|08.40 - 09.00
|09.00 - 10.00
REQUIREMENTS: WHAT YOU NEED TO KNOW
Computerised systems operating in
the pharmaceutical, biotechnology and medical device industries, as
well as Contract Research Organisations supporting them, are subject
to specific EU and FDA regulations governing computerised systems.
The relevant sections of the regulations will be highlighted and
- What are the regulations
applicable to computerised systems and network infrastructure:
Good Manufacturing Practice (GMP), Good Laboratory Practice
(GLP), Good Clinical Practice (GCP)
- What are the Electronic Records
and Electronic Signatures regulations (21 CFR 11) and what is
their impact on the IT department?
|10.00 - 11.00
||COMPUTER VALIDATION -
WHAT IS REQUIRED?
All regulations and guidelines
place the responsibility for computer validation on the end user
management. Quality Assurance and Information Science departments
must help the end user community to ensure that systems are
developed, validated, operated and maintained in a compliant manner.
- The key terms defined and
- Roles and responsibilities
defined and explained: End User, Quality Assurance and IT
- System Development Life Cycle
(SDLC) planning and why is documented evidence important?
- Role of IT in the SDLC and the
importance of regulatory compliance
- Aids to help validation and
qualification: GAMP Guide and PDA technical reports
- How the FDA carry out
- Some typical questions you
may be asked
- The results of inspections:
FDA Warning Letters and 483 Observations
|11.15 - 12.15
||HOW DO THE
REGULATIONS IMPACT ON AN IT DEPARTMENT?
The FDA's rule of enforcement on 21
CFR 11 now includes the IT Department. This law that brings IT
departments under the new legislation: RAPID ADJUSTMENT TO THE NEW
RULE IS NOW ESSENTIAL.
- Are your computer room
facilities to standard and the environment monitored?
- Do you have procedures and
documented evidence of activities ?
- Do your personnel have current
training records, position descriptions and CVs?
- Do you have security and access
- Understanding what the
- What minimum written procedures
are required by the regulations
- Do you have them and do you
- What is the impact of GXP
regulations on IT operations, especially on change control and
- Do you generate of electronic
records during normal operations
- Are these managed correctly?
|13.15 - 14.15
||QUALIFYING A NETWORK
AND IT INFRASTRUCTURE
All networked applications run on a
network. Is this adequately designed, installed correctly and
qualified to show how it works? The operational network must be
under change control to ensure that the applications that run on it
- How to define the scope and
boundaries of the network to be qualified
- Documentation of components and
the overall topology
- Managing the cabling contractors
to ensure adequate records of activities
- Initial qualification of the
network and how to proceed
- Change control and the impact of
change on the networks validated applications.
- Advantages and disadvantages of
Common/Standard Operating Environments for the Desktop
|14.15 - 15.15
ISSUES THAT MUST BE CONSIDERED WHEN OUTSOURCING YOUR IT OPERATIONS?
Most pharmaceutical companies now
outsource at least some of their IT work. These outsourcing
organisations now fall under new legislation and it is your
responsibility to ensure they are compliant with regulations.
- Does the outsourcing
organisation understand the regulations especially 21 CFR 11?
What to do if they don't. Training and education in the context
- How to audit the outsourcing
organisation for compliance with regulations before you sign the
- Case studies of auditing
- Inputs required in the service
level agreement for compliance
- When outsourcing can generate
|15.15 - 15.30
|15.30 - 16.30
One of the most important aspects
of ensuring quality is through an audit and IT departments are no
different. Auditing is good way to ensure ongoing quality - knowing
when and how to audit effectively is vitally important.
- How to define the scope and
boundaries of the audit: people, procedures, infrastructure
- How to planing the audit: should
you use a checklist?
- How to execute the audit:
objective facts, not subjective views
- How to report non-compliance and
design, and implement corrective actions
|16.30 - 17.00