46. Cloud Validation – End User Validation Challenge for SaaS
Regulators agree that you can outsource services, but they insist that you cannot outsource your GXP responsibility. (p. 160) Cloud technology for Software as a Service (SaaS) is being sold to provide end users as a cost effective solution to address growing and global business activities. The message is to free customers from having…
Read More45. Cloud Validation – EMA GMP Annex 11 Challenge for PaaS
Regulators agree that you can outsource services, but they insist that you cannot outsource your GXP responsibility. (p. 160) Cloud technology for Platforms as a Service (PaaS) are being engaged to provide software vendors with a cost effective product development environment. This lets them concentrate on their primary business which is producing software applications…
Read More44. Cloud Validation – FDA Part 11 Challenge for IaaS
Regulators agree that you can outsource services, but they insist that you cannot outsource your GXP responsibility. (p. 160) Cloud technology for Infrastructure as a Service (IaaS) and Platforms as a Services (PaaS) must comply with US Food and Drug Administration (FDA) law 21 CFR Part 11 Electronic Record Keeping; Electronic Signatures. Referred to…
Read More43. Cloud Validation – Safe Harbor Challenge
Regulators agree that you can outsource services, but they insist that you cannot outsource your GXP responsibility. (p. 160) Software as a Service (SaaS) applications used in a GXP regulated work process still require compliance to EU Privacy Directives and to US Health and Human Services (HHS) legislation known as the Health Information Portability…
Read More42. Cloud Validation – Technology Challenges
IQ and Configuration Management …there is no IQ visibility into the platform and no control over the location of the data on the cloud infrastructure. (p. 160) Software as a Service (SaaS) applications used in a GXP regulated work process still require end user validation to FDA Part 11 and EU Annex 11 standards.…
Read More41. Cloud Validation – PQ Testing of SaaS Applications
…PQ, however, can still be performed by users as usual using their work process to validate the ability of the cloud-hosted software application to perform as expected. (p. 160) Software as a Service (SaaS) applications used in a GXP regulated work process still require end user validation to FDA Part 11 and EU Annex…
Read More40. SW Dev Practices – Smoke Test
Smoke Test: Project regression test to ensure a safe Software Quality Control (SCQ) Build. (p. 90) There can be a variety of software development life cycles (waterfall, agile, spiral, etc.) but all efficient and effective software development organizations use a Smoke Test process to check new code before investing in more extensive testing. The…
Read More39. Software Development Practices – Code Reviews
Was sufficient “white box” testing performed to assure that internal logic, control features, and data processing work as specified? (p. 90) IEEE defines “White Box” testing as testing based on an analysis of the internal structure of the component or system. Software code reviews are a prime example of white box testing. Code reviews…
Read More38. Software Development Practices – CASE Tools
Writing software for regulated environments should be a creative discipline and not a creative art form. Guidance from GAMP 5 states that “Each project should define the program coding standards, directory structure standards, and the file naming conventions to be followed. (p. 216) Computer Aided Software Engineering (CASE) tools are important components of the…
Read More37. Software Development Practices – SAD
Writing software for regulated environments should be a creative discipline and not a creative art form. Guidance from GAMP 5 states that “Each project should define the program coding standards, directory structure standards, and the file naming conventions to be followed. (p. 216) Whether modified waterfall or various Agile software life cycles are used,…
Read More