Compliance for SaaS 2025 - 21 CFR Part 11 Compliance for SaaS/Cloud Application
Date2025-01-30 - 2025-01-31
Deadline2025-01-31
VenueOnline, USA - United States
KeywordsAuditors; Software vendors; SaaS hosting; QA/QC
Topics/Call fo Papers
21 CFR Part 11 Compliance for SaaS/Cloud Application Course Description
This highly interactive two-day course uses real life examples and explores proven techniques for reducing costs, usually by two-thirds, associated with implementing, and maintaining computer systems in regulated environments.
It details the requirements for Part 11 and Annex 11: SOPs, software product features, infrastructure qualification, and validation.
The instructor addresses the latest computer system industry standards for data security, data transfer, audit trails, electronic records and signatures, software validation, and computer system validation.
Understand the specific requirements associated with local and SaaS/cloud hosting solutions.
Nearly every computerized system used in laboratory, clinical, manufacturing settings and in the quality process has to be validated. Participants learn how to decrease software implementation times and lower costs using a 10-step risk-based approach to computer system validation.
The instructor reviews recent FDA inspection trends and discusses how to streamline document authoring, revision, review, and approval.
Participants will learn how to write a Data Privacy Statement to comply with the EU General Data Protection Regulation (GDPR).
This course benefits anyone that uses computer systems to perform their job functions and is ideal for professionals working in the health care, clinical trial, biopharmaceutical, and medical device sectors. It is essential for software vendors, auditors, and quality staff involved in GxP applications.
(RAPS - This course has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion)
Learning Objective
Reduce costs, usually by two-thirds, for compliance with electronic records
Learn how to use electronic records and electronic signatures to maximize productivity
Understand what is expected in Part 11 and Annex 11 inspections so you are prepared
Avoid 483 and Warning Letters
Understand the responsibilities and specific duties of your staff including IT and QA
Understand your responsibilities and liabilities when using SaaS/cloud
Learn how to perform risk-based Computer System Validation using fill-in-the-blank templates
How to select resources and manage validation projects
"Right size" change control methods that allows quick and safe system evolution
Minimize validation documentation to reduce costs without increasing regulatory or business risk
Learn how to reduce testing time and write test cases that trace to elements of risk management
Learn how to comply with the requirements for data privacy
Learn how to buy COTS software and qualify vendors
Protect intellectual property and keep electronic records safe
Agenda
DAY 01(06:00 AM - 12:00 PM PDT)
Introduction to the FDA (01 :30 hr)
How the regulations help your company to be successful
Which data and systems are subject to Part 11.
21 CFR Part 11/Annex 11 - Compliance for Electronic Records and Signatures (3:30 hr)
What Part 11 means to you, not just what it says in the regulations
Avoid 483 and Warning Letters
Explore the four primary areas of Part 11 compliance: SOPs, software product features, infrastructure qualification, and validation documentation
How SaaS/cloud computing changes qualification and validation
Ensure data integrity, security, and protect intellectual property
Understand the current computer system industry standards for security, data transfer, and audit trails
Electronic signatures, digital pens, and biometric signatures
SOPs required for the IT infrastructure
Product features to look for when purchasing COTS software
Reduce validation resources by using easy to understand fill-in-the-blank validation documents.
The Five Keys to COTS Computer System Validation (30 Min)
The Who, What, Where, When, and Why of CSV
The Validation Team (30 Min)
How to select team members
How to facilitate a validation project
Ten-Step Process for COTS Risk-Based Computer System Validation (30 Min)
continued on day 2
DAY 02(6:00 AM - 12:00 PM PDT)
Software demonstrations and discussions (30 Min)
Ten-Step Process for COTS Risk-Based Computer System Validation (30 Min)
Learn which documents the FDA expects to audit.
How to use the risk-based validation approach to lower costs.
How to link requirements, specifications, risk management, and testing.
Document a computer system validation project using easy to understand fill-in-the-blank templates.
Based on: "Risk-Based Software Validation - Ten Easy Steps" (Davis Horwood International and PDA - www.pda.org, 2006).
How to Write Requirements and Specifications (30 Min)
Workshop for writing requirements and then expanding them for specifications
How to Conduct a Hazard Analysis/Risk Assessment-Exercise (30 Min)
Step-by-step instructions for performing and documenting a risk assessment, and how to use the results to reduce validation documentation.
Software Testing (30 min)
Reduce testing by writing test cases that trace to elements of risk management.
How to write efficient test cases
How to write a Data Privacy Statement (30 Min)
How to meet the requirements of the EU GDPR
Purchasing COTS Software (30 Min)
How to purchase COTS software and evaluate software vendors
Cost Reduction Without Increasing Regulatory or Business Risk (45 min)
How to save money
How to increase quality
How to increase compliance with less documentation
Who will Benefit?
GMP, GCP, GLP, regulatory professionals
QA/QC
IT
Auditors
Managers and directors
Software vendors, SaaS hosting providers
David Nettleton (30 + yrs. exp.)
Top FDA Compliance Specialist, Computer System Validation
Computer System Validation’s principal, David Nettleton is an industry leader, author, and teacher for 21 CFR Part 11, Annex 11, HIPAA, EU General Data Protection Regulation (GDPR), software validation, and computer system validation. He is involved with the development, purchase, installation, operation and maintenance of computerized systems used in FDA compliant applications. He has completed more than 300 mission critical laboratory, clinical, and manufacturing software implementation projects. His most recent book is Software as a Service (SaaS) Risk-Based Validation With Time-Saving Templates, which provides fill-in-the-blank templates for completing a COTS software validation project.
