GxP Systems

Comprehensive GxP Systems Support and Compliance Services by QV360

At QV360, we provide high-quality GxP systems support and compliance services, personalized and tailored to meet our customers' unique needs in regulated environments.

Quality/Quality Engineering Function

QV360 is equipped to offer a range of services including, but not limited to:
  • Supporting Change Control [Trackwise], CAPA
  • Remediation, QA Management, Protocol Approval
  • Investigational [Root Cause Analysis]
  • Auditing [Internal/External], Batch Release
  • Representation in Front of the FDA upon client request
  • Subject Matter Expert in Quality Operation/Quality Assurance
  • Coaching/Mentoring

Validation Function

Our validation services encompass, but are not limited to:
  • Equipment/Process/Cleaning Validation
  • Computer/Software and Control Systems Validation
  • Compilation/Organization of User Requirement Specification, Functional/Design Specification
  • Turn-Over/Hand-Over Package Compilation/Organization
  • Capital Projects
  • Validation Subject Matter Expert

Project Management

QV360 provides project management services for small-scale and large-scale manufacturing facilities. We handle large and small capital projects, utilizing science-based approaches to minimize regulatory violation risks during inspections by the FDA, EMA, WHO, KFDA, CFDA, or other applicable regulatory bodies.

Clinical/Commercial/cGMP (GxP) Services

Below are the services available within the Clinical/Commercial/cGMP (GxP) services but not limited to a prescriptive list nor an exhaustive list
Validation of Computerized Systems/Computerized Software Assurance/Information Technology
Computerized Systems Validation (CSV)
  • Computerized Software Assurance (CSA) and Artificial Intelligence-Enabled or Embedded Software
  • Enterprise Resource Planning (ERP), e.g., Oracle Fusion
  • Manufacturing Execution Systems
  • Distributed Control Systems, e.g., Emerson’s Digital Automation System (Delta V)
  • PI System/AVEVA™ PI System™ Portfolio Integrated Solutions for Managing Operations Data
  • cGMP, Compliance, Quality Assurance, and Computerized Science Risk-Based Assessments
  • Electronic Clinical Outcomes Assessment (eCOA) for Platform Software as a Service (SaaS) Based, Provisioned Device, and Wearables
  • Software Lifecycle Process
  • Qualification of Any Supporting SDLC Tools or GxP Record/Process Management Tools
  • Capability of Systems to Comply with 21 CFR Part 11/Annex 11 (as applicable)
  • Periodic Review of Systems
  • Validation Documentation of the System
  • Inventory List of Computer Systems
Quality Management System (QMS)
  • Assessments, Writing, Improving Policies, Standard Operating Procedures (SOPs), and Other Procedure Management
  • Management of Planned/Unplanned Deviations
  • Data Integrity SOPs
  • Information Security SOPs, Acceptable Use Policy, etc.
  • Internal Audit Program
  • CAPA/Quality Incidents Management and Tracking, Including Processes for Serious Breaches of GMP/GCP/GLP/GVP/GDP/GEP/GCCP/GCDMP/GAMP/GAP/GALP/GTP etc.
  • Risk Management Process
  • Issue Handling/Escalation
  • Metrics Collection, Key Performance Indicators (KPIs)
  • Status of Certifications and Licenses
Staff Management, Training, and Qualifications
  • General Training on Company Policies, SOPs, and Job-Specific Training (training matrix)
  • GxP Training Requirements and Performance (as applicable)
  • CVs and Job Descriptions
  • Project-Specific Training/Management Oversight
  • Staff Transitions/Communication to the Client
  • Staff Management and Resourcing, Including Back-Up Process
  • Induction Training and Staff Competency Sign-Off Processes (as applicable)
  • Training Matrix and/or Plan
Information Technology (IT) and Infrastructure Validations
  • Component Qualification
  • Physical and Logical Security, Including System/Network Access
  • Change and Configuration Management
  • Operational Resiliency and Monitoring
  • Data Backup and Restoration
  • Cloud Management
  • Disaster Recovery and Business Continuity Plan
  • Incident Management
  • Anti-Virus/Software Protection Applications
  • Software as a Service (SaaS)
  • Platform As a Service (PaaS)
  • Infrastructure As a Service (IaaS)
  • Disaster Recovery as a Service (DRaaS)
  • Containers As a Service (CaaS)
Contract Management and Project/Study Management
  • Contracts Management and Oversight
  • Out-of-Scope Work Request Handling
  • Portfolio Oversight
  • Project Setup, Assessment, Planning, and Initiation
  • Support for Client Audits/Regulatory Inspections and Provision of Relevant Qualification and Validation Documents
Document Management and Control
  • Document Management/Archiving SOP (paper and electronic documents)
  • Collection and Processing of Essential/Study-Specific Documents
  • Local Storage of Original Documents (if applicable)
  • Retention Policies
Vendor Qualification and Oversight Activities
  • Vendor/Supplier/Contractor Qualification, Selection, Performance Management, and Discontinuation
  • CDA Process and Vendor Contract Management
  • Vendor/Supplier Issue Handling, Escalation, and Tracking
  • Company's Approved Vendor List
  • Vendor Qualification/Audit Schedule (previous and current year)
  • Quality Agreements (QAG)
Data Control and Management
  • Data Entry/Receipt/Upload
  • Data Security at Rest and In-Transit
  • Controls for Restricted Data, e.g., Patient Personal Data and Unblinding Data (as applicable)
  • Query Management and Data Change Process
  • Investigator Control of Data
  • Definition of Data States, e.g., Source, Transient, Processed
  • Data Quality Controls (ALCOA+++ Attributes, Source Data Verification, Ability to Trace from Processed to Source
  • Reporting or Data Transfer to CRO/Sponsor

