Home > Information > Publications and Presentations

Publications and Presentations

Ofni Systems presents at numerous conferences and workshops on Part 11 and regularly conducts training sessions for organizations to educate employees about the specific requirements of the rule and how to incorporate it into daily practices.

Let Ofni Systems make knowledge management simple for you. Contact us today for for more information about these events.

2012
2011
2010
2009
2008
2007
2006
2005
2004
2003

2012

Spreadsheet Validation: 21 CFR Part 11 Compliance

Software intended for the management of manufacturing processes and FDA submissions may very well be too complex, expensive, and laden with features unnecessary in your environment. Commonly available spreadsheet programs like MS Excel may really be most appropriate – but how can you create, validate and use off-the-shelf programs in your regulated environment without violating the provisions of Part 11?

FDA is well aware of the wide utility of spreadsheets, but expects the controls to be in place to ensure that spreadsheets used in GxP processes are validated and compliant with 21 CFR Part 11. In today’s environment of renewed FDA enforcement of Part 11, uncontrolled spreadsheets represent an area of increased regulatory concern and scrutiny.

You can learn to confidently harness the versatility and functionality of spreadsheets. You, your colleagues and your organization can take advantages of all of the benefits of the ease-of-use and economy spreadsheets offer – and still remain in compliance with FDA’s regulatory requirements. Key points that will be covered include:

How to design your spreadsheets to facilitate compliance and validation
The part of a spreadsheet with the highest regulatory risk - and how to address it
How FDA validates their own spreadsheets
The expected contents of a spreadsheet validation package
How to write spreadsheet requirements and specifications to facilitate good testing
What must be included during spreadsheet validation testing
The most common deviations discovered during spreadsheet validations, and how to focus your testing to detect these common mistakes

Presented by Daniel Waterman, Validation Manager, Ofni Systems
Thursday, February 14, 2012; 1:00 pm - 2:30 pm EST (GMT - 5)
Teleconference, Presented by FOI Services

Desktop Databases: 21 CFR Part 11 Compliance

Daniel Waterman will address validation and 21 CFR 11 with regard to usage of desktop databases, such as MS Access. Hundreds of 483's and warning letters are received each year by companies who did not design or validate their databases and spreadsheets to meet Part 11 requirements. By properly securing your databases, you can allow a much wider audience to use and benefit from every database within the organization.

Learn more about Desktop Databases: 21 CFR Part 11 Compliance

The following topics will be covered in detail:

Learn what the FDA will look for during audits
How to define requirements quickly.
How to document inputs, code and security settings.
Details on when and where to use electronic signatures.
Inactivity timeouts, and controls for users and passwords.
Managing change control and common change control mistakes to avoid.

Presented by Daniel Waterman, Validation Manager, Ofni Systems
Tuesday, January 10, 2012; 1:00 pm - 2:30 pm EST (GMT - 5)
Teleconference, Presented by FOI Services

2011

Spreadsheet Validation 101 :
Create and Validation FDA Compliant Spreadsheets

Tyson Mew, President of Ofni Systems, and Daniel Waterman, Validation Manager for Ofni Systems will speak at IVT's 12th Annual Computer and Software Validation conference in Philadelphia, PA, from April 26 through April 28. Ty and Daniel will present
Spreadsheet Validation 101 : Create and Validation FDA Compliant Spreadsheets on Wednesday, April 27 at 8:45 AM - 12:15 PM .

Easy-to-create and surprisingly powerful and flexible tools for data storage, spreadsheets are so common that they can almost seem invisible. However, GxP data stored within spreadsheets must be maintained in accordance with all applicable regulatory rules, especially 21 CFR 11; Electronic Records Electronic Signatures. The FDA is aware of the usefulness of spreadsheets, but expects controls to be in place to ensure that spreadsheets used in GxP processes are compliant with 21 CFR 11 and are validated. As FDA enforcement of 21 CFR 11 increases, uncontrolled spreadsheets represent an area of increased regulatory concern.