This highly interactive two-day course uses real life examples and explores proven techniques for reducing costs, usually by two-thirds, associated with implementing, and maintaining computer systems in regulated environments.
It details the requirements for Part 11 and Annex 11: SOPs, software product features, infrastructure qualification, and validation.
The instructor addresses the latest computer system industry standards for data security, data transfer, audit trails, electronic records and signatures, software validation, and computer system validation.
Understand the specific requirements associated with local and SaaS/cloud hosting solutions.
Nearly every computerized system used in laboratory, clinical, manufacturing settings and in the quality process has to be validated. Participants learn how to decrease software implementation times and lower costs using a 10-step risk-based approach to computer system validation.
The instructor reviews recent FDA inspection trends and discusses how to streamline document authoring, revision, review, and approval.
Participants will learn how to write a Data Privacy Statement to comply with the EU General Data Protection Regulation (GDPR).
This course benefits anyone that uses computer systems to perform their job functions and is ideal for professionals working in the health care, clinical trial, biopharmaceutical, and medical device sectors. It is essential for software vendors, auditors, and quality staff involved in GxP applications.
(RAPS - This course has been pre-approved by RAPS as eligible for up to 12 credits towards a participant's RAC recertification upon full completion)
Learning Objective
Reduce costs, usually by two-thirds, for compliance with electronic records
Learn how to use electronic records and electronic signatures to maximize productivity
Understand what is expected in Part 11 and Annex 11 inspections so you are prepared
Avoid 483 and Warning Letters
Understand the responsibilities and specific duties of your staff including IT and QA
Understand your responsibilities and liabilities when using SaaS/cloud
Learn how to perform risk-based Computer System Validation using fill-in-the-blank templates
How to select resources and manage validation projects
"Right size" change control methods that allows quick and safe system evolution
Minimize validation documentation to reduce costs without increasing regulatory or business risk
Learn how to reduce testing time and write test cases that trace to elements of risk management
Learn how to comply with the requirements for data privacy
Learn how to buy COTS software and qualify vendors
Protect intellectual property and keep electronic records safe
Agenda
DAY 01(06:00 AM - 12:00 PM PDT)
Introduction to the FDA (01 :30 hr)
How the regulations help your company to be successful
Which data and systems are subject to Part 11.
21 CFR Part 11/Annex 11 - Compliance for Electronic Records and Signatures (3:30 hr)
What Part 11 means to you, not just what it says in the regulations
Avoid 483 and Warning Letters
Explore the four primary areas of Part 11 compliance: SOPs, software product features, infrastructure qualification, and validation documentation
How SaaS/cloud computing changes qualification and validation
Ensure data integrity, security, and protect intellectual property
Understand the current computer system industry standards for security, data transfer, and audit trails
Electronic signatures, digital pens, and biometric signatures
SOPs required for the IT infrastructure
Product features to look for when purchasing COTS software
Reduce validation resources by using easy to understand fill-in-the-blank validation documents.
The Five Keys to COTS Computer System Validation (30 Min)
The Who, What, Where, When, and Why of CSV
The Validation Team (30 Min)
How to select team members
How to facilitate a validation project
Ten-Step Process for COTS Risk-Based Computer System Validation (30 Min)
continued on day 2
DAY 02(6:00 AM - 12:00 PM PDT)
Software demonstrations and discussions (30 Min)
Ten-Step Process for COTS Risk-Based Computer System Validation (30 Min)
Learn which documents the FDA expects to audit.
How to use the risk-based validation approach to lower costs.
How to link requirements, specifications, risk management, and testing.
Document a computer system validation project using easy to understand fill-in-the-blank templates.
Based on: "Risk-Based Software Validation - Ten Easy Steps" (Davis Horwood International and PDA - www.pda.org, 2006).
How to Write Requirements and Specifications (30 Min)
Workshop for writing requirements and then expanding them for specifications
How to Conduct a Hazard Analysis/Risk Assessment-Exercise (30 Min)
Step-by-step instructions for performing and documenting a risk assessment, and how to use the results to reduce validation documentation.
Software Testing (30 min)
Reduce testing by writing test cases that trace to elements of risk management.
How to write efficient test cases
How to write a Data Privacy Statement (30 Min)
How to meet the requirements of the EU GDPR
Purchasing COTS Software (30 Min)
How to purchase COTS software and evaluate software vendors
Cost Reduction Without Increasing Regulatory or Business Risk (45 min)
How to save money
How to increase quality
How to increase compliance with less documentation
Who will Benefit?
GMP, GCP, GLP, regulatory professionals
QA/QC
IT
Auditors
Managers and directors
Software vendors, SaaS hosting providers
David Nettleton (30 + yrs. exp.)
Top FDA Compliance Specialist, Computer System Validation
Computer System Validation’s principal, David Nettleton is an industry leader, author, and teacher for 21 CFR Part 11, Annex 11, HIPAA, EU General Data Protection Regulation (GDPR), software validation, and computer system validation. He is involved with the development, purchase, installation, operation and maintenance of computerized systems used in FDA compliant applications. He has completed more than 300 mission critical laboratory, clinical, and manufacturing software implementation projects. His most recent book is Software as a Service (SaaS) Risk-Based Validation With Time-Saving Templates, which provides fill-in-the-blank templates for completing a COTS software validation project.
Other CFPs
- Auditing and Qualifying Suppliers and Vendors Course
- Computer System Validation Training Online
- Supplier Management for Device makers and Drugmakers: Qualification, Contracts and Audits Course
- 12th International Conference on Artificial Intelligence and Applications (AIAPP 2025)
- 12th International Conference on Computer Science and Information Technology (CoSIT 2025)
Last modified: 2024-12-13 22:51:30