The main objective of this post to answer the following questions. I know a picture is worth a thousand words and so I will do this with illustrations.
Can "Validation" and "DevOps" be used in the same sentence (like vCD - Validated Continuous Delivery)?
Is DevOps a viable model for validated apps in GxP Environments?
How can one ensure the "validation fidelity" in a DevOps environment?
PHILADELPHIA, PA - 07/02/2018 — xLM, LLC, the first managed service provider for delivering continuously validated cloud apps, today announced that xLM App is available in the ServiceNow App Store.
This post provides a framework for configuring the ServiceNow Platform Tables to meet today's data integrity standards in order to comply with 21 CFR Part 11 and other predicate GxP regulations. I will attempt to cover:
How to leverage in-built ServiceNow features to ensure Tables are configured for GxP Compliance?
How to design the configuration qualification (CQ) tests?
How to ensure "validated status" (VS) on a ongoing basis?
What are the key steps involved in continuously validating a ServiceNow App?
One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world, it does not make any value-sense to pin to an "ancient" version. Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your ServiceNow app is maintained in a validated state.
I very frequently get asked whether Azure Platform-as-a Service (PaaS which includes Serverless Architectures) can be qualified as well? Surprisingly, this question is asked even by Azure users who agree that Azure IaaS can be qualified. In this blog post I will provide a prescriptive guide to intelligently qualify Azure PaaS and maintain it in a qualified state (QS).
FDA put out its DRAFT guidance on Data Integrity and Compliance with cGMP in April 2016. This guidance is important because we come to understand FDA's thinking on Data Integrity.
The question is "Can Amazon AWS or Microsoft Azure be qualified so that I Life Science companies can run validated apps on it?"
Cloud releases updates and changes at such great velocities that leaves all validation specialists continuously wondering on how to qualify it. Traditional strategies including GAMP 5 was never designed to address continuous changes. These models were designed for a "waterfall" world and not an "agile" one. It is not possible to qualify an infrastructure where changes are released without release notes with such an outdated mindset and toolset.
This blog post is Part 2 in this series. What are the key steps involved in continuously validating a Cloud App? (click here for Part 1).
The above diagram depicts the key elements of a Continuous Validation Program for a Cloud App. One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world very rarely you are given the option of pinning to an "ancient" version. Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your cloud app is maintained in a validated state.