Learn more about Spreadsheet Validation 101: Create and Validate FDA Compliant Spreadsheets

Presented by Tyson M. Mew, President, and Daniel Waterman, Validation Manager, Ofni Systems, Inc.
12th Annual Computer and Software Validation
April 26 - 28, 2011, Philadelphia , PA
Presented by IVT

Desktop Databases: 21 CFR Part 11 Compliance

Learn more about Desktop Databases: 21 CFR Part 11 Compliance

The following topics will be covered in detail:

Learn what the FDA will look for during audits
How to define requirements quickly.
How to document inputs, code and security settings.
Details on when and where to use electronic signatures.
Inactivity timeouts, and controls for users and passwords.
Managing change control and common change control mistakes to avoid.

Presented by Daniel Waterman, Validation Manager, Ofni Systems
Tuesday, March 8, 2011; 1:00 pm - 2:30 pm EST (GMT - 5)
Teleconference, Presented by FOI Services

Spreadsheet Validation: 21 CFR Part 11 Compliance

How to design your spreadsheets to facilitate compliance and validation
The part of a spreadsheet with the highest regulatory risk - and how to address it
How FDA validates their own spreadsheets
The expected contents of a spreadsheet validation package
How to write spreadsheet requirements and specifications to facilitate good testing
What must be included during spreadsheet validation testing
The most common deviations discovered during spreadsheet validations, and how to focus your testing to detect these common mistakes

Presented by Daniel Waterman, Validation Manager, Ofni Systems
Thursday, February 3, 2011; 1:00 pm - 2:30 pm EST (GMT - 5)
Teleconference, Presented by FOI Services

2010

21 CFR Part 11 Compliance & Validation for Spreadsheets

How to design your spreadsheets to facilitate compliance and validation
The part of a spreadsheet with the highest regulatory risk - and how to address it
How FDA validates their own spreadsheets
The expected contents of a spreadsheet validation package
How to write spreadsheet requirements and specifications to facilitate good testing
What must be included during spreadsheet validation testing
The most common deviations discovered during spreadsheet validations, and how to focus your testing to detect these common mistakes

Presented by Daniel Waterman, Validation Manager, Ofni Systems
Wednesday, September 1, 2010; 1:00 pm - 2:30 pm EDT (GMT - 4)
Teleconference, Presented by FOI Services

Prepare for FDA CSV Inspections – Review of Recent Enforcement Actions, 483’s and Warning Letters

The FDA has been expanding their audit programs and the number of observations related to validation problems has been steadily increasing. New requirements for Risk Assessments have been appearing, as well as a number of observations related to change control This session will focus on what the agency is looking for in your validation program by reviewing recent 483’s and warning letters related to computer system validations. Key points that will be covered include:

Current FDA Requirements and Expectations for Validation
Review of recent 483's and Warning letters
Consequences of Validation Gaps
A checklist of the top observations to avoid

Presented by Tyson M. Mew, President, Ofni Systems, Inc.
11th Annual Computer and Software Validation
April 21 - 23, 2010, San Diego, CA
Presented by IVT

Automate Your CSV Process – Templates, Tools, & Tricks

Getting Started – Preparing to Automate your CSV Practices

Discuss why CSV is well-suited to automation
Preparing templates for documents and certain types of systems
Determine and execute your testing strategy
Formalize your strategy in a Validation Master Plan
Implement best practices for lean project management

Automation of CSV Document Generation

Breaking down systems into discrete validatable objects
Collecting testable requirements
Automatically create your list of testable objects
Generating Design Specifications directly from source code
Integrating Risk Assessments into the process
Automatic generation, tracking and updating of the Requirements Traceability Matrix

Test Cases and Test Plans

How much testing is enough? Testing based on Risk Assessments
Input testing, Challenge Testing, Unit & Workflow test cases
Automating common test scripts with mini-test cases
Create specific test cases for use with change control
Auto-creation of test scripts from your requirements

Protocol Execution, Documentation and Managing Deviations

Paper vs. Electronic execution
Capturing actual results and screen shots for maximum effectiveness
Generating, processing and closing test and script deviations

Interactive Exercise: Case Studies of CSV Automation Success Stories

Several case studies will be presented to demonstrate how different types of validation projects were automated using the techniques described above. We will also discuss how the FDA is using automation for spreadsheet validation in their own labs.

