Dr Robert Stephenson
Rob Stephenson Consultancy
Referent:innen
Yves Samson
Kereon
Frank Behnisch
Formerly CSL Behring
Uwe Mai
Bayer
Zielsetzung
Computerised System Validation: How to handle Legacy Systems?
Systems must be qualified, and processes must be validated. These principles have applied in the pharmaceutical environment for many years. For many reasons, there are always cases in which this procedure cannot be implemented prospectively, or only with difficulty. These include equipment and systems that are purchased second-hand, equipment that has been used for non-GMP purposes, and equipment that has acquired from other companies.
Are such equipment/systems no longer fit for use in the GMP environment, or can they still be appropriately qualified and validated? This online Training course offers you solutions on how to deal with this situation and focuses on the following questions:
Are such equipment/systems no longer fit for use in the GMP environment, or can they still be appropriately qualified and validated? This online Training course offers you solutions on how to deal with this situation and focuses on the following questions:
- Can you still operate legacy systems, and if so, to what extent?
- What can the auditor expect, and what solutions would be considered acceptable?
- How can existing systems be specified retrospectively?
- How can compliance be achieved from a QA perspective?
- What can be done if important cybersecurity issues can no longer be technically controlled?
Computerised System Validation: Maintaining Compliance during Operation
The programme has been substantially revised for 2025, with increased focus on the periodic review and evaluation of computerised systems in operation. What evidential records need to be maintained, and how can these be efficiently leveraged to confidently demonstrate ongoing compliance to auditors and inspectors?
Four additional good reasons why you should attend:
Four additional good reasons why you should attend:
- Delegates will gain understanding of the controls needed to maintain validated systems in compliance throughout their operational lifecycle.
- Taking a risk-based approach, you will learn how these controls can be scaled across a wide range of computerised systems, allowing you to focus your resources on the most critical systems and the most critical system components
- You will learn the importance of role clarity and making best use of Subject Matter Experts and the Quality Unit.
- In workshops / case studies / exercises, you will get the chance to put the theory into practice and discuss suitable solution strategies with your colleagues
Hintergrund
Computerised System Validation: Maintaining Compliance during Operation
The greatest part of the system life cycle is represented by daily operation. It is now a clear regulatory requirement that GxP computerised systems must be kept in compliance throughout their operational lifetime. Audit experience shows that companies struggle with this task. Once the implementation project is complete and the computerised system is handed over for use how can the validated state be maintained? What exactly is required and how can these requirements be successfully established and maintained?
The online course reflects the requirements of the EU Annex 11 and the approaches contained in the GAMP Guides (GAMP®5 2nd Edition and ‘A Risk-Based Approach to Operation of GxP Computerized Systems – A Companion Volume to GAMP®5’).
The online course reflects the requirements of the EU Annex 11 and the approaches contained in the GAMP Guides (GAMP®5 2nd Edition and ‘A Risk-Based Approach to Operation of GxP Computerized Systems – A Companion Volume to GAMP®5’).
Zielgruppe
Computerised System Validation: How to handle Legacy Systems?
This online training course is aimed at subject matter experts from:
- IT
- Quality Assurance
- Production / Quality Control
- Technology
- System Suppliers and Service Providers
Computerised System Validation: Maintaining Compliance during Operation
This online training course is directed at anyone who must deal with the validation and operation of computerised systems and the maintenance of the validated state.
Technical Details
To participate in an on demand training course or webinar, you do not need any software. The recordings are made available via a streaming server. In general, the recording is provided in MP4 format, which any PC (Microsoft Windows, Apple IOS) or tablet can easily display.
Timing and Duration:
When you register for the on demand Training course or webinar you can decide at what date you want to follow the training course online. For a 1-day training course you will have 2 days in which the stream is available (for 2-day training course 3 days and for a 3-day training course 4 days). Within in this timeframe you can start & stop the stream according to your needs.
In time before the scheduled date (your desired date) you will receive an e-mail from us with a link for direct participation as well as your log-in data.
Please be aware: The recording does not include the Q & A sessions.
Training Course Documentation and Certificate:
The presentations will be made available as PDF files via download shortly before the online training course. After the event, you will automatically receive your certificate of participation.
Timing and Duration:
When you register for the on demand Training course or webinar you can decide at what date you want to follow the training course online. For a 1-day training course you will have 2 days in which the stream is available (for 2-day training course 3 days and for a 3-day training course 4 days). Within in this timeframe you can start & stop the stream according to your needs.
In time before the scheduled date (your desired date) you will receive an e-mail from us with a link for direct participation as well as your log-in data.
Please be aware: The recording does not include the Q & A sessions.
Training Course Documentation and Certificate:
The presentations will be made available as PDF files via download shortly before the online training course. After the event, you will automatically receive your certificate of participation.
Programm
Computerised System Validation: How to handle Legacy Systems?
Query / Discussion - Problems / Expectations
- Which systems are affected?
- Why have these systems not been adequately qualified?
- Retrospective qualification
Legacy Systems regulatory Requirements and Inspections
- Old systems, legacy systems and existing non-compliant systems - characteristics and problems
- Regulatory considerations
- Annex 11 and Annex 15
- PIC/S PI 011
- GAMP GPG: The Validation of Legacy Systems
- Inspection considerations
Legacy Systems: Ensuring Compliance from a QA Perspective
- Legacy systems: IT security / virus protection / data protection
- On-site infrastructure
- System-side IT components
- Qualification / validation of legacy IT systems
How to write URS for existing Systems
- How to write URS for existing Systems
- URS for existing systems: Waste of time or added value?
