itil and compliance - epista · itil and compliance, 13.30 –14.15 ... – lean in it mikael may...
TRANSCRIPT
ITIL and Compliance , 13.30 – 14.15
Mikael May Yde, Senior Compliance Consultant, epista IT A/S
Speaker
Life Science since 2001, IT since 1987
epista IT A/S 2013 - present
• Inspection Readiness, IT Compliance Plan , IT QMS,
Validation of ERP, GxP IT
H. Lundbeck A/S 2001 - 2013
• Headed Global IT Compliance, 10+ years
– Corporate Validation of applications
– Global Qualification of IT infrastructure
– Global Service Management/ITIL processes
– Corporate Information Security
– Inspection coordinator for Corporate IT
– Lean in IT
Mikael May YdeSenior Compliance
Consultant
Objectives
• IT compliance requires control of:
– People
– Applications
– Data
– Infrastructure
– Procedures
– Ways of working
– Documented evidence
…among other things…
ITIL Lifecycle
Objectives
• There and Back Again (Tolkien)
– Two worlds of understanding, two professions,
two languages…
– Meet people on their territory
• Aligning existing professions and methodologies
– Common understanding of processes
• Gaining compliance value of
existing investment
• Cultural change management(Culture eats Strategy for Breakfast)
Design & Preparation
Planning
Testing
End of life
System Lifecycle – Validation
Project Operations, support and maintenance
Implementation
Buy or Build
Requirements for an IT QMS
• Is the QMS
– Flexible?
– Scalable?
– Implementable?
– Recognizable?
– Value adding?
• Does the QMS
– Play well with others?
– Keep you in compliance?
– Lower your risk profile?
– Move your business forward?
Validation of Computerized Systems
The process of providing documented evidence that
a system does what it claims to do,
and that it will continue to do so in the future
ITIL System Development Life Cycle
GAMP Life cycle approachA life cycle approach entails defining and performing activities in a systematic way from conception, understanding the requirements, through development, release, and operational use, to system retirement.
(Figure from GAMP 5)
ITIL Service Perspective
GAMP Life cycle approach
The life cycle for any system consists of four major phases:
(Figure from GAMP 5)
ITIL Service Lifecycle
Generic Case
• How to use ITIL® to map present operating
procedures and ways of working
ITIL overview
IT QMS - Compliance focus
IT QMS – ITIL processes
IT QMS - Other Procedures
IT Compliance
Quality Security
Process
Objectives achieved
• IT compliance requires control of:
– People ☺
Applications
Data
Infrastructure
Procedures
Ways of working
– Documented evidence
Covered by
Questions?
Mikael May YdeSenior Compliance Consultant
_____________
epista ITSlotsmarken 17
2970 Hørsholm
Denmark
M: +45 5369 4973E: [email protected]