Purchase any WEBINAR and get
10% Off
CODE: SAVE10
T&C applicable, please referFAQ
Validity : 21st Jul'25 to 31st Jul'25
Audit Trails - Critical to Support FDA 21 CFR Part 11 and Data Integrity Compliance
- Learn how to identify “GxP” Systems
- Discuss the Computer System Validation (CSV) approach based on FDA requirements
- Learn about the System Development Life Cycle (SDLC) approach to validation
- Discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures
- Understand how to maintain a system in a validated state through the system’s entire life cycle
- Learn how to assure the integrity of data that supports GxP work
- Discuss the importance of “GxP” documentation that complies with FDA requirements
- Understand the rationale for including an audit trail in a system, along with the downside of not doing so
- Understand how procedural controls may be used in place of technical controls, where the capability is lacking and not feasible
- Learn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
- Understand the key components of 21 CFR Part 11 compliance for electronic records and signatures
- Know the regulatory influences that lead to FDA’s current thinking at any given time
- Learn how to conduct a risk assessment on computer systems that will provide the basis for developing a validation rationale
- Understand the need to include an assessment of a computer system’s size, complexity, business criticality, GAMP®5 category and risk, should it fail, to develop a cohesive and comprehensive validation rationale
- Learn how to best prepare for an FDA inspection or audit of a GxP computer system
- Understand the importance of performing a thorough vendor audit to ensure oversight to the products and services they deliver
- Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycle
Overview of the webinar
In particular, industry citations have increased as they relate to areas of Part 11 and data integrity. At the heart of these, is the ability to ensure that no original record is obscured, or is destroyed before the retention period has ended. The best way to preserve database records, those that are uniformly structured, is to place an audit trail on the file. The audit trail will create a new record every time a record is updated, including the old value, new value, date, time, person who authentically performed the modification to the record, and the reason for the change.
Companies are not aligning well with the Part 11 and data integrity requirements, and while many use audit trails, these are not always managed appropriately. In some cases, FDA has found that the audit trail was deactivated for a period of time, but this was not documented, or it was modified or deleted. Without this protection, it’s virtually impossible to follow the life cycle for any record from creation to disposition at the end of the retention period.
In some cases, audit trails exist, but do not require th user to enter a reason for a change to a record. This is a challenge when trying to reconstruct what happened, and not having the reason brings into question the validity of the record.
Some legacy stand-alone systems that include software loaded onto a local device, instrument, or piece of equipment do not have audit trail capability. This is not a valid reason for ignoring Part 11 and data integrity requirements. If no technical control is available, such as an audit trail, then a procedural control must be in place. In the case of a stand-alone system, the user would have to maintain a log of all changes made, and this could be done using a bound laboratory notebook or log book, or using Excel or some other means of tracking this information.
Not only do these companies risk being out of compliance, but they are not able to perform analysis and trending on the records to identify the reason behind changes. If it’s a consistent reason, it may be due to a training deficiency or have some other cause that should receive action.
We will explore the best practices and strategic approach for evaluating computer systems used in the conduct FDA-regulated activities and determining the level of potential risk, should they fail, on data integrity, process and product quality, and consumer/patient safety. We will walk through the System Development Life Cycle (SDLC) approach to validation, based on risk assessment, and will also discuss 21 CFR Part 11 and data integrity, and the importance of managing electronic records and signatures appropriately.
We will also walk through the entire set of essential policies and procedures, as well as other supporting documentation and activities that must be developed and followed to ensure compliance. We will provide an overview of practices to prepare for an FDA inspection, and will also touch on the importance of auditing vendors of computer system hardware, software, tools and utilities, and services.
Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment, that can be leveraged to assist in all your GxP work.
Who should attend?
Professionals in the following industries may benefit from the content:
- Pharmaceutical
- Medical Diagnostics
- Medical Devices
- Vendors of Software Used with Medical Devices
- Biotechnology
- Tobacco and Related (Vapor, e-Cigarette, Cigar, etc.)
- Any other FDA-regulated industry, plus any Life Science Consulting or Contracting firm
Recommended Attendee Profiles:
- Information Technology Managers, Developers and Analysts
- QC/QA Managers and Analysts
- Clinical Data Managers and Scientists
- Compliance Managers
- Lab Managers
- Automation Analysts
- Computer System Validation Specialists
- GMP Training Specialists
- Business stakeholders and individuals who are responsible for computer system validation planning, execution, reporting, compliance, and audit
- Consultants working in the life sciences industry who are involved in computer system implementation, validation and compliance
Why should you attend?
You should attend if you are responsible for leading or participating in a computer system validation project for a system regulated by FDA. The system will require testing to ensure it meets FDA requirements for 21 CFR Part 11, the guidance for electronic records and electronic signatures, and data integrity. Audit trails play a key role in ensuring compliance and understanding how to defend data chronologically through its retention period. Learn how a work-around when a legacy system has no audit trail, but contains electronic records. Also, understand what a vendor may be able to provide to demonstrate complete traceability of data.
You’ll also learn an approach to both 21 CFR Part 11 and data integrity compliance understanding what FDA expects stakeholders in industry to do. There a few simple suggestions that can streamline validation activities related to all of these key areas.
Preparing for an FDA inspection is a challenge, but an internal inspection by Quality can help you identify gaps where data integrity may be in question and how to remediate them before the agency arrives.
Faculty - Ms.Carolyn Troiano
Carolyn Troiano has more than 40+ years of experience in computer system validation in the pharmaceutical, medical device, animal health and other FDA-regulated industries. She is currently managing a large, complex data migration, analytics and reporting program at a major financial institution.
During her career, Carolyn worked directly, or as a consultant, for many top-tier pharmaceutical companies in the US and Europe. She was responsible for computer system validation across all GxP functions at a major pharmaceutical company. Carolyn developed validation programs and strategies back in the mid-1980s, when FDA guidelines were first issued. She was an industry reviewer for 21 CFR Part 11, the FDA's electronic record/electronic signature (ER/ES) regulation. She has taught ER/ES compliance, along with computer system validation and risk management/compliance at a number of Fortune 100 firms. Her experience includes work with FDA-regulated systems used in all areas of research, development, manufacturing, quality testing and distribution.
Carolyn has participated in industry conferences, providing very creative and interactive presentations. She is currently active in the Association of Information Technology Professionals (AITP), and Project Management Institute (PMI) chapters in the Richmond, VA area. Carolyn also volunteers for the PMI's Educational Fund as a project management instructor for non-profit organizations.