- Why creating URS is easier for existing systems
- Beyond the URS: the functional description
Case Studies: Contingency Planning / Support from the Manufacturer
- Initial situation for existing systems
- Manufacturer support: Hardware & software, Security Patches
- Mechanical spare parts
- How and what can be planned?
- What “unsolvable” dependencies exist?
What does risk-based Deployment mean for existing Systems?
- Suitability for use
- Learning from operational experience
- Importance of periodic evaluation and its results
- Quality efficiency
Old Systems, Legacy Systems and existing Systems - Data Integrity light?
- Brief overview of the ALCOA++ principles
- PIC/S PI 041-1: Data integrity
- General problems: inadequate knowledge of the pharmaceutical process and data flow, lack of data definitions, non-existent definition of the GxP relevance of the generated data
- Examples of problems with legacy systems and possible solutions
- Missing audit trail functionality vs. necessity of an operational audit trail
- Problems with user administration (no/too few users can be parameterized within the system)
- Data management: ring memory, system data on USB sticks/SD cards > how to deal with this?
Recording from 25 February 2025
Duration of Recording: 5h
Duration of Recording: 5h
Computerised System Validation: Maintaining Compliance during Operation
Welcome / Opening session: What the delegates expect?
- Overview of the Operation Phase
- Capturing delegates expectations
- Sharing and reducing to key points in groups
- Sharing with all delegates and tutors
Periodic Evaluation: Establishing a scalable PE strategy
- Objectives and intention
- Scope of Periodic Evaluation
- Periodic Evaluation: Between efficiency and effectiveness
- What information should be considered?
Handover
- Objectives and purposes
- Roles & Responsibilities
- Handover process
- Acceptance criteria
- Records and reports
Data Integrity in Operation
- ALCOA++ principles
- Technical controls vs procedural controls
- Data governance principles and responsibilities
- Data governance vs IT governance
- Governance pitfalls
Risk Management in Operation
- Risk management according to Q9(R1)
- Risk management applied to change management
- Risk management applied to incident and deviation management
- Keeping risk information up-to-date
Data Management in Operation & Business Continuity
- Understanding the data management processes
- Backup & Restore
- Archiving & Retrieval
- Disaster Recovery & Business Continuity
- Monitoring data management activities
- Records and reports
Change & Configuration Management in Operation
- Objectives
- Configuration management
- Change management
- Types of change
- Organizing effective operational change and configuration management
Incident, Problem & Deviation Management in Operation
- Objectives
- Incident & problem vs deviation
- Incident & problem management process
- Effective Root cause analysis
- Records and reports
CAPA Management in Operation
- CAPA objectives
- Correction vs prevention
- Process collaboration
- Records and reports
Service & Contract Management
- Objective of service and contract management
- Establishing a Service Level Agreement (SLA) and contracts
- SLA key topics
- Monitoring SLAs and contracts
- Records and reports
System Management / System Administration
- Objectives
- Roles & Responsibilities
- Activities to cover
- Records and reports
User Management & Access Control
- Objectives
- User management process
- User management pitfalls
- Records and reports
Security & Performance Monitoring
- Objectives
- Security areas of concern
- Efficient and effective performance monitoring
- Records and reports
Repair & Maintenance
- Objectives
- Points to consider
- Reporting
- Records
Patch & Update Management
- Between security, performance, and compliance
- Risk-based approach to patch and update management
- Patch and update management pitfalls
- Records and reports
Maintaining Cloud / SaaS compliance
- Objectives
- Required controls
- What and how to monitor
- Securing data availability
- Record and Reports
Audit Trail / Audit Trail Review in Operation
- Objectives of audit trail review during operation
- Process relevant vs administrative audit trails
- What to review & how to review
- Records and reports
Performing Periodic Evaluation
- Implementing a scalable approach
- Leveraging existing records
- Learning from the experience
- Securing operational reliability and capability
Retirement Management
- Retirement process objective
- Retirement planning
- Performing retirement
- Consideration to data migration
- Retirement report
Inspection Readiness
- MCO Benchmarking Exercise
- What are the problems with Handover?
- Identifying Risks for Computer Systems in use
- Creating a SLA – What are the key elements?
Recording from 26-28 February 2025
Duration of Recording: 15h 30min
Duration of Recording: 15h 30min
| ECA-Member*: | € 2890,- |
| Regular Fee*: | € 3090,- |
| EU/GMP Inspectorates*: | € 1545,- |
| APIC Member Discount*: | € 2990,- |
Alle Preise zzgl. MwSt. Wichtige Hinweise zur Umsatzsteuer.
* auch unkompliziert per Kreditkarte bezahlbar
Weitere Termine vor Ort
Weitere Termine vor Ort nicht verfügbar
Weitere Termine online
Weitere Termine online nicht verfügbar
This course is part of the GMP Certification Programme "ECA Certified Computer Validation Manager"
Haben Sie noch Fragen?
Wir stehen Ihnen für weitere Auskünfte gerne zur Verfügung.
E-Mail: info@concept-heidelberg.de
TeilnehmerstimmenTeilnehmerstimmen - das sagen andere über unsere Seminare:
