Quality System Regulations are general guidelines that need to be customized

Key Takeaway:

The FDA’s Quality System Regulations (QSR) are a family of wide-ranging regulations meant for a number of industries, as well as a number of medical devices. They need to be applied using the manufacturer’s discretion on what constitutes a state-of-the-art practice.

The FDA has issued Quality System Regulations (QSR). The objective of putting in place Quality System Regulations is that they must be used as the guidelines by manufacturers to establish that their products meet appropriate specifications and requirements consistently.

These are issued alongside medical device Good Manufacturing Practices (GMP). The reason for this is to fortify the practices related to the two disciplines and related ones. The Quality Systems (QS) of the following FDA regulated industries are jointly called Current Good Manufacturing Practices (cGMP’s):

  • Food
  • Drugs
  • Biologics, and
  • Devices

Umbrella approach

The important premise on which quality systems regulations are built is that a quality system has to contain broad guidelines that can be used across the industries for which they are formulated. 21 CFR 820 of the QS regulation thus has expansive guidelines for covering all these designated industries, and require their selective and subjective interpretation from manufacturers to select the one that suits them best. QS Regulations are, in this sense, a kind of canopy under which these industries have to operate their respective guidelines and best practices.

The FDA states that since their Quality System Regulations have what it terms an “umbrella approach” in that it applies to a swathe of industries and devices; it does not prescribe in very great detail the way in which a manufacturer has to produce a particular device. Rather, it requires manufacturers to develop and follow procedures and then fill up details in consonance with the latest or current state-of-the-art manufacturing for that particular device.

FDA’s 21 CFR 820 of the QS regulation’s broad guidelines

These are some of the broad areas that are covered in 21 CFR 820:

Read More:https://www.linkedin.com/pulse/quality-system-regulations-general-guidelines-need-ronald-gardner-1?trk=mp-reader-card

Risk-Based Computer System Validation is a remedy to expensive and time-consuming computer system validation methods

Key Takeaway:

Organizations that implement a risk-based approach to computer system validation decrease, in the long run, time and cost overruns associated with validation.

Computer system validation is a must for organizations involved in a number of businesses and activities. Regulatory authorities such as the FDA, apart from the European Medicines Agency (EMEA), Medicines and Healthcare Products Regulatory Agency and the Ministry of Health, Labor and Welfare (MHLW) of Japan exhort organizations under their purview to implement a risk based computer system validation.

Yet, there is general widespread reluctance about its implementation, because many organizations are concerned at the apparent high costs associated with risk based CSV. Many are fine with the general, mechanical elements of CSV, such as implementing methodologies, processes and documentations, but are somehow loathe to the idea of implementing a computer system validation that is risk based. Most of the reservations organizations have are centered on:

  • Lack of clarity about standards to be implemented or their overlap
  • Lack of a robustly structured quality system
  • Existence of myriad interpretations and opinions
  • Low or total lack of exposure to CSV
  • Perception of low returns and immeasurable improvement in quality on relatively high investment

Despite all these skepticisms, a risk based approach to computer systems validation is considered a vastly improved methodology over the traditional system of validating everything for everything. With the coming into existence of21 CFR Part 11; there has been a shift in focus from validating everything to validating the core, critical aspects of CSV.

Why a risk based approach to CSV?

The need for importance of a risk based approach to computer system validation has to be understood from the following standpoints:

Principles of risk based computer system validation

Risk based CSV is primarily run on two major principles:

Risk based CSV involves inputs of some additional costs in the short run, but the organization that implements it gets its risk identification, assessment and mitigation right and saves in the long run.

Read More: https://www.linkedin.com/pulse/risk-based-computer-system-validation-remedy-methods-ronald-gardner?trk=mp-reader-card

Supplier Evaluation and Internal Auditing are crucial for organizations

Key Takeaway:

There are many challenges associated with supplier evaluation and internal auditing, but compliance with QSR and ISO 13485 and diligence are the antidote to these.

In any organization, continuous and scientific evaluation is a must. This is all the more important for an FDA-regulated industry. Supplier evaluation and internal auditing are done to ensure that the intended quality standards are met on a consistent and continuous basis.

