Rescop

News & Events
  • 0 Agile Computer System Validation

    • by Bas Michielsen
    • 20-10-2020
    0.00 of 0 votes

      Introduction Agile Computer System Validation (CSV) and Software Life Cycle Management Introducing a validated (software) system in the Life Sciences and Health Care Industry (e.g., regulated projects) can be a very demanding, challenging, and time-consuming task. In this article, we will discuss the following topics: What is Agile? What is Agile software development methodology? What is Agile (computerized system) validation? Benefits of Agile software development / Agile validation Industry standards & best practices What is Agile? What is the Agile software development methodology? Agile is the collective name for any non-linear software development method. Agile software development methodologies are centered round the idea of iterative development, where requirements and solutions evolve through collaboration between self-organizing cross-functional project teams. Agile is a method of developing software solutions, that focuses on delivering high-quality working software frequently and consistently, while minimizing project overhead and increasing business value Agile was introduced with the purpose to improve the limitations in traditional development methodologies by concentrating on continuous improvement and conducting tests in smaller iterations without compromising on the overall development quality of the product. Agile software development is flexible, fast, and aims for continuous improvements in quality.   Agile methodology key elements & tools:       What is the Agile Manifesto? Agile development refers to any development process that is aligned with the concepts of the Agile Manifesto. The Manifesto was developed by leading figures in the software industry and reflects their experience of what approaches do and do not work for software development. Read more about the Agile Manifesto. Core values of Agile Software Development Individuals and interactions over processes and tools Working software over comprehensive documentation Customer collaboration over contract negotiation Responding to change over following a plan   What is Agile (computerized system) validation? Agile validation, also called Agile GxP, comes with the help of the methodology based on Scrum (the most commonly used  flavor) to combine the world with requirements for the Life Science and Pharmaceutical industry. In Agile practice, validation becomes integral component to development, rather than an afterthought. Through continuous verification and validation activities throughout the software lifecycle, Agile catches defects earlier, reducing rework and enable faster system go-live. Agile validation in GxP projects requires the same type of deliverables that are needed for traditional validation processes, but the way in which these deliverables are created is different. Sometimes the deliverables will have different name.   What are the benefits of Agile software development and Agile computerized system validation?    Agile is a powerful tool for software development and computerized system validation. Examples of benefits of Agile software development are: Improved product quality Focus on high-quality development, testing and (customer) collaboration Continuous Risk management Finding and fixing defects quickly Deliver solutions on time and with a higher degree of client and customer satisfaction (delivering the right product) Manage change more effectively Allows for change; New or changed requirements can be planned and incorporated during development Focus on business stakeholder’s engagement Delivering strategic business value what is aligned with business stakeholders’ expectations Deliver features that provide the most business value to the identified business stakeholders Product features are defined on the need of the real users. Agile software development provides a unique change for stakeholders (e.g., clients, customers) to be involved throughout the whole project   Increased productivity Agile makes better use of the available resources With work broken into iterations, there are always milestones and deadlines   Improved transparency Everyone from stakeholders to the development team knows what is getting done, what is not and who is making decisions. When the entire team understands the big picture, projects tend to move forward faster.   Standards and best practices   Standard Organization Website GAMP 5 Guide: Compliant GxP Computerized Systems   The International Society for Pharmaceutical Engineering is the world's largest not-for-profit association serving its Members by leading scientific, technical, and regulatory advancement throughout the entire pharmaceutical lifecycle. ISPE IEC626604/82304   The International Organization for Standardization is an independent, non-governmental organization, the members of which are the standards organizations of the 164 member countries. It is the world's largest developer of voluntary international standards and it facilitates world trade by providing common standards among nations. More than twenty thousand standards have been set, covering everything from manufactured products and technology to food safety, agriculture, and healthcare. ISO Technical Information Report TIR45  The Association for the Advancement of Medical Instrumentation(AAMI) Standards Board has published a Technical Information Report TIR45 which provides recommendations for complying with international standards, and U.S. Food and Drug Administration (FDA) regulations and  guidance documents when using Agile practices to develop medical device software. AAMI         Rescop Academy Online Training!! VALIDATION USING AGILE Rescop Academy can help you with the method and tools to make this imagination become reality; instead of validating your system during the full development and implementation, Rescop Academy’s Agile Validation method will help you to validate parts of a system in an early stage.  Rescop provides Agile Validation using training on various levels: Foundation and Practitioner. Both training levels combine the theory from the Agile (SCRUM) / SAFe, ISPE GAMP® 5 Guide: Compliant GxP Computerized Systems and the AAMI TIR45 guidelines with exercises to simulate the practical implementation.      For more information contact us!                                                          

