and IT teams with massive workflows and an overabundance of verification activities. You need a strategic, balanced, and sustainable approach to compliance that creates a competitive advantage.
USDM helps customers develop, optimize, and automate their GxP processes and we can help you, too. Focusing exclusively on life sciences customer challenges for more than 20 years, our domain expertise is unmatched. Through collaboration with global health authorities and the world’s leading technology companies, we improve and innovate on solutions for regulated biotech, pharma, and medical device customers whose businesses depend on achieving and maintaining compliance.
Computer Software Assurance
The FDA issued its draft guidance for Computer Software Assurance (CSA) in September 2022. It’s intended for life sciences companies and their manufacturing, operations, and quality system software; it does not apply to product software. Additionally, the FDA has clearly stated that the CSA approach can be used today and USDM has modernized and streamlined this approach to Computer System Validation for many of our customers.
Data: Your most valuable asset
Your data is the lifeblood of your organization. How you access it, store it, move it, and back up and archive it is all part of your data management and data integrity strategy. Trust USDM to assess your current strategy and provide an improvement plan tailored to your company’s risks and priorities.
Cybersecurity and risk management
Even early-stage life sciences organizations generate valuable intellectual property, so it’s never too early to protect yourself from cybersecurity threats and risks. USDM’s knowledgeable and experienced staff helps you meet FDA expectations for good cybersecurity practices such as preventing unauthorized user access, ensuring trusted content, and maintaining data confidentiality.
UDI and EU MDR
USDM is the industry leader in Unique Device Identification (UDI) regulatory compliance solutions for the medical device industry. We have well-established relationships with the most prominent IT vendors in the world. An experienced team of subject matter experts is led by Jay Crowley, who developed the framework and authored key requirements for the FDA’s UDI system. We can help your organization execute a scalable program to support your UDI and European Union Medical Device Regulation (EU MDR) efforts.
Custom GxP Compliance Training & Learning Programs
Help your internal teams or external partners stay up to date on the rapidly changing regulatory landscape. You tell us what you need and we’ll create training programs to meet your objectives.
Computer Software Assurance Highlights
- The draft guidance was released on September 13, 2022
- It applies to non-product quality system software (ERP, LIMS, LMS, EDMS, and QMS applications, and software tools)
- It does not apply to medical device software (SaMD or embedded) or to the software development life cycle (SDLC) activities
How Can We Help?
We can train on CSA and critical thinking best practices, develop your CSA methodology, or create a pilot program to drive adoption across your organization. Let’s discuss your needs.
Why did the FDA introduce Computer Software Assurance?
As part of their Case for Quality program, the FDA identified several barriers to CSV:
- Complex, confusing, and hard-to-use risk-based approaches
- Emphasis on documentation, which creates a significant compliance burden
- Lack of clarity on how much testing is enough and where to focus that testing
To help overcome those barriers, CSA focuses on:
- Automation, information technology, and data solutions to enhance quality and safety and reduce patient risk
- Value-added assurance instead of non-value-added documentation for compliance
- Industry 4.0, which is foundational to digital transformation initiatives
How is the FDA guiding the CSA methodology?
The CSA methodology helps to simplify validation by:
- Defining indirect versus direct systems
- Identifying acceptable approaches to indirect and direct system validation
- Focusing on a risk-based approach, using critical thinking, and spending more time developing a methodology appropriate to the risk of the system
- Testing high-risk systems and functionality and spending less time documenting
- Training inspectors to focus their review on the higher-risk activity and the critical thinking behind the chosen methodology
What are the benefits of a CSA approach?
CSA has many benefits when critical thinking is applied to a risk-based approach. In the Case for Quality program, the FDA participated in several pilot programs that consistently delivered these results:
- Better testing + less documentation = faster time to value
- Fewer test script issues (by up to 90%)
- Improved quality, efficiency, speed, agility, responsiveness, and transformation
- Reduced testing overhead
- Leveraged vendor assurance activities
- Maximized use of CSV and expert resourc
How can USDM help?
One of the hurdles to adopting CSA is the mindset of your organization. Many senior leaders can’t explain why things are done a certain way, except to say “we’ve always done it that way.” Unless you can trace it to a law or a regulation, it’s probably a misguided behavior. Changing internal perceptions and behaviors is the hardest part of evolving your validation processes. USDM has the life sciences expertise and organizational change management know-how you need to modernize and optimize your software and regulatory needs.
CSA Education and Training
USDM can help teach and mentor your teams on CSA principles and how to apply critical thinking to your processes, plus:
- Increase awareness and knowledge about CSA principles and benefits
- Provide one-off courses, reoccurring training, and GxP training for suppliers
- Customize training to your business needs and processes
- Conduct 0n-site or virtual programs
CSA Assessments
USDM can assess your CSV process and recommend CSA changes based on the quality of your documentation, testing, SOPs/WIs, use of automation, and performance on audits. The assessment will also:
- Evaluate your current CSV process for quick wins and longer-term improvements
- Prioritize recommended changes based on business justification
- Improve your vendor qualification process
- Build a CSA roadmap based on your business priorities
CSA Development and Methodology
Whether it’s vendor selection, methodology development, or end-user training, USDM can transform your CSV approach into a CSA approach and help drive adoption across your organization by:
- Implementing fast-start improvements to your processes
- Developing and executing pilot programs
- Overhauling your processes and procedures
Cloud Assurance
USDM can manage your entire CSV or CSA process and deliver an end-to-end GxP compliant managed service, plus:
- Assist with cloud vendor selection and the RFP process
- Manage cloud vendor assurance, vendor qualification, and maintenance of new releases
- Leverage automated regression testing
- Ensure continuous compliance of your entire tech stack
We are on the cutting edge of technology and compliance and have progressive solutions to save you significant time and money on your validation programs. Contact us to discuss your unique challenges today.
The FDA’s guidance on Computer Software Assurance recommends using vendor activities to reduce the validation burden.
Get the white paper Validation Requirements and Responsibilities to learn how.
Get in touch with our team to discuss your CSA assessment.
Related Services
USDM Cloud Assurance
USDM Cloud Assurance is a managed service that offloads your vendor release management and maintenance of ongoing system updates, patches, and changes.
ProcessX
ProcessX is an intelligent, validated, GxP process automation platform that simplifies regulated workflows and processes to drive greater efficiency across your organization.
Compliance Training & Education
USDM has customized training programs to educate internal teams or external partners and to help you stay current with the rapidly changing regulatory landscape.
Resources that might interest you
- 0
- Sandy Hedberg
- - April 3, 2022
- 1
- Sandy Hedberg
- - February 3, 2022
- 0
- Jim Macdonell
- - January 28, 2022
- 0
- Vishal Sharma
- - January 28, 2022
- Sandy Hedberg
- - January 12, 2022
USDM Thought Leaders