Features of supplier evaluation and internal auditing

  • Both supplier evaluation and internal auditing are necessary and critical for almost any organization
  • Supplier evaluation and internal auditing complement and supplement each other as separate, but deeply related programs
  • The ways in which these two elements work are different, since they deal with different aspects of the quality process, but both supplier evaluation and internal auditing are intertwined.

Supplier evaluation

Supplier evaluation is a very critical aspect of almost every industry, since a majority of organizations -be they in pharmaceuticals, medical devices, software or any other – rely on external suppliers for many of their needs. Most raw materials are sourced from external parties. Since it is these raw materials that determine the quality of the final output; it is imperative for an organization to ensure that the raw material is of the required quality and up to industry standards.

Major challenges associated with supplier evaluation

Solutions for problems associated with supplier evaluation

Complying with QSR and ISO 13485 requirements for supplier selection and assessment is the answer to challenges associated with supplier evaluation. These standards have guidelines on:

Internal auditing

Internal auditing follows supplier evaluation. While supplier evaluation is about assessing the quality of raw material from an external party; internal auditing is a process in which:

  • The material sourced from outside is audited from within the organization
  • The internal auditing is also done for raw materials or other related materials not sourced from outside, but produced within the organization
  • Products made out of raw materials procured from external sources are also audited internally

This consists of a series of stringent quality checks, since internal auditing is about how well the risks are mitigated.

Challenges in internal auditing

Way by which to address challenges of internal auditing

Unlike resort for CFR and ISO 13485, which act as effective safeguards against supplier evaluation issues; there are no such regulatory remedies for addressing challenges associated with internal auditing. It is left to managements to intuitively look for solutions to issues relating to internal auditing. Some of these can be looked into:

Read More: https://www.linkedin.com/pulse/supplier-evaluation-internal-auditing-crucial-ronald-gardner

Diligence should go into Software Validation Process for 21 CFR Part 11

Key Takeaway:

Software Validation Process for 21 CFR Part 11 is all about authenticity and integrity of electronic signatures and records. Care should be taken to avoid confusion and get validation right.

The FDA’s Code of Federal Regulations (CFR) is a collection of laws that regulate the various government agencies. Different titles of the CFR govern respective regulated areas.

What is 21 CFR Part 11?

Codes contained in21 CFR Part 11 relate to electronic records and approval signatures, which are digital versions of paper documents and handwritten signatures. 21 CFR Part 11enables

  • A paper record to be replaced by an electronic record
  • Any handwritten signature to be replaced with an electronic signature
  • The software of these systems to be validated, so that the authenticity of electronic signatures can be proven
  • An organization to implement good business practices.

Why is software validation process for 21 CFR Part 11 necessary?

With the widespread proliferation, reach and prevalence of the use of computers; it is a given that people would like to use electronic records instead of paper records. CFRs became necessary as records graduated to the electronic format, because of which validation of these signatures for their authenticity also became necessary.

An intrinsic part of SOPs

The software validation process for 21 CFR Part 11 is enshrined in the regulated company’sStandard Operating Procedures (SOP’s), which describe the way in which processes are to be performed. In the course of implementation of the software validation process for 21 CFR Part 11; any paper record, inclusive of signatures, is to be replaced with an electronic one, given that the computer system is validated and has appropriate features.

Primary areas software validation process for 21 CFR Part 11 compliance

21 CFR Part 11 compliance consists of three primary areas:

Read More: https://www.linkedin.com/pulse/diligence-should-go-software-validation-process-21-cfr-ronald-gardner

Cash Management: A User’s Perspective – The How’s, Why’s and Wherefores


Too often, a bank’s commercial customer has to endure multiple sign-ons; navigate to different Websites to access the various ancillary features in the TM suite; and administer security and end-user rights across the suite from several different locations.

For banks at which any of these situations are true, it is likely the lack of integration is strangling customer utilization of the TM suite. We cannot expect more usage if we only halfway pay attention to all-important integration.


Why should you attend?

Cash is King! You’ve heard that I’m sure. But managing cash can be a pain in the butt. Establishing procedures, maintaining banking relationships, and getting good, reliable information are some of the key elements of good cash management.

The larger the company, the more complex the issues and hence the solutions. No longer a pencil and paper enterprise; managing cash is the Rubik’s Cube of finance.

