Streamline your accounting and tax processes with airSlate SignNow's sales standard operating procedure

How to create outlook signature

hello everyone in this lecture we're going to discuss standard operating procedures or sops some aspects of training as well as validation we're going to talk about what is an sop we're going to discuss some common data management sops some good practical guidance on how to create sops pitfalls for compliance what your responsibilities are for training how to think about designing for compliance we're also going to take a quick look at the sop life cycle and very briefly discuss some aspects of validation documentation okay so why do we have standard operating procedures i think i've probably brought this up a few times throughout the course now but it really is a very critical this is a regulatory requirement that we have written procedures and there's a couple of reasons for that and we've touched on them earlier but i'm going to touch on them again and one is that you want to ensure that you have um and a process for building quality into your system and into the end results of the protocol and to branding the protocol itself to implementing it in order to have consistency you really need to have things written so that you can train people on them then they can't refer back to them there are at least two places where both ich and fda specifically call out the need for written policies and procedures one is ich e 6 5.1.1 where they say flat out you know the sponsor is responsible for implementing and maintaining quality assurance and quality control systems with written sops and again this stands for standard operating procedures 21 part 11 also requires that we have written policies and procedures a lot of these are written as standard operating procedures and we're going to talk a little bit more about what a standard operating procedure or sop is sometimes though they can be in the form of a project plan so we're going to talk about those as well okay written or standard operating procedures so again that stan we're going to hear these called sops right that's the common acronym for them sops tend to be overarching procedures that are either global everybody in the company or an organization needs to do them and you can see here's an example this sop pertains to all personnel involved in corresponding with the fda so regardless of what your other role might be if you correspond with the fda this sop applies to you so this means that sops tend to be a little bit broad and they tend to focus on saying what an individual is required to do what are the required steps or tasks for a process but again because saps tend to be broad they often cover multiple functional areas or tasks they don't always contain a lot of granular detail on how you do the task some sops do and it might be appropriate for them but in sum the task is so large that you have your high level sap that says you must do these things and then you might have a step down in complexity for a department operating procedure or dop or a work instruction and in that department level documentation or the work instruction you will have additional detail about how each role has to accomplish the task in most organizations as well we will see templates that are used for specific tasks like locking checklists we've looked at some examples of those case report forms might have templates the project plans might have templates so we often use templates as well as sops and work instructions and to ensure that we collect and organize key information in a very consistent fashion now we'll have our operating process our sops and our work instructions and our templates but sometimes there are things that we're required to do for a project that is very specific to the nature of the project and might not be covered by the sop or the work instruction or the template and this is generally where we see our project specific plans or documents these are documents that say how to perform or when to perform or who will perform a very specific task within the project so you should be familiar with the concept of a standard operating procedure a department operating procedure or dop a work instruction these are very similar the concept of templates that are used to match up with the standard operating procedures and work instructions and the fact that you will also have project specific plans or documents what are some common sops and templates for data management well this slide shows a lot of the common sops as well as templates so you can see a couple in here that we've talked about before the data management plan the case report form completion guidelines checklist for database locking or unlocking for coding you've probably noticed that a lot of the items on this slide are also common data management documents or items that we discussed when we were talking about scope of work or timelines and you can see the connection here between common tasks templates and the processes for which we need sops so generally if you know you're going to be performing a task you need a written procedure for it and you'll typically have a template that goes along with that as well let's talk a little bit about some good principles for creating sops when you are creating sops and you might end up writing them at some point in or contributing to them generally your organization is going to have an sop on writing sops and you'll need to be aware of that and to to follow the procedures in there but just some general thoughts when you're writing an sop you need to clearly state what your process is what is the process you're describing who does it when does it happen how is it done and what proves you did it now in general sops are going to be those higher level documents and they're going to define what needs to be done sometimes they will also have a lot of detail that tells you how to do it but it is also appropriate to have corresponding documents or subsequent documents that underscore the sop and give the detail on how you actually perform the task i always like this quote from suzanne prashka you it's a fine line because when you're writing on sap or work instruction you have to provide enough detail to ensure that somebody can take your sop or work instruction