![Page 1: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/1.jpg)
ITIL and Compliance , 13.30 – 14.15
Mikael May Yde, Senior Compliance Consultant, epista IT A/S
![Page 2: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/2.jpg)
Speaker
Life Science since 2001, IT since 1987
epista IT A/S 2013 - present
• Inspection Readiness, IT Compliance Plan , IT QMS,
Validation of ERP, GxP IT
H. Lundbeck A/S 2001 - 2013
• Headed Global IT Compliance, 10+ years
– Corporate Validation of applications
– Global Qualification of IT infrastructure
– Global Service Management/ITIL processes
– Corporate Information Security
– Inspection coordinator for Corporate IT
– Lean in IT
Mikael May YdeSenior Compliance
Consultant
![Page 3: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/3.jpg)
Objectives
• IT compliance requires control of:
– People
– Applications
– Data
– Infrastructure
– Procedures
– Ways of working
– Documented evidence
…among other things…
![Page 4: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/4.jpg)
ITIL Lifecycle
![Page 5: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/5.jpg)
Objectives
• There and Back Again (Tolkien)
– Two worlds of understanding, two professions,
two languages…
– Meet people on their territory
• Aligning existing professions and methodologies
– Common understanding of processes
• Gaining compliance value of
existing investment
• Cultural change management(Culture eats Strategy for Breakfast)
![Page 6: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/6.jpg)
Design & Preparation
Planning
Testing
End of life
System Lifecycle – Validation
Project Operations, support and maintenance
Implementation
Buy or Build
![Page 7: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/7.jpg)
Requirements for an IT QMS
• Is the QMS
– Flexible?
– Scalable?
– Implementable?
– Recognizable?
– Value adding?
• Does the QMS
– Play well with others?
– Keep you in compliance?
– Lower your risk profile?
– Move your business forward?
![Page 8: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/8.jpg)
Validation of Computerized Systems
The process of providing documented evidence that
a system does what it claims to do,
and that it will continue to do so in the future
![Page 9: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/9.jpg)
ITIL System Development Life Cycle
![Page 10: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/10.jpg)
GAMP Life cycle approachA life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements, through development, release, and operational use, to system retirement.
(Figure from GAMP 5)
![Page 11: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/11.jpg)
ITIL Service Perspective
![Page 12: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/12.jpg)
GAMP Life cycle approach
The life cycle for any system consists of four major phases:
(Figure from GAMP 5)
![Page 13: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/13.jpg)
ITIL Service Lifecycle
![Page 14: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/14.jpg)
Generic Case
• How to use ITIL® to map present operating
procedures and ways of working
![Page 15: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/15.jpg)
ITIL overview
![Page 16: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/16.jpg)
IT QMS - Compliance focus
![Page 17: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/17.jpg)
IT QMS – ITIL processes
![Page 18: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/18.jpg)
IT QMS - Other Procedures
![Page 19: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/19.jpg)
IT Compliance
Quality Security
Process
![Page 20: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/20.jpg)
Objectives achieved
• IT compliance requires control of:
– People ☺
Applications
Data
Infrastructure
Procedures
Ways of working
– Documented evidence
Covered by
![Page 21: ITIL and Compliance - Epista · GAMP Life cycle approach A life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements,](https://reader030.vdocuments.us/reader030/viewer/2022040317/5e2fd3dc0d5e14319f4dc2d4/html5/thumbnails/21.jpg)
Questions?
Mikael May YdeSenior Compliance Consultant
_____________
epista ITSlotsmarken 17
2970 Hørsholm
Denmark
M: +45 5369 4973E: [email protected]