Presented by Tyson M. Mew, President, Ofni Systems, Inc.
11th Annual Computer and Software Validation
April 21 - 23, 2010, San Diego, CA
Presented by IVT

2009

21 CFR Part 11 Compliance and Validation for Databases and Spreadsheets

Hundreds of 483's and warning letters are received each year by companies who did not design or validate their databases and spreadsheets to meet Part 11 requirements.

In this webinar you will learn how to implement Part 11 requirements in databases (Access, Oracle, and SQL Server) and Excel spreadsheets.

This presentation will provide the instructions, and documentation to ensure full compliance with 21 CFR Part 11, including:

Strategies for how to document and validate Access databases and other software applications based on databases.
How to add audit trails to databases and spreadsheets
How to define requirements quickly.
Managing change control and common change control mistakes to avoid.
How to document inputs, code and security settings.
How to properly secure the data and code.
Access security settings for multiple users.
Common settings applied to limit user actions.
Details on when and where to use electronic signatures.
Advanced techniques for adding electronic signatures
Inactivity timeouts, and controls for users and passwords.
Tips for efficient database testing.
Learn about how the FDA secures their own databases and spreadsheets

December 17, 2009
e-Conference, Presented by the Executive Conference Corporation

How to Validate Device and Computer Software

Computer software validation has been a major issue for medical device manufacturers and is one of the leading causes of 483 observations, warning letters and product recalls. There are many different types of computer hardware and software found in the medical device industry, including:

COTS (Commercial Off-The-Shelf) applications
Custom in-house applications (databases and spreadsheets, web applications, etc)
Software embedded in medical devices
Software used to create or manufacture devices

All of the above must be validated for intended use and be under strict change control. The risk to patients can be severe for even small software bugs, and the cost of legal actions or product recalls can be financially devastating. The following topics will be covered in detail:

A review of recent enforcement actions as a result of inappropriate computer system validations.
The basics of computer software validation and what is expected in any validation effort.
A presentation of Ofni System's methodology for how we create functional requirements, design specifications and test cases.
Education for users about specific hot spots, including Change Control and Risk Assessments.
A discussion of new technologies for automated testing and electronic protocol execution.

July 8, 2009
e-Conference, Presented by the Clinical Device Group

How to Conduct a GAP Analysis of your CSV Program
Use of Macros and Spreadsheets in Regulated Environments

Tyson Mew, president of Ofni Systems will speak at IVT's 10th Annual Computer and Software Validation conference.

May 18-20th, 2009
Presented by IVT

21 CFR Part 11 Compliance and Validation for MS Access Databases

Mr. Tyson Mew will address validation and 21 CFR 11 with regard to usage of Access databases. By properly securing your databases, you can allow a much wider audience to use and benefit from every database within the organization. The following topics will be covered in detail:

How to add audit trails to any part of the database
How to properly secure the data and code
Access database security settings for multiple users
Common settings to apply to limit user actions
Learn what the FDA will look for during audits
Managing change control and common mistakes to avoid
Details on when and where to use Electronic Signatures
Database testing and techniques for software validation

Attendees will receive instructions for how to apply controls to their own access programs. In additions, attendees may download sample code and validation documents for their own use.

February 18, 2009
e-Conference, Presented by the Clinical Device Group

How to Make Excel Part 11 Compliant

Mr. Derek Wimmer will address validation and part 11 with regard to your usage of Excel spreadsheets. You will learn what your options are and how to address the issues for the different categories of spreadsheets use. He will address:

What Excel is used for
Different categories of spreadsheets
Relevant regulations and history
Excel’s lack of compliance features
Where we are today with respect to Part 11 and enforcement
Options available to address Excel’s shortfalls
Applying those options to the different categories of spreadsheets
Managing the whole process
How to approach the issue if it's an emergency and you have no money/time/resources

February 4, 2009 at 11:00 am
e-Conference, Presented by the Clinical Device Group

