managing projects for regulatory compliance
TRANSCRIPT
8/8/2019 Managing Projects for Regulatory Compliance
http://slidepdf.com/reader/full/managing-projects-for-regulatory-compliance 1/3
No aspect o a business remains untouched. Sweeping rulings such
as Sarbanes-Oxley can send managers searching or better ways
to manage business processes. Widely accepted quality standards
such as ISO 9000:2000 lead to similar challenges as old systems
all by the wayside. Furthermore, businesses that participate in
the intensely regulated health care industry ace even greater
challenges as they must also abide by stringent rulings o the Food
and Drug Administration (FDA) and Health Insurance Portability
and Accountability Act (HIPAA).
Process Management
Project managers have long relied on tools to help them do their
jobs, but have lacked eective solutions or process management.
A typical project management cycle involves a “one time pass”
through a task list to prepare eort estimates and resource
assignments. Project management tools are designed to handle the
scheduling and interdependencies o these tasks.
While project management tools help managers plan business
activities, they do not ensure business processes are ollowed.
Organizations have generally relied on documenting processes,
establishing principles and rules, and then requiring their people to
ollow these guidelines. I the business environment never changed,
this approach would be sucient because a process could be set
up to meet compliance requirements and then be let to run.
In today’s ast moving business environment it is likely that
processes will be constantly changing due to actors both within
and outside o an organization’s control. This can challenge the
organization as manually implemented processes are dicult to
update. Eectively managing and tracking ever changing processes
is a large part o what standards and regulations bodies require.
Effective Tools
Attempts to streamline the management o business processes
have resulted in a prolieration o custom applications, each
designed to guide people through processes they may not ully
understand. Although these applications may solve the problem at
hand, they lack the fexibility to be applied quickly and easily to new
situations. Instead o expensive one-o solutions, organizations
should seek more adaptable tools that can aid in the automation o
business processes and provide the rigorous change management
that standards and regulations oten require.
When searching or tools to better manage business processes one
should look or the ollowing qualities:
• Canmanageandtrackanybusinessprocess.
• Providesinsightintotheactivitiesanddocuments that support a process.
• Maintainsaccuratehistoricalrecordsofwho changed what and when.
• Fulllseventhemostrigorousaudittrailrequirements.
• Limitsrecordaccesstoonlythoseusersthatshouldhaveit.
• Canbedeployedonmultipleplatformstoexpediteadoption.
• Integrateswithothersystemstomaximizethe
value o the inormation collected.
Fullling these requirements is simple using Seapine Sotware’s
SeapineCM.ThesuiteconsistsofTestTrackPro,atoolthatcan
manage and track the activities o any business process, and
SurroundSCM,aproductthatintegrateswithTestTrackProto
manage and track changes to the documents that support a process.
TheusesforTestTrackProandSurroundSCMarevirtually
unlimited.Managerscantrackchangestopoliciesandprocedures.
Managing Projects for Regulatory Compliance
Standards and regulations exist for a reason. They set
a minimum level of quality and ensure accountability
is present in crucial business processes. Even if regulatory
compliance is not required by government agencies,
competitive pressures may warrant the adoption of
industry standard quality programs. Meeting thesechallenges is not optional — it is often required for
business survival.
byAllanMcNaughton
8/8/2019 Managing Projects for Regulatory Compliance
http://slidepdf.com/reader/full/managing-projects-for-regulatory-compliance 2/3
Business analysts can track the authoring, review and approval
phases o requirements documents. IT can manage change
requests and project plans. And, o course, developers and testers
can manage specications, product issues and sotware releases.
SeapineCMnotonlyhelpsorganizationsbettermanagebusiness
processes, it also aids regulatory and standards compliance.
Built for the Task
Tools or managing and tracking business processes do little good
iftheyarenotused.SeapineCMoffersjusttherightmixoffeatures
with the simplicity to entice even the most recalcitrant user to
participate in process improvement eorts.
Process Neutral
OrganizationscaneasilycustomizeSeapineCMtosupporttheir
unique business processes. TestTrack Pro’s powerul workfow
engine easily tracks the states, events, and transitions o any
business process. The complexity o a workfow is dependent onthe complexity o the business process itsel. Simple processes
may only require a ew steps while more complex processes may
include assignments o a single task to multiple team members and
require additional sign o steps.
TheexibilityofferedbySeapineCMgivesorganizationstheability
to implement most any workfow, including those that require
additional levels o management authorization or changes and
approvals (e.g., Sarbanes-Oxley).
TestTrack Pro can be urther customized to support a business
process by renaming eld labels to match process terminology
or collecting additional data elds that are unique to the process.
For example, a medical devices company seeking FDA 510K
certicationcouldrenametheCustomFieldstabtoCompliance
Details and use it to track compliance-related issues. Additional
process-specic elds can be added as needs change.
WhenproperlyemployedSeapineCMstrengthensbusinessprocesses
by ensuring no activity is let untracked. Implementation activities can
be driven using issues in TestTrack Pro. Supporting documents can be
versionmanagedinSurroundSCM.Withthesetools,issuesthatused
to all through the cracks are now assigned to team members who are
responsible or moving them through the workfow.
Information Access
ManagerswillndSeapineCMquicklybecomesaveritable
storehouseofvaluableinformation.AsSeapineCMmanages
business process issues and their supporting documents, a detailed
historical record o how a process unolded is automatically created.
SeapineCMmakessearchingthroughtheserecordsforcrucial
inormation virtually eortless.
