Insights Blog 6 Ways Pharma Companies Can Ease Compliance Burden with FDA’s New CSA Guidelines


6 Ways Pharma Companies Can Ease Compliance Burden with FDA’s New CSA Guidelines

If you find the current guidelines for CSV stressful and time-consuming, you’re not alone. Here are 6 key tips to start easing your compliance pain immediately.

Pharma FDA compliance

If you find the current guidelines for Computer Systems Validation (CSV) stressful and time-consuming, you’re not alone. That’s the prevailing opinion among regulated companies—one the FDA and other pharma leaders aim to change.

In collaboration with industry and ISPE/GAMP, the FDA has drafted new guidelines called Computer Software Assurance (CSA) that adopt a “least burdensome” approach. CSA revamps CSV to ease the compliance burden while improving product quality, patient safety and data integrity. CSA also encourages adopting automation to free up time for innovation.

The CSA guidelines apply to computerized systems such as MES, ERP, QMS and EDMS, not to medical devices. It’s uncertain when the final version of the guidance will be released, but industry experts and agency officials say there is no need to wait. You can act now.

Use the GAMP (Good Automated Manufacturing Practice) Guide to Data Integrity, which incorporates CSA principles, to review your compliance policies and bring them in line with CSA’s quality-centric, risk-based approach. You’ll find further guidance in excellent articles from the ISPE and the American Pharmaceutical Review.  Meanwhile, here are some tips to start easing your compliance pain immediately.

1. Put patients and products before process

The primary goal of validation is to ensure the software or system functions as intended for its users. Does it do what you say it will do? Does it achieve its purpose well enough? Yet too often that goal becomes secondary, or even lost, in the pressure regulated companies feel to collect voluminous documentation as evidence for auditors. CSA firmly establishes where the emphasis should go: on usability and product quality, not on piles of screenshots.

2. Tailor validation effort to patient risk

All systems are not equal when it comes to their potential impact on the safety of a user/patient. CSA requires more rigorous testing and documentation for systems where a failure or defect represents direct risk and less to systems with indirect or no risk.

For instance, a labeling system would warrant more testing and documentation because an error could lead to wrong usage of a drug, endangering a user’s safety. And a system designed for processing customer complaints has an indirect effect on patient safety, and thus would require less rigorous testing.

3. Change your testing/documentation ratio

In fact, you might need to reverse it. The FDA reports that regulated companies spend up to 80 percent of their validation efforts on documentation, with only 20 percent devoted to testing.

CSA advocates for the opposite weighting and gives guidance on how to achieve it. One example is the use of unscripted testing, which requires less documentation, for less risky systems.

4. “Take credit” for work already done

Shorten and simplify your compliance journey further by leveraging pre-validation work that’s already been completed, whether it’s been done internally or by your suppliers. You don’t have to retest systems comprehensively every time a change is made. “Take credit,” says Cisco Vicenty of the FDA. “If the work’s been done, use it…”

However, when relying on validation performed by a supplier, be sure the supplier is qualified–maybe audited as well—and establish a Quality Agreement.

5. Automate whatever you can

The single most effective way to streamline your compliance process is through automation of assurance activities. The time, effort and costs saved will give you more freedom to concentrate on product quality.

Note that some automated testing and lifecycle tools will have already been validated by their manufacturers. In most cases you won’t need to validate them again. (However, be sure to make such prior validation a requirement.)

6. Create a culture of critical thinking

The addition of critical thinking to the validation process is a major difference between CSA and CSV and a defining element of CSA’s mission. CSA emphasizes that there is no one “right” way to do things. Supported by time and cost-saving automated tools and a focused, risk-based validation approach, a culture of critical thinking will be a springboard to faster delivery of more innovative, more reliable products.

Finally, rest assured that adopting risk-based, quality-centered compliance strategies needn’t break the bank. Qualitest’s extensive experience in the pharma industry and our business process-aligned approach can deliver solutions that are kind to your bottom line. Let us start customizing a plan for you now.


quality engineering free assessment