Data Integrity Compliance Project Completed Ahead of Schedule and Under Budget

An internal audit of a top generic pharmaceutical manufacturer identified deficiencies in their legacy computerized systems related to SDLC requirements (GAMP standards, FDA 21 CFR Part 11 & Data Integrity). Brevitas consultants were enlisted to deliver an effective solution to bring the existing systems into regulatory compliance.
Business Challenge
Our client is a top generic pharmaceutical manufacturer that identified several technical & procedural deficiencies after an internal audit. The deficiencies were related to legacy computerized manufacturing & packaging systems, in relation to system security, audit trail, and electronic record management and they rendered the equipment non-compliant with most FDA 21 CFR Part 11 and data integrity requirements. The challenge was to perform a comprehensive review of each system; each with widely differing software capabilities, and develop a software lifecycle management plan that would comprehensively address these issues, incite a perceptible change in organizational awareness, and spur adoption of industry best practices.
Our Approach
Brevitas was selected to prepare a complete compliance package for each of the impacted legacy systems. A total of 61 pieces of equipment were to be covered in a 3-phase project with stringent deadlines for each phase. The first stage of each project phase involved identifying as-built computer system capabilities, gap assessments, risk analyses, and development of a detailed mitigation plan. The second stage involved the execution and implementation of the mitigation plan to bring the legacy systems into FDA 21 CFR Part 11 and data integrity compliance, at par with industry best practices.
Results Achieved
- Infused a system development lifecycle (SDLC) culture throughout Engineering, QA, and Production
- Developed templates for use in system & equipment qualification, including:
- URS integrated with computerized system requirements
- Gap analysis and remediation plans for legacy computerized systems with emphasis on FDA 21 CFR Part 11 and data integrity compliance
- Computerized system test procedures to be incorporated into qualification
- Validation summary report with traceability matrix
- Updated internal policies & procedures for user access management and data back-up/ archival/ retention to ensure alignment with corporate SDLC standards
- Provided training to Engineering, QA, and Production on computerized system development lifecycle requirements
More Case Studies
Let's Get Started!
Our expert consultants will guide you step-by-step through the process of achieving tangible results and long-lasting improvements.