By: Babita Singh, Head - Delivery, Consumer Industries(Americas)

Peace of mind means different things to different people. For highly regulated life science and pharmaceutical companies like yours, this implies, among other things, being in complete control over core business processes and related IT systems. After all, you have got to demonstrate your compliance maturity by providing watchdogs, such as the Food and Drug Administration (FDA) with documented objective evidence.

Ratifying through examination that the software specifications for your IT infrastructure reflect user requirements and intended uses, is no longer an option, but a business imperative. This exercise, known as Computer System Validation (CSV), has assumed increased importance recently, as the industry strives to deliver enhanced value to relevant stakeholders through robust compliance, reduced costs, and increased workforce efficiency.

Validation activities today span a wide range of processes, including ones concerning Manufacturing and Quality Assurance (QA) of intended pharmac​​eutical products, as well as associated workflows like environmental control, equipment sanitization, purified water production, and media fill.

The regulations​​
​FDA 21 CFR 11.10(a) and Annex 11 of the EU GMP Guide mandate that all your computerized systems and applications adhere to good manufacturing, laboratory, documentation, and clinical practices (GxP). Essentially, you need effective controls in place to ensure your IT systems are accurate, safe and reliable, consistently performing in line with their predefined specifications and quality attributes. A key requirement is developing an ongoing program to gather and analyze product and process data pertaining to drug quality. Also, for conforming to EU norms, you need to audit and validate the IT systems of your suppliers and service providers. ​​

Why CSV matters​
​Failure in an FDA audit can lead to inspectional observation and warning letters, which in turn, mean longer regulatory approval timelines and increased product development costs. Further, failure to take corrective action within a specified time frame can imply stiff financial penalties and shutdown of manufacturing facilities. The worst case scenario, of course, is the possible loss of life due to faults in a software application that might ultimately affect the drug production environment.​

Consider this example. A technical paper published in September 2014, in the American Association of Pharmaceutical Scientists (AAPS) journal, flagged potential bioequivalence data discrepancies arising from gaps in the Kinetica pharmacokinetic/pharmacodynamic (PK/PD) analysis software. The paper pointed out that this risk could have translated into inaccurate approval of drugs, thereby emphasizing the importance of effective software validation. The concerns prompted Thermo Scientific, the company that produces the Kinetica platform, to undertake a comprehensive review of its PK/PD software.

The firm could have avoided this scenario in the first place by adopting a robust and streamlined CSV mechanism. By facilitating increased visibility into the risks associated with your various business processes, CSV helps you fix bugs before go-live, thus saving costs and effort, apart from enhancing drug quality. ​​

The key contours​
CSV is a complex exercise that needs to cover the entire lifecycle of an IT system. The IT assets that need to be validated range from control systems, automated manufacturing and laboratory equipment setups, and lab data capture systems, to manufacturing and clinical database systems, as well as interfaces with other GxP systems.

CSV entails both dynamic software testing and static validation activities, including a variety of analyses, audits, walkthroughs, reviews and traceability exercises.

You can look at implementing the following roadmap for institutionalizing an effective CSV program:​​

• Define a formal project planning process
• ​Adopt a software development lifecycle (SDLC) process such as the waterfall model, V-model or Onion model, based on your organizational needs
• ​Establish the testable requirements, and begin the validation exercise
• ​​​​Initiate risk evaluation; assess system quality, accuracy, reliability and performance
• ​Correctly document the processes, and the evidence showing that requisite controls and procedures have been followed​

Realizing more value through automation

​For you to ensure on-demand, pan-e​nterprise availability of regulatory audit documentation, and reduce reliance on human resources for regulatory compliance, an overhaul of the prevalent cumbersome validation processes is crucial. ​

You must replace disparate or hybrid approaches across departments and locations, as well as paper-based, manual processes, with standardized, lean​ and automated workflows. Minimizing manual intervention in CSV is now possible, thanks to the recent advancements in e-signature, audit trails and e-record protection for some testing tools.

By rolling out an automated, web-based CSV solution, you can:

• Remove all the complexities across the pre and post approval stages, and reduce errors, costs and effort
• Simplify validation of larger applications such as enterprise resource planning (ERP), document management systems and lab information management systems
• ​Streamline and standardize activities, embed best practices, and drive dynamic data creation
• Perform sophisticated tests to unearth relevant information from software applications​
• Embrace an effective, risk-based approach to CSV that reduces cost and effort
• Ensure first time right, shorten the validation cycle time by ​80% to 90%, and reduce the cost of compliance​
• ​​​​Provision easy access to real-time validation information from anywhere, anytime, for your enterprise users
• Be always audit ready, fostering a culture of compliance across the organization​​​

To generate better return on investment on your CSV initiatives, implement a scalable solution that helps you diligently track Key Performance Indicators (KPI) concerning CSV, and identify bottlenecks quickly. Bear in mind, though, that such automation tools must comply with regulatory requirements such as controlled workflow and content management, effective audit trail, and e-signatures.

Staying compliance ready
​The rising number of clinical trials, combined with the unprecedented increase in data generation across the drug development value chain, has put the spotlight on CSV like never before. In order to ensure compliance with rapidly evolving regulations, you must chalk out a coherent strategy to identify, select, prioritize, plan, and implement robust automated tools for computer system validation. Simultaneously, orchestrate relevant policies, standards and processes for promoting effective collaboration between various departments across your enterprise, so far as attaining CSV maturity is concerned. The real value from CSV will kick in only when your entire organization–covering all business units, as well as IT, QA and compliance departments–act in unison.​​​