Computerised System Validation - Auditing and Leveraging IT/OT Suppliers and Service Providers + Computerised System Validation Master Class
Qualify yourself as an expert for the validation of computerised systems. Combination booking: Save € 600,-
19-22 May 2026, Vienna, Austria
Course No. 22283
Speakers
Yves Samson
Kereon
Dr Robert Stephenson
Rob Stephenson Consultancy
Frank Behnisch
Formerly CSL Behring
Combination booking: We offer you a discount of € 600! You can also book an individual course separately. Book "Computerised System Validation: Auditing and Leveraging IT/OT Suppliers and Service Providers" here. Book "Computerised System Validation Master Class" here.
Target Group
Auditing and Leveraging IT/OT Suppliers and Service Providers: This ECA training is directed at employees from Production, Quality Control/Quality Assurance, Engineering, and IT, who have to assess, manage, or work with, computerised system or service providers. This training will also be of value to representatives from supplier organisations that are working, or seeking to work, with regulated companies in the Life Sciences Sector.
Computerised System Validation Master Class:
The Master Class is directed at employees from
IT
Production
Engineering
Quality Assurance
Quality Control
Participants should already have gained experience in the validation of computerised systems, and preferably will have also attended a basic CSV Course.
Objectives
Auditing and Leveraging IT/OT Suppliers and Service Providers:
To help regulated organisations develop a consistent and compliant approach to the key processes of supplier selection and supplier audit/assessment in order to achieve successful outcomes throughout the complete computerised system life cycle.
To understand the current regulatory and good practice frameworks that support these activities.
To provide training on how to prepare, perform, and report on supplier audits and assessments.
To share real-life case studies with the participants during two hands-on workshops.
Learn how to use efficient leveraging to minimise duplication of effort between the supplier and the regulated Company.
Computerised Systems Validation Master Class:
As a specialist for the validation of computerised systems, the event will provide you with
Suggestions on how current regulatory guidance on computerised systems relating to data integrity, critical thinking and CSA (Computer Software Assurance) can be put into practice
Real-life examples of how validation effort can be scaled according to risk-based approaches
Answers to specific questions, e.g. on source code review or on creating specification documents
The opportunity to bring questions from your own practice up for discussion
Background
Auditing and Leveraging IT/OT Suppliers and Service Providers:
Annex 11: Computerised Systems (EU & PIC/S GMP) states that ‘the competence and reliability of a supplier are key factors when selecting a product or service provider’. ‘Leveraging Supplier Involvement’ is one of the five key concepts of the ‘GAMP® 5 Second Edition Good Practice Guide: A Risk-Based Approach to Compliant GxP Computerized Systems’.
Regulated companies are increasingly looking to their external suppliers and service providers to provide them with innovative and compliant products and services which cost-effectively fulfil their operational and business needs.
This course aims to provide attendees with the skills and knowledge to identify capable and reliable suppliers and service providers, to use supplier leveraging to improve the efficiency and effectiveness of their validation processes, and to develop long-term collaborative working relationships.
Computerised System Validation Master Class:
The V-model has become a standard worldwide methodology for the validation of computerised systems. Regulatory requirements, as well as industry guidelines, like GAMP®5 2nd Edition, are orientated towards this model. In practice, you as a validation specialist will want to know how to apply this model to current and increasingly complex validation projects.
Programme
Programme Auditing and Leveraging IT/OT Suppliers and Service Providers - 19 May 2026
Introduction – What the Participants expect
Introductions and welcome
Course objectives and topic review
An open session capturing the expectations of the delegates
Overview of IT/OT Suppliers and Service Providers
Suppliers and Service Providers – what is the difference?
What should a regulated user expect from their suppliers and service providers?
Critical success factors
Clarifying roles and responsibilities
Good Practice and Regulatory considerations
Supplier Selection Process
Identification of potential suppliers/service Providers
Creating a short-list of potential candidates
Factors to consider when making the final selection
Documenting the decision-making process
Workshop: Selecting a Supplier
A workshop based on a real-life case study
Auditing IT/OT Suppliers
Factors to consider
Focusing the assessment
Engaging with the supplier
Reporting and managing the findings
Regulatory expectations
Corrective actions and follow-up audits
Leveraging Audit Findings
Integrating suppliers and service providers expertise and deliverables
Into the validation process
Throughout the system life cycle
Leveraging supplier testing
Workshop: Quality Planning Exercise
Working with your supplier/service provider to develop a plan for success
Programme Computerised System Validation Master Class - 20-22 May 2026
Introduction – Gain Understanding of Delegate Experience and Background
Workshop 1: What the Delegates expect
Capturing delegates expectations
Sharing and reducing to key points
Facilitated discussion
Interactive Session: Good Validation Practices
IT and System Governance
CSV roles and responsibilities
Role of Quality Unit
Project Life Cycle
Life cycle refresh
Life cycle activities and deliverable by Agile approaches
Presentation of the Project Mandate
Presentation of the case study application
Project Mandate
Workshop 2: Elaborating URS - Drafing URS
Outlining and drafting URS for the case study application
Debriefing and plenum discussion
URS (User Requirement Specification): Structure and Content
URS: Purpose and objectives; Roles & responsibilities
URS structure
Prioritizing user requirements
URS: how much is enough?