  • 0 Getting started with Data Security & Data Integrity

    • by Bas Michielsen
    • 08-10-2020
    0.00 of 0 votes

      (Reading time: 5 minutes)   Introduction Learn more about data integrity and how to implement and maintain data integrity within your organization. In this article, we will discuss the following topics: What is data security? What is data integrity? Data integrity is not data security Data integrity is not data quality Why are data security and data integrity important for every company? Data integrity violations and the possible risks associated with it What are examples of data integrity violations? What is a definition of data? What is a definition of a record? Data security & data integrity solutions   What is data security? Data security refers to the process of protecting data from unauthorized access and data corruption throughout its lifecycle. It includes the protection of data from both intentional and accidental alteration or loss over its entire life cycle across all applications and platforms. Data security technologies and processes There are many data security technologies and processes available to support your organization’s productivity while safeguarding the data. Examples of data security controls include: Access control. Backups & recovery. Date encryption. Data masking. Data resilience. Data erasure. Data security is also known as information security (IS) or computer security.   What is data integrity? Data integrity is the maintenance of, and the assurance of, the accuracy and consistency of data over its entire life-cycle, and is a critical aspect to the design, implementation and usage of any system which stores, processes, or retrieves data. Integrity is doing the right thing, even when no one is watching. (C.S. Lewis). Integrity (noun) [U] (HONESTY) ... The quality of being honest and having strong moral principles that you refuse to change. (Cambridge dictionary).     Data integrity is not data security Data security contains all measures taken to keep data from getting corrupted. Data integrity is the maintenance of, and the assurance of, the accuracy and consistency of data over its entire life cycle   Data integrity is not data quality Data quality is all about creating trustworthy records from the moment raw data is entered, stored, transferred, and archived.   Why are data security and data integrity important for every company? All organizations today deal with data. From international operating companies dealing in massive volumes of personal data to a small business-owner archiving the contact details of his customers on a piece of paper, data is integrated in organizations both large and small. When an organization collects any kind of personnel data, it instantly becomes known as a data processor. Data security and data integrity are important for every organization. For instance: Ensure compliance. Safeguards all valuable information. Reputation & brand protection. Protection of intellectual capital. Controlling critical infrastructures.   Data integrity violations and the possible risks associated with it Prevention of data integrity violations is important for every company because the risks associated with it will be high when compared to prevention of data integrity. Potential impact of poor data security and data integrity violations: Revenue loss. Damage to brand reputation and the image of the company. Loose the creditability from stakeholders. Loss of intellectual property. Hidden costs. Impact on organization goals.   What are examples of data integrity violations? The data integrity violations come in many different forms. Deletion or manipulation of data Backdating, Fabricating data Aborted sample analysis without justification Invalidated OOS results without justification Destruction or loss of data Missing, altered or raw data not being recorded Failure to document work contemporaneously Uncontrolled documentation Lack of audit trail, or no documented change control Unauthorized access or changes to data Not following company procedures Sharing passwords Copying existing data as new data Disposing the original hard copies Not reporting of failures and deviations Releasing the failing product Hiding/obscuring critical information Mismatch between reported data and actual data     What is a definition of data? Data is a representation of facts, concepts, or instructions in a manner suitable for communication, interpretation, or processing by humans or by automatic means.   What is a definition of a record? Records provides evidence of various actions taken to demonstrate compliance with instructions, in either electronic or paper format. Records include raw data.   Are you experiencing challenges related to data integrity? Rescop has experts in data security & data integrity practices who can offer the tools and training employees need to maintain data compliance. Contact us now!    