2008

QCSV Inc. & Regulatory Compliance Committee of the Medical Devices Cluster

Proper Use & Validation of Excel Spreadsheets in an FDA Regulated Environments - The presentation began with a discussion of documentation practices and validation methodology. Functional requirements define all appropriate formulas, charts and associated macros. Design requirements define the specific formulas, chart settings and stored code.
Formulas are tested first by confirming that the formula used is appropriate for the intended calculation and second by confirming that the formula gives the appropriate result. Macros are tested by entering a range of data and comparing the results with a hand calculator, or by visual inspection that the function performed as expected. Charts are tested by a combination of visual inspection or verification of the properties, including the data set used as the basis for the charts. Security testing is dependent on how security has been implemented, but at a minimum, security testing should demonstrate that users are limited to entering data into the defined input cells only and that users do not have the ability to alter any other part of the spreadsheet.

San Juan, PR
October 30, 2008

IVT Validation Week at the DoubleTree Hotel

FDA Validation Inspections and Latest Trends - The FDA is in the process of modernizing and expanding their inspections. The FDA has hired 1300 new doctors and scientists, including 245 new field inspectors, and is spending $2.5 billion to modernize their information technology. The FDA expects that all computer systems which control Quality and Production data must be validated and the data within must be controlled. The principle method of demonstrating control of computer systems is validation.
Most observations relating to validation are due to missing or incomplete validations. Other common causes of validation observation come from companies not following their own validation procedures, or for omitting mandated technological controls like audit trails or security.
Examples of specific observations can be found here.

Computer System Remediation & Validation for Regulatory Inspection - A Case Study - The presentation started with a discussion of validation policies and procedures. There was a discussion of the pros and cons of the V-model of validation. This lead into a discussion of specific validation techniques, including automated document generation, micro test cases, automated requirement traceability and parallel requirement development. Software testing techniques were also discussed, including the use of virtual machines, electronic protocol execution, documenting protocol execution with screen shots and automated deviation reporting.
The second section of the presentation defined basic approaches to validating custom databases, spreadsheets, web applications and LIMS connections.
The final section of the presentation reviewed specific case studies. These included a large group of spreadsheets used by a CRO, an engineering system for pharmaceutical manufacturer, an electronic document capture system, a purchasing system for a pharmaceutical manufacturer and a CRO database which was completely validated within 12 business days.

Philadelphia, PA
October 22 - October 23, 2008

Validation of MS Access Databases published by askaboutValidation.com
Published June 2008

"This article will present a simple method for validating MS Access databases for GXP use. The goal of our validation strategy is to provide better testing and documentation of individual databases in less time. Once we establish this methodology, we can rapidly apply it to many databases to reach compliance faster.

This article will cover the most common examples of database validation activities. We will cover special or very complicated examples whenever possible, but anything not explicitly covered in this article can be added as needed to fit your existing validation requirements or for special cases."

Click here to read the article.

Validation of MS Excel Spreadsheets published by askaboutValidation.com
Article of the month for May 2008

"This article will present a simple method for validating MS Excel spreadsheets for GXP use. The goal of our validation strategy is to provide better testing and documentation of individual spreadsheets in less time. Once we establish this methodology, we can rapidly apply it to many spreadsheets to reach compliance faster.

This article will attempt to cover the most common examples of spreadsheet validation activities that we find. We will attempt to cover special or very complicated examples whenever possible, but it should be understood that anything not explicitly covered in this article can be added as needed to fit your existing validation requirements or for special cases."

Click here to read the article.

2007

Audio Seminar - Validation and Use of MS Access Databases in GxP and Part 11 Environments
August 23, 2007

"Access databases are a simple way to meet many of the data collection and record keeping requirements required by the FDA but they also need to meet the technical requirements of 21 CFR Part 11, Electronic Records, Electronic Signatures. Out-of-the box Access has not been designed for regulated environments. This event will show you how to make Access databases Part 11 compliant."

Registration/Order Recording

2006

Journal of Validation Technology®
Volume 12, Number 4, August 2006

Using Automation To Generate Validation Documents And Add Part 11 Compliance
The author has created software that automates the validation of computer software systems and generates validation documentation. This article will take you through the step-by-step process of how that process can be applied. The system can also be used to track the system's functional requirements over the life of the system. See how such a system may be of use in its many applications in your environment.

