Professional Documents
Culture Documents
Us Accelerating Csa Readiness Pov
Us Accelerating Csa Readiness Pov
The journey toward “Assurance” around for some time; however, companies Manufacturing, Operations, and Quality
have been challenged with identifying Systems Software, focuses on high-risk GxP
The life sciences industry is moving at a
software risks and the desired level of elements, simplified documentation, and
swift pace toward digital transformation
validation effort. This is where an enhanced automation to help achieve compliance with
as a result of industry 4.0. This has led
focus on critical thinking is required. regulatory requirements.
to the need for an optimized regulatory
and compliance approach to systems Industry and regulators are working In this point of view, we:
development and maintenance. The current toward various initiatives, such as “Case for
• Share current challenges, thoughts on CSA
state of system validation is perceived as an Quality,” to align on an optimized approach
leading practices, and how critical thinking
impediment to faster deployments, wherein and, in that regard, the Food and Drug
can be leveraged to drive overall efforts to
the focus is on good documentation Administration (FDA) is moving to update its
help achieve quality and compliance
practices rather than building systems that guidance on the validation of Good practice
are fit for their intended use. (GxP) systems. The new FDA guidance • Outline an approach to shift from
being drafted, CSA for Nonproducts “Validation” to “Assurance”
A risk-based approach to validation has been
Accelerating Computer Software Assurance (CSA) readiness
Become Agile
Embed Agile methodologies like Scrum, test-driven Leverage supplier documentation
development (TDD), behavioral-driven development (BDD), and Conduct robust supplier audits and leverage supplier
Risk-based approach
DevOps to build quality into software
Quality by design
2
Accelerating Computer Software Assurance (CSA) readiness
The testing space will continue to evolve • Can be used for low-risk functionalities in • Can be used for low-to-medium-risk
into one of the specific focus areas to move development and quality environments functionalities in quality environment
quality at the speed of business. A few
• Limited instructions required and • Limited evidences (should be self-
techniques that should be considered
evidences (should be self-explanatory) are explanatory) are required for use as
when strategizing an assurance approach
required to provide for use as objective objective evidence when used for testing
are as follows:
evidence in quality environment low-to-medium-risk functionalities in
1. Configuration and experimentation quality environment
3. Automated testing
What is it?
5. Scripted testing
Technique used by developers to build and What is it?
What is it?
test continuously before deploying into Utilize automated tools to test system
quality environment Testing with formal instructions
How can it be used?
How can it be used? How can it be used?
• Use of repetitive testing, such as
This type of testing helps boosts confidence by regression, in quality environments • Required testing of high-risk functionalities
instilling quality right from the start; however, and intended use of system
it cannot be used as official objective • Detailed instructions and evidences are
required for use as objective evidence in • Detailed instructions and evidences are
evidence.
quality environment required to provide objective evidence
2. Exploratory testing
What is it? 4. Unscripted testing
3
Accelerating Computer Software Assurance (CSA) readiness
About Deloitte
Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee
(“DTTL”), its network of member firms, and their related entities. DTTL and each of its member firms are legally
separate and independent entities. DTTL (also referred to as “Deloitte Global”) does not provide services to
clients. In the United States, Deloitte refers to one or more of the US member firms of DTTL, their related entities
that operate using the “Deloitte” name in the United States, and their respective affiliates. Certain services may
not be available to attest clients under the rules and regulations of public accounting. Please see www.deloitte.
com/about to learn more about our global network of member firms.
RITM0597814