Cart is empty
View Cart
Subtotal: $0.00
JOIN NOW!
New Draft Guidance to Support Risk-Based Computer Software Assurance

New Draft Guidance to Support Risk-Based Computer Software Assurance

  • Posted by Heather Longden
  • On November 7, 2019

FDA continues to encourage the use of innovative new technologies to support the development of quality new drugs and ensure that patient safety is uppermost in the development and manufacture of drugs. As Scott Gottleib noted when discussing medical devices, FDA wishes to encourage device manufacturers to “make investments to re-tool their manufacturing processes” to facilitate manufacturing innovation and to encourage investment in new production methods and materials which lead to better medical products. The kind of technology FDA envisions are “intelligent, automated processes that monitor and record manufacturing quality metrics, incorporating features and technological characteristics that can contribute to better option and higher quality.”

However, upon further investigation, the Center for Devices and Radiological Health (CDRH) discovered that one of the reasons medical device manufacturers were not seeking quality improvements by adopting automation and new digital technologies was the perceived compliance burden and regulatory risk of such innovation. In particular, the validation of computerized systems was seen as a major barrier to the adoption of new technologies, with the cost of validation in some cases reported as being twice the cost of the basic system.

In 2011 the CDRH initiated the Case for Quality, a new program with a number of sub projects. One of these, the Focus on Quality, describes how the current focus on “compliance” results in the industry aspiring to meet the minimum compliance requirements only, while regulators really hope the industry aspires to go above the minimum requirements and are looking for ways to reward companies that focus their use of technology on achieving better quality or operational excellence.

The current Validation of Software in Medical Device guidance comes from 2002 and focuses on software which is an integral part of the device. However, there are many software applications and solutions which support the quality of a medical device but are not part of the device itself. The CDRH is working on a new draft guidance (in cooperation with CBER and CDER) founded on a true risk-based approach which should be considered when deploying non-product, manufacturing, operations, and quality system software solutions such as ERP, LIMS, LMS, eDMS, and QMS applications.

This new draft guidance will replace the term, Computer System Validation, with a new term, Computer Software Assurance, in an effort to have companies think critically about how software quality assurance is achieved, using risk-based methodologies to justify the amount and types of testing required as well as leveraging testing completed during the SDLC process.

While a risk-based approach to validation has been the guiding principle of GAMP 5 for over 10 years, in many companies the risk assessment aspect has become simply another check box exercise, with the outcome that all software is critical and requires detailed validation in order to “prove” that it is fit for purpose. Reducing and managing risk should be inherent when considering the adoption of new technologies, whether it is the use of cloud infrastructure for deploying new applications or embracing the advantages of software applications and technologies like Artificial Intelligence, Augmented Intelligence, Machine Learning or BlockChain. In addition, the assessment of risk should drive the amount and type of testing required to achieve assurance that the application is fit for purpose.

Author Bio: After a number of years in training, supporting and selling Waters Software, Heather’s current role is as a specialist in compliance to e-record regulations, acting as a resource to the global informatics community at Waters and the users of all Waters informatics products. This involves helping design the compliance into Waters informatics products and services, attending and presenting at specialist conferences, keeping up to date on the latest interpretations and amendments to the regulations and disseminating this information to the Waters field and corporate organizations.

For more information, register to attend the GAMP Forum on Risk Based Computer System Validation and Computer Software Assurance sponsored by the ISPE Boston Area Chapter on January 16, 2020…

 

 

Share this
 

11 Comments

Mike Barkan
I could not locate the registration information for the GAMP Forum on Risk Based Computer System Validation and Computer Software Assurance sponsored by the ISPE Boston Area Chapter on January 16, 2020. Can you send to me?
ISPE Boston
Hi Mike, We aren't quite ready to open registration yet but when we do, it will be available here: https://www.ispeboston.org/event-registration/?eventID=995. Thanks! ISPE Office
Chuck Landry
Is GAMP Forum on Risk Based Computer System Validation and Computer Software Assurance still going to be scheduled in 2020?
    ISPE Boston
    Hi Chuck, Yes! The GAMP Forum will take place on January 16, 2020. You can learn more and register by following this link: https://www.ispeboston.org/events/?eventID=995 Thanks! ISPE Office
Danish Khan
Thanks for this information but my question is how to secure my pc in all viruses?
    ISPE Boston
    Hi Danish, For more information, you should attend the half-day conference! Registration is now open at: https://www.ispeboston.org/events/?eventID=995 Thanks! ISPE Office
Giovanna Vergine
Hi, just for confirmation: is an online forum the event will take place on January 16? many thanks
Giovanna Vergine
Hello, is this an online forum? Could I participate by online? many thanks
    ISPE Boston
    Hi Giovanna, Unfortunately, this is an in-person Forum. It is being held at the Royal Sonesta in Cambridge, MA. If you can attend in person you can register here https://www.ispeboston.org/events/?eventID=995 Thanks! ISPE Office
Jarle Pahr
Very interesting announcement and topic, but I wonder if this guideline will apply also for drug manufacturers? I notice that this guideline is being developed by a section of the FDA deals with medical devices, but it appears that the topics in the guideline would be just as relevant (and directly applicable) to drug manufacturers.
    Heather Longden
    Hi, you are absolutely correct, this is coming from the CDRH Medical Devices team. the guidance will be issued for medical devices and not specifically pharma. However, we are confidence that CDER and CBER are also looking at this. So confident, in fact, that I know a number of pharma companies that already loving their validation SOPs in this direction. You might be thinking, "are they crazy? for follow a not even published draft guidance from another Center?" In fact, current FDA drug regulations already propose a risk based approach to validation, just as GAMP has been supporting for more than 10 years. Properly applying critical risk based thinking BEFORE you start any validation planning, is exactly what pharma and medical device companies should have been doing all along. However, the conservative nature of regulated industries is "maybe it's all high risk, so I can't scale my validation at all". This draft guidance is purely going to push readers to give that risk based approach a trial. But you don't need to wait for it, or wait for a pharma or biopharma guidance version. Just read and apply GAMP 5.

Leave Reply

Leave a Comment

Your email address will not be published. Required fields are marked *