Choose a Purchase Options

Download Course Brochure


Advancements in technology have forced organizations to rethink business models. Once controlled and orderly, these organizations are now more chaotic and complex, serving patients and customers that are better informed and with higher expectations than ever before. Work practices and tools must change to meet these challenges.

The approach to developing software, performing validation and maintaining a system in a validated state through its entire life cycle should be carefully considered in order to meet changing needs. This seminar will include a comparison of the agile and waterfall methodologies, along with the pros and cons of each. There may not be one size that fits all, and so it is important to understand what needs to be considered when making such a determination.

We’ll also cover COTS, SaaS, IaaS, PaaS, and cloud services, indicating the benefits and risks of each model. In discussing these hardware and software options, we’ll include the best practices for meeting FDA’s requirements for validation, 21 CFR Part 11, as applicable, and data integrity. Part of the session will identify the FDA’s current concerns and how to ensure your systems will meet their expectations.

Day 1:

Module 1: CSV Methods and Models

  • GxP Systems
  • Computer System Validation (CSV)
  • Common SDLC Methodologies
  • GAMP®5 “V” Model
  • Computer System Validation (CSV) vs. Computer Software Assurance (CSA)
  • Critical Thinking
  • Waterfall vs. Agile Methodology

Module 2: Software and Services

  • Computer Off-the-Shelf (COTS) Software
  • Cloud Systems
  • Software as a Service (SaaS)
  • Platform as a Service (PaaS) & Infrastructure as a Service (IaaS)
  • Single Sign On (SSO)
  • Medical Devices using Software.
  • Software-as-a-Medical Device (SaaMD)
  • Mobile Devices
  • Spreadsheet Validation

Module 3: CSV Planning

  • Validation Plan
  • Rationale for Validation Testing
  • GAMP®5 System Categorization
  • Risk Assessment and Mitigation

Module 4: System Requirements and Design

  • Requirements Development
  • User Requirements Specification (URS)
  • Functional Requirements Specification (FRS)
  • System Design/Configuration Management Specification (SDS/CMS)

Module 5: IQ, OQ, PQ Test Planning & Execution

  • Validation Protocols - IQ, OQ, PQ
  • Validation Test Execution
  • Validation Test Summary Report

Module 6: Test and Validation Reports

  • Requirements Traceability Matrix (RTM)
  • Validation Summary Report
  • System Acceptance and Release Notification 

Day 1 Q&A Session

Day 2:

Module 7: CSV Operations and Maintenance

  • Maintaining a System in a Validated State
  • Disaster Recovery Planning
  • Business Continuity Planning
  • Incident Reporting, Investigation, and Remediation
  • Record Retention
  • System Retirement Challenges
  • Legacy Systems and Integration
  • Spreadsheet Validation

Module 8: CSV Supporting Components

  • Good Documentation Practices (GDPs)
  • Training
  • Organizational Change Management (OCM)
  • Validation Policies and Procedures

Module 9: Managing FDA-Regulated Data

  • 21 CFR Part 11 Guidance
  • Electronic Records/Signatures (ER/ES) Requirements
  • Data Integrity: ALCOA+ Principles
  • Data Life Cycle Approach
  • Data Governance
  • Data Privacy: HIPAA, GDPRs, et al

Module 10: Vendor Audit

  • Audit Preparation
  • Audit Execution
  • Post-Audit
  • Vendor Contracts and Service Level Agreements (SLAs)

Module 11: FDA Trends

  • Regulatory Influences
  • Regulatory Trends
  • Current Compliance and Enforcement Trends

Module 12: Inspection Preparation

  • FDA Inspection Readiness
  • Industry Best Practices

Day 2 Q&A Session

Module 13: CSV Exercises

  • Exercise 1: CSV
  • Exercise 2: Validation Plan (VMP) Writing
  • Exercise 3: Risk Assessment
  • Exercise 4: FDA Requirements for ER/ES
  • Exercise 5: Interviews and URS/FRS Writing
  • Exercise 6: IQ, OQ, PQ Test Protocol Writing
  • Exercise 7: RTM Writing
  • Exercise 8: Be the Consultant

Why should you attend

The attendee will learn about how to take advantage of modern, evolving technology while remaining compliant with FDA regulations related to computer systems and data. We will discuss ways to modernize the System Development Life Cycle (SDLC) approach to validation by applying FDA’s draft guidance for Computer Software Assurance (CSA) using an agile approach, including automated testing tools that will result in a continuous validation of software products. The CSA approach is risk-based and relies heavily on critical thinking. It is aligned with GAMP®5, Second Edition, published in July 2022. We will discuss the pros and cons of various approaches, and industry best practices for success.

The attendee will learn how to validate systems to meet 21 CFR Part 11, and data integrity compliance. We will touch on compliance with data privacy laws, including HIPAA, GDPRs, and other privacy regulations.

