Life Sciences Expertise
Computer Software Assurance for Production and Quality System Software
Read the eBook
To harmonize with international standards, the U.S. Food and Drug Administration’s (FDA) Center for Devices and Radiological Health (CDRH) plans to release new draft guidance, Computer Software Assurance for Production and Quality System Software in 2022.
With the FDA changing focus from compliance to quality and encouraging the use of automation and new technologies, USDM is already modernizing and practicing a more streamlined approach to Computer System Validation (CSV) and we are updating our Cloud Assurance methodology to include a true risk-based Computer Software Assurance (CSA) approach. We can help you develop your CSA approach, too.
What is Computer Software Assurance?
In 2011, the CDRH initiated the Case for Quality, a program that identified barriers in the General Principles of Software Validation guidance released in 2002. The current guidance focuses on software, which is an integral part of the medical device, but does not clearly address the many software systems that support the quality of a medical device. The new draft guidance, Computer Software Assurance for Production and Quality System Software, will allow manufacturers minimize their existing CSV efforts and documentation burden and focus on more efficient approaches (including automation) to improve their overall process and product quality. This guidance is founded on a true risk-based approach to CSA, which should be considered when deploying non-product software systems.
Computer Software Assurance Highlights
- Guidance is on the FDA’s A list for publication in 2022
- CDRH Guidance in cooperation with the Center for Biologics Evaluation and Research (CBER) and the Center for Drug Evaluation and Research (CDER) meaning CSA will apply to the medical device, biotechnology, and pharmaceutical sectors
- Applies to non-product quality system software (ERP, LIMS, LMS, eDMS, and QMS applications as well as software tools)
- Regulated organizations can apply CSA principles and approaches today
Why is the FDA introducing Computer Software Assurance?
As part of their Case for Quality program, the FDA identified several barriers with CSV:
- Complex, confusing, and hard to use risk-based approaches
- Too much focus on documentation for the auditor, creating a significant compliance burden
- Lack of clarity on how much testing is enough and where to focus that testing
- The FDA believes the use of automation, information technology, and data solutions throughout the system life cycle can provide significant benefits to drive enhanced quality and safety, thereby reducing patient risk
How is the FDA guiding the CSA methodology?
- By defining indirect versus direct systems
- By identifying acceptable approaches to indirect and direct system validation
- By focusing on a risk-based approach that uses critical thinking to spend more time developing a methodology appropriate to the risk of the system
- By focusing on testing high-risk systems and functionality, and spending less time documenting
- By training inspectors to focus their review on the higher-risk activity and the critical thinking behind the chosen methodology
- Quality Management Systems (LMS, Quality Document Management, QMS)
- Regulatory Publishing and Submissions
- Software as a Medical Device (SaMD)
- UDI & Serialization
What are the benefits of a CSA approach?
As part of their Case for Quality program, the FDA participated in several pilot programs that consistently delivered these results:
- Improved quality and efficiency
- Decreased test script issues by up to 90%
- Reduced testing overhead
- Leveraged vendor assurance activities
- Maximized use of CSV and expert resources
- Delivered value faster
How can USDM help?
CSA Education and Training
USDM can help teach and mentor your teams on CSA principles and how to apply critical thinking to your process, plus:
- Increase awareness and knowledge about CSA principles and benefits
- One-off courses, reoccurring training, GxP training for suppliers, and more
- Training customized to your business needs and processes
- Onsite or virtual programs
USDM can assess your CSV process and recommend CSA changes based on your quality of documentation, testing, SOPs/WIs, use of automation, performance on audits, and more. Assessments also include:
- Evaluate your current CSV process for quick wins and longer-term improvements
- Prioritize recommended changes based on business justification
- Improve your vendor qualification process
- Build a CSA roadmap based on your business priorities
CSA Development and Methodology
From vendor selection to methodology development to end-user training, USDM can transform your CSV approach into a CSA approach and help drive adoption across your organization by:
- Implementing fast-start improvements to your processes
- Developing and executing pilot programs
- Overhauling your processes and procedures
USDM Cloud Assurance
USDM can manage your entire CSV or CSA process and deliver an end-to-end GxP compliant managed service, plus:
- Assist with cloud vendor selection and the RFP process
- Manage cloud vendor assurance, vendor qualification, and maintenance of new releases
- Leverage automated regression testing
- Ensure continuous compliance of your entire tech stack
USDM is on the cutting edge of technology and compliance, and we are watching the FDA’s Computer Software Assurance guidance closely. We have progressive solutions in place and can save you significant time and money on your validation programs. Contact us to discuss your unique challenges today.
Get in touch with our team to discuss your CSA assessment.
USDM Cloud Assurance
USDM Cloud Assurance is a managed service that offloads your vendor release management and maintenance of ongoing system updates, patches, and changes.
ProcessX is an intelligent, validated, GxP process automation platform that simplifies regulated workflows and processes to drive greater efficiency across your organization.
Compliance Training & Education
USDM has customized training programs to educate internal teams or external partners and to help you stay current with the rapidly changing regulatory landscape.