Business & Decision’s consultants have applied the principles of risk-based computer system validation since the mid 1990’s, developing an integrated approach to validation that minimizes validation costs and achieves least-cost compliance.
Least-cost compliance is a concept developed by Business & Decision to minimize the cost impact of compliance and validation activities across the entire computer system and IT infrastructure lifecycle, delivered by Business & Decision using its RightDelivery® Global Delivery Model (see 'Perspectives' piece "Low Cost Validation vs. Lowest Cost IT" and associated Data Sheet).
Business & Decision has been an active member of the GAMP® Forum* since its inception in the early 1990s, contributing to the various versions of the GAMP Guide and Good Practice Guides including:
Version 5 of the ISPE / GAMP® Guide "A Risk-Based Approach to Compliant GxP Computerized Systems" extends the concepts of risk-based validation originally introduced by GAMP 4 in 2001.
Our Principal and Senior Consultants are regular speakers at various ISPE/GAMP conferences and events including recent meetings in China, India, Europe and the U.S. where they have shared leading edge knowledge in the form of emerging best practice and case studies.
There is however nothing new about risk-based validation and Business & Decision's use of such concepts began in the mid 1990's with the company contributing significant thought leadership during this time. In parallel, clients have benefited from significant reductions in the cost while assuring compliance with current regulatory expectations.
* GAMP is a registered trademark of ISPE
Business & Decision has updated its unique Validation Library to formally adopt the key concepts of GAMP® 5 and ASTM E2500, providing a basis for the embedded cost-effective validation of software applications and the qualification of IT Infrastructure throughout the entire system life cycle.
Use of the Validation Library Framework ensures the consistency of risk-based validation practices across the enterprise, leverages IT industry best practices, assures compliance with regulatory expectations and accelerates the development of project deliverables.
These principles are used to embed risk-based IT compliance into all project and operational life cycle activities (including activities such as data migration and processes such as change control) and underpin all of Business & Decision's IS compliance practices (e.g. Compliant Business Intelligence Maturity Model and Lean IS compliance).
The Validation Library Framework has been used to produce system specific lifecycles in support of configurable off-the-shelf (COTS) applications validation and also supports the definition of lifecycles for custom development validation and the use of SOA and Middleware.