home   genetic news   bioinformatics   biotechnology   literature   journals   ethics   positions   events   sitemap
 
  HUM-MOLGEN -> Events -> Meetings and Conferences  
 

A Risk Based Approach To IT Infrastructure Seminar 2018

 
  April 06, 2018  
     
 
Netzealous LLC DBA - Globalcompliancepanel, Embassy Suites Minneapolis - Airport
2018-05-24


Overview:

GxP Regulated companies are dependent on validated GxP computerized applications to conduct their day to day operations. These applications are, in turn, depended upon a qualified infrastructure that can be relied upon to provide control and regulatory compliance.

The consequences of the IT Infrastructure being out of compliance can result in the failure of an entire site or geographic region being brought to a standstill while the compliance issue is resolved. It can also result in regulatory citations during a regulatory inspection as both the infrastructure be out of compliance and also cause the computerized applications that are dependent on it to be out of compliance.

The impact of such compliance issues on a regulated company can be significant: it can result in recalls of products, warning or untitled letters, import alerts, injunctions, seizures, legal action, etc. These regulatory actions can have significant financial impact to the company. However, and most importantly, data integrity issues can lead to potential patient harm!!

Effective IT Infrastructure Qualification on the other hand, confers the following benefits.

  • Ensures GxP compliance
  • Reduces duplication of effort
  • Ensures adherence to standards
  • Enhances the flow of information throughout an information system
  • Promotes adaptability and agility necessary for a changeable environment
  • Ensures interoperability among organizational and external entities
  • Maintains effective change management policies and practices

Although all business activities depend upon the infrastructure, planning and projects to ensure its effective management are typically undervalued to the detriment of the organization. According to IDC, a prominent research firm (cited in an article in DM Review), investments in infrastructure management have the largest single impact on an organization's revenue.

Establishment and maintenance of a controlled infrastructure requires that infrastructure needs to be brought into initial compliance with the company’s established standards, through a planned qualification process, based upon domestic and international best practices and standards. The qualification needs to be documented and confirmed by Quality Assurance. Once the IT Infrastructure is qualified, the compliant state needs to be maintained by documented standard processes and quality assurance activities. The effectiveness of maintaining the qualified state needs to be monitored and periodically verified.

The Seminar:

This Seminar provide a risk based approach to meeting current regulatory expectations for compliant IT Infrastructure platforms, including the need to identify, qualify and control those aspects impacted by GxP quality and data integrity. It provides current best practices for the design, qualification and operation of an IT Infrastructure with emphasis on the qualification requirements of the major components. It addresses compliance with international GxP regulations and can be used both for the establishment of new platforms and extensions or existing platforms whether or not they are currently in support of GxP applications. Finally, this seminar covers a range of IT Infrastructures, from those found in companies operating in a global setting to isolated or semi-isolated GxP Infrastructures.

This Seminar focuses on the horizontal approach to IT Infrastructure Qualification which includes the following benefits:

  • Higher level of standardization throughout the entire lifecycle
  • Minimal overlap in documentation
  • Minimal overlap in qualification
  • Minimal overlap in audits inspections and assessments

The areas addressed by the seminar include:

  • How does IT Infrastructure Qualification fit into GaMP5 lifecycle
  • Quality Management for Infrastructure
  • Risk management for Infrastructure Qualification
  • Installation & Operational Qualification of Infrastructure Components
  • Configuration management and change control of infrastructure components and settings in a highly dynamic environment
  • Involvement of service provider in critical infrastructure processes
  • Security management in relation to access controls, availability of services and data integrity
  • Backup, restore and disaster recovery of IT Infrastructure

Platform Components

Generic Qualification Strategy

Hardware and Peripherals

Includes all computer equipment, including power supplies, boards, network interface cards, disk storage arrays, printers and other peripherals, etc., needed to execute programs in direct support of applications, and for providing basic IT Infrastructure services.

Hardware and peripherals used in the IT Infrastructure are typically GAMP HW category 1.

Firmware

Firmware is often considered an indivisible part of the hardware component. However, in those instances where firmware is updated independently, it should be managed as software in its own right, and typically, would be GAMP SW category 2.

Operating Systems

Includes operating systems and communication protocol implementations. Device drivers are usually designed and maintained by hardware suppliers to allow operating variants to effectively interact with their hardware products.

Most operating systems and drivers are GAMP SW category 1.

Note 1: Configuration of operating systems should be documented.

Note 2: Specific operating system features which are important to a GxP application may be validated as part of the application, e.g., the use of operating system user access and privilege functionality where the application software has no such built-in functionality.

Data Management Software

Includes file storage software, database management systems, web-services, interface, and communications software, etc. Elements of Data Management Software often support more than one application.

Most Data Management Software is GAMP SW category 1, because they are part of the operating system environment, and typically, are standardized. Some may be other GAMP SW categories depending on complexity and configurability.

Servers

Server building blocks or individually configured servers are usually built of standardized components and configured in accordance with specifications. The actual set-up should dictate the chosen qualification strategy.

Therefore, most server building blocks are a combination of GAMP HW category 1, and SW categories 1 or 2.

Clients

Client building blocks or individually configured clients, range from 'thin' to 'thick' clients which may process and store data locally. The actual set-up should dictate the chosen qualification life cycle model.

Therefore, most client building blocks are a combination of GAMP HW category 1, and SW categories 1 or 2.

