Using Risk Assessment to Drive Software Validation Decisions Don Hopkins, Ph.D. Ursa Logic Corporation.

Slides:



Advertisements
Similar presentations
Comparator Selection in Observational Comparative Effectiveness Research Prepared for: Agency for Healthcare Research and Quality (AHRQ)
Advertisements

Course: e-Governance Project Lifecycle Day 1
The Children Act 1989/2004.  To discuss the background to the Children Act  To identify the key principles of the Children Act 1989  To discuss.
Introduction to Enterprise Risk Management (ERM)
Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?
Children’s Social Care Workload Management System (WMS) A Two-fold approach DSLT 16 th November 2010 Updated with new SWRB standards.
Risk-Focused Examinations David Vacca, Assistant Director – Insurance Analysis & Information Services, NAIC Welcome to the © 2009 The National Association.
Auditing A Risk-Based Approach To Conducting A Quality Audit
Health and Safety Risk Assessment (RA) End presentation Risk Assessment (RA)
21 CFR PART 11 REGULATIONS RECOMMENDATIONS FOR CHANGES FDA PUBLIC MEETING ON PART 11 REGULATIONS – JUNE 11, 2004 NATIONAL ELECTRICAL MANUFACTURERS ASSOCIATION.
Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.
1 MEASURING THE EFFECTIVENESS OF THE NATION’S FOODSERVICE AND RETAIL FOOD PROTECTION SYSTEM.
21 CFR Part 11 A Food Industry Perspective FDA Public Meeting June 11, 2004 Sia Economides Center Director Center for Development of Research Policy and.
DRAFT Richard Chandler-Mant – R Consultant The Challenges of Validating R Managing R in a Commercial Environment.
Project Management Methodology More about Quality Control.
Data Analysis in the Water Industry: A Good-Practice Guide with application to SW Deborah Gee, Efthalia Anagnostou Water Statistics User Group - Scottish.
Policy WG NIH policy proposal. Goal: Incorporating global access licensing as one of the additional review criteria Question 1: Should we propose this.
Regulatory Update Ellen Leinfuss SVP, Life Sciences.
MethodGXP The Solution for the Confusion.
The role of internal audit in enterprise-wide risk management (ERM)
Comments Presentation for Part11 FDA Public Meeting Docket # 2004N-0133 Venue and Date: 429 L'Enfant Plaza, SW Washington, DC June 11, 2004.
Process for Analysis  Choose a standard / type  Qualitative / Quantitative Or  Formal / Informal  Select access controls  Match outcome to project.
FDA Docket No. 2004N-0133 Themes for Renewal of 21 CFR Part 11 Rule & Guidance by Dr. Teri Stokes, GXP International
STANDARDS OVERVIEW Wednesday, April 30, 2015 KAREN RECZEK, STANDARDS COORDINATION OFFICE, NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY
PwC 21 CFR Part 11 – A Risk Management Perspective Patrick D. Roche 07 March 2003, Washington D.C.
LOGICAL FRAMEWORK by Lorelyn T. Dumaug.
Case study Risk-based supervision Background (an Australian view)
Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.
FDA Public Meeting on Electronic Records and Signatures June 11, 2004 Presentation of the Industry Coalition on 21CFR Part 11 Alan Goldhammer, PhD Chair.
Part 11, Electronic Records; Electronic Signatures
Professional Certificate in Electoral Processes Understanding and Demonstrating Assessment Criteria Facilitator: Tony Cash.
NIST / URAC / WEDi Health Care Security Workgroup Presented by: Andrew Melczer, Ph.D. Illinois State Medical Society.
Internal Controls Christina Urias Managing Director – International Regulatory Affairs NAIC.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 7-1 Chapter Seven Auditing Internal Control over Financial Reporting.
Agenda for Session Compliance in Clinical Research
Part 11 Public Meeting PEERS Questions & Responses The opinions expressed here belong to PEERS members and not the corporate entities with which they are.
TREASURY REGULATIONS’ CHANGES AND POTENTIAL IMPACT
Fundamentals of Governance: Parliament and Government Understanding and Demonstrating Assessment Criteria Facilitator: Tony Cash.
Assessment Validation. MORE THAN YOU IMAGINE ASQA (Australian Skills Quality Authority) New National Regulator ASQA as of 1 July, 2011.
FDA Public Meeting Electronic Records; Electronic Signatures Docket No. 2004N-0133 Madeleine Kennedy & Michael Rutherford Eli Lilly and Company 11 June.
6/11/04Part 11 Public Meeting1 Risk-Based Approach Scott M Revolinski Washington Safety Management Solutions Carolyn Apperson-Hansen Cleveland Clinic Foundation.
Drug Quality Regulations for the 21 st Century PhRMA Perspective Manufacturing Subcommittee Meeting – May 21, 2003 Gerry Migliaccio Pfizer Inc.
Copyright © 2006 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin 20-1 Chapter Twenty Assurance, Related Services and Internal.
Methodological Issues in Implantable Medical Device(IMDs) Studies Abdallah ABOUIHIA Senior Statistician, Medtronic.
Organizations of all types and sizes face a range of risks that can affect the achievement of their objectives. Organization's activities Strategic initiatives.
©2012 Prentice Hall Business Publishing, Auditing 14/e, Arens/Elder/Beasley Overall Audit Plan and Audit Program Chapter 13.
Software Engineering Process - II 7.1 Unit 7: Quality Management Software Engineering Process - II.
Improving Compliance with ISAs Presenters: Al Johnson & Pat Hayle.
An agency of the European Union Guidance on the anonymisation of clinical reports for the purpose of publication in accordance with policy 0070 Industry.
Medical Device Software Development
FDA's Two New Draft Guidance on Software and Device
Data Analysis in the Water Industry: A Good-Practice Guide
DATA COLLECTION METHODS IN NURSING RESEARCH
Analysis of Current Maturity Models and Standards
How To Apply Quality Management
Developing the Overall Audit Plan and Audit Program
Chapter 10 Software Quality Assurance& Test Plan Software Testing
Initial project results: Annex 6 – 20 Sept 2016
Prepared by Rand E Winters, Jr. ASR Senior Auditor October 2014
Public Financial Management Performance Measurement Framework
UNIT-6 SOFTWARE QUALITY ASSURANCE
Standards.
FDA 21 CFR Part 11 Overview June 10, 2006.
UNIT-6 SOFTWARE QUALITY ASSURANCE
Human Gene Therapy Institutional Review Procedures
New Assessment & Test Methods
EUnetHTA Assembly May 2018.
ECM Step Program Report November 2012
DRAFT ISO 10007:2017 Revision Overview Quality management – Guidelines for configuration management ISO/TC176 TG 01.
Computer System Validation
Presentation transcript:

Using Risk Assessment to Drive Software Validation Decisions Don Hopkins, Ph.D. Ursa Logic Corporation

May 24, 2004© 2004, DQRI. All rights reserved.2 Software Development Today Dozens of viable software methodologies currently in use. Great variation in terminologies, procedures, deliverables, and ways of organizing work. Each methodology embodies a strategy for safeguarding software quality.

May 24, 2004© 2004, DQRI. All rights reserved.3 From the Draft Guidance on Software Validation (2001) Validation Plans Requirement specifications Simulation tests User-site tests Structural tests Functional tests Program build tests Code inspections Code walk-throughs Technical reviews Change control Regression analysis Risk assessments Validation Reports

May 24, 2004© 2004, DQRI. All rights reserved.4 In what ways can part 11 discourage innovation? By including an across-the-board requirement that covered software must be validated, and publishing a guidance that defined software validation in terms of specific deliverables, the FDA established a de facto standard software development methodology for covered systems, regardless of context and regardless of risk profile.

May 24, 2004© 2004, DQRI. All rights reserved.5 In what ways can part 11 discourage innovation? There has been no agreed-upon language for justifying anything less or anything different than what is outlined in the guidance documents.

May 24, 2004© 2004, DQRI. All rights reserved.6 Risk Assessment Risk assessment can provide a means of justifying diverse approaches to software development and validation. Industry and the agency must agree on a common framework for performing risk assessment.

May 24, 2004© 2004, DQRI. All rights reserved.7 DQRI Risk Assessment Model Standard risk model Industry consensus on four critical questions

May 24, 2004© 2004, DQRI. All rights reserved.8 DQRI Risk Assessment Model Step 1: Common types of software used in clinical trials, and risks typically associated with them.

May 24, 2004© 2004, DQRI. All rights reserved.9 DQRI Risk Assessment Model Step 5: Outcomes that should be considered in assessing the impact of possible software failures.

May 24, 2004© 2004, DQRI. All rights reserved.10 DQRI Risk Assessment Model Step 6: Factors that contribute to the likelihood of system failures.

May 24, 2004© 2004, DQRI. All rights reserved.11 DQRI Risk Assessment Model Step 8: Dimensions on which validation procedures may vary depending on assessed risk scores.

May 24, 2004© 2004, DQRI. All rights reserved.12 Recommendation #1 Software validation cannot be separated from software development methodologies. Software validation has no meaning that can be usefully generalized across diverse development methodologies. Software development methodologies are still emerging; there is no consensus about which methodologies work best under what circumstances. Software validation is not the only strategy available for controlling software-related risks. The across-the-board requirement for systems to be validated should be removed from Part 11.

May 24, 2004© 2004, DQRI. All rights reserved.13 Recommendation #2 (a) identify software-related risks; (b) justify the controls adopted to control those risks. Instead of mandating software validation, Part 11 should require risk assessment to:

May 24, 2004© 2004, DQRI. All rights reserved.14 Recommendation #3 Risk assessment model Risks associated with common types of software used in clinical trials Outcomes that should be considered in assessing the impact of possible software failures Factors that contribute to the likelihood of system failures Dimensions on which validation procedures may vary as assessments of risk increase or decrease. The agency should work with industry to develop a guidance on risk assessment for software used in connection with electronic records.

May 24, 2004© 2004, DQRI. All rights reserved.15 Yes. A risk assessment model can be generalized to provide a framework for justifying decisions about any activity that affects the quality of electronic data. In addition to validation, audit trail, record retention, and record copying, should other areas of Part 11 (e.g., operational system and device checks) incorporate the concept of a risk-based approach? Conclusion

May 24, 2004© 2004, DQRI. All rights reserved.16 Thank You Don Hopkins, Ph.D. Ursa Logic Corporation For inquiries about the Data Quality Research Institute (DQRI) please contact: Kaye Fendt, MSPH

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.