Quality System Regulations are general guidelines that need to be customized

Key Takeaway:

The FDA’s Quality System Regulations (QSR) are a family of wide-ranging regulations meant for a number of industries, as well as a number of medical devices. They need to be applied using the manufacturer’s discretion on what constitutes a state-of-the-art practice.

The FDA has issued Quality System Regulations (QSR). The objective of putting in place Quality System Regulations is that they must be used as the guidelines by manufacturers to establish that their products meet appropriate specifications and requirements consistently.

These are issued alongside medical device Good Manufacturing Practices (GMP). The reason for this is to fortify the practices related to the two disciplines and related ones. The Quality Systems (QS) of the following FDA regulated industries are jointly called Current Good Manufacturing Practices (cGMP’s):

  • Food
  • Drugs
  • Biologics, and
  • Devices

Umbrella approach

The important premise on which quality systems regulations are built is that a quality system has to contain broad guidelines that can be used across the industries for which they are formulated. 21 CFR 820 of the QS regulation thus has expansive guidelines for covering all these designated industries, and require their selective and subjective interpretation from manufacturers to select the one that suits them best. QS Regulations are, in this sense, a kind of canopy under which these industries have to operate their respective guidelines and best practices.

The FDA states that since their Quality System Regulations have what it terms an “umbrella approach” in that it applies to a swathe of industries and devices; it does not prescribe in very great detail the way in which a manufacturer has to produce a particular device. Rather, it requires manufacturers to develop and follow procedures and then fill up details in consonance with the latest or current state-of-the-art manufacturing for that particular device.

FDA’s 21 CFR 820 of the QS regulation’s broad guidelines

These are some of the broad areas that are covered in 21 CFR 820:

Read More:https://www.linkedin.com/pulse/quality-system-regulations-general-guidelines-need-ronald-gardner-1?trk=mp-reader-card

Risk-Based Computer System Validation is a remedy to expensive and time-consuming computer system validation methods

Key Takeaway:

Organizations that implement a risk-based approach to computer system validation decrease, in the long run, time and cost overruns associated with validation.

Computer system validation is a must for organizations involved in a number of businesses and activities. Regulatory authorities such as the FDA, apart from the European Medicines Agency (EMEA), Medicines and Healthcare Products Regulatory Agency and the Ministry of Health, Labor and Welfare (MHLW) of Japan exhort organizations under their purview to implement a risk based computer system validation.

Yet, there is general widespread reluctance about its implementation, because many organizations are concerned at the apparent high costs associated with risk based CSV. Many are fine with the general, mechanical elements of CSV, such as implementing methodologies, processes and documentations, but are somehow loathe to the idea of implementing a computer system validation that is risk based. Most of the reservations organizations have are centered on:

  • Lack of clarity about standards to be implemented or their overlap
  • Lack of a robustly structured quality system
  • Existence of myriad interpretations and opinions
  • Low or total lack of exposure to CSV
  • Perception of low returns and immeasurable improvement in quality on relatively high investment

Despite all these skepticisms, a risk based approach to computer systems validation is considered a vastly improved methodology over the traditional system of validating everything for everything. With the coming into existence of21 CFR Part 11; there has been a shift in focus from validating everything to validating the core, critical aspects of CSV.

Why a risk based approach to CSV?

The need for importance of a risk based approach to computer system validation has to be understood from the following standpoints:

Principles of risk based computer system validation

Risk based CSV is primarily run on two major principles:

Risk based CSV involves inputs of some additional costs in the short run, but the organization that implements it gets its risk identification, assessment and mitigation right and saves in the long run.

Read More: https://www.linkedin.com/pulse/risk-based-computer-system-validation-remedy-methods-ronald-gardner?trk=mp-reader-card

Supplier Evaluation and Internal Auditing are crucial for organizations

Key Takeaway:

There are many challenges associated with supplier evaluation and internal auditing, but compliance with QSR and ISO 13485 and diligence are the antidote to these.

