Watch the ERP systems compliance and validation webinar!

Go to Webinar
(312) 207-5800

What is Computer Software Assurance?

Computer software assurance (CSA) intends to minimize risk related to software and ensures that software is consistent, secure, and performs as intended. Software must meet applicable regulatory requirements like data protection, privacy, and standards set for the life sciences. The Food and Drug Administration (FDA) released a CSA guidance to clarify the relationship between regulatory expectations and computer software technology.  

The CSA guidance recently released for comment has spawned much discussion in the regulated life sciences industry. Much of this discussion has  put undue emphasis on what may not be required within the CSA validation model relative to  the burdensome Good Automated Manufacturing Practice (GAMP) model previously adopted by legacy pharmaceutical manufacturers. 

A more accurate way to interpret CSA is to realize that the FDA is attempting to move from the  industry GAMP paradigm to a model more aligned with their existing general principles of  software validation guidance. In doing so, CSA explicitly replaces Section 6 of the FDA Guidance, Validation of Automated Process Equipment and Quality System Software.

How Does CSA Affect Production and Process Automation?

FDA Computer Software Assurance for production software systems reimagines testing with an emphasis on production and quality system activities, i.e., CSA is not so much about tasks that may not need to be performed but more about pivoting toward a heightened emphasis on testing of tasks supporting production controls. CSA enables this by creating a binary approach to risk management; software functions that impact product quality and safety have a heightened process risk category and require the focus of robust testing. 

How Does CSA Apply to the Data Integrity of Biopharma, Cell and Gene Therapy (CGT), and Personalized Cancer Vaccine (PCV) manufacturing?

The CSA guidance also speaks to a continued emphasis on the integrity of data related to production controls. Data integrity is essential to any pharma production process, but due to the voluminous data generated, this is especially beneficial in Biopharma, CGT, and PCV manufacturing. It becomes incumbent on Biopharma, CGT, and PCV companies to use the CSA guidance to create a risk management approach that satisfies this priority on identifying high-risk functions and related data and then testing accordingly.  

The intended use of automated Biopharma, CGT, and PCV production process systems would classify as high risk requiring the rigor of formal documented software validation testing. Therefore, companies in the life sciences may need assistance with the proper application of CSA principles. 

How Arbour Group Can Help

Understand the impact of 21 CFR Part 11 on your production environment. Contact Arbour Group for a detailed discussion of software validation of automated production and process controls, particularly as it relates to commercial solutions for regulated Biopharma, CGT, and PCV manufacturers to include:  

  • Rockwell FactoryTalk, PharmaSuite, Historian, Plex, and Fiix  
  • Dassault Enovia 3D Experience  
  • Siemens Opcenter Execution, Teamcenter and Polarion  
  • Honeywell Performix MES, PHD Historian and Sparta Quality Management  
  • SAP MES, Mii, and Advanced Track and Trace 


The Arbour Advantage

Arbour Group is a trusted advisor to over 250 pharmaceutical, medical device and biotechnology companies worldwide. Let us demonstrate how we can integrate seamlessly into your organization, prove ourselves a valuable business partner and deliver effective services that reduce compliance costs.