Publications

Many life-science companies are asking the question “Can I move my GxP workloads into the public cloud?” Answering “yes” to this question leads to another question: “What toolset do I need to qualify the various IaaS/PaaS services that are constantly changing?”.

The main objective of this post to answer the following questions.  I know a picture is worth a thousand words and so I will do this with illustrations.

1. Can "Validation" and "DevOps" be used in the same sentence (like vCD - Validated Continuous Delivery)?

2. Is DevOps a viable model for validated apps in GxP Environments?

3. How can one ensure the "validation fidelity" in a DevOps environment?

What are the key steps involved in continuously validating a ServiceNow App?

One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world, it does not make any value-sense to pin to an "ancient" version.  Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your ServiceNow app is maintained in a validated state.

This post provides a framework for configuring the ServiceNow Platform Tables to meet today's data integrity standards in order to comply with 21 CFR Part 11 and other predicate GxP regulations.  I will attempt to cover:

1. How to leverage in-built ServiceNow features to ensure Tables are configured for GxP Compliance?

2. How to design the configuration qualification (CQ) tests?

3. How to ensure "validated status" (VS) on a ongoing basis?

I very frequently get asked whether Azure Platform-as-a Service (PaaS which includes Serverless Architectures) can be qualified as well?  Surprisingly, this question is asked even by Azure users who agree that Azure IaaS can be qualified.  In this blog post I will provide a prescriptive guide to intelligently qualify Azure PaaS and maintain it in a qualified state (QS). 

The million dollar question is "Can Microsoft Azure be qualified?".  In this blog post I will provide a prescriptive guide on not just "how to qualify", but also how to maintain the qualified state intelligently. 

The million dollar question is "Can AWS be qualified?".  In this blog post I will provide a prescriptive guide on not just "how to qualify", but also how to maintain the qualified state intelligently.   

FDA put out its DRAFT guidance on Data Integrity and Compliance with cGMP in April 2016. This guidance is important because we come to understand FDA's thinking on Data Integrity.

Any Track and Trace Enterprise application is a complex implementation which has many interfaces.  What are the requirements of a validation toolset for such an application?  Let us take a look....

The question is "Can Amazon AWS or Microsoft Azure be qualified so that Life Science companies can run validated apps on it?"   

Cloud releases updates and changes at such great velocities that leaves all validation specialists continuously wondering on how to qualify it.  Traditional strategies including GAMP 5 was never designed to address continuous changes.  These models were designed for a "waterfall" world and not an "agile" one.  It is not possible to qualify an infrastructure where changes are released without release notes with such an outdated mindset and toolset.

his blog post is Part 3 in this series. What are the key process steps involved in continuously validating a Cloud App?

This blog post is Part 2 in this series. What are the key steps involved in continuously validating a Cloud App? (click here for Part 1). 

The above diagram depicts the key elements of a Continuous Validation Program for a Cloud App. One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world very rarely you are given the option of pinning to an "ancient" version. Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your cloud app is maintained in a validated state.

What do you need to implement a true continuous validation platform for a Cloud App?  This series of blog posts will answer this question.  This blog post is Part 1 in the series and covers the infrastructure required to implement this platform.

Not a day goes by without a client posing this question:  Can Amazon AWS or Microsoft Azure be qualified so that I can run my apps on it?  Here is a 9 Step systematic answer to this very popular question....

Combinatorial Testing must be an integral part of software validation because it not only reduces cost but increases the efficacy of your test strategies.   This is even more important since the complexity of software apps are increasing exponentially.

Validation Lifecycle Management

1. “No Paper” Validation Infrastructure
2. No Longer Limited to “Point in Time” Validation
3. Manage Requirements, Specifications, Test Plans & Test Cases, Test Failures
4. Manage Testing Schedules
5. Manage Test Sequencing

“We are living in an era of ‘dumb’ content,” says consultant Nagesh Nama, President of ValiMation, Inc., and who spoke at DIA 2010 in Washington, DC. [Note: Nama's talk preceded that by Novartis' Jim McElroy, featured in yesterday's post on "The Paperless Validation
Lifecycle."].