Compliance Framework of QV360

QV360 is compliant with applicable regulations, standards, and assessment criterias.
  • GAMP 5 Edition 2: A Risk-Based Approach to Compliant GxP Computerized Systems
  • Agile Manifesto/Approaches
  • ASTM E2500: Standard Guide for Specification, Design, and Verification of Pharmaceutical and Biopharmaceutical Manufacturing Systems and Equipment
  • ISO 13485: Medical Devices
  • ISO 14971:2019: Medical Devices — Application of Risk Management to Medical Devices
  • Electronic Code of Federal Regulations (eCFR)
  • 21 CFR Part 11: Electronic Records; Electronic Signatures
  • 21 CFR Part 820: Quality System Regulation
  • 21 CFR Part 210: Current Good Manufacturing Practice in Manufacturing, Processing, Packing, or Holding of Drugs; General
  • 21 CFR Part 211: Current Good Manufacturing Practice for Finished Pharmaceuticals
  • 21 CFR Part 600: Biological Products: General
  • 21 CFR Part 606: Current Good Manufacturing Practice for Blood and Blood Components
  • 21 CFR Part 610: General Biological Products Standards
  • ICH Q7: Harmonised Tripartite Guideline Good Manufacturing Practice Guide for Active Pharmaceutical Ingredients
  • ICH Q8: Harmonised Tripartite Guideline Pharmaceutical Development
  • ICH Q9 (R1): Quality Risk Management
  • ICH Q10: Pharmaceutical Quality System
  • ICH Q12: Technical and Regulatory Considerations for Pharmaceutical Product Lifecycle Management
  • ICH Q13: Continuous Manufacturing of Drug Substances and Drug Products
  • ICH Q14: Analytical Procedure Development
  • ICH E6: Good Clinical Practice (as relevant)
  • Health Insurance Portability and Accountability Act of 1996 (HIPAA)
  • US FDA Guidance for Industry Computerized Systems Used in Clinical Investigations 2007
  • US FDA Guidance for Industry General Principles of Software Validation, January 2002
  • ISO Accreditations (as relevant)
  • Auditee QMS, Policies, Procedures, and Work Instructions
  • Master Service Agreements (MSA), Scope of Work (SOW), Quality Assurance Agreements (QAG), and Other Contracts/Agreements (as relevant)