  • 0 BCF Career Event

    • by Rescop
    • 18-09-2020
    0.00 of 0 votes

      BCF Career Event Netherlands 2020 29 September - Online | 30 September - Utrecht   Rescop will take place again at the largest career event for the Life Sciences in the Netherlands. This year, BCF Career Event will be spread over two days, with an online and an in-person event. We are looking forward to meet everyone who is or wants to be active in Bio/Life Sciences, Chemistry, Food or Pharma. More information can be found here.                

  • 0 What is computer system paperless validation (CSV) for Pharma, Medical Devices and Biotech companies?

    • by Bas Michielsen
    • 02-09-2020
    0.00 of 0 votes

      Computer System Validation (CSV)/Paperless Validation is the process of ensuring that any technology component (software or hardware) is fulfilling its purpose to ensure compliance with GMP guidelines and to help organizations maintain consistent quality. The validation is an important assessment and necessity in Life Science. Avoid reinventing the wheel and ensure optimization and efficiency in the validation process Paperless validation software completely takes away the pitfalls in the usage of a paper-based validation process where more effort & cost involved in doing the activities related to printing, distribution, and storage.   What are the benefits of paperless validation software solutions? Paperless validation software solutions provides: Data integrity, consistency, accuracy and control across the organization; Aligned requirements, design and test documents; Electronically review and approval of documents including signatures; Real time validation status, real time metrics, and extensive reporting; User accessibility anytime, anywhere across multiple devices (web, smartphone, tablet);   Paperless validation software improves: Productivity and reduce time-to-market, changeover and cycle-times; Global collaboration and communication; Paperless validation software facilitates: Teamwork and ensures the progress of activities and be audit ready, anytime; Online execution of testing and deviations; Automated management of change management, document tracking and periodic review; Streamlined review / approval process;   Paperless validation software reduces: Cycle time for validation activities and saving costs; Costs of purchasing paper itself, costs related to shipping via authorized couries, security of the storage of paper records; Paperless validation software enables: The visibility of validation tasks and provides management up-to-date information to monitor and control to improve the processes; Reuse of content. What are important business benefits for management when using a paperless validation software approach? The retention of knowledge and easy access to data from the project phase, leveraging of work done across projects Built in quality and compliance in the business process and overall reduction in business risk – quality, safety and operational.   Key considerations when selecting a paperless validation software solution: The key considerations when selecting a paperless validation software solution that works for all systems is the scope or intended use, the process, and the cost. Costs can add up when dealing with software licensing, support, training, and maintenance. Most importantly, it is importance to understand the process prior to selecting a solution. Then, it is useful to think global even if an organization plans to implement locally and to plan for change. Conclusion: Paperless validation for Life Science companies is fast becoming essential for survivability, strategic advantage, and overall compliance.   Rescop paperless validation software solutions Our all-in-one Validation Lifecycle Management System (VLMS) software comes equipped with a suite of specially designed solutions, each developed and customized to serve the particular requirements of any computer system validation(CSV) lifecycle process. Rescop computer system validation enables our customers to implement paperless validations and fulfill FDA CFR 21 Part 11 compliance.

