20 likes | 178 Views
Rocco Timpano – Sr Director IT Quality & Compliance – Governance, Risk, & Compliance Christopher McElroy– Director IT Quality & Compliance – R&D/Medical Business Partner. IT QA – Perspective. Challenges and Opportunities New Technology (e.g. Cloud Computing)
E N D
Rocco Timpano – Sr Director IT Quality & Compliance – Governance, Risk, & Compliance • Christopher McElroy– Director IT Quality & Compliance – R&D/Medical Business Partner
IT QA – Perspective • Challenges and Opportunities • New Technology (e.g. Cloud Computing) • Various Solutions (e.g. Definition of Public (external multi tenant) vs. Managed hosting (OOD) vs. Private (Internal Cloud)) • Mobil vs Medical Devices • (ref: http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM263366.pdf) • Personal Computing Devices • Outsourcing (multi-Level) • Standards; Config Mgmt; Sub-sourcing; Vendor Auditing • Overlapping Compliance Requirements (Regulatory and Statutory) • (e.g. Multi Country BOH, Data Privacy, SOX) • 20th century CSV • Based on demonstrating control - where people knew where their hardware was located, what software had been loaded onto it and knew the names and qualifications of the personnel supporting their computing environment. Example: Who can log in? Do I know where my data is? Who can see my data? Is my data secure? • 21st Century CSV • Regulators allowing for adoption of a Risk Based approach. Opportunity (through PRISME) can a industry forum be formed to allow for the discussion, sharing, and leveraging risk based strategies with CSV.