The main objective of this post to answer the following questions.  I know a picture is worth a thousand words and so I will do this with illustrations.

1. Can "Validation" and "DevOps" be used in the same sentence (like vCD - Validated Continuous Delivery)?

2. Is DevOps a viable model for validated apps in GxP Environments?

3. How can one ensure the "validation fidelity" in a DevOps environment?

This post provides a framework for configuring the ServiceNow Platform Tables to meet today's data integrity standards in order to comply with 21 CFR Part 11 and other predicate GxP regulations.  I will attempt to cover:

1. How to leverage in-built ServiceNow features to ensure Tables are configured for GxP Compliance?

2. How to design the configuration qualification (CQ) tests?

3. How to ensure "validated status" (VS) on a ongoing basis?

What are the key steps involved in continuously validating a ServiceNow App?

One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world, it does not make any value-sense to pin to an "ancient" version.  Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your ServiceNow app is maintained in a validated state.

I very frequently get asked whether Azure Platform-as-a Service (PaaS which includes Serverless Architectures) can be qualified as well?  Surprisingly, this question is asked even by Azure users who agree that Azure IaaS can be qualified.  In this blog post I will provide a prescriptive guide to intelligently qualify Azure PaaS and maintain it in a qualified state (QS). 

The million dollar question is "Can Microsoft Azure be qualified?".  In this blog post I will provide a prescriptive guide on not just "how to qualify", but also how to maintain the qualified state intelligently.   

The million dollar question is "Can AWS be qualified?".  In this blog post I will provide a prescriptive guide on not just "how to qualify", but also how to maintain the qualified state intelligently.   

FDA put out its DRAFT guidance on Data Integrity and Compliance with cGMP in April 2016. This guidance is important because we come to understand FDA's thinking on Data Integrity.

Any Track and Trace Enterprise application is a complex implementation which has many interfaces.  What are the requirements of a validation toolset for such an application?  Let us take a look..

The question is "Can Amazon AWS or Microsoft Azure be qualified so that I Life Science companies can run validated apps on it?"   

Cloud releases updates and changes at such great velocities that leaves all validation specialists continuously wondering on how to qualify it.  Traditional strategies including GAMP 5 was never designed to address continuous changes.  These models were designed for a "waterfall" world and not an "agile" one.  It is not possible to qualify an infrastructure where changes are released without release notes with such an outdated mindset and toolset.

This blog post is Part 3 in this series. What are the key process steps involved in continuously validating a Cloud App?

This blog post is Part 2 in this series. What are the key steps involved in continuously validating a Cloud App? (click here for Part 1). 

The above diagram depicts the key elements of a Continuous Validation Program for a Cloud App. One has to bear in mind that the underlying IaaS and PaaS infrastructure is constantly changing. In fact, the Cloud App itself is continuously changing. In the new cloud world very rarely you are given the option of pinning to an "ancient" version. Thus this Continuous Validation Framework is designed to mitigate these risks and ensure that your cloud app is maintained in a validated state.

What do you need to implement a true continuous validation platform for a Cloud App?  This series of blog posts will answer this question.  This blog post is Part 1 in the series and covers the infrastructure required to implement this platform.

Not a day goes by without a client posing this question:  Can Amazon AWS or Microsoft Azure be qualified so that I can run my apps on it?  Here is a 9 Step systematic answer to this very popular question....

Life science companies are adopting the Cloud (Public, Private, Hybrid) but are constantly faced with the "Validation Challenge": How can I validate the Cloud Stack (IaaS, PaaS, SaaS) to meet the various GxPs? 

Test data generation is an integral aspect of test bed setup which can make or break your testing strategy.  Test data generation is an integral part of Test Automation.  Otherwise you risk losing the comprehensiveness and validity of your testing process.

In the GxP world, test execution reports for any validation exercise contain most important artifacts that serve as evidence.  Audit trail of 'who did what? at what time?' are captured in the form of actions and results with time stamps, and most frequently with screenshots.  In most test automation frameworks that are utilized in validation, a major gap is the presentation of this evidence that can meet the scrutiny of any inspector.