Software Validation and Its 11 Key Documents
John E. Lincoln is Principal of J. E. Lincoln and Associates LLC, a
consulting company with over 35 years of experience in U.S. FDA-regulated
industries, 21 of which are as an independent consultant. John has
worked with companies from start-up to Fortune 100, in the U.S., Mexico,
Canada, France, Germany, Sweden, China, and Taiwan. He specializes in
quality assurance, regulatory affairs, QMS problem remediation, and FDA
responses, new/changed product 510(k)s, process/product/equipment
including QMS and software validations, ISO 14971 product risk
management files/reports, Design Control/Design History Files, Technical
Files, CAPA systems, and analysis. He's held positions in Manufacturing
Engineering, QA, QAE, Regulatory Affairs, to the level of Director and
VP (R&D). John has prior experience in military, government,
electronics, and aerospace. He has published numerous articles in
peer-reviewed journals, conducted workshops and webinars worldwide on
CAPA, 510(k)s, risk analysis/management, FDA/GMP audits, validation,
root cause analysis, and others. He periodically writes for the Journal of Validation Technology. John is a graduate of UCLA.
Software and related hardware design, development, verification, and validation are difficult to manage, document and control. This presentation focuses on the verification and validation planning and execution of software, after basic developmental testing and debug. It includes COTS (commercial off-the-shelf) and the growing field of "cloud"- based software. A suggested 11-element FDA “model”, field-proven for over 23 years (and mandated for submissions) will be evaluated, implemented, with V&V documentation and test case examples. The focus is on the most recent issues the FDA has had in this area, including cybersecurity, and remediation approaches. Software considered: 1) In-product, 2) As-product, 3) Production/Test, and 4) QMS/21 CFR Pt. 11. Field examples, good and bad will be addressed. Evaluation of the chief areas of regulatory concerns will focus on actual and anticipated changes in emphasis based on the changing regulatory climate.
CGMP companies must develop/implement formal software V&V for devices, production and test equipment and electronic records/signatures, and 21 CFR Part 11.
- Tougher FDA Expectations/Requirements; Cybersecurity
- “Working” Definitions and Roles of Verification and Validation
- A Field-tested FDA 11 Element Documentation "Model"
- A Typical Software V&V Protocol/Test Report; "Black" and "White" box, with different Test Cases
- A Brief Overview of 21 CFR Part 11, and its implementation
- Legacy, Hybrid, New, and ER/ES Systems
- Expected Regulatory Deliverables
- Complementary Guidelines
Course Level - Intermediate
Who Should Attend
This webinar will provide valuable assistance to all regulated companies in evaluating their existing or anticipated software/firmware V&V activities and documentation requirements, especially in light of the changes in the FDA's stance vis a vis industry compliance, past problems, and the growing "cloud" environment. It will help attendees understand and recognize the most common software V&V failings and their fixes. The webinar will allow attendees to develop and use a repeatable software V&V template for all software validation projects. This information applies to personnel/companies in the Pharmaceutical, Medical Device, Diagnostic, Dietary Supplement, and Biologics fields.
The employees who will benefit include:
- Software engineers
- Computer programmers and testers
- Management and Supervisory Personnel
Why Should You Attend
Software design and development is under increased scrutiny by a "tougher" U.S. FDA. Software V&V issues are becoming a growing area of concern by regulatory agencies. Product, production/test equipment, and even the QMS are heavily software/firmware driven in today's manufacturing. A comprehensive, corporate-wide plan is a necessity. A repetitive generic SW documentation “model” with 11 key elements, imposes a robust system on all types of SW V& V. Growing "cloud" issues add urgency to upgrade control. Software's complex logic pathways mandate resource-intensive V&V activities, in a resource-constrained environment, demanding a p risk-based approach. What are the best approaches for companies to take? How can tougher regulatory expectations be met? What V&V is necessary to minimize software failures in the field or in-house? Use the FDA's own "model" to document all types of SW V&V. And use this model to add predictability to bring software V&V in under budget and within project timelines.