Training Course - Part 11 Compliance for MS Access
"Building 21 CFR Part 11-Compliant Applications"
Presented by FDA News and Ofni Systems
Raleigh, NC
March 30-31, 2006

WebEx Seminar - MS Access & Part 11: A Visual Presentation
Presented for the Clinical Device Group
February 16, 2006
11:00-12:30 CST

2005

2nd Annual FDA Information Management Summit at the Bethesda Hyatt
Bethesda, MD
November 30 - December 2, 2005

IVT Laboratory Regulations, Controls & Compliance
Nov. 29 – Dec. 2, 2005
Carolina, Puerto Rico

2004

DIA 40th Annual Meeting
June 13-17, 2004
Washington Convention Center
Washington, DC

Best Practices for Risk Management and 21 CFR Part 11 Compliance for Electronic Records
GCP Compliance
April 19-22, 2004
Washington, DC

Abstract

Tyson M. Mew, President, Ofni Systems Inc.
I. Interactive Exercise: Performing Risk and Compliance Assessments
• Build a risk assessment program
• Deciding where and how to assess risk
• Part 11 gap analysis
II. Collecting and Analyzing the Results
• Best practices in collecting and quantifying results
• Deciding where and how to assess risk
• Part 11 gap analysis
III. Corrective and Preventive Actions: Remediation Plans
• Deciding what priority to address first
• Tracking progress

Ensuring Access Databases and Excel Spreadsheets are Part 11 Compliant
IVT Laboratory Controls & Compliance
March 29- April 1st of 2004
Amsterdam, The Netherlands
NH Grand Hotel Krasnapolsky

Abstract

Workshop E • 8:30 am – 12:00 pm
– Dr. Dirk Bissinger, Industrial Operations Drug Products, Quality Assurance Manager, Aventis Pharma Deutschland GmbH
– Ty Mew, President, Ofni Systems Inc.
– Mary Chris Easterly, Technical Manager, QA Validation, Diosynth
– Derek Wimmer, President, Wimmer Systems, LLC.
– David Harrison, Senior Consultant, ABB Eutech.
This seminar presents how to design, build, and validate Access® databases and Excel® spreadsheets in accordance with current practices, including 21 CFR Part 11.

I. Ensuring Access Databases are Part 11 Compliant
• Databases for Part 11 compliance
• Technical controls and functionality
• Securing the Access® environment
• Procedural controls required to be implemented
• Validation of Access® programs
• Demonstrations and case studies

II. Compliance Controls and Excel®- Technical Aspects
• Strengths and weaknesses of Excel®
• How workflow concepts affect design decisions
• Analysis of controls for auditing, authenticity, security, etc.
• Ensuring your solutions will do what you want

III. Risk-Based Validation of Excel® Spreadsheets
• The challenges of validating Excel® spreadsheets
• Integrating Excel® validation into your current CSV practice
• Balancing risk-based validation with efficiency
• Resource requirements, and key learning points for Excel® validation projects

IV. Case Study of Aventis' Use of Excel® Spreadsheets and Preparing and Passing a FDA Inspection
• A pragmatic approach to excel spreadsheet validation
• A general approach on how to get prepared for an inspection
• Strategies for inspections - for inspectors and industry personnel

V. Interactive Exercise
This exercise will be an open question and answer forum for discussing issues related to making Access® databases and Excel® spreadsheets compliant.

2003

How To Make MS Access Programs Part 11 Compliant (audio conference)
October 28, 2003 1:30 PM EST
Download Sample Code References

Abstract

"Firms using Microsoft Access databases for record keeping as part of GxPs need to take the necessary steps to ensure that they are Part 11 compliant. Part 11 demands that you address both technical and procedural requirements. This conference will detail technical controls that must be added, establishing a secure MS Access program, procedural controls that must be implemented and validation. The tools and information provided in the session will benefit anyone who needs to know how to make their systems compliant, as well as those charged with maintaining the integrity of their firm’s critical data. Attendees can also download free code samples that they can use in their own programs."

Ensuring Access Databases and Excel Spreadsheets are Part 11 Compliant
Laboratory Controls and Compliance Conference
August 18-21, 2003
Short Hills, NJ
Brochure