A bank that is not making its commercial customers’ lives easier cannot expect them to utilize its Cash Management products. Internet cash management is typically the anchor product and ancillary systems such as ACH, positive pay and bill pay are often bolted on as an afterthought.

 Who Will Benefit:

  • Treasurers
  • Cash Managers
  • Assistant Treasurers
  • Operations managers
  • Payments managers
  • Compliance Officers
  • Accountants and CPAs
  • Accounts receivables managers
  • Accounts payables managers
  • Procurement managers


Day 1 Schedule:

Lecture 1: Cash Management Basics

  • Inflows, outflows, and information
  • Bank products and services
  • Where to get data
  • Internal and external information

Lecture 2: Managing daily cash

  • Cash position
  • Budgeting and forecasting
  • Excel versus Treasury workstations
  • Department structure

Lecture 3: Fraud and Security

  • Payments fraud
  • Security Issues
  • Responsibilities and permissions

Lecture 4: Case Study and discussion

Day 2 Schedule:

Lecture 1: Choosing a Bank

  • Banking connections
  • Selecting a bank(s)
  • RFP Process
  • Specific industry requirements
  • Customer service

Lecture 2: Funding sources

  • Credit sources
  • Credit offerings
    • Reasonable cost
    • Reasonable covenants
  • Factoring
  • Cash flow
  • Investments

Lecture 3: Key Success Factors

  • High accuracy
  • Quick error resolution
  • Timely reporting
  • Comprehensive offering
  • Automation
    • Systems integration
    • Customization/configuration
    • Innovation

Lecture 4: Open discussion and summary

Read More : http://bit.ly/cash-management-Washington

FDA Device Software Regulation


Software’s level of complexity and use is expanding at exponential levels. Likewise the potential risks to health follow suit. Problems with software create a number of different hurdles. Software may be a standalone device, control a device’s performance, make calculations, identify treatment options or begin to play a more active role in making clinical decisions regarding patient management and treatment. FDA’s risk classification will gradually clarify how it intends to manage the health risks. Software use has become increasingly complicated with the expansion of software applications, for example: cybersecurity, interoperability, mobile medical “apps,” home use and remote use. Another growing concern is the public’s use of software programs to manage their health issues rather than go to a healthcare professional.

The increasing sophistication and venue for use create new software design validation considerations. In many instances, validation is limited to the immediate use of the software rather than its environment of use, its performance with other software programs and software hacking. When software causes a problem, fixing the malfunction or “bug” may be more difficult as software becomes more sophisticated, customized by users and placed in a network system. In these kinds of circumstances, it is difficult to decide who is responsible for managing and fixing the software problems. This becomes a major regulatory headache for FDA and generates business-to-business conflicts. When firms are designing and marketing software, they should be mindful the unknowns that lurk in the future of software regulated as a device by FDA.

Why should you attend?

For decades, firms have experienced serious problems with software and have been at a loss to make a well-informed follow up. Software problems represent one of the most common root causes for recalls that are associated with deaths and serious injuries beyond what should be necessary to quantify. FDA sees firms revise software only to create more problems rather than solve them. The infusion pump industry is a classic example that drove FDA to implement a new rigorous paradigm for device evaluation.

The growth of the medical software industry outpaces how FDA’s regulatory process is designed. How can you anticipate and defend against the malicious remote hacking and shut down of an insulin infusion pump? In some instances clinicians have weighed the risk of software failure against the benefits of using a device at all. You need to understand and apply the current provisions that NIST has put forth in recent reports FDA will integrate them into its regulatory oversight.

Device software is often used in conjunction with other software-based devices, but their interoperability was never anticipated. Can one software program defeat the performance capability or back up safety features of another software program? When interoperability surface, which software manufacturer takes the lead to solve the problem and deal with proprietary software issues?

These are the kinds of issues that will be highlighted during the webinar. The issues require careful consideration even though no obvious answer appears at hand.

Areas Covered in the Session:

  • FDA legal authority
  • FDA software guidance
  • Voluntary standards
  • National Institute of Science and Technology
  • Cybersecurity
  • Interoperability
  • Mobile Apps
  • Predictive analytics
  • Software validation
  • Software recalls

Who will benefit:

  • Regulatory Affairs
  • Quality Assurance
  • Software Design Engineers
  • Manufacturing
  • Complaint Dept.
  • Hospital Risk Dept.