and do the task on the other hand you don't want to make it so detailed that if somebody does a slight variation on the task you are out of compliance or in violation of your sop and i'll give you an example here you might say that you must have a valid signature to indicate review of a document if you said that you had to have an electronic signature to to document the review and you had an individual that could only provide their wet ink or handwritten signature you would be out of compliance and that's probably not your intention because a wedding signature is just as valid as an electronic signature so again this is where you as you're writing saps you want to think that you need enough detail so somebody can follow the sfp to do the task but you want to not be so specific that if they only have one route to making that task occur or to completing that task and this gets us to this whole concept of compliance very often i'll see people writing saps or reading sops and they go great we have sops we're done and and that's really not going to get you in compliance with an inspection or in compliance with gcp you having an sop tells you the process but you have to ensure that people can follow it and generally somebody can't follow an sop if they're not aware of it and they're not trained on it so you have to remember that compliance with sops has a training component and you will need to be able to document when the training occurred and that it occurred you will also need to make certain that after the training individuals still have access to the sops because they will need to reference them as they perform the task so they'll need to have they'll need to be trained and then they'll need to have continuing access and finally you have to document that you complied with the sop and i'm going to give you an example here [Music] when we do user acceptance testing we typically have an sop around how we test the edc system we need to show that we've been trained on that sop and then we also need to be able to show that we perform the user acceptance testing and so we do this by having team members actually sign off to say yes i um you have them sign off on their training yes i took the training i acknowledge i took it and i understand it and then when they perform the task they'll sign off and say yes i performed this user acceptance testing and i performed it in compliance with this sop and then finally it's not just enough for them to say they did it you have to have some documentation that proves they did it and usually what we'll do is pull the audit trail and you can literally see in the audit trail that they have entered the user acceptance data the test data and whether the system fired correctly or not the other thing if you are designing saps or providing input is really think about whether it is feasible and realistic for somebody to do a task so we often sit down and say the best way to make sure that nothing ever goes wrong is we're going to ask people to do all of these very robust and time intensive tasks and the first thing that you need to ask yourself is really realistic and feasible for them to do it maybe you're asking somebody to apply clinical judgment when they can't they're not trained to do that they're not the right resource you might be asking somebody to review data that is not available to them maybe this data is confidential and they will not be able to view it so there's no way that they can perform the task or maybe you're asking them to do a large volume of tasks and they literally will not have the time to do it in there so make sure when you are writing saps or providing input on them that you sit back and ask yourself is this something that that a a reasonable team can accomplish and if not you need to redefine your process again you need to strike that that balance between too much detail and too little detail you want appropriate level of detail for somebody to be able to follow the work instruction or sop and do the work but you don't want it to be so detailed that if there's a minor deviation in their approach they're out of compliance and you've got to make sure that it is uh really easy for people to get to those sops and to pull them down and to use them and as they work through their trials sops have a life cycle and um typically this life cycle involves creating the sop so somebody's going to create the sop they'll get stakeholders to take a look at it initially review and approve it once it's been approved you need to train everybody on it that's going to be performing the task and then you need an ongoing review cycle typically you want your employees if your sop doesn't change you'll still want them to review it every couple of years or every year if it's been revised they need to review the revised version because the expectations have changed and then as an organization you need to review the sop to determine if it needs to be changed if something has happened that necessitates you revising the sop and that's typically done annually or every two years so a lot of times when you look at an sop you'll actually see the effective date and then a review date that's a year or two years out on there and again this gets us to this you are you always want to look at the sops and ask yourself if they need to be revised to reflect current thinking talking very briefly about training which is very near and dear to my heart what i want to say and probably the last time i'll get to say this to you is the training needs to occur before the task is performed so you can't give somebody a task and ask them to go off to do it and then six months later have them trained on it and expect that you'll be considered in compliance somebody in order to be an authorized and qualified user they need to have the training before they do the task training might need to be repeated very often there'll be expectations that you repeat your training annually or whenever new versions are implemented to make certain that you are familiar with the training and you actually know how to accomplish the task it really can be helpful to have a notification and tracking system you know otherwise you want to just set annual review dates but most organizations now have some aspect of a tracking system often it's part