In any organization, continuous and scientific evaluation is a must. This is all the more important for an FDA-regulated industry. Supplier evaluation and internal auditing are done to ensure that the intended quality standards are met on a consistent and continuous basis.

Features of supplier evaluation and internal auditing

  • Both supplier evaluation and internal auditing are necessary and critical for almost any organization
  • Supplier evaluation and internal auditing complement and supplement each other as separate, but deeply related programs
  • The ways in which these two elements work are different, since they deal with different aspects of the quality process, but both supplier evaluation and internal auditing are intertwined.

Supplier evaluation

Supplier evaluation is a very critical aspect of almost every industry, since a majority of organizations -be they in pharmaceuticals, medical devices, software or any other – rely on external suppliers for many of their needs. Most raw materials are sourced from external parties. Since it is these raw materials that determine the quality of the final output; it is imperative for an organization to ensure that the raw material is of the required quality and up to industry standards.

Major challenges associated with supplier evaluation

Solutions for problems associated with supplier evaluation

Complying with QSR and ISO 13485 requirements for supplier selection and assessment is the answer to challenges associated with supplier evaluation. These standards have guidelines on:

Internal auditing

Internal auditing follows supplier evaluation. While supplier evaluation is about assessing the quality of raw material from an external party; internal auditing is a process in which:

  • The material sourced from outside is audited from within the organization
  • The internal auditing is also done for raw materials or other related materials not sourced from outside, but produced within the organization
  • Products made out of raw materials procured from external sources are also audited internally

This consists of a series of stringent quality checks, since internal auditing is about how well the risks are mitigated.

Challenges in internal auditing

Way by which to address challenges of internal auditing

Unlike resort for CFR and ISO 13485, which act as effective safeguards against supplier evaluation issues; there are no such regulatory remedies for addressing challenges associated with internal auditing. It is left to managements to intuitively look for solutions to issues relating to internal auditing. Some of these can be looked into:

Read More: https://www.linkedin.com/pulse/supplier-evaluation-internal-auditing-crucial-ronald-gardner

Diligence should go into Software Validation Process for 21 CFR Part 11

Key Takeaway:

Software Validation Process for 21 CFR Part 11 is all about authenticity and integrity of electronic signatures and records. Care should be taken to avoid confusion and get validation right.

The FDA’s Code of Federal Regulations (CFR) is a collection of laws that regulate the various government agencies. Different titles of the CFR govern respective regulated areas.

What is 21 CFR Part 11?

Codes contained in21 CFR Part 11 relate to electronic records and approval signatures, which are digital versions of paper documents and handwritten signatures. 21 CFR Part 11enables

  • A paper record to be replaced by an electronic record
  • Any handwritten signature to be replaced with an electronic signature
  • The software of these systems to be validated, so that the authenticity of electronic signatures can be proven
  • An organization to implement good business practices.

Why is software validation process for 21 CFR Part 11 necessary?

With the widespread proliferation, reach and prevalence of the use of computers; it is a given that people would like to use electronic records instead of paper records. CFRs became necessary as records graduated to the electronic format, because of which validation of these signatures for their authenticity also became necessary.

An intrinsic part of SOPs

The software validation process for 21 CFR Part 11 is enshrined in the regulated company’sStandard Operating Procedures (SOP’s), which describe the way in which processes are to be performed. In the course of implementation of the software validation process for 21 CFR Part 11; any paper record, inclusive of signatures, is to be replaced with an electronic one, given that the computer system is validated and has appropriate features.

Primary areas software validation process for 21 CFR Part 11 compliance

21 CFR Part 11 compliance consists of three primary areas:

Read More: https://www.linkedin.com/pulse/diligence-should-go-software-validation-process-21-cfr-ronald-gardner

Cash Management: A User’s Perspective – The How’s, Why’s and Wherefores


Too often, a bank’s commercial customer has to endure multiple sign-ons; navigate to different Websites to access the various ancillary features in the TM suite; and administer security and end-user rights across the suite from several different locations.

