How a common COBIT-based IT control solution can satisfy multiple regulatory and business requirements. This seminar will show you that a common IT control solution should be available to satisfy multiple regulatory and business requirements.
If yours is an FDA regulated pharmaceutical manufacturing firm and you must comply with the Sarbanes-Oxley Act of 2002 (SOX) Section 404 controls for Information Technology (IT), then a natural question to ask is: can you combine the IT Controls required for SOX with the measures needed to meet FDA requirements for 21 CFR Part 11, network security, and IT validation? The answer is a qualified yes, you can combine them. The next question is: does it make sense to do it and if so, how? In this seminar I show you how an IT control solution based on COBIT can be tailored to satisfy the FDA Part 11 requirements and by extension other regulatory requirements such as HIPAA. I also help you to address the second question about whether it makes sense in your organization to do it and then I show you how to go about it. I cite evidence suggesting that a single, combined approach will improve the cost/benefit ratio and bring improved IT operating performance and utility to the organization.
I explain the commonality of IT governance and control with the quality system approach to FDA compliance. I show how the key controls for SOX satisfy the design and control requirements of 21 CFR Part 11. I point out the commonalities between IT validation and SOX testing along with some comments on the need to justify this approach for the FDA.
What Attendees will Learn:
If yours is an FDA regulated pharmaceutical manufacturing firm and you must comply with the Sarbanes-Oxley Act of 2002 (SOX) Section 404 controls for Information Technology (IT), then a natural question to ask is: can you combine the IT Controls required for SOX with the measures needed to meet FDA requirements for 21 CFR Part 11, network security, and IT validation? The answer is a qualified yes, you can combine them. The next question is: does it make sense to do it and if so, how? In this seminar I show you how an IT control solution based on COBIT can be tailored to satisfy the FDA Part 11 requirements and by extension other regulatory requirements such as HIPAA. I also help you to address the second question about whether it makes sense in your organization to do it and then I show you how to go about it. I cite evidence suggesting that a single, combined approach will improve the cost/benefit ratio and bring improved IT operating performance and utility to the organization.
I explain the commonality of IT governance and control with the quality system approach to FDA compliance. I show how the key controls for SOX satisfy the design and control requirements of 21 CFR Part 11. I point out the commonalities between IT validation and SOX testing along with some comments on the need to justify this approach for the FDA.
What Attendees will Learn:
- Overview of SOX Controls for IT & FDA Requirements (including expected new Part 11 requirements).
- Information Security (integrity, confidentiality & availability)
- Benefits of Combined IT Control Program
- IT Governance v. Quality System processes
- Information Classification for Finance & FDA purposes
- Mapping COBIT Controls to FDA Requirements-spreadsheet
- Key Processes, Change Management, Access Control etc.
- Justification of Approach for FDA
- Validation for FDA v. Testing for SOX
- Applicability to HIPAA and FISMA
Who Will Benefit:
- IT & Compliance Executive Management
- SOX for IT Implementation Management & Staff
- IT Management & Staff
- Quality Systems Management
- Computer/IT Validation Management & Staff
- Auditing for both SOX and FDA
Course Provider
James Robertson,
