Moving from on-premises deployment of applications under the IT department’s direct control to a cloud deployment where at least one third party is involved requires active risk management.  This keynote presentation will cover:

• Cloud options: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).  We will focus on SaaS.
• What does the cloud mean? Your data on someone else’s computer.
  Understanding the limits of your control
• SaaS supplier assessment and the role of the Service Level Agreement (SLA)
• Key components of an SLA
  • Key Performance Indicators (KPIs) to monitor the service levels
  • Who owns your data?
  • What happens at the end of a contract: can you get your data back?
• Computerised systems must be validated.  Is SaaS any different?
• Handling regular updates to the application: welcome to the validation treadmill
  • Read the release notes to understand the changes
  • Impact of the changes on your ways of working
  • Target your validation effort
• Will a SaaS supplier help with regulatory inspections?

Learning Objectives:

1. Compare cloud deployment models (IaaS, PaaS, SaaS) and identify the regulatory considerations specific to SaaS for regulated laboratories.

2. Analyze key elements of a SaaS supplier assessment and Service Level Agreement (SLA), including KPIs, data ownership, and end-of-contract data retrieval.

3. Evaluate the impact of SaaS application updates on computerized system validation and regulatory compliance in a laboratory environment.