Day 1 Schedule:

Lecture 1:

FDA authority and regulatory program

  • Types of Software are devices
  • Regulatory strategy
  • Risk classification
    • Function and outcome
  • Medical Device Data Systems (MDDS)
  • Office of the National Coordinator (ONC) for Health Information Protection
  • Software regulatory applications
  • FDA Guidance
    • Premarket submissions
    • Paradigms: aeronautics
  • Quality System Regulation (QSR)
    • Design verification and validation
    • Voluntary standards
    • Corrective and Prevent Action Plans
  • Voluntary standards
  • Recalls:
    • Service / maintenance / recall.
    • Implementation strategy
  • Corrections and Removals reporting
  • Updates: FDA vs. non-FDA
  • Predictive analytics

Lecture 2:


  • Compatibility by design
    • Hardware
    • Software
  • Labeling
    • Precautions
    • Instructions for use
  • Use of Voluntary Standards
  • Proprietary information
  • Failure management / follow up
  • User’s vs. manufacturer’s legal responsibility
    • System configuration
    • Customization
    • Environment of use
      • Professional
      • Home use

Day 2 Schedule:

Lecture 1:


  • Device vulnerabilities: malfunction and failure
  • Pre-emption design
  • Latent malware/virus
  • Post-event management
    • Corrective action for software
    • Disclosure to users
  • National Institute of Science and Technology Report

Lecture 2:

Medical Mobile Applications (mobile apps)

  • Mobile apps defined as a device
  • FDA regulatory strategy
  • FDA guidance
  • National Institute of Science and Technology Report and Collaboration
  • Updates (FDA vs. non-FDA updates)
    • Criteria for corrective and preventive action deemed recalls
    • Reports of Corrections and Removals
    • Reports of adverse events
  • Professional vs. lay use / home use
  • Labeling: instructions for use and precautions
  • Environment of use
  • FDA regulation of accessories
  • Federal Communications Commission (FCC) regulation

Read More:https://www.linkedin.com/pulse/fda-device-software-regulation-ronald-gardner?trk=mp-reader-card

Understanding Typical Components of a Financial Audit Program

What is Financial Audit ?

A financial audit is an independent, objective evaluation of an organization’s financial reports and financial reporting processes. The primary purpose for financial audits is to give regulators, investors, directors, and managers reasonable assurance that financial statements are accurate and complete.

Financial Audit Process

What are the components of a Financial Audit Program?

There are various core components of a financial audit program. First, an understanding of a financial audit:

  • A financial audit is a regular exercise carried out by qualified professionals from within or outside, to check the financial health of an organization
  • It involves having to verify, examine and analyze the various data pertaining to the organization’s finance, such as financial records and financial statements
  • This exercise is carried out to assess the company’s financial status, its profit and loss, growth prospects, investments needed to achieve those prospects, and most importantly, compliance with prescribed regulatory requirements.

Components of a financial audit program

Components of a financial audit program can be described in a number of ways. While on the one hand, components of a financial audit program could include the exact processes and steps that financial experts take to carry out the financial audit; on the other, components of a financial audit program can include those steps and processes that companies have to implement in order to ensure the smooth conduct of a financial audit.

So, components of a financial audit program could include at least two different, but related areas. In the first of these, the financial expert(s) look into many records, primarily these:

  • The profit and loss statements;
  • Balance sheet.

One of the core components of a financial audit program is the profit and loss statement, which reflects how the company is placed financially. A good financial expert can discern the exact health of the company by analyzing the profit and loss statement.

A balance sheet constitutes another of the components of a financial audit program, as it is in this that the financial activities of the company for a fixed period of time -usually a financial year -are measured and assessed.

Other components of a financial audit program

Among other components of a financial audit program; it is important for companies to know how to conduct itself during an audit. This is all the more important during external audits. The company has to comply with regulatory requirements to ensure that it supplies all the records and data that the independent auditor may ask. Failing to provide them, or proof of fudging of accounts is a serious offence and can attract major penalties. So, it is crucial for companies to keep note of the components of a financial audit program, so that it stays compliant and maintains a name in the industry.

Read more : https://www.linkedin.com/pulse/understanding-typical-components-financial-audit-program-gardner?trk=mp-reader-card