We can begin using some of the CSA principles today, even outside of the intended focus for the final guidance. This is provided that for these other areas, we are able to adequately explain their use and defend the tie-in to Part 11, data integrity, the Quality Management System (QMS), and other relevant documents and programs.
In this webinar, we’ll provide an overview of the transition process in going from CSV to CSA. We’ll then dive into a step-by-step guide for the transition that can be done by any company. The transition steps, related documents, and other artifacts, and the potential issues to watch out for will be laid out very carefully.
The FDA is currently trying to modernize its systems and use of data. The FDA announced all the agency’s centers must fully integrate generative AI into work by the end of June 2025. The intent is to reduce non-productive busy-work that has historically consumed the review process. Device submission review can often take many months, but there is an opportunity to reduce this timeframe and allow expert reviewers to focus on the more complex cases.
Medical devices using AI are designed to analyze vast amounts of data to generate clinical insights. This means that the company’s quality management system (QMS) must ensure consistent production and control of manufacturing and quality systems, and involves routine inspections and audits.
The Verifying Accurate Leading-Edge Development Act, or Valid Act, is pending and will codify the “firm-based” approach to regulation. The FDA will oversee methods used for technology development and validate reliability rather than decouple the AI product’s construction. By ensuring robust systems are in place, the FDA can enhance the overall safety and effectiveness of medical devices produced.
Rapid cycles of innovation inherent in products due to constant modification based on new information available pose challenges. ChatGPT from OpenAI has demonstrated substantial semantic medical knowledge and the ability to perform work that will accelerate the submission approval process.
Large Language Models (LLMs) trained on vast datasets embody the ultimate black box in the realm of FDA regulation. They are nonlinear and high-dimensional, making it difficult to trace specific inputs to outputs. A risk is that they may return wrong answers when trained on unreliable datasets. Under a firm-based regulation approach by the FDA, innovators can bring certain new products to market more efficiently.
LLMs will boost efficiency, but input data must be quality-checked. Industry must develop adequate standards and controls, evaluating AI algorithm models under the specific intended use of a device. Ultimately, the industry will be able to identify new product candidates and plan, execute, and analyze data from clinical trials.
In June 2025, the FDA announced plans to use AI to speed new medical device and SaMD approvals. Elsa is a tool that may enhance FDA review of safety data, summarize reports, and flag facilities needing inspection. Built within a high-security GovCloud environment, it offers a secure platform for FDA staff to access internal documents while ensuring information remains within the agency. Submission reviews could be considerably shortened.
Learn more about how FDA and life science companies are using AI and ChatGPT. This is expected to improve efficiency while enabling the FDA and companies to run more smoothly. This is critical at a time when we are faced with a rising demand for healthcare and physician shortages. Leveraging comprehensive data systems will lead to greater efficiency in diagnosis and treatment planning. Getting these products through the FDA regulatory submission process more quickly and efficiently is the goal to put them in the hands of patients.
For SaMD products, several guidance documents from the FDA and the International Medical Device Regulators Forum will be beneficial in understanding how to make changes to these products safely through a method using SaMD Pre-Specifications (SPS) and an Algorithm Change Protocol (ACP) to assess the potential risk and impact of a change.
Learn about the FDA’s AI/ML SaMD Action Plan, encouraging harmonization among technology developers on the development of GMLP. This is part of the FDA’s mission to define new policies and enable innovation while protecting public health.
You will also learn about the Total Product Lifecycle (TPLC) Approach for SaMD regulation. This is a new paradigm focused on the assessment of an organization in terms of its software design, development, testing, and monitoring activities. This is part of the FDA’s Software Pre-Certification (Pre-Cert) Program. In some cases, a new 510(k) may not be needed, and documentation of change and analysis of risk management can take its place.
We’ll provide an overview of computer system validation, including the draft guidance from the FDA on Computer Software Assurance (CSA), and the latest GAMP®5, 2nd Edition, that aligns with CSA. We’ll walk you through the Software Validation and Maintenance approach that will bring clarity to what the FDA is looking for, primarily allowing companies to manage risks from changes, while enabling improvement of performance and advancing patient care.
