Cloud Compliance

Cloud as a Service (ClaaS)

Cloud as a Service (ClaaS) offers its customers looking to host their systems with third party cloud platform providers (such as AWS, Azure, Rackspace etc.) a complete suite of Cloud Selection, Migration, Qualification, Audit and Compliance services.

Cloud as a Service (ClaaS) Offerings include:

  • Cloud Service Provider Selection – We will help you decide between cloud service providers such as AWS or Azure or Rackspace etc.)
  • Cloud Hosting Options - We will help you decide between Private vs. Hybrid vs. Public cloud hosting options available to you.
  • Cloud Architecture and Solution Design – we will help you navigate through the technical complexity by working with your chosen cloud service provider and the software system product vendor to decide on the best architecture to migrate your on premise designed system to the cloud. We will guide you on which geographical regions to host in, what redundancy to have based on the architecture of the system you are looking to host etc.
  • Cloud Migration Roadmap – We will assess your business and system risk profile to help develop criteria to identify the systems to migrate and the order in which to do so.
  • Cloud Quality Management Services - we will help you develop QM methodology, provide document authoring/execution services for your GxP cloud projects.
  • Cloud Compliance strategy consultation – we will assess compliance of your cloud hosted systems for 21 CFR part 11, Annex 11 and MHRA Data Integrity guidelines. Provide risk mitigation services (plans, activities).
  • Cloud Project Management for GxP Systems – outline milestones for a success project delivery and provide executive dashboards for monitoring progress.

Cloud as a Service (ClaaS) Compliance Deliverables Include:

  • Develop Cloud Quality Plan - constructs of the plan will include (but not limited to based on customer policy/SOPs).
    • - SOP – Enhance an existing Computer Systems Validation Lifecycle SOP that addresses Cloud hosted systems or create a new SOP based on customer needs.
    • - Cloud Migration Roadmap
    • - Cloud Migration Plan (similar to conventional data migration plans)
    • - Risk Assessment/Mitigation Plan
    • - Regulatory (CFR) & Security Requirement mapping to Cloud features offered by platform provider
    • - Qualification (IQ/OQ, Test Plans) Methodology
    • - Methodology for Cloud Monitoring and Maintenance (include Change & Configuration Management)
  • Qualification Package for the Cloud Platform.
    • - Platform IOQ Protocol authoring, execution and developing summary report for test results.
  • SLA with Cloud Platform Service Provider.
  • Fulfill Vendor audit requirement for cloud service provider.

Note: All work will be done in compliance with your internal IT Systems Policy and SOP requirements & will be approved by your internal QA Unit.