  • 0 ECA -Academy Computer Validation Seminar

    • by Maurice Kerens
    • 03-08-2020
    0.00 of 0 votes

        We are proud to announce that we will be a part of ECA – Academy conference on 27 & 28 - 30 October 2020 as a speaker.   Highlights Regulatory Update Leveraging Suppliers - Managing Quality - Leveraging Test Activities - Supplier Assessment Good Validation Practices Scalability of Validation Advanced Risk Management IT Governance Data Integrity Change Control Management Upcoming Challenges in IT Learning by doing: up to 10 Workshops Interactive sessions   For more information check the ECA Website : https://www.gmp-compliance.org/training/gmp-course-conference/computer-validation-leveraging-suppliers      

  • 0 Data Integrity - Online training

    • by Rescop
    • 18-06-2020
    0.00 of 0 votes

    Rescop Turnkey Projects & Advisory - Data_Integrity   Rescop has a standard data integrity toolbox available, developed based on 21CFRPart11, Eudralex Annex 11, the GAMP Guide and Rescop’s experiences in practice. Possibility of deployment of onsite project team that has experience with data integrity projects and FDA / EU inspections is key for knowledge sharing and teamwork!   Our Rescop Academy Services provides free Online training for Data Integrity: Will be present by Richard Mulders and Rafal Buczek - 25 June 2020 / 4-5 PM For Registration : https://rescop.com/webinars.php    

  • 0 VALIDATION USING AGILE

    • by Rescop
    • 08-06-2020
    5.00 of 1 votes

        Although Agile and Validation feel like a contradiction, Agile development can help you to efficiently validate your systems. Just imagine that during development/implementation of a system the components which are already completed can be used but are also validated for their intended usage.     Rescop Academy can help you with the method and tools to make this imagination become reality; instead of validating your system during the full development and implementation, Rescop Academy’s Agile Validation method will help you to validate parts of a system in an early stage.     Rescop provides Agile Validation using training on various levels: Foundation and Practitioner. Both training levels combine the theory from the Agile (SCRUM) / SAFe, ISPE GAMP® 5 Guide: Compliant GxP Computerized Systems and the AAMI TIR45 guidelines with exercises to simulate the practical implementation.   Validation using Agile Foundation The Foundation level training is suitable for people who need to be aware of what Agile and Scrum is and how it can be used in a regulatory environment. The training includes practical examples on how to do it.   During this training you will learn: • How the benefits of Agile development methods can be leveraged within the strict world of compliance        (validation)• How to implement Agile development methods in practice• Differences between small and large projects / programs when using Agile development methods• Focus on product / system quality instead of on validation documentation to validate• How to apply Rescop Academy’s Agile Validation method to help you to validate parts of the system in an early stage   You can get a small impression of the training.  Register free for our next coming Agile validation webinar.  Free registration      

  • 0 Rescop free demos of our validation lifecycle management and quality management software

    • by Maurice Kerens
    • 26-05-2020
    5.00 of 1 votes

    Rescop free demos of our validation lifecycle management and quality management software   Coming up Software Demo RC - Deviation - 17 Jun 2020 / 14:00 -15:00 - Click for registration RC - SLM - 24 Jun 2020 / 14:00 -15:30 - Click for registration