For banks at which any of these situations are true, it is likely the lack of integration is strangling customer utilization of the TM suite. We cannot expect more usage if we only halfway pay attention to all-important integration.


Why should you attend?

Cash is King! You’ve heard that I’m sure. But managing cash can be a pain in the butt. Establishing procedures, maintaining banking relationships, and getting good, reliable information are some of the key elements of good cash management.

The larger the company, the more complex the issues and hence the solutions. No longer a pencil and paper enterprise; managing cash is the Rubik’s Cube of finance.

A bank that is not making its commercial customers’ lives easier cannot expect them to utilize its Cash Management products. Internet cash management is typically the anchor product and ancillary systems such as ACH, positive pay and bill pay are often bolted on as an afterthought.

 Who Will Benefit:

  • Treasurers
  • Cash Managers
  • Assistant Treasurers
  • Operations managers
  • Payments managers
  • Compliance Officers
  • Accountants and CPAs
  • Accounts receivables managers
  • Accounts payables managers
  • Procurement managers


Day 1 Schedule:

Lecture 1: Cash Management Basics

  • Inflows, outflows, and information
  • Bank products and services
  • Where to get data
  • Internal and external information

Lecture 2: Managing daily cash

  • Cash position
  • Budgeting and forecasting
  • Excel versus Treasury workstations
  • Department structure

Lecture 3: Fraud and Security

  • Payments fraud
  • Security Issues
  • Responsibilities and permissions

Lecture 4: Case Study and discussion

Day 2 Schedule:

Lecture 1: Choosing a Bank

  • Banking connections
  • Selecting a bank(s)
  • RFP Process
  • Specific industry requirements
  • Customer service

Lecture 2: Funding sources

  • Credit sources
  • Credit offerings
    • Reasonable cost
    • Reasonable covenants
  • Factoring
  • Cash flow
  • Investments

Lecture 3: Key Success Factors

  • High accuracy
  • Quick error resolution
  • Timely reporting
  • Comprehensive offering
  • Automation
    • Systems integration
    • Customization/configuration
    • Innovation

Lecture 4: Open discussion and summary

Read More : http://bit.ly/cash-management-Washington

FDA Device Software Regulation


Software’s level of complexity and use is expanding at exponential levels. Likewise the potential risks to health follow suit. Problems with software create a number of different hurdles. Software may be a standalone device, control a device’s performance, make calculations, identify treatment options or begin to play a more active role in making clinical decisions regarding patient management and treatment. FDA’s risk classification will gradually clarify how it intends to manage the health risks. Software use has become increasingly complicated with the expansion of software applications, for example: cybersecurity, interoperability, mobile medical “apps,” home use and remote use. Another growing concern is the public’s use of software programs to manage their health issues rather than go to a healthcare professional.

The increasing sophistication and venue for use create new software design validation considerations. In many instances, validation is limited to the immediate use of the software rather than its environment of use, its performance with other software programs and software hacking. When software causes a problem, fixing the malfunction or “bug” may be more difficult as software becomes more sophisticated, customized by users and placed in a network system. In these kinds of circumstances, it is difficult to decide who is responsible for managing and fixing the software problems. This becomes a major regulatory headache for FDA and generates business-to-business conflicts. When firms are designing and marketing software, they should be mindful the unknowns that lurk in the future of software regulated as a device by FDA.

Why should you attend?

For decades, firms have experienced serious problems with software and have been at a loss to make a well-informed follow up. Software problems represent one of the most common root causes for recalls that are associated with deaths and serious injuries beyond what should be necessary to quantify. FDA sees firms revise software only to create more problems rather than solve them. The infusion pump industry is a classic example that drove FDA to implement a new rigorous paradigm for device evaluation.

The growth of the medical software industry outpaces how FDA’s regulatory process is designed. How can you anticipate and defend against the malicious remote hacking and shut down of an insulin infusion pump? In some instances clinicians have weighed the risk of software failure against the benefits of using a device at all. You need to understand and apply the current provisions that NIST has put forth in recent reports FDA will integrate them into its regulatory oversight.

