Presentation is loading. Please wait.

Presentation is loading. Please wait.

Using Risk Assessment to Drive Software Validation Decisions Don Hopkins, Ph.D. Ursa Logic Corporation.

Published byDomenic Johnson Modified over 8 years ago

Similar presentations

Presentation on theme: "Using Risk Assessment to Drive Software Validation Decisions Don Hopkins, Ph.D. Ursa Logic Corporation."— Presentation transcript:

1 Using Risk Assessment to Drive Software Validation Decisions Don Hopkins, Ph.D. Ursa Logic Corporation

2 May 24, 2004© 2004, DQRI. All rights reserved.2 Software Development Today Dozens of viable software methodologies currently in use. Great variation in terminologies, procedures, deliverables, and ways of organizing work. Each methodology embodies a strategy for safeguarding software quality.

3 May 24, 2004© 2004, DQRI. All rights reserved.3 From the Draft Guidance on Software Validation (2001) Validation Plans Requirement specifications Simulation tests User-site tests Structural tests Functional tests Program build tests Code inspections Code walk-throughs Technical reviews Change control Regression analysis Risk assessments Validation Reports

4 May 24, 2004© 2004, DQRI. All rights reserved.4 In what ways can part 11 discourage innovation? By including an across-the-board requirement that covered software must be validated, and publishing a guidance that defined software validation in terms of specific deliverables, the FDA established a de facto standard software development methodology for covered systems, regardless of context and regardless of risk profile.

5 May 24, 2004© 2004, DQRI. All rights reserved.5 In what ways can part 11 discourage innovation? There has been no agreed-upon language for justifying anything less or anything different than what is outlined in the guidance documents.

6 May 24, 2004© 2004, DQRI. All rights reserved.6 Risk Assessment Risk assessment can provide a means of justifying diverse approaches to software development and validation. Industry and the agency must agree on a common framework for performing risk assessment.

7 May 24, 2004© 2004, DQRI. All rights reserved.7 DQRI Risk Assessment Model Standard risk model Industry consensus on four critical questions

8 May 24, 2004© 2004, DQRI. All rights reserved.8 DQRI Risk Assessment Model Step 1: Common types of software used in clinical trials, and risks typically associated with them.

9 May 24, 2004© 2004, DQRI. All rights reserved.9 DQRI Risk Assessment Model Step 5: Outcomes that should be considered in assessing the impact of possible software failures.

10 May 24, 2004© 2004, DQRI. All rights reserved.10 DQRI Risk Assessment Model Step 6: Factors that contribute to the likelihood of system failures.

11 May 24, 2004© 2004, DQRI. All rights reserved.11 DQRI Risk Assessment Model Step 8: Dimensions on which validation procedures may vary depending on assessed risk scores.

12 May 24, 2004© 2004, DQRI. All rights reserved.12 Recommendation #1 Software validation cannot be separated from software development methodologies. Software validation has no meaning that can be usefully generalized across diverse development methodologies. Software development methodologies are still emerging; there is no consensus about which methodologies work best under what circumstances. Software validation is not the only strategy available for controlling software-related risks. The across-the-board requirement for systems to be validated should be removed from Part 11.

13 May 24, 2004© 2004, DQRI. All rights reserved.13 Recommendation #2 (a) identify software-related risks; (b) justify the controls adopted to control those risks. Instead of mandating software validation, Part 11 should require risk assessment to:

14 May 24, 2004© 2004, DQRI. All rights reserved.14 Recommendation #3 Risk assessment model Risks associated with common types of software used in clinical trials Outcomes that should be considered in assessing the impact of possible software failures Factors that contribute to the likelihood of system failures Dimensions on which validation procedures may vary as assessments of risk increase or decrease. The agency should work with industry to develop a guidance on risk assessment for software used in connection with electronic records.

15 May 24, 2004© 2004, DQRI. All rights reserved.15 Yes. A risk assessment model can be generalized to provide a framework for justifying decisions about any activity that affects the quality of electronic data. In addition to validation, audit trail, record retention, and record copying, should other areas of Part 11 (e.g., operational system and device checks) incorporate the concept of a risk-based approach? Conclusion

16 May 24, 2004© 2004, DQRI. All rights reserved.16 Thank You Don Hopkins, Ph.D. Ursa Logic Corporation hopkins@ursalogic.com For inquiries about the Data Quality Research Institute (DQRI) please contact: Kaye Fendt, MSPH kfendt@email.unc.edu

Download ppt "Using Risk Assessment to Drive Software Validation Decisions Don Hopkins, Ph.D. Ursa Logic Corporation."

