Vetting Your Prospective Quality Vendor

Vetting Your Prospective Quality Vendor

IQVIA Quality Compliance

The capabilities of an enterprise Quality Management System (QMS) have been shown to provide significant competitive advantage among Life Sciences manufacturing and service organizations. The right company for your Quality Management System will facilitate the production of superior goods and services, while also continuously supporting regulatory compliance. That’s why the QMS vendor vetting process is a critical first step toward success.

We asked a cross-section of IQVIA Quality Compliance subject matter experts to share their perspective on the one question likely to draw the most insightful reply from a prospective vendor about how effectively that vendor will serve an organization. Consider these perspectives and think about how they might help you select a QMS vendor that will enable you to successfully attain your quality compliance goals.

What is your top tip for a Life Sciences organization to properly vet a potential QMS provider? In other words, what one question should that organization absolutely ask a QMS vendor being considered?

Whether you’re a small business or a global enterprise, it is critical to know whether the QMS vendor you select provides the ability for your Quality Management software to seamlessly integrate with other key applications you own or will purchase in the future. Ideally, your QMS vendor should also offer complementary solutions such as Regulatory Information Management (RIM) and Pharmacovigilance, so integration is already built in. Ask the prospective vendor whether their company provides those solutions and are they integrated. Keith Pensabene, Global Head of Sales, IQVIA Quality Compliance

Enterprise software selection, at the heart, is a selection of a partner. Businesses use enterprise software for years, not months. Candid dialogue about successes and failures will ensure your vendor is willing to discuss good and bad news and provide you with a transparent opportunity to evaluate whether or not, the firm is going to be your right partner. Ask the prospective vendor to describe a recent customer failure, why the customer failed, and what has changed in their organization as a result of the failure. Rick Lowrey, Vice President & General Manager, IQVIA Quality Compliance

My top vetting question for a potential QMS provider would be around their release process. If releases are continuous and they don’t have a quality system around their software development lifecycle (SDLC), the system will be a constant headache to maintain. Devora Perich Grieco, Senior Manager, HighPoint Solutions, an IQVIA Company

A solid eQMS platform should have an organizational hierarchy that allows you to secure and partition your information to ensure both privacy and transparency of information as needed across the organization. As each user logs in, the system should automatically know where they sit in the organization and secure the information appropriately whether that be by work center, department, site, or division. This would also allow for other business units to be rolled on or off easily. So whether it is a merger, acquisition or divestiture, your eQMS system would be able to handle it. Ask the prospective vendor to describe how their solution can handle scalability. With the Life Sciences market constantly changing through mergers and acquistions, you want to ensure that solution can carry you through. Joshua Centner, Associate Director, Sales Engineering, IQVIA Quality Compliance

Data security is critical in most enterprise software systems. Data always needs to be protected whether it is in transit or at rest. System access must be limited to only those individuals that can be authenticated and authorized properly. If a disaster happens, a disaster recovery (DR) plan needs to be in place that includes safely transitioning to a backup system. These are only a few of the security measures that need to be accounted for in accordance with industry standards and applicable laws such as SOC 2 and HIPAA. Ask the prospective vendor to demonstrate their compliance (via certifications) with the required information security standards and which reputable, independent third-party cybersecurity compliance auditing company certified their compliance. Stanley Curtis, Senior Director, Software Development, IQVIA Quality Compliance

In today’s global economy you want to be sure that your QMS is a global enterprise-class solution that will allow for growth and a single source of truth. Ask the prospective vendor to demonstrate how they will provide your organization with a single source of truth. For example, “Will my organization have a single source of truth for CAPA regardless of the CAPA source (internal, audit, supplier etc.)? Additionally, can our organization aggregate and disaggregate our CAPA analytics? For example, can I see my CAPA analytics at the highest level, by source, by site?” This single source of truth concept should apply to all QMS records not just CAPA, but also Nonconformances, Deviations, OOS, Complaints, Audits, etc. Kari Miller, Regulatory and Product