Learning Objectives
During the webinar, we will discuss the following:
- Learn about “GxP” operational areas, systems, and data regulated by the FDA
- Understand the basics of Computer System Validation (CSV), the traditional approach
- Learn about Computer Software Assurance (CSA) and how it compares with CSV
- Know how to transition from CSV to CSA for validation of FDA-regulated systems
- Understand the System Development Life Cycle (SDLC) Methodology for managing a system through all of its life phases
- Learn about the concepts introduced in ISPE’s GAMP®5, 2nd Edition, and how these align with CSA principles of risk assessment and critical thinking
- Review current trends in FDA 483s, Warning Letters, and Consent Decrees
- Learn about 21 CFR Part 11, FDA Guidance for Electronic Records and Electronic Signatures (ER/ES)
- Understand how Data Integrity (“ALCOA+” Principles) must be applied to FDA-regulated systems
- Know the key elements of a good Data Governance program
- Learn the phases of the Data Lifecycle
- Review the key elements of Data Privacy laws (e.g., Health Information Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), California Privacy Rights Act (CPRA))
- Understand the importance of Audit Trails and Audit Trail Review
- Know how to manage a validated system through User Authentication, Access Control, and Security Monitoring
- Learn about the industry Cost of Non-Compliance
- Understand the deliverables for a Validation effort, starting with a Validation Plan
- Know the key elements to include in an IT Vendor Audit
- Understand how to prepare solid Vendor Contracts and Service Level Agreements (SLAs)
- Learn how to develop a Requirements Specification (RS)
- Learn how to perform Risk Assessment, Risk Mitigation, and Risk-Based Testing
- Understand the advantages and key elements to consider when using Automated Testing
- Know how to prepare an Installation Qualification (IQ) Test Protocol and Test Summary Report
- Know how to prepare an Operational Qualification (OQ) Test Protocol, Test Scripts, and Test Summary Report
- Learn how to develop a Performance Qualification (PQ) Test Protocol, Test Scripts, and Test Summary Report
- Understand the importance of a Requirements Traceability Matrix (RTM)
- Know how to write a Validation Summary Report
- Understand the importance of a formal Change Control procedure
- Know the key elements required for the maintenance of a System in a Validated State
- Know the advantages of using Commercial-Off-the-Shelf (COTS) Software and FDA expectations for validation
- Learn about Cloud-Based Services and the potential savings in ROI that can be generated
- Understand the concepts of Software-as-a-Service (SaaS), Infrastructure-as-a-Service (IaaS), and Platform-as-a-Service (PaaS) environments
- Know how to use the Single-Sign-On (SSO) capability to improve compliance
- Understand the need for a cloud-based service provider to have SOC 2 Certification
- Learn about key concepts related to Artificial Intelligence (AI) and Machine Learning (ML)
- Understand how to use Large Language Models (LLMs) (e.g., ChatGPT, Gemini, Copilot)
- Learn about the FDA Directive to Leverage AI/ML Solutions in all agencies
- Know what is required to achieve FDA Inspection Readiness
- Learn about Current Trends in FDA Inspection and Enforcement
- Q&A
Areas Covered
During this webinar, the following areas will be covered:
- GxP Systems
- GMP, GLP, GCP
- Computer System Validation (CSV)
- Computer Software Assurance (CSA)
- CSV to CSA Transition
- GAMP®5, 2nd Edition
- FDA 483 Observations
- FDA Warning Letters
- FDA Consent Decrees
- 21 CFR Part 11, FDA Guidance for Electronic Records and Electronic Signatures (ER/ES)
- Data Integrity (“ALCOA+” Principles)
- Data Governance
- Data Lifecycle
- Data Privacy; Health Information Portability and Accountability Act (HIPAA), General Data Protection Regulation (GDPR), California Privacy Rights Act (CPRA)
- Audit Trails and Audit Trail Review
- User Authentication, Access Control, and Monitoring
- Security Monitoring
- Cost of Non-Compliance
- Validation Plan
- Vendor Audit
- Vendor Contracts and Service Level Agreements (SLAs)
- Requirements Specification (RS)
- Risk Assessment and Mitigation
- Risk-Based Testing
- Critical Thinking
- Automated Testing
- Installation Qualification (IQ) Test Protocol and Test Summary Report
- Operational Qualification (OQ) Test Protocol, Test Scripts, and Test Summary Report
- Performance Qualification (PQ) Test Protocol, Test Scripts, and Test Summary Report
- Requirements Traceability Matrix (RTM)
- Validation Summary Report
- Change Control
- Maintenance of a System in a Validated State
- Commercial-Off-the-Shelf (COTS) Software
- Cloud-Based Services
- Software-as-a-Service (SaaS)
- Infrastructure-as-a-Service (IaaS)
- Platform-as-a-Service (PaaS)
- Single-Sign-On (SSO)
- SOC 2 Certification
- Artificial Intelligence (AI) and Machine Learning (ML)
- Large Language Models (LLMs) (e.g., ChatGPT, Gemini, Copilot)
- FDA Directive to Leverage AI/ML Solutions in Agencies
- FDA Inspection Readiness
- Current Trends in FDA Inspection and Enforcement
- Industry Best Practices
Background
In September 2025, the FDA issued a draft guidance for Computer Software Assurance (CSA). A final guidance was issued by the Agency in September 2025, but only for medical device companies and in the manufacturing and quality testing areas. The remainder of the life sciences industries must still adhere to the traditional Computer System Validation (CSV) approach to validating computer systems in FDA-regulated operations. In either case, companies can take advantage of some of the efficiencies related to following CSA, including risk-based testing and the use of critical thinking. We will discuss both CSV and CSA, comparing the two approaches, and will provide a pathway that can be taken to transition to CSA.