of a learning management system or lms you might heard that term quite a bit and an lms allows you to track that training has occurred it also in most cases lets you deliver the training through say a webex or a an electronic e-learning much like we're doing in metadata rave it will document when the individual completed the training and it will flag out when they need to complete a the training review again or when a new version has come out so that can be very helpful otherwise you have to do it manually and finally you need to document that the training occurred and this can either be through a written or an electronic signature so when you are attesting that you have completed your training in metadata and you you apply your electronic signature that's an example of documenting that training um when you're planning training or even when you're getting trained you want to ask yourself some questions and and really they're around who and what so who will get trained and um is this training that they're going to be assigned is it going to be based on their role or on the tasks that they are doing if possible you want to document what those training requirements are in a training matrix or table so you can ensure that the right people take the training and that that is assigned consistently so you can think about the training you took for metadata ray for the e-learnings some of the training you took was very task specific but it might be a task that was performed by multiple roles such as how to navigate and rave anybody in any of your roles whether it was the crc role the cra role the dm role or the pi role you needed to know how to navigate around your subject so that sort of training is really focused on the task or the process on the other hand some of the training you took was role based so you as a crc or a pi might need to know how to enter data but cras aren't allowed to enter data so they don't need that training necessarily instead a cra might need training on how to set the verify flag so again that would be role based training you need to think about what kind of training you're doing are you training somebody on an overarching sop are you training them on a work instruction or are you training them on a project specific plan or project specific documents and then when you think about project specific training you think about what does somebody need to know that is very unique to this project and that is critical to their ability to manage the project and some really common examples are being trained on the protocol everybody needs to know the protocol being trained on the crf itself understanding the contract or scope of work for data managers we almost always want to we have to train on the data management plan and we might have a number of project specific instructions as well before we finish i want to chat just a little bit about validation and verification and user testing so i i want you to have these terms are often used interchangeably and there is actually a a right definition for them and we're going to talk about that but i want you to know that sometimes it's used interchangeably and that's okay i usually ask people questions until i can get a sense of what which of these they're really talking about um but ing to the international engineering group the ieee standard glossary of software engineering terminology validation is the process of evaluating a system or component during or at the end of the development process to determine whether it satisfies specified requirements so validation demonstrates that the system is operational and it checks that the software meets the requirements we defined at the beginning of the study did we build the right thing did we meet our specifications verification is asking us if the system is able to output the data in the way essentially that we want to so in other words verification is did we build this thing right okay user acceptance testing is uh so validation and verification are typically actually done within the programming or development life cycle and it's usually they're usually done by other programmers or subject matter experts user acceptance testing is when you take an end user i'm considered an end user i'm not a programmer so i i'm an ing user and the end user will come in at the at the last phase of testing right before release and we try to bang in test data and reproduce how the system would be used in a in the real world at a site within data management of various different roles so we perform user acceptance testing and this is one of the again one of the final and critical software procedures and it has to occur before the software is rolled out to the market user acceptance session or uat you might also hear it called beta testing application testing or end-user testing and again regulations and clinical practice require that software systems used in clinical trials be validated and verified we need to know if we built the right thing and did we build it right you will probably not perform validation and verification unless you move into programming but it's highly likely you'll do some aspect of user acceptance testing so i do want you to be familiar with these terms and to know that as end users we often will check to make sure the database or the reports or the listings or edit checks we use are actually going to function the way that we expect them to and finally i just wanted to call out the two key regulatory statements where we have got to perform our validation and ensure accuracy lie and performance the last thing that i wanted to show you is that in many organizations they use a testing plan or a validation plan or protocol and i just wanted to get you familiar with that concept i actually don't use these documents very much but when they are used they usually have much like a protocol for a clinical trial they'll have an introduction and scope they'll talk about assumptions and risks any business requirements or functional specifications where and how the system will be installed how it's going to be tested what sops and guidelines will be associated with it how will we know when it's complete and we almost always expect that there will be some changes needed so what is the plan for change control and revalidation if necessary