Computer Compliance & Cloud Impact Part II - Auditable Formal Testing Webinar
This webinar will speak about the compliance of SaaS applications and Cloud technology services used in GXP, Part 11/Annex 11, HIPAA, and Safe Harbor regulated industries.
Cloud based Software as a Service (SaaS) applications provide enticing marketing messages that emphasize "care free" startup and expanded use without the staffing and expense of internal infrastructure costs. What is not so well explained is that regulated SaaS applications still need a documented software development life cycle (SDLC) with documented formal release and change control testing by the SaaS vendor, documented installation qualification and change control testing at the cloud data center and end user validation testing in performance qualification to assess fitness for purpose in the regulated work process, prior to production use.
There is no "free ride" to implementing SaaS applications for GXP regulated work activities.
Regulators are still focused on finding evidence for a system’s "fitness to purpose" and for electronic data being trustworthy and secure, "attributable, legible, contemporaneous, original, accurate, (ALCOA)" and retrievable for inspection purposes throughout stated retention times.
Why Should you Attend:
Industry and IT professionals both new and experienced in computer validation are facing new compliance challenges around the implementation of SaaS and other Cloud technology services for regulated data and GXP operations. It is important for them to examine their compliance practices and see where there is an impact with SaaS and Cloud services that calls for a change in approach or documentation to validation, audit practices and data center contracting procedures.
- Starts by introducing an industry standard formal software testing model suitable for use by end users, infrastructure providers, and software developers
- Discusses characteristics of "formal" testing
- Illustrates key audit/inspection points in a test script template for manual testing
- Examines standards for testing data quality in or out of a "Cloud" - ALCOA & CCEA
- Discusses data quality challenges with cloud practices for duplication of data for ease of storage, global mobility of data across multiple data centers, and documented control of ongoing change control
- Looks at ways to leverage SOC I/II and ISO reports in support of validation work.
Objectives of the Presentation:
This webinar should equip attendees to address the following questions in their own professional environment:
- What is "formal" testing and how does testing differ across OQ/IQ/PQ work?
- What does an industry standard formal testing package have in it?
- What are the key auditable elements in a manual test script?
- Where is my SaaS App data today and does it matter?
- How do I protect my GXPdata without having direct physical/logical control of it?
- How can I leverage SOC I & II audit reports and ISO/IEC 27001:2005 certification reports to support my validation program?