Similar presentations

Comparator Selection in Observational Comparative Effectiveness Research Prepared for: Agency for Healthcare Research and Quality (AHRQ) www.ahrq.gov.

Comparator Selection in Observational Comparative Effectiveness Research Prepared for: Agency for Healthcare Research and Quality (AHRQ)
Course: e-Governance Project Lifecycle Day 1

Course: e-Governance Project Lifecycle Day 1
The Children Act 1989/2004.  To discuss the background to the Children Act 1989.  To identify the key principles of the Children Act 1989  To discuss.

The Children Act 1989/2004.  To discuss the background to the Children Act  To identify the key principles of the Children Act 1989  To discuss.
Introduction to Enterprise Risk Management (ERM)

Introduction to Enterprise Risk Management (ERM)
Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?

Configuration Management Managing Change. Points to Ponder Which is more important?  stability  progress Why is change potentially dangerous?
Children’s Social Care Workload Management System (WMS) A Two-fold approach DSLT 16 th November 2010 Updated with new SWRB standards.

Children’s Social Care Workload Management System (WMS) A Two-fold approach DSLT 16 th November 2010 Updated with new SWRB standards.
Risk-Focused Examinations David Vacca, Assistant Director – Insurance Analysis & Information Services, NAIC Welcome to the © 2009 The National Association.

Risk-Focused Examinations David Vacca, Assistant Director – Insurance Analysis & Information Services, NAIC Welcome to the © 2009 The National Association.
Auditing A Risk-Based Approach To Conducting A Quality Audit

Auditing A Risk-Based Approach To Conducting A Quality Audit
Health and Safety Risk Assessment (RA) End presentation Risk Assessment (RA)

Health and Safety Risk Assessment (RA) End presentation Risk Assessment (RA)
21 CFR PART 11 REGULATIONS RECOMMENDATIONS FOR CHANGES FDA PUBLIC MEETING ON PART 11 REGULATIONS – JUNE 11, 2004 NATIONAL ELECTRICAL MANUFACTURERS ASSOCIATION.

21 CFR PART 11 REGULATIONS RECOMMENDATIONS FOR CHANGES FDA PUBLIC MEETING ON PART 11 REGULATIONS – JUNE 11, 2004 NATIONAL ELECTRICAL MANUFACTURERS ASSOCIATION.
Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.

Session 6: Data Integrity and Inspection of e-Clinical Computerized Systems May 15, 2011 | Beijing, China Kim Nitahara Principal Consultant and CEO META.
1 MEASURING THE EFFECTIVENESS OF THE NATION’S FOODSERVICE AND RETAIL FOOD PROTECTION SYSTEM.

1 MEASURING THE EFFECTIVENESS OF THE NATION’S FOODSERVICE AND RETAIL FOOD PROTECTION SYSTEM.
21 CFR Part 11 A Food Industry Perspective FDA Public Meeting June 11, 2004 Sia Economides Center Director Center for Development of Research Policy and.

21 CFR Part 11 A Food Industry Perspective FDA Public Meeting June 11, 2004 Sia Economides Center Director Center for Development of Research Policy and.
DRAFT Richard Chandler-Mant – R Consultant The Challenges of Validating R Managing R in a Commercial Environment.

DRAFT Richard Chandler-Mant – R Consultant The Challenges of Validating R Managing R in a Commercial Environment.
Project Management Methodology More about Quality Control.

Project Management Methodology More about Quality Control.
Data Analysis in the Water Industry: A Good-Practice Guide with application to SW Deborah Gee, Efthalia Anagnostou Water Statistics User Group - Scottish.

Data Analysis in the Water Industry: A Good-Practice Guide with application to SW Deborah Gee, Efthalia Anagnostou Water Statistics User Group - Scottish.
Policy WG NIH policy proposal. Goal: Incorporating global access licensing as one of the additional review criteria Question 1: Should we propose this.

Policy WG NIH policy proposal. Goal: Incorporating global access licensing as one of the additional review criteria Question 1: Should we propose this.
Regulatory Update Ellen Leinfuss SVP, Life Sciences.

Regulatory Update Ellen Leinfuss SVP, Life Sciences.
Www.methoda.com MethodGXP The Solution for the Confusion.

MethodGXP The Solution for the Confusion.
The role of internal audit in enterprise-wide risk management (ERM)

The role of internal audit in enterprise-wide risk management (ERM)

Similar presentations

Ads by Google