Dr Robert Stephenson
Rob Stephenson Consultancy
Referent:innen
Yves Samson
Kereon
Frank Behnisch
Formerly CSL Behring
Uwe Mai
Bayer
Highlights
- Requirements for the qualification / validation of legacy systems
- Relevance of EU GMP Guide Annex 11 and GAMP®5 2nd Edition
- Change Control and Configuration Management
You can also book both courses separately:
>> Computerised System Validation: How to handle Legacy Systems
- Requirements for the qualification / validation of legacy systems
- Relevance of EU GMP Guide Annex 11 and GAMP®5 2nd Edition
- Change Control and Configuration Management
You can also book both courses separately:
>> Computerised System Validation: How to handle Legacy Systems
Zielgruppe
- IT,
- Quality Assurance,
- Production / Quality Control,
- Technology,
- System Suppliers and Service Providers,
who must deal with the validation and operation of computerized systems, the maintenance of the validated state, and the maintenance and operation of legacy systems in accordance with regulatory requirements.
Zielsetzung
Computerised System Validation: How to handle Legacy Systems? - 29 September 2026
- Can you still operate legacy systems, and if so, to what extent?
- What can the auditor expect, and what solutions would be considered acceptable?
- How can existing systems be specified retrospectively?
- How can compliance be achieved from a QA perspective?
- What can be done if important cybersecurity issues can no longer be technically controlled?
Computerised System Validation: Maintaining Compliance during Operation - 30 September - 02 October 2026
- Delegates will gain understanding of the controls needed to maintain validated systems in compliance throughout their operational lifecycle
- Taking a risk-based approach, you will learn how these controls can be scaled across a wide range of computerised systems, allowing you to focus your resources on the most critical systems and the most critical system components
- You will learn the importance of role clarity and making best use of Subject Matter Experts and the Quality Unit
- In workshops / case studies / exercises, you will get the chance to put the theory into practice and discuss suitable solution strategies with your colleagues
Programm
Computerised System Validation: How to handle Legacy Systems? - 29 September 2026
Query / Discussion - Problems / Expectations
- Which systems are affected?
- Why have these systems not been adequately qualified?
- Retrospective qualification
Legacy Systems regulatory Requirements and Inspections
- Old systems, legacy systems and existing non-compliant systems - characteristics and problems
- Regulatory considerations
- Annex 11 and Annex 15
- PIC/S PI 011
- GAMP GPG: The Validation of Legacy Systems
- Inspection considerations
Legacy Systems: Ensuring Compliance from a QA Perspective
- Legacy systems: IT security / virus protection / data protection
- On-site infrastructure
- System-side IT components
- Qualification / validation of legacy IT systems
How to write URS for existing Systems
- URS for existing systems: Waste of time or added value?
- Why creating URS is easier for existing systems
- Beyond the URS: the functional description
Case Studies: Contingency Planning / Support from the Manufacturer
- Initial situation for existing systems
- Manufacturer support: Hardware & software, security patches
- Mechanical spare parts
- How and what can be planned?
- What “unsolvable” dependencies exist?
What does risk-based Deployment mean for existing Systems?
- Suitability for use
- Learning from operational experience
- Importance of periodic evaluation and its results
- Quality efficiency
Old Systems, Legacy Systems and existing Systems = Data Integrity light?
- Brief overview of the ALCOA++ principles
- PIC/S PI 041-1: Data integrity
- General problems: inadequate knowledge of the pharmaceutical process and data flow, lack of data definitions, non-existent definition of the GxP relevance of the generated data
- Examples of problems with legacy systems and possible solutions
- Missing audit trail functionality vs. necessity of an operational audit trail
- Problems with user administration (no/too few users can be parameterized within the system)
- Data management: ring memory, system data on USB sticks/SD cards > how to deal with this?
Computerised System Validation: Maintaining Compliance during Operation - 30 September - 02 October 2026
Welcome / Opening session: What the delegates expect?
- Overview of the Operation Phase
- Capturing delegates expectations
- Sharing and reducing to key points in groups
- Sharing with all delegates and tutors
Periodic Evaluation: Establishing a scalable PE strategy
- Objectives and intention
- Scope of Periodic Evaluation
- Periodic Evaluation: Between efficiency and effectiveness
- What information should be considered?