Device software is often used in conjunction with other software-based devices, but their interoperability was never anticipated. Can one software program defeat the performance capability or back up safety features of another software program? When interoperability surface, which software manufacturer takes the lead to solve the problem and deal with proprietary software issues?

These are the kinds of issues that will be highlighted during the webinar. The issues require careful consideration even though no obvious answer appears at hand.

Areas Covered in the Session:

  • FDA legal authority
  • FDA software guidance
  • Voluntary standards
  • National Institute of Science and Technology
  • Cybersecurity
  • Interoperability
  • Mobile Apps
  • Predictive analytics
  • Software validation
  • Software recalls

Who will benefit:

  • Regulatory Affairs
  • Quality Assurance
  • Software Design Engineers
  • Manufacturing
  • Complaint Dept.
  • Hospital Risk Dept.


Day 1 Schedule:

Lecture 1:

FDA authority and regulatory program

  • Types of Software are devices
  • Regulatory strategy
  • Risk classification
    • Function and outcome
  • Medical Device Data Systems (MDDS)
  • Office of the National Coordinator (ONC) for Health Information Protection
  • Software regulatory applications
  • FDA Guidance
    • Premarket submissions
    • Paradigms: aeronautics
  • Quality System Regulation (QSR)
    • Design verification and validation
    • Voluntary standards
    • Corrective and Prevent Action Plans
  • Voluntary standards
  • Recalls:
    • Service / maintenance / recall.
    • Implementation strategy
  • Corrections and Removals reporting
  • Updates: FDA vs. non-FDA
  • Predictive analytics

Lecture 2:


  • Compatibility by design
    • Hardware
    • Software
  • Labeling
    • Precautions
    • Instructions for use
  • Use of Voluntary Standards
  • Proprietary information
  • Failure management / follow up
  • User’s vs. manufacturer’s legal responsibility
    • System configuration
    • Customization
    • Environment of use
      • Professional
      • Home use

Day 2 Schedule:

Lecture 1:


  • Device vulnerabilities: malfunction and failure
  • Pre-emption design
  • Latent malware/virus
  • Post-event management
    • Corrective action for software
    • Disclosure to users
  • National Institute of Science and Technology Report

Lecture 2:

Medical Mobile Applications (mobile apps)

  • Mobile apps defined as a device
  • FDA regulatory strategy
  • FDA guidance
  • National Institute of Science and Technology Report and Collaboration
  • Updates (FDA vs. non-FDA updates)
    • Criteria for corrective and preventive action deemed recalls
    • Reports of Corrections and Removals
    • Reports of adverse events
  • Professional vs. lay use / home use
  • Labeling: instructions for use and precautions
  • Environment of use
  • FDA regulation of accessories
  • Federal Communications Commission (FCC) regulation

Read More:https://www.linkedin.com/pulse/fda-device-software-regulation-ronald-gardner?trk=mp-reader-card

Understanding Typical Components of a Financial Audit Program

What is Financial Audit ?

A financial audit is an independent, objective evaluation of an organization’s financial reports and financial reporting processes. The primary purpose for financial audits is to give regulators, investors, directors, and managers reasonable assurance that financial statements are accurate and complete.

Financial Audit Process

What are the components of a Financial Audit Program?

There are various core components of a financial audit program. First, an understanding of a financial audit:

  • A financial audit is a regular exercise carried out by qualified professionals from within or outside, to check the financial health of an organization
  • It involves having to verify, examine and analyze the various data pertaining to the organization’s finance, such as financial records and financial statements
  • This exercise is carried out to assess the company’s financial status, its profit and loss, growth prospects, investments needed to achieve those prospects, and most importantly, compliance with prescribed regulatory requirements.

Components of a financial audit program

Components of a financial audit program can be described in a number of ways. While on the one hand, components of a financial audit program could include the exact processes and steps that financial experts take to carry out the financial audit; on the other, components of a financial audit program can include those steps and processes that companies have to implement in order to ensure the smooth conduct of a financial audit.

So, components of a financial audit program could include at least two different, but related areas. In the first of these, the financial expert(s) look into many records, primarily these:

  • The profit and loss statements;
  • Balance sheet.

One of the core components of a financial audit program is the profit and loss statement, which reflects how the company is placed financially. A good financial expert can discern the exact health of the company by analyzing the profit and loss statement.

A balance sheet constitutes another of the components of a financial audit program, as it is in this that the financial activities of the company for a fixed period of time -usually a financial year -are measured and assessed.

Other components of a financial audit program

Among other components of a financial audit program; it is important for companies to know how to conduct itself during an audit. This is all the more important during external audits. The company has to comply with regulatory requirements to ensure that it supplies all the records and data that the independent auditor may ask. Failing to provide them, or proof of fudging of accounts is a serious offence and can attract major penalties. So, it is crucial for companies to keep note of the components of a financial audit program, so that it stays compliant and maintains a name in the industry.

Read more : https://www.linkedin.com/pulse/understanding-typical-components-financial-audit-program-gardner?trk=mp-reader-card

Food Microbiology is a vital area in ensuring food integrity

Food Microbiology is a vital area in ensuring food integrity

Food microbiology is a fairly large field of the science of food. Any food, no matter from which source it is derived, which part of the world it is grown in, and what it contains, is prone to attracting microorganisms. These microorganisms, found freely in nature, inhabit food. Although not all microorganisms are necessarily bad, bad ones among these microorganisms can have an impact on food. Their nature and inhabitation in food call for a separate topic of biology, namely food microbiology.

Why is food microbiology important?

Food microbiology is indispensable to ensuring food safety. Microorganisms are usually not visible to the naked eye. So, once they get into the food process or food chain; they can play havoc with food quality, affecting it adversely. It is the microorganisms in food that is usually the culprit in causing a number of food-related diseases.

Food microbiology is an important preventive against microorganisms and microbes, because only one percent these organisms cause most of the foodborne diseases, which makes their detection all the more difficult. Microbes cause anything from athlete’s foot to common cold to diarrhea to skin infections to TB to vaginal infections.

This is why it is essential for food organizations and the food chain across the globe to put in place a mechanism for ensuring that hygiene is ensured in all these:

  • The production of food
  • Its processing
  • Its preservation, and
  • Food storage

How do food microbiologists work? 

Food microbiology consists of putting into use a number of technologies and techniques in the various areas related to microbiology, such as immunology and molecular biology. It is important for food microbiology to separate good microbes such as good bacteria, molds, and yeasts, which are used to produce and ferment foods and many of their ingredients, from the harm causing ones. This is one of the most useful applications of food microbiology.

Food microbiology enables useful microbes to be cultivated and exploited in other ways in producing, processing and preserving several kinds of beverages and foods. The aim of food microbiology is to also ensure that adulteration, spoilage and pilferage, which are causes for large-scale loss of food revenue, are controlled. The food microbiology professional puts into practice technologies and methodologies for ensuring that food is proper and free of disease causing agents.

Read More : https://www.linkedin.com/pulse/food-microbiology-vital-area-ensuring-integrity-ronald-gardner?trk=mp-reader-card

Good Internal Audit Report Writing Skills are very crucial for an auditor

An internal audit is an important exercise that every organization carries out to ensure that its processes and procedures are adhering to set guidelines and are meeting regulatory requirements. Once an internal audit is carried out; the task of the auditor is to present the findings in an audit report. This is where internal audit report writing skills come into play.

Internal audit report writing skills go a long way in putting the audit result in proper perspective. While the core skill of the auditor is in auditing; internal audit report writing skills are complementary to this core skill, but extremely important nevertheless, as it is these skills that help the management make sense of the audit report.

  • To make the auditor’s observations known, so that they lead to further action from concerned management personnel, and
  • Bringing about a new process or persuading people to look at a particular aspect from a different outlook

What go into honing internal audit report writing skills?

The idea of ingraining internal audit report writing skills is that they should help the auditor convey what she wants to, to the concerned persons in the organization. This calls for some level of expertise and finesse. Of course, this can be inculcated and learn over time. In other words, internal audit report writing skills are no rocket science and can be nurtured and polished over time.

Some elements of good internal audit report writing skills

Although there are no strict rules for how an internal audit report is to be written; internal audit report writing skills need to be finessed to the point where the auditor is able to convey the message across without being too soft or too bombastic. Good internal audit report writing skills also consist of the ability to write an internal audit report that doesn’t clutter itself with too much information that may not be eventually used by management, thus making it useless.

A good guideline for fine-tuning internal audit report writing skills could be summarized as ABC:

Assertiveness: Good internal audit report writing skills begin with arriving straight to the point. An auditor who thinks of arriving at important points at the later point of the presentation is not likely to hold the attention of the reader. Managements are usually very aggressive and active, and look for action items straightaway. Keeping the best for the last works in some instances, but not as part of internal audit report writing skills. Following this method makes the report digressing.

Brevity: Isn’t it said the brevity is the soul of wit? This holds good for audit report writing, as well. Grandiloquent use of words and fluffy passages are to be avoided if the report has to make an impact.

Conviction: Many internal auditors think that dressing up the difficult or delicate areas of the audit report is a part of internal audit report writing skills. They could not be more mistaken. The auditor’s task is to look for loopholes and lacunae; any attempt to camouflage it shows the auditor in poor light. The auditor has to have the conviction to a spade a spade. This part of internal audit report writing skills calls for clarity.


Read more : https://www.globalcompliancepanel.com/control/internal-audit-report-writing-skills

Principles of Good Clinical Practices (GCP) Audits

Good Clinical Practices (GCP) audits are crucial to Clinical Research Organizations (CRO’s). This is because they deal with very vital human life for their research. The implications of the research can be very profound. They can change the way diseases are managed, or if done incorrectly or without adherence to sound Good Clinical Practices audit practices, could lead to serious repercussions for the subjects.

GCP audits and regulatory bodies

The core reason why Good Clinical Practices audits are very important is that regulatory bodies across the world have strict guidelines on how to implement them. The International Conference on Harmonization (ICH), a global harmonization taskforce, has many guidelines on how to implement Good Clinical Practices audits that comply with best practices. Likewise, the FDA too, has very stringent compliance Good Clinical Practices requirements that CRO audits have to adhere to.

GCP audits begin with the sponsor. The sponsor is the organization that conducts the clinical research study, and is thus responsible for ensuring that the Good Clinical Practices audits are carried out for the study they undertake. The sponsor should ensure the adherence of Good Clinical Practices audit standards and methodologies, as well as the safety and rights of the subjects. An established good practice is to have the internal audit done and then getting it corroborated by an external one.
The role of the auditor is all important

Another key role in Good Clinical Practices audits is that of the auditors. Whilst they can be either internal or external, there are different rules that govern the conduct of each of these types of GCP auditors. There are clear rules as to their

  • Qualification
  • Knowledge
  • Skills
  • Responsibilities
  • Audit plan (written procedures)
  • Goal setting

During the audit

During the actual conduct of the Good Clinical Practices audits; the auditor has to explain to the sponsor the purpose of the audit, the documents required for this, and the requirements on the part of the CRO for ensuring the smooth conduct of the Good Clinical Practices audit, and should provide a checklist of all these.

After the audit

The Good Clinical Practices auditor should suggest Corrective and Preventive Actions. These findings should be reported to the person or office designated by the regulatory bodies, after which an Audit Certificate is issued, and the Good Clinical Practices (GCP) audit records are filed and maintained according to set procedures.


Read More: https://www.globalcompliancepanel.com/control/good-clinical-practices-audits