Description :
Overview : The IT Compliance and Computer Validation (ICCV) Lead will primarily be responsible to assure that all GxP Computer-Related Systems are installed, configured and validated to provide documented evidence that they meet all regulatory requirements (including SOX compliance) for security and data integrity and that they perform as expected based on approved requirements documentation. This position is required to interact well with all employees in the organizational structure to define and document validation deliverables including User Requirements, Functional Specifications, IQ's, OQ's, PQ's, and Traceability Matrices. Once validated, the system will be maintained in a validated state under a documented change management process in which the ICCV Lead is responsible for reviewing all proposed changes including application and OS patches/upgrades, as well as hardware changes, to determine the extent of GxP impact and identify testing requirements. Annual reviews of all validated systems will be completed by the ICCV Lead and include evaluation of all changes, reported problems, and vendor upgrades/patches in order to determine if any actions are required such as upgrade, replace or re-validate. In addition, this position will provide support to system and business process owners with the development of clear well defined SOPs for operation, maintenance, and administration of all GxP systems. Responsibilities : Main Responsibilities: 1) Prepare CSV documents including User Requirements, Functional Specifications, IQ's, OQ's, PQ's, Final Reports, and Traceability Matrices. Circulate all documents to assure prompt approval and submit final approved copies to the QA Documentation Center. 2) Train system and business process owners, or other designees as required in the execution of system specific validation protocols, and unit/integration test scripts. Work with referenced individuals or designees to execute validation protocols and unit/integration test scripts. Review and approve executed protocols and unit/integration test scripts. 3) Review and approve all proposed Computer-Related Change Control requests to determine the impact that the proposed change may have on the validated state of the system. This includes performing GxP assessments, product safety, quality, regulatory and business impact assessments, and identifying the necessity to update associated CSV documentation. It also includes preparation or providing guidance to prepare unit/integration test scripts to ensure the system remains in a validated state post change. Periodic Responsibilities: 1) IT Change Management - Process owner for IT Change Management activities, lead weekly change meeting and keep records surrounding proposed/approve/denied change request. This requires a general understanding of IT operations and governance and superb organizational and record keeping skills. 2) Policy and Procedure Updates/Maintenance - As needed write, review, and maintain current up to date Policies and SOPs for the Validation Lifecycle of GxP Computer-Related Systems. This requires understanding and remaining current with Technical Principles of Validation as defined by FDA Regulatory Requirements, GAMP, and IEEE. In addition, work with system and business process owners to develop of clear well defined SOPs for operation, maintenance, and administration of all GxP systems. 3) Training - On-going, as needed advise and train other employees across multiple disciplines on the importance of validation and maintaining systems in a validated state of control as they relate to the regulated pharmaceutical industry. 4) Vendor Audits - On-going, as needed work closely with outside firms contracted for managed hosting services or as a co-location to assure that their Network Qualification and Change Control procedures are satisfactory to protect the security and accuracy of Medicis' data 5) Validated Systems Review - Annually, review all validated systems an evaluate changes controls executed, reported problems, and vendor upgrades/patches in order to determine if any actions are required such as upgrading, replacement or re-validation. Qualifications : Bachelor's Degree in Computer Science or related field Familiarity with GxP regulations applicable to Pharmaceutical companies including: 21 CFR Part 11 for rules on the use of electronic records, electronic signatures Prescription Drug Marketing Act (PDMA) of 1987 Familiarity with SEC regulations and IT controls methodologies including: Sarbanes-Oxley Act, specifically section 404 PCAOB Auditing Standard No. 5 Committee of Sponsoring Organizations of the Treadway Commission (COSO) Control Objectives of Information and Related Technology (COBIT)