180 likes | 308 Views
PRISME Forum CSV Questionnaire – Summer 2011. Survey Responses as of 3 rd September 2011 10 responses from 21 invitations. Q1. Are you satisfied with the effectiveness of CSV in your organization?. Q2. Are you satisfied with the efficiency of CSV in your organization?.
E N D
PRISME ForumCSV Questionnaire – Summer 2011 Survey Responses as of 3rd September 2011 10 responses from 21 invitations
Q1. Are you satisfied with the effectiveness of CSV in your organization? Q2. Are you satisfied with the efficiency of CSV in your organization?
Q3. Who leads the CSV effort in your organization? Q4. Does senior R&D management understand and accept the costs and effort associated with CSV?
Q5. Who is accountable in your organization to minimize the cost and impact of CSV? Q6. Who is responsible for declaring a system "fit to go live"? (Check all that apply) ?
Q7. Has a user (or any other key stakeholder) ever resisted (or delayed) a system upgrade because of the validation overhead (i.e., cost and/or time)? ? Q8. Would your QA function join forces with another company's QA - or accept the audit results of a consortium - in the auditing of commercially-available software from leading providers? ?
Q9. Would your company accept a qualified environment - or a validated third party application - being certified by a third party instead of performing the validation in house? (Note: this is comparable to a SAS-70 infrastructure audit)? Q10. If a consortium of cloud providers established a common framework for qualification/validation in their environments for all customers would your CSV policies allow adoption of those processes in lieu of existing internal processes (assuming normal due-diligence activities (e.g. on-site audits) are allowed)?
Q11. Does your organization have a clearly documented and implemented approach to risk-based validation including differentiating between GLP, GCP, and GMP? Q12. Does your organization differentiate the validation effort between bespoke (tailor-made) systems and COTS (Commercial-of-the-Shelf) systems as well as new implementations and upgrades?
Q13. How often has your CSV documentation been inspected by a regulatory agency? Q14. The avoidance of a regulatory citation (e.g. FDA 483 or an inspection observation) is far more important in our organization than the costs and resources required for CSV.
Q15. Do you perceive that a lack of technical IT knowledge on the part of system stakeholders is a limitation in the adoption of new technologies (e.g. cloud computing) in the regulated (i.e. needs to be validated) domain? Q16. Does your company allow validation documentation (including test scripts) to be in a format different from you standard company format?
Q17. Do your CSV policies allow installation of a validated VM image onto another (qualified) platform with minimal testing (e.g. in a disaster recovery scenario)? Q18. Does your company use automatic testing methods within computerized system validation?
Q19. Current CSV policies and procedures support the “virtualisation” of R&D and readily (i.e. quickly and easily) enable R&D collaborations (inter & intra company) to share information in a regulatory-compliant manner. Q20. Current CSV policies and procedures enable the deployment of cloud-based services for regulated (i.e. validated) applications.
Q21. Would your company use a qualified cloud environment if it were available? Q22. Is the difficulty of existing CSV processes and/or uncertainty of how to do CSV in the cloud slowing or preventing the adoption cloud-based solutions (e.g. for test/dev and validation activities or burst computing)?
Q23. Do you think this topic is worthy of a two-hour review session at the next PRISME Meeting?
Conclusions • 3rd- Party Audits • Establish a working party to define the RFP to find a mutually acceptable, suitably qualified, third-party software & systems auditing company • Working party to be comprised of pharma IT/QA, Business QA, Technology Vendor QA & regulator (for RFP drafting only)