Life Sciences Expertise
Computer Software Assurance for Production and Quality System Software
Watch our On-Demand webinar with the FDA
Computer Software Assurance Draft Guidance
To harmonize with international standards, the U.S. Food and Drug Administration’s (FDA) Center for Devices and Radiological Health (CDRH) has released new draft guidance, Computer Software Assurance for Production and Quality System Software, in September 2022.
With the FDA changing focus from compliance to quality and encouraging automation and new technologies, USDM has been modernizing and practicing a more streamlined approach to Computer System Validation (CSV). We are updating our Cloud Assurance methodology to include a true risk-based Computer Software Assurance (CSA) approach. We can help you develop your CSA approach, too.
What is Computer Software Assurance?
In 2011, the CDRH initiated the Case for Quality, a program that identified barriers in the General Principles of Software Validation guidance released in 2002. The current guidance focuses on software, which is an integral part of the medical device but does not clearly address the many software systems that support the quality of a medical device. The new draft guidance, Computer Software Assurance for Production and Quality System Software, will allow manufacturers to minimize their existing CSV efforts and documentation burden and focus on more efficient approaches (including automation) to improve their overall process and product quality. This guidance is founded on a truly risk-based approach to CSV, which should focus on critical thinking when deploying non-product software systems.
Computer Software Assurance Highlights
- Draft Guidance was released on September 13, 2022, and is accepting comments through November 14, 2022
- Applies to non-product quality system software (ERP, LIMS, LMS, EDMS, and QMS applications, as well as software tools)
- Does not apply to medical device software (SaMD or embedded)
- Not applicable for SDLC activities
How Can We Help?
We can train on CSA and critical thinking best practices, develop your CSA methodology, or create a pilot program to drive adoption across your organization. Let’s discuss your needs.
Why is the FDA introducing Computer Software Assurance?
As part of their Case for Quality program, the FDA identified several barriers to CSV:
- Complex, confusing, and hard-to-use risk-based approaches
- Too much focus on documentation for the auditor creates a significant compliance burden
- Lack of clarity on how much testing is enough and where to focus that testing
- The FDA believes the use of automation, information technology, and data solutions throughout the system life cycle can provide significant benefits to drive enhanced quality and safety, thereby reducing patient risk
- Focus on “value-add” assurance vs. non-value-add documentation for compliance
- Industry 4.0 focus that is foundational to digital transformation initiatives
How is the FDA guiding the CSA methodology?
- By defining indirect versus direct systems
- By identifying acceptable approaches to indirect and direct system validation
- By focusing on a risk-based approach that uses critical thinking to spend more time developing a methodology appropriate to the risk of the system
- By focusing on testing high-risk systems and functionality and spending less time documenting
- By training inspectors to focus their review on the higher-risk activity and the critical thinking behind the chosen methodology
What are the benefits of a CSA approach?
CSA has many benefits when using critical thinking correctly to apply a risk-based approach. As part of its Case for Quality program, the FDA participated in several pilot programs that consistently delivered these results:
- Better testing + less documentation = Faster “time to value”
- Improved quality, efficiency, speed, agility, responsiveness, transformation
- Decreased test script issues by up to 90%
- Reduced testing overhead
- Leveraged vendor assurance activities
- Maximized use of CSV and expert resources
How can USDM help?
The biggest hurdle to adopting CSA is the mindset and cultural behaviors your organization has come to believe. Four out of five senior leaders cannot explain WHY they do things the way they do them. Most respond, “we’ve always done it that way.” Unless you can trace it to a law or a regulation – it’s likely a tradition or legacy of misguided behavior holding you back. Changing internal perceptions and behaviors is the hardest part of evolving your validation processes. Using a 3rd party like USDM can help your organization stop inflicting processes and procedures that aren’t required. USDM has the life sciences expertise and organizational change management know-how you need to modernize and optimize your software and regulatory needs.
CSA Education and Training
USDM can help teach and mentor your teams on CSA principles and how to apply critical thinking to your process, plus:
- Increase awareness and knowledge about CSA principles and benefits
- One-off courses, reoccurring training, GxP training for suppliers, and more
- Training customized to your business needs and processes
- Onsite or virtual programs
USDM can assess your CSV process and recommend CSA changes based on your quality of documentation, testing, SOPs/WIs, use of automation, performance on audits, and more. Assessments also include:
- Evaluate your current CSV process for quick wins and longer-term improvements
- Prioritize recommended changes based on business justification
- Improve your vendor qualification process
- Build a CSA roadmap based on your business priorities
CSA Development and Methodology
From vendor selection to methodology development to end-user training, USDM can transform your CSV approach into a CSA approach and help drive adoption across your organization by:
- Implementing fast-start improvements to your processes
- Developing and executing pilot programs
- Overhauling your processes and procedures
USDM Cloud Assurance
USDM can manage your entire CSV or CSA process and deliver an end-to-end GxP compliant managed service, plus:
- Assist with cloud vendor selection and the RFP process
- Manage cloud vendor assurance, vendor qualification, and maintenance of new releases
- Leverage automated regression testing
- Ensure continuous compliance of your entire tech stack
USDM is on the cutting edge of technology and compliance, and we are closely watching the FDA’s Computer Software Assurance guidance. We have progressive solutions and can save you significant time and money on your validation programs. Contact us to discuss your unique challenges today.
Get in touch with our team to discuss your CSA assessment.
USDM Cloud Assurance
USDM Cloud Assurance is a managed service that offloads your vendor release management and maintenance of ongoing system updates, patches, and changes.
ProcessX is an intelligent, validated, GxP process automation platform that simplifies regulated workflows and processes to drive greater efficiency across your organization.
Compliance Training & Education
USDM has customized training programs to educate internal teams or external partners and to help you stay current with the rapidly changing regulatory landscape.