Applications

Applications implement processes and may consist of everything from an 'off-the-shelf', standardized software package configured with the user defined parameters to a set of programs and parameters designed to meet unique user requirements.

Applications are GAMP SW categories 3, 4, or 5. The validation of applications is outside the scope of this Guide.

Who will benefit:

  • VP of IT
  • Director of IT
  • Quality Managers
  • Project Managers (for CSV / IT)
  • Validation Specialists
  • Database Administrators
  • System Administrators
  • Directors / Senior Directors of Discovery
  • Directors / Senior Directors of Development
  • Directors / Senior Directors of Commercialization
  • Document Managers
  • Training Managers
  • Regulators
  • Vendors
  • Suppliers
  • Outsource Service Providers

Industries:

  • Pharmaceuticals
  • Biotech
  • Medical Device
  • Radiological Health
  • Blood Products
  • Companion Animals
  • Food
  • Cosmetics
  • Tobacco
  • Academia

Agenda:

Day 1 Schedule

Lecture 1:

Introduction and Background

  • Introductions / Participants’ Understanding / Participants’ Objectives for the Course (Please come prepared to discuss)
  • Infrastructure Qualification and the GaMP5 Lifecycle
  • Key Concepts
    • Platforms to run the business applications (e.g. CDMS, IVRS, LIMS, ERP)
    • IT Infrastructure processes that facilitate a capable & controlled IT environment
    • General IT services (e.g. email system, office tools, intranet facilities, file storage)

Lecture 2:

Infrastructure Options - Non-Cloud

  • Infrastructure Services
  • Platforms
  • Processes
  • Personnel

Lecture 3:

Infrastructure Options - Cloud

  • Current Concepts & Challenges in Cloud Computing
  • Cloud Computing in a GxP Environment: The Promise, the Reality and the Path to Clarity
  • IaaS Cloud in Regulated LifeSciences companies
  • A Risk Based Perspective on Leveraging PaaS within a Regulated LifeSciences Company
  • Using SaaS in a Regulated Environment – A LifeCycle Approach to Risk Management
  • SaaS in a Regulated Environment – The Impact of Multi-Tenancy and Subcontracting
  • Determine Regulated Cloud Strategy at Your Company by Answering 5 Key Questions

Lecture 4:

Risk Management

  • Assessment of Risk Components
  • Implementation of Mitigation and Controls
  • Change Control to Qualified Components
  • Periodic Review

Day 2 Schedule

Lecture 5:

Qualification of Platforms

  • Overview of Process
  • IT Infrastructure LifeCycle
    • Planning phase
    • Specification & Design phase
    • Risk Assessment & Qualification test planning phase
    • Procurement, installation and IQ phase
    • QA & acceptance phase
    • Operation & maintenance phase
    • Retirement (decommissioning / withdrawal phase)
  • Exercise
  • Procurement
    • Supplier Evaluation
    • Installation & IQ
      • Verification of Documentation
      • Environmental Conditions
      • Servers
      • Clients
      • Networks
  • OQ & Acceptance
  • Reporting
  • Handover
  • Exercise

Lecture 6:

Principles & Best Practices for Qualifying Cloud Infrastructure

  • Understanding Cloud Infrastructure Qualification Principles
  • What do Regulators Want
  • How Do You Qualify the Cloud?
  • Best Practices for Successful Validation
  • Bonus:
    • Cybersecurity Assessment
    • Sample Cloud SOPs for Governance

Lecture 7:

Operations

  • Security Management
  • Upgrade & Patch Management
  • Server Management
  • Performance Monitoring
  • Client Management
  • Network Management
  • Problem Management
  • Help Desk
  • Outsourcing & Supplier Management

Lecture 8:

Maintaining the Qualified State

  • Change Management
  • Configuration Management
  • Backup, Restore & Archiving
  • Disaster Recovery of IT Infrastructure

Quiz: Jeopardy!!!!

  • IT Infrastructure Qualification & Compliance 

Location:  Minnesota, MN Date: May 24th & 25th, 2018 and Time: 9:00 AM to 6:00 PM

Venue:  Embassy Suites Minneapolis - Airport 7901 34th Avenue South, Bloomington, MN 55425, USA

Price:

Price: $1,295.00 (Seminar Fee for One Delegate)

Register for 5 attendees Price: $3,885.00 $6,475.00 You Save: $2,590.00 (40%)*

Register for 10 attendees Price: $7,122.00 $12,950.00 You Save: $5,828.00 (45%)*

Register now and save $200. (Early Bird)

Until April 10, Early Bird Price: $1,295.00 From April 11 to May 22, Regular Price: $1,495.00

Sponsorship Program benefits for “A Risk Based Approach to IT Infrastructure Seminar 2018” seminar

For More Information- https://www.globalcompliancepanel.com/control/sponsorship 

Contact us today!

NetZealous LLC DBA GlobalCompliancePanel

john.robinson@globalcompliancepanel.com  

support@globalcompliancepanel.com 

Toll free: +1-800-447-9407

Phone: +1-510-584-9661

Website: http://www.globalcompliancepanel.com

Registration Link - https://www.globalcompliancepanel.com/control/globalseminars/~product_id=901387SEMINAR?SEO

Follow us on LinkedIn: https://www.linkedin.com/company/globalcompliancepanel/

Like us our Facebook page: https://www.facebook.com/TrainingsAtGlobalCompliancePanel/

Follow us on Twitter: https://twitter.com/GCPanel