  • 0 White Paper - Rescop Quality Management Suite (RC-QMS) - Security and GDPR

    • by Jan Bloo
    • 26-05-2020
    0.00 of 0 votes

    Rescop Quality Management Suite (RC-QMS) - Security and GDPR PUBLIC and the revision date 13-MAY-2020 •    Rescop meets the most extensive compliance standards.•    Rescop utilizes Microsoft's Azure secure cloud services.•    Rescop's platform and infrastructure are monitored continuously. •    Rescop complies with GDPR as a data processor in the provision of Rescop’s services to its customers. An Industry StandardRescop is the digital paperless pioneer in a GxP Compliance world. Founded in 2005, Rescop Quality Management Suite (RC-QMS) is used by companies worldwide, spanning all industries, platforms and sizes.Hosting and Infrastructure Rescop RC-QMS Software-as-a-Service (SaaS) solution is available for private clouds utilizing top-tier secure cloud services provided by Microsoft Azure.Microsoft AzureIn a world where data breaches are daily occurrences and regulatory requirements for protecting data are increasing, it's essential for organizations to choose a cloud service provider that makes every effort to protect customer data. Microsoft is committed to the highest levels of trust, transparency, standards conformance, and regulatory compliance. Our broad suite of cloud products and services are all built from the ground up to address the most rigorous security and privacy demands of our customers.To help organizations comply with national, regional, and industry-specific requirements governing the collection and use of individuals’ data, Microsoft provides the most comprehensive set of compliance offerings (including certifications and attestations) of any cloud service provider.For more information:  https://www.microsoft.com/en-us/trustcenter/complianceCompliance Rescop is ISO 27001:2013 certified for Information Security and ISO 9001:2015 certified for Quality Management.Penetration Tests and Monitoring Rescop’s front and back-end applications, as well as its IT infrastructure undergo frequently pen-tests. This is done in addition to Microsoft’s own independent tests, periodic internal tests, and 27/4 monitoring of security-related events.  Certifications and Accreditations ISO 27001 Information Security Certification Rescop received the International Organization for Standardization Certification for Information Security (ISO 27001:2013). The audit evaluated Rescop's Information Security Management System from product, infrastructure and organizational aspects, and verified that Rescop has the necessary information security controls in place to ensure the confidentiality, integrity and availability of valuable data and information assets.Rescop's alignment (as verified by an independent third-party audit agency) with this internationally recognized code of practice demonstrates Rescop's commitment to the privacy and protection of customers' content. By following the standards of ISO/IEC 27001, Rescop demonstrates that its policies and procedures are robust and in line with its high codes of practice, namely:•    Rescop customers know where their data is stored.•    Customer data won’t be used for marketing or advertising without explicit consent.•    Rescop customers know what’s happening with their Privacy data.•    Rescop will comply only with legally binding requests for disclosure of customer data.ISO 27032 Guidelines for CybersecurityRescop is ISO/IEC 27032 complying to guidelines for Cybersecurity. ISO/IEC 27032:2012 provides guidance for improving the state of Cybersecurity, drawing out the unique aspects of that activity and its dependencies on information security, network security, internet security, and critical information infrastructure protection (CIIP) domains. By complying, Rescop facilitates a secure and reliable collaboration that protects the privacy of our customers and helps to prepare, detect, monitor, and respond to cybersecurity incidents.GxP ComplianceGxP is a general abbreviation for "good practice" guidelines and regulations. Technology systems that support GxP processes such as Good Laboratory Practices (GLP), Good Clinical Practices (GCP), Good Distribution Practice (GDP) and Good Manufacturing Practices (GMP) require validation and qualification of adherence to GxP requirements. Solutions are considered qualified when they can demonstrate the ability to fulfill GxP requirements. RC-QMS GxP ComplianceOur fully web based solution, which runs on the common browsers and is cross-platform compatible to allow for use on any device type, including pc’s, laptops, tablets and smartphones. Our solution will help you to establish and maintain a GxP-compliant and reliable IT infrastructure and application landscape for continuous business operations. The RC-QMS suite is developed according GxP regulations and fully tested before delivering to customers in a pre-validated way.Rescop Quality Management Suite (RC-QMS) forms a comprehensive solution for quality and compliance management within regulated industries. It contains products for all key quality management processes, and these products have been designed in such a way that they integrate seamlessly with each other, to enable an efficient and fully paperless quality management system.RC-QMS is a full solution for ensuring permanent inspection readiness in an efficient way. Moreover, RC-QMS enables paperless validation and compliance. Cloud GxP ComplianceOrganizations building GxP solutions