The main objective of this post to answer the following questions.  I know a picture is worth a thousand words and so I will do this with illustrations.

1. Can "Validation" and "DevOps" be used in the same sentence (like vCD - Validated Continuous Delivery)?

2. Is DevOps a viable model for validated apps in GxP Environments?

3. How can one ensure the "validation fidelity" in a DevOps environment?

This post provides a framework for configuring the ServiceNow Platform Tables to meet today's data integrity standards in order to comply with 21 CFR Part 11 and other predicate GxP regulations.  I will attempt to cover:

1. How to leverage in-built ServiceNow features to ensure Tables are configured for GxP Compliance?

2. How to design the configuration qualification (CQ) tests?

3. How to ensure "validated status" (VS) on a ongoing basis?

What are the key steps involved in continuously validating a ServiceNow App?

One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world, it does not make any value-sense to pin to an "ancient" version.  Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your ServiceNow app is maintained in a validated state.

I very frequently get asked whether Azure Platform-as-a Service (PaaS which includes Serverless Architectures) can be qualified as well?  Surprisingly, this question is asked even by Azure users who agree that Azure IaaS can be qualified.  In this blog post I will provide a prescriptive guide to intelligently qualify Azure PaaS and maintain it in a qualified state (QS). 

The million dollar question is "Can Microsoft Azure be qualified?".  In this blog post I will provide a prescriptive guide on not just "how to qualify", but also how to maintain the qualified state intelligently.   

The million dollar question is "Can AWS be qualified?".  In this blog post I will provide a prescriptive guide on not just "how to qualify", but also how to maintain the qualified state intelligently.   

FDA put out its DRAFT guidance on Data Integrity and Compliance with cGMP in April 2016. This guidance is important because we come to understand FDA's thinking on Data Integrity.

Any Track and Trace Enterprise application is a complex implementation which has many interfaces.  What are the requirements of a validation toolset for such an application?  Let us take a look..

The question is "Can Amazon AWS or Microsoft Azure be qualified so that I Life Science companies can run validated apps on it?"   

Cloud releases updates and changes at such great velocities that leaves all validation specialists continuously wondering on how to qualify it.  Traditional strategies including GAMP 5 was never designed to address continuous changes.  These models were designed for a "waterfall" world and not an "agile" one.  It is not possible to qualify an infrastructure where changes are released without release notes with such an outdated mindset and toolset.

This blog post is Part 3 in this series. What are the key process steps involved in continuously validating a Cloud App?

This blog post is Part 2 in this series. What are the key steps involved in continuously validating a Cloud App? (click here for Part 1). 

The above diagram depicts the key elements of a Continuous Validation Program for a Cloud App. One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world very rarely you are given the option of pinning to an "ancient" version. Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your cloud app is maintained in a validated state.

What do you need to implement a true continuous validation platform for a Cloud App?  This series of blog posts will answer this question.  This blog post is Part 1 in the series and covers the infrastructure required to implement this platform.

Not a day goes by without a client posing this question:  Can Amazon AWS or Microsoft Azure be qualified so that I can run my apps on it?  Here is a 9 Step systematic answer to this very popular question....

Combinatorial Testing must be an integral part of software validation because it not only reduces cost but increases the efficacy of your test strategies.   This is even more important since the complexity of software apps are increasing exponentially.

Life science companies are adopting the Cloud (Public, Private, Hybrid) but are constantly faced with the "Validation Challenge": How can I validate the Cloud Stack (IaaS, PaaS, SaaS) to meet the various GxPs? 

Most important and time consuming piece of any validation stack are test scripts (Installation, Operational, Performance, etc..), test executions and test results.  Validation is all about authoring test scripts, executing and documenting test results.   Whether testing is manual or automated, a lot of data is collected during validation.  Only in rare cases, one will be able to obtain real-time data on test execution, testing deviations or test coverages.  Such information will enable more efficient management of validation efforts and reduce costs.  A well designed system will provide useful dashboards and metrics to project managers as well as validation personnel.

Test data generation is an integral aspect of test bed setup which can make or break your testing strategy.  Test data generation is an integral part of Test Automation.  Otherwise you risk losing the comprehensiveness and validity of your testing process.

In the GxP world, test execution reports for any validation exercise contain most important artifacts that serve as evidence.  Audit trail of 'who did what? at what time?' are captured in the form of actions and results with time stamps, and most frequently with screenshots.  In most test automation frameworks that are utilized in validation, a major gap is the presentation of this evidence that can meet the scrutiny of any inspector. 

Life science companies would love to get rid of inefficient and costly validation processes, may it be electronic manual tests or even worst, paper based manual tests.  The only answer to this problem is "test automation".  But the challenge is that if you use test automation for validation, then you need to keep your test automation infrastructure and processes also in a validated state.  But the test automation world is too complex for validation and even more difficult to keep it in a validated state given the nature of frequent changes, upgrades and a myriad of tools used.

Test Automation field is evolving with unprecedented pace to avoid pitfalls and overcome challanges of design complexity, selecting appropriate tools, agility and efficiency. Model Based Testing (MBT) could be a breakthrough for the industry as MBT tools now offer comprehensive solution for integrated test design and automation. At xLM, we have unearthed MBT solutions that overcome most challenges faced in traditional test automation.

Our Quality Management System (QMS) is mapped to QSR to show traceability and comprehensiveness.