Handover
- Objectives and purposes
- Roles & Responsibilities
- Handover process
- Acceptance criteria
- Records and reports
Data Integrity in Operation
- ALCOA++ principles
- Technical controls vs procedural controls
- Data governance principles and responsibilities
- Data governance vs IT governance
- Governance pitfalls
Risk Management in Operation
- Risk management according to Q9(R1)
- Risk management applied to change management
- Risk management applied to incident and deviation management
- Keeping risk information up-to-date
Data Management in Operation & Business Continuity
- Understanding the data management processes
- Backup & Restore
- Archiving & Retrieval
- Disaster Recovery & Business Continuity
- Monitoring data management activities
- Records and reports
Change & Configuration Management in Operation
- Objectives
- Configuration management
- Change management
- Types of change
- Organizing effective operational change and configuration management
Incident, Problem & Deviation Management in Operation
- Objectives
- Incident & problem vs deviation
- Incident & problem management process
- Effective Root cause analysis
- Records and reports
CAPA Management in Operation
- CAPA objectives
- Correction vs prevention
- Process collaboration
- Records and reports
Service & Contract Management
- Objective of service and contract management
- Establishing a Service Level Agreement (SLA) and contracts
- SLA key topics
- Monitoring SLAs and contracts
- Records and reports
System Management / System Administration
- Objectives
- Roles & Responsibilities
- Activities to cover
- Records and reports
User Management & Access Control
- Objectives
- User management process
- User management pitfalls
- Records and reports
Security & Performance Monitoring
- Objectives
- Security areas of concern
- Efficient and effective performance monitoring
- Records and reports
Repair & Maintenance
- Objectives
- Points to consider
- Reporting
- Records
Patch & Update Management
- Between security, performance, and compliance
- Risk-based approach to patch and update management
- Patch and update management pitfalls
- Records and reports
Maintaining Cloud / SaaS compliance
- Objectives
- Required controls
- What and how to monitor
- Securing data availability
- Record and Reports
Audit Trail / Audit Trail Review in Operation
- Objectives of audit trail review during operation
- Process relevant vs administrative audit trails
- What to review & how to review
- Records and reports
Performing Periodic Evaluation
- Implementing a scalable approach
- Leveraging existing records
- Learning from the experience
- Securing operational reliability and capability
Retirement Management
- Retirement process objective
- Retirement planning
- Performing retirement
- Consideration to data migration
- Retirement report
Inspection Readiness
Workshops / Case Studies / Exercises
- MCO Benchmarking Exercise
- What are the problems with Handover?
- Identifying Risks for Computer Systems in use
- Creating a SLA – What are the key elements?
Weitere Informationen
Technical Information
We use Webex for our live online training courses and webinars. At www.gmp-compliance.org/training/online-training-technical-information you will find all the information you Need to participate in our events and you can check if your System meets the necessary requirements to participate. If the Installation of browser extensions is not possible due to your rights in the IT system, please contact your IT department. Webex is a standard nowadays and the necessary installation is fast and easy.
Fees (per delegate, plus VAT)
Non-ECA Members EUR 3180.-
ECA Members EUR 2980.-
APIC Members EUR 3080.-
(does not include ECA Membership)
EU GMP Inspectorates EUR 1590.-
The conference fee is payable in advance after receipt of invoice.
You can also book both courses separately:
>> Computerised System Validation: How to handle Legacy Systems
>> Computerised System Validation: Maintaining Compliance during Operation
ECA Members EUR 2980.-
APIC Members EUR 3080.-
(does not include ECA Membership)
EU GMP Inspectorates EUR 1590.-
The conference fee is payable in advance after receipt of invoice.
You can also book both courses separately:
>> Computerised System Validation: How to handle Legacy Systems
>> Computerised System Validation: Maintaining Compliance during Operation
Presentations/Certificate
The presentations will be made available to you prior to the Live Online Training as PDF files. After the event, you will automatically receive your certificate of participation.
Conference language
The official conference language will be English.
The presentations will be made available to you prior to the Live Online Training as PDF files. After the event, you will automatically receive your certificate of participation.
Conference language
The official conference language will be English.
Contacts
Questions regarding content:
Dr Andreas Mangel (Operations Director), +49 (0)6221 84 44 41, mangel@concept-heidelberg.de
Questions regarding organisation:
Ms Marion Grimm (Organisation Manager), +49 (0)6221 84 44 18, marion.grimm@concept-heidelberg.de
Datum & Uhrzeiten
Computerised System Validation: How to handle Legacy Systems
Tue, 29 Sept 2026, 09.00 - 17.30 h
Tue, 29 Sept 2026, 09.00 - 17.30 h
Computerised System Validation: Maintaining Compliance during Operation
Wed, 30 Sept 2026, 09.00 – 17.30 h
Thu, 01 Oct 2026, 09.00 – 17.30 h
Fri, 02 Oct 2026, 09.00 – 13.00 h
All times mentioned are CEST.
All times mentioned are CEST.
Teilnahmegebühr
| ECA-Member*: | € 2980,- |
| Non ECA Member*: | € 3180,- |
| EU/GMP Inspectorates*: | € 1590,- |
| APIC Member Discount*: | € 3080,- |
Alle Preise zzgl. MwSt. Wichtige Hinweise zur Umsatzsteuer.
* auch unkompliziert per Kreditkarte bezahlbar
Aufzeichnung/weitere Termine nicht verfügbar
Aufzeichnung/weitere Termine nicht verfügbar
This course is part of the GMP Certification Programme "ECA Certified Computer Validation Manager"
Haben Sie noch Fragen?
Wir stehen Ihnen für weitere Auskünfte gerne zur Verfügung.
E-Mail: info@concept-heidelberg.de
Teilnehmerstimmen
Teilnehmerstimmen - das sagen andere über unsere Seminare:
