How to use ChatGPT & AI for Project Management of Computer System Validation to Improve FDA Compliance

Overview

In terms of Project Management, we’ll discuss the five (5) phases:

• Phase 1: System Planning
• Phase 2: System Development
• Phase 3: System Implementation
• Phase 4: System Operations & Maintenance
• Phase 5: System Retirement

In addition to covering the basic project management phases and best practices, we will discuss techniques for taking a project management approach to validating a computer system regulated by FDA. The webinar will walk you through the validation process, following a System Development Life Cycle (SDLC) approach to validation and maintenance of a system in a validated state. The phases of project management will be shown to align with the phases of validation. This will also include discussion of 21 CFR Part 11 (electronic records/electronic signatures) and data integrity compliance.

We will explore the best practices and strategic approach for evaluating computer systems used in the conduct FDA-regulated activities based on size, complexity, business criticality, GAMP®5 category and risk assessment. The system risk is measured by the probability, severity, detectability and mitigation available in the case that a system fails, looking specifically at impact on data integrity, process and product quality, and consumer/patient safety. 

We’ll cover the latest draft guidance from FDA on Computer Software Assurance (CSA), a risk-based approach using critical thinking as a driving factor for validation. We’ll talk about the newest GAMP®5, 2nd Edition and how it aligns with CSA. We’ll also cover the thoughts from GAMP®5 and CSA for moving toward non-linear forms of software development, including agile, artificial intelligence (AI), machine learning (ML), and others.

We will cover the approach for validating/qualifying all components of FDA-regulated systems, including cloud-based servers and Software-as-a-Service (SaaS) solutions. A different approach is required for auditing and performing Installation Qualification (IQ) for systems supported by these vendors, and we’ll provide the roadmap.

In addition to taking a project management approach to validation, we will provide an overview of how to use Artificial Intelligence (AI), Machine Learning (ML) and Large Language Models (LLMs), such as ChatGPT to facilitate the process. Use of ChatGPT, in particular, will be discussed as a component of the project management approach to validation.

Finally, we will provide an overview of industry best practices, with a focus on data integrity and risk assessment, that can be leveraged to assist in all your GxP work.

Why Should You Attend

In this webinar, we’ll discuss using a project management approach and techniques to validate a computer system regulated by FDA. In addition, we’ll talk about the 5 phases of a project, showing how these align with validation.

We’ll also discuss using AI, ML and ChatGPT to accomplish the overall validation project. This will include details on how ChatGPT, in particular, can bolster your effort and provide assistance as you’re undertaking the project. Valuable information can be obtained easily and will contribute to a successfully executing a validation project.

In our discussion, we’ll talk about traditional computer system validation (CSV) and the FDA’s draft guidance (2022) on Computer Software Assurance (CSA). We’ll also cover the GAMP5, 2nd Edition changes that will lend themselves to better testing and validation using non-linear SDLC approaches, such as agile, and taking a risk-based approach, using critical thinking, and making sure you are testing adequately but not going overboard.

We’ll discuss computer system validation of on-premise servers and software, cloud-based services and Software-as-a-Service (SaaS) solutions. There are specific things to watch out for to ensure you are properly supported and covered, including security, access control, incident reporting, change control, and maintenance of the system.

We’ll also cover industry best practices and will have a Q&A session at the end of the webinar.

Webinar Takeaway

• During the webinar, we will discuss the following:
• Learn how to identify “GxP” Systems
• Discuss the Computer System Validation (CSV) approach based on FDA requirements
• Learn about Computer Software Assurance (CSA) and how this approach may streamline your validation work
• Learn the differences introduced by ISPE in the current GAMP®5, 2nd Edition, issued in July 2022
• Learn about cloud service and SaaS providers and the best approach for conducting a vendor audit and performing Installation Qualification (IQ) for validation
• Learn about the System Development Life Cycle (SDLC) approach to software development, testing, and release, including the application of automated testing to streamline activities, particularly for updates.
• Discuss the best practices for documenting computer system validation efforts, including requirements, design, development, testing and operational maintenance procedures
• Understand the need to include an assessment of a computer system’s size, complexity, business criticality, GAMP®5 category and risk, should it fail, to develop a cohesive and comprehensive validation rationale
• Learn how a project management approach and concepts can improve your validation effort by effectively managing the activities and tasks of planning, developing, implementing, executing and documenting your work
• Once your system is validated, understand how project management will help ready your team to maintain it in a validated state through its entire life cycle
• Learn how AI and ChatGPT work and how you can leverage them to enhance your project management approach, effectively assisting with information gathering, documentation and communication to keep your project on track through its duration
• Finally, understand the industry best practices that will enable you to optimize your approach to validation and compliance, based on project management, risk assessment and use of ChatGPT & AI
• Q&A

Who Will Benefit

• Information Technology Analysts
• Information Technology Developers and Testers
• Software Quality Assurance Professionals
• QC/QA Managers and Analysts
• Analytical Chemists
• Compliance and Audit Managers
• Laboratory Managers
• Automation Analysts
• Manufacturing Specialists and Managers
• Supply Chain Specialists and Managers
• Regulatory Affairs Specialists
• Regulatory Submissions Specialists
• Risk Management Professionals
• Clinical Data Analysts
• Clinical Data Managers
• Clinical Trial Sponsors
• Computer System Validation Specialists
• GMP Training Specialists
• Business Stakeholders/Subject Matter Experts
• Business System/Application Testers
• Vendors responsible for software development, testing and maintenance

Background

Computer system validation has been regulated by FDA for more than 30 years, as it relates to systems used in the manufacturing, testing and distribution of a product in the pharmaceutical, biotechnology, medical device or other FDA-regulated industries. The FDA requirements ensure thorough planning, implementation, integration, testing and management of computer systems used to collect, analyze and/or report data.

Electronic records and electronic signatures (ER/ES) came into play through guidelines established by FDA in 1997, and disseminated through 21 CFR Part 11. This code describes the basic requirements for validating and documenting ER/ES capability in systems used in an FDA-regulated environment.

In the early 2000s, FDA recognized they could not inspect every computer system at every regulated company and placed the onus on industry to begin assessing all regulated computer systems based on risk. The level of potential risk, should the system fail to operate properly, needed to be the basis for each company’s approach to developing a validation approach and rationale as part of the planning process. System size, complexity, business criticality, GAMP®5 category and risk rating are the five key components for determining the scope and robustness of testing required to ensure data integrity and product safety.