System-Focussed vs. Process-Oriented CSV Audits: Fish Your Data! – Can You Catch It?

Internal Computer Systems Validation (CSV) audit programs within pharmaceutical company´s permanently deal with the challenge of what computerized systems shall be audited in what intervals and context. Risk-based considerations are very often used to drive the planning process and have proven as a helpful approach. However, acknowledging the permanent increase of digitalization with its high degree of interrelated IT system linkages and cross-system data flows raises the question of the effectiveness of mere single-system focused CSV audits. Moreover, very often meaning of data and its status of being subject to regulations can only be answered in the context of comprehensive end-to-end business processes, in which a combination of computerized systems plays a part. Therefore, the advantage of planning an audit program along business process landscapes and traced data lineage becomes an obvious, meaningful choice. Consequently, an audit will be centered around a guiding business process plus associated data flow and embrace a cluster of computerized systems and their validated states.

This presentation will share anonymized field experiences on pros and cons for such a clustered audit approach in comparison with an audit model in favor of a dedicated single system emphasis.

Additional Info

  • Date(s): 21–Sep–2020
  • Event/Context: SQA September Virtual Meeting and Quality College 2020 Co-presentation with Manu Reddy, Bayer
  • Location(s): Remote
Read 1726 times