on Microsoft Azure can take advantage of the cloud’s efficiencies while at the same time helping protect patient safety, product quality, and data integrity. Customers also benefit from Microsoft Azure’s multiple layers of security and governance technologies, operational practices, and compliance policies to enforce data privacy and integrity at very specific levels.The Microsoft Azure GxP qualification guidelines give customers the tools they need to build on Microsoft Azure’s security foundation by providing:•    The shared responsibilities between Microsoft and Rescop for meeting GxP requirements•    Documentation of the extensive controls implemented as part of Microsoft Azure’s internal development of security and quality practices•    Visibility into crucial areas of internal Microsoft Azure quality management, IT infrastructure qualification, and software development practices•    Descriptions of GxP-relevant tools and features within Microsoft AzureWe are partnering with Microsoft Azure to make cloud-based systems a safer, more efficient model for driving innovation and maintaining regulatory compliance.For more information: https://aka.ms/gxpcompliancePrivacy – General Data Protection Regulation (GDPR) Rescop complies with GDPR as a data processor in the provision of Rescop’s services to its customers. In addition, we are devoted to helping our customers with their GDPR compliance processes by providing robust privacy and security protections built into our services and contracts.By default, Rescop does not collect personally identifiable information (PII) other than IP addresses in logs for security purposes, end-users’ approximate geolocation (country and city in which they are located) and masked IP addresses for the ongoing operation of the Rescop systems. Moreover, Rescop collects and transfers environment properties such as browser and OS, page URL, and title. Operations and Access Control  Security Measures •    All the client files in RC-QMS are encrypted in rest state.•    All RC-QMS files are encrypted in transit state.•    The database of RC-QMS is encrypted.•    The RC-QMS security log is recording personal data: User (Last, First Name), Username, External IP Address.•    All RC-QMS servers are under change control.•    All RC-QMS servers are under access control.•    Backups are taking and stored encrypted by Microsoft Azure and ATERA.  Monitoring & Auditing Intrusion Prevention and Detection Rescop has an extensive Security Information and Event Management system (SIEM), that collects security audit trail logs across infrastructure components in industry standard formats (CEF and Syslog) using an Intrusion Detection System and for analysis and control.Rescop’s SIEM alerts are based on comprehensive pre-defined scenarios, including identification of suspicious signs such as failed login attempts, logins from unknown and off-premise IP addresses or logins during off-hours.SIEM alerts are monitored 24/7 by Rescop. The SIEM prioritizes all alerts, notifies in real time, and escalates them according to severity. Access Control User Management and Permissions Rescop’s platform has an integrated, comprehensive role-based user management and enforcement system.Assigning roles to users requires authorization from the relevant parties in Rescop, and application permissions are granularly controlled per action and screen.  Rescop’s internal corporate access control is centrally and manually managed based on strict need-to know and least-privileged principles on all levels: Application (strong authentication), Network (segmentation, firewall), Platform (access to servers), and procedural (who’s granted to review/approve code, manage changes, etc.).All internal duties within Rescop are segregated. Access verifications are done by internal audits and period reviews, including but not limited to firewall rules, user accounts permissions etc.Overall Conclusion Rescop as the developer of RC-QMS, backed with an uncompromising commitment to GxP, security and privacy, is trusted by companies worldwide. Rescop makes sure to comply with corporate, governmental and (inter)national regulations, maintaining and abiding by the strictest requirements, regulations and security measures at all levels – from its staff, through infrastructure and down to the finest details of its products and procedures.Rescop has received the most demanding international certifications ISO 27001 and ISO 9001, and offers its customers the ability to enforce corporate governance internally, while providing an overarching security umbrella – hosting Rescop’s environments with Microsoft Azure Cloud Services, actively monitoring customer security 24/7, and performing frequently  pen-tests on Rescop’s platforms.Maurice KerensManaging Director Software Development and ImplementationJan BlooCorporate Director Quality Assurance

  • 13 Rescop free Webinar training

    • by Rescop
    • 26-05-2020
    5.00 of 1 votes

    Rescop free Webinar training   Rescop is offering free online trainings the upcoming months. In the time of COVID19 we find it important to contribute to our industry by sharing knowledge and supporting personal development. The first online training will be on Thursday 16th April 2020 on Life Cycle Process Validation by Jos Nieuweboer, Principal Consultant. Jos will give an introduction on life cycle process validation and share some insight on the latest developments.   Register now and save your place: Free registration.