Workshop 3: Elaborating URS - Consolidated URS
Elaboration of a consolidated URS draft for the case study application
Debriefing
Introduction to Qualification Planning
Qualification Planning refresh
Q-Plan Purpose and objectives
Roles & responsibilities
Topics to be covered
Workshop 4: Elaborating a Qualifcation / Validation Plan
Filling out a High Level and System Risk Assessment for the case study application
Outlining & drafting a Qualification Plan for the case study application
Debriefing
Qualification / Validation Plan: Structure and Content
Q-Plan structure
Q-Plan scalability
Qualification/Validation strategy
Introduction to Functional Specifications
FS refresh
Purpose and objectives
Roles & responsibilities
Recommendation regarding the elaboration of FS
Workshop 5: Elaborating Functional Specifications
Outlining FS for the case study application
Drafting some functionalities
Debriefing
Risk Management Refresh: Scalability and Objectives
Performing a functional risk assessment for functionalities of the case study application
Debriefing
Migration and Supporting Activities
Risk mitigation measures: Purpose and objectives; roles & responsibilities; scheduling and scalability; risk mitigation: more than testing
Supporting activities: What supporting processes
Introduction to Design Review
Design Review: Purpose and objectives; Roles & responsibilities
Design Review more than Design Qualification
Workshop 7: Design Review Planning
Planning and elaborating a design review strategy for the case study application
Debriefing
Practical Approach to Design Review
Design review process: points to consider
Design review scalability
Recommendation
Source Code Review
Source code Review: Purpose and objectives; Roles & responsibilities
What should be reviewed; how to review / document
Interactive Session: Good Validation Practices
IT and System Governance
CSV roles and responsibilities
Role of Quality Unit
Testing and Verification: Objectives and Content
Testing and verification: Purpose and objectives; roles & responsibilities
Efficient Testing
Workshop 8: Elaborating OQ / FT Test Cases
Outlining OQ/FT and PQ/FT for the case study application
Drafting some functional test cases
Drafting some performance test cases
Debriefing
Alternative & Agile Approaches
Alternative software development models
Unified Process, Scrum
Agility objectives
Needs for flexible engineering methodologies
Practical approaches and recommendations
Integration Project vs Bespoke Development
Roles & responsibilities, life cycle for: Integration projects; development projects
What to leverage and how to leverage?
Workshop 9: Elaborating a Qualification / Validation Report
Outlining & drafting a Qualification Report for the case study application
Debriefing
Qualification / Validation Report: Objectives and Content
Qualification/Validation report:
Purpose and objectives
Roles & responsibilities
Report structure
Recommendation
Bringing Legacy Systems into Compliance
Objectives
What shall be done?
Recommendation
System Classification – A Record-Based Approach
Needs for a system classification
Classification criteria
How-to classify a Systems?
Today / Future IT Compliance Challenges
Open Source Software validation
Challenge demands Infrastructure platforms for applications
Global systems validation vs local defence
Paperless recipe-based production – ISA 95 / S 88
Cloud Computing – Data Integrity
Validating Artificial Intelligence (AI)
Challenges for data integrity on Lab-Systems
Further Information
Venue Austria Trend Hotel Savoyen Rennweg 16 1030 Vienna, Austria Phone +43 (1) 206330 Email savoyen@austria-trend.at
Accommodation CONCEPT HEIDELBERG has reserved a limited number of rooms in the conference hotel. You will receive a room reservation form/POG when you have registered for the conference. Reservation should be made directly with the hotel. Early reservation is recommended.
Fees (per delegate, plus VAT) ECA Members € 2,780 APIC Members € 2,980 Non-ECA Members € 3,180 EU GMP Inspectorates € 1,280 The conference fee is payable in advance after receipt of invoice and includes conference documentation, 4 lunches, social event including dinner on May, 20th, and all refreshments. VAT is reclaimable.
Social Event On Wednesday evening (20 May), you are cordially invited to a social event. This is an excellent opportunity to share your experiences with colleagues from other companies in a relaxed atmosphere.
Presentations/Certificate The presentations for this event will be available for you to download and print before and after the event. Please note that no printed materials will be handed out on site and that there will not be any opportunity to print the presentations on site. After the event, you will automatically receive your certificate of participation.
Conference language The official conference language will be English.
Testimonials
