Computer services providers audits
In light of the 21 CFR Part 11 and Annex 11 of the EU GMP, it becomes essential when entering into a contract with IT Service Providers that they design and maintain their products in a way that is consistent with a sound and effective Quality System.
At CSV Experts we offer the possibility to carry out an audit that determines the level of quality offered by this type of company. As a result of this, coupled with knowledge of the work methodology, regulated organizations can determine the actions to be taken internally in order to ensure complete adherence to GxP.
While the need for the audit will depend on the level of criticality of the system or service contracted, the way to conduct the audit can be approached in one of several ways:
- Postal audit, through the use of a questionnaire or form sent to the provider.
- On-site audit, carried out on the provider’s premises.
The complexity and detail of the audit will depend on the service they offer:
- Custom development of applications for the client.
- Standard system configurations for the market in general.
Companies that offer hosting services require a special section. These companies use Data Processing Centers with high-levels of security and access control in order to guarantee the continuity of services hosted in their facilities. It is clear that the delegation of this highly sensitive activity to an external company demands documented evidence that the service fulfils GxP principles, especially regarding security and system availability.
A successful audit of the facilities and the in-house quality management system is a basic element that points to the conclusion that these principles have been correctly applied.