We will cover Computer-Off-the-Shelf (COTS) software, Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and cloud services. You’ll learn how to select an optimal solution and ensure that whatever that might be, you can build a contract and Service Level Agreement (SLA) that best suits your environment and needs.

We will also address spreadsheet validation. While tools like MS Excel, Google Sheets, and others do not have to be validated if used out-of-the-box without any customization. However, if you include macros or any type of customization, it will need to be validated. Learn about a streamlined approach to get a handle on the plethora of spreadsheets that are used across your organization for FDA-regulated data.

This seminar will be in-person, providing ample time for greater audience interaction. Bring your most pressing questions, describe you “pain points,” and learn how to solve some of the most confounding issues related to validation.

Who will benefit?

Personnel in the following roles will benefit:

  • ·      Information Technology Analysts
  • ·      Information Technology Developers and Testers
  • ·      Software Quality Assurance Professionals
  • ·      QC/QA Managers and Analysts
  • ·      Analytical Chemists
  • ·      Compliance and Audit Managers
  • ·      Laboratory Managers
  • ·      Automation Analysts
  • ·      Manufacturing Specialists and Managers
  • ·      Supply Chain Specialists and Managers
  • ·      Regulatory Affairs Specialists
  • ·      Regulatory Submissions Specialists
  • ·      Risk Management Professionals
  • ·      Clinical Data Analysts
  • ·      Clinical Data Managers
  • ·      Clinical Trial Sponsors
  • ·      Computer System Validation Specialists
  • ·      GMP Training Specialists
  • ·      Business Stakeholders/Subject Matter Experts
  • ·      Business System/Application Testers
  • ·      Vendors responsible for software development, testing and maintenance
  • Vendors and consultants working in the life sciences industry who are involved in computer system implementation, validation and compliance.

Areas Covered

  • ·      Learn how to identify “GxP” Systems
  • ·      Learn about FDA’s current thinking about technology and software development, and how this will impact industry
  • ·      Discuss the current state of Computer System Validation (CSV) approach based on FDA requirements
  • ·      Learn about the System Development Life Cycle (SDLC) approach to validation and how this can be modernized through a more agile approach, including automated testing for continuous validation
  • ·      Learn about cloud services and cloud service providers to optimize your experience
  • ·      Learn ways to validate in the cloud without compromising quality or compliance
  • ·      Learn the pros and cons of an agile vs. waterfall approach
  • ·      We will discuss cloud computing and Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), and Platform-as-a-Service (PaaS) systems that can be embraced and validated effectively
  • ·      Discuss the best practices for documenting computer system validation efforts, whether using a waterfall or agile approach, including requirements, design, development, testing and operational maintenance procedures, including ways to improve efficiency and effectiveness of managing related documentation
  • ·      Understand the best approach to Installation Qualification (IQ) testing when the system components are not on premise, but are in the cloud
  • ·      Understand how to maintain a system in a validated state through the system’s entire life cycle in a more cost-effective manner, applying an agile continuous validation approach
  • ·      Learn how to assure the integrity of data that supports GxP work, despite changes and advances in new technology
  • ·      Discuss the importance of “GxP” documentation that complies with FDA requirements
  • ·      Learn about the policies and procedures needed to support your validation process and ongoing maintenance of your systems in a validated state
  • ·      Know the regulatory influences that lead to FDA’s current thinking at any given time
  • ·      Learn about current trends in FDA compliance and enforcement
  • ·      Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on risk assessment, to ensure data integrity is maintained throughout the entire data life cycle
  • Q&A

Participant Testimonials

The presentation by Carolyn Troiana today was fantastic, both I and the QA Manager (Aaron Neighbour) loved it and had extensive conversation afterwards about it. Thank you WCS for bringing on board such wonderful experts.

Robert Friedland , IT Manager NUTEK BRAVO, LLC.

For me the training was useful in order to clarify requirements from the FDA in regards to the expectation for the Computerised System Validation process. I will definitely recommend this course to others.

Yorlehin Robiou , Quality Systems and Compliance Manager, Jabil Healthcare

Faculty Carolyn Troiano

Faculty Carolyn Troiano

Award winning FDA Compliance Expert for Validation, 21 CFR Part 11 (Electronic Records/Signatures) and Data Integrity.

My experience includes 34+ years in IT/ Business, Marketing & Compliance leadership and management roles at a variety of Fortune 100 companies, across multiple industries.

My successes include building and managing teams and business units at multiple “greenfield” sites in the pharmaceutical, biotechnology and IT consulting industries, as well as in the public sector. I have weathered numerous layoffs, mergers and acquisitions, and demonstrated my very strong leadership skills in helping staff get through difficult times.


RAPS - This course has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion.

World Compliance Seminars (WCS) is a Regulatory Affairs Professional Society (RAPS) RA Professional Development Portal provider. World Compliance Seminars is committed to enhancing the ongoing professional development of regulatory affairs professionals and other stakeholders through appropriate regulatory affairs learning activities and programs. World Compliance Seminars has agreed to follow RAPS-established operational and educational criteria