Journal of Developing Drugs
Open Access

Risk-based validation of single-sign-on access control to GxP regulated systems

2^nd International Summit on GMP, GCP & Quality Control

November 12-14, 2013 DoubleTree by Hilton Hotel Chicago-North Shore, IL, USA

Henk-Willem Mutsaers

Accepted Abstracts: J Develop Drugs

Abstract :

When companies are expanding whether autonomously or by acquisitions and mergers, the number of computerized systems in use by organizations tends to increase significantly. To keep access management to these systems manageable for both administrators and users, organizations implement single-sign-on (SSO) technology to simplify and centralize access control. Implementing SSO means that identification and authentication functionality moves away from the individual computerized system to the centralized access control system, introducing new security risks and vulnerabilities for the organization. Singlesign- on makes the access control systema highly critical system. In an organization operating GxP regulated systems, controls should be in place to ensure that records are adequately protected against willful or accidental loss, damage or unauthorized change. Solid implemented access control to computerized systems is essential to ensure that the security and integrityof data is not compromised.Therefore, systems controlling user access to GxP relevant systems require full validation for intended use and compliance to 21 CFR Part 11 requirements. A single-sign-on access control system is usually composed of various software and infrastructure components supplied by multiple vendors. Validation of such a complex system requires an end-to-end approach and risk-based strategy based on the GAMP principles and guidelines to effectively mitigate business and compliance risks.

Biography :

Henk-Willem Mutsaers holds a Master of Science degree in Analytical Chemistry and Laboratory Automation & Information Management. He has over 15 years of experience as Senior Consultant and Project Manager, working with clients in the pharmaceutical and medical device industry. He previously worked for PerkinElmer, Life Technologies and Accenture. His main areas of expertise are IT, quality management, regulatory compliance (FDA 21 CFR 820, FDA 21 CFR Part 11, ISO 13485), and computer system validation (GAMP).