TestTrack Pro’s customizable lters allow users to sit through
thousands o issues to nd only those that meet their criteria. These
results can be ed into TestTrack Pro’s reporting engine, which sorts
the data as required and generates either summary or detailed
reports. Users can also examine the historical details o an issue
to see what state the issue is in and how it got there. To urther
simpliy inormation retrieval, issues in TestTrack Pro can be directly
linked with their supporting documents in Surround.
InadditiontopullinginformationfromSeapineCM,userscanalso
have it pushed directly to their email inbox. TestTrack Pro contains
a robust email notication system that lets users receive updates
when certain conditions occur. For example, the project manager
may want notications when new issues arrive. Users may also
nd it helpul to receive email updates when issues are assigned
to them or when is sues they led progress through the workfow.
Likewise,userscanreceiveemailnoticationswhenchangesare
made to documents that are under the control o Surround.
Compliance Ready
SeapineCMstreamlinescomplianceeffortsbyprovidingthe
detailed historical records that regulations and standards require.
This inormation gives auditors the ability to walk back in time and
enables them to understand the subtle implementation details o a
business process. For especially demanding regulations, such as FDA
ruling21CFRPart11,SeapineCM’saudittrailsconvenientlycapture
the who, what, and how o issues and documents that have changed.
AccountsPayable Validate Vendor Allowed Error
InvalidBill
OK toIssue Check
Issue Check
ValidBill
Add VendorInvalidate Vendor
Escalate Submit to Legal Dept
Escalate
Invalid Vendor
Valid Vendor
InvalidProduct or
Service
Returnto
VendorCloseClose
Close
Close
EscalatedIssue
ValidProduct or
Service
Checksto beIssued
CheckSent
LegalReview
Sample Workow Diagram
8/8/2019 Managing Projects for Regulatory Compliance
http://slidepdf.com/reader/full/managing-projects-for-regulatory-compliance 3/3
WithSeapineCM’saccuratehistoricalrecordsthereisnodoubt
about which user was responsible or making a change. Each time
an issue or document is updated identiying user inormation and
the time o modication are attached. TestTrack Pro also supports
electronic signatures, which can be used to ensure users sign o
on each change to an issue. When an issue is created, modied or
deleted the user is prompted to enter their credentials along with
a reason or making the change. I the user’s credentials are not
validated by TestTrack Pro within a certain number o tries, the
user is automatically logged out.
NumeroussecuritylayerscontrolwhousesSeapineCMandhow
they use it. No change can take place without users successully
loggingintoTestTrackProorSurroundSCMusingauniqueuser
name and password. Once logged in, record security limits the
issues and documents that are visible based on the security group
users belong to. Within the records that are visible to a group,
command security restricts users to specic commands, and or
TestTrack Pro, eld security controls who can enter or edit issue
eld data.
IT Friendly
SeapineCMiseasytoinstallandrequiresminimaladministration.
TestTrackProandSurroundSCMeachuseasingleserverthat
can concurrently manage multiple issue databases and document
repositories, respectively. Issues databases can be as simple or
complex as requirements dictate. One database might be used
to track compliance issues against a single product while another
mightbeusedtotracktheentiredevelopmentprocess.Likewise,
SurroundSCM’srepositoriescancontainanynumberorsize
o supporting documents arranged in whatever hierarchy an
organization desires.
Users can access TestTrack Pro through its Web interace or with
aclientapplicationthatrunsonWindows,MacOSX,Linux,and
Solaris.SurroundSCMuserscanaccesstheirdocumentrepositories
through a similar multi-platorm client, or by taking advantage
o Surround’s integration with leading integrated development
environments.
SeapineCMworkswellwithothersystems.TestTrackProoffers
a SOAP API that supports user-level TestTrack Pro operations such
as running queries and adding, deleting or modiying issues. Say
you want to implement a business process that escalates an issue’s
priority ater 30 days o inactivity. Using the SOAP API, you can
write a script to execute a TestTrack Pro query, iterate through
the results and update each record accordingly. Another way to
leverageTestTrackProistoexportitsissuedatabaseasanXML
document, which can be imported into another application.
Seamlesstwo-wayintegrationbetweenSurroundSCMand
TestTrack Pro lets users manage an issue’s supporting documents
rom TestTrack Pro. It also integrates with other tools via a
command line interace, so scripts and other applications have easy
access to its change management capabilities.
Take Control
The challenge o achieving regulatory and standards compliance
requires organizations to aithully ollow well thought-out business
processes.SeapineCMprovidesaexibleandeasy-to-usesetof
tools to ensure even the most complex processes are appropriately
managed and tracked. Using this inormation organizations gain
exceptional visibility into their business so they can ensure
compliance requirements are properly addressed throughout
a project’s liecycle.
5412CourseviewDr.,Suite200Mason,OH45040
TEL 513-754-1655
FAX 513-754-1660
www.seapine.com
©2006SeapineSoftware,Inc.TestTrackPro,TestTrack,SurroundSCM,QAWizard,SoloBug,SoloSubmit,SeapineCM,SeapineSQA,andtheSeapinelogoaretrademarksofSeapineSoftware,Inc.Allothercompanyproductsandcompanynamesareeithertrademarks or registered trademarks o their respective companies. All rights reserved worldwide. Inormation presented here is
accurateasofthetimeofprinting,butissubjecttochangeorrevisionwithoutnotice.6147.1RegulatoryCompliance.indd07/06
About the Author Allan McNaughton ([email protected]) is a patent-holding
technologist and veteran writer. He is the principal at Technical Insight LLC,
a frm specializing in the composition o high-technology white papers.
Robust Reporting System