The life science industries, including pharmaceutical, medical device, biotechnology, biological, and tobacco and tobacco-related products, continue to embrace new technology to improve the delivery of quality products in compliance with the FDA. In addition to some trends toward making use of cloud services, Software-as-a-Service (SaaS) solutions, and other technical innovations, that have more recently begun to be used more heavily in life science companies.
Artificial Intelligence (AI) and Machine Learning (ML) are beginning to find a presence at these companies. While life science companies tend to lag behind other markets in using these technologies, they are catching up, and we are seeing much more activity related to AI use in software applications used to develop, produce, test, and manage life science products.
As the pace of technological innovation and evolution becomes more intense, there is a critical need for computer system validation, 21 CFR Part 11 (Electronic Records and Electronic Signatures) compliance, and data integrity assurance to continue in environments where artificial intelligence (AI) and machine learning (ML) are becoming prevalent.
The FDA became alarmed by the lack of compliance with data integrity and Part 11 requirements during the last decade. Out-of-compliance citations during this period, including Form 483s and Warning Letters, have skyrocketed for these key areas of compliance. But why?
Based on discussions with clients and stakeholders at conferences and meetings, it has become obvious that most of the performers in the industry are under management pressure to do more work with fewer resources and in less time. This continues to lead performers to seek faster and easier ways to get the work done, and opens the door to more conversation around the use of AI/ML and ChatGPT in software development, testing, and support.
It is time to embark on the AI/ML revolution and continue to deliver quality products in life sciences with compliance to meet the needs of the consumers by putting newer, more innovative, safer, and more effective products in their hands, all of which are key focus areas for the FDA. We will discuss how the FDA is using AI to provide a faster review of submissions and for some other purposes to support the industry.
Why Should You Attend
Providing safe and effective medical device & SaMD products regulated by the FDA is in the best interests of all those involved in the development, manufacturing, testing, and distribution of these products. You will learn about projects going on in the industry and at the FDA that take advantage of Artificial Intelligence (AI), Machine Learning (ML), and Large Language Models (LLMs), such as ChatGPT.
With newer technologies such as AI in the mix, it means opportunity for greater efficiency and efficacy, but also poses more challenges for companies that develop, test, and support software applications in the life science industries.
In this webinar, you will learn just how AI, ML, and LLMs, such as ChatGPT, can increase the efficiency and effectiveness of software development life cycle (SDLC) activities, enabling the delivery and support of computer solutions and new innovative medical device & SaMD products that will drive the industry over the coming years.
This webinar is intended for those working in the FDA-regulated industries, including pharmaceutical, medical device, biological, animal health, and tobacco. Applicable functions include regulatory affairs, regulatory submissions, research & development, manufacturing, Quality Control, distribution, clinical testing & management, adverse events management, and post-marketing surveillance.
You should attend this webinar if you are responsible for planning, executing, or managing the development or implementation of any system governed by FDA regulations, or if you are maintaining or supporting such a system.
You should also attend this webinar if you are responsible for developing, testing, or supporting software used in medical device or SaMD products.
Learn by reviewing industry best practices and knowing where to gather key information to help you move forward with these technologies quickly and in compliance with the FDA.
Who Should Attend
This webinar is intended for those involved in planning, execution, and support of computer system validation activities, working in the FDA-regulated industries, including pharmaceutical, medical device, biologics, tobacco, and tobacco-related products (e-liquids, e-cigarettes, pouch tobacco, cigars, etc.). Applicable functions include research and development, manufacturing, Quality Control, distribution, clinical testing and management, sample labeling, adverse events management, and post-marketing surveillance.
Personnel in the following roles will benefit:
- Information Technology (IT) Analysts
- IT Software Developers & Testers
- IT Support Staff
- IT Security Staff
- QC/QA Managers and Analysts
- Production Managers and Supervisors
- Supply Chain Managers and Supervisors
- Clinical Trial Data Managers and Scientists
- Compliance Managers and Auditors
- Lab Managers and Analysts
- Computer System Validation Specialists
- GMP, GLP, GCP Training Specialists
- Business Stakeholders using Computer Systems regulated by the FDA
- Regulatory Affairs and Submissions Personnel
- Consultants in the Life Sciences and Tobacco Industries
- Interns working at the companies listed above
- College students attending schools and studying computer system validation, regulatory affairs/matters (related to FDA), or any other discipline that involves adherence to FDA regulatory requirements
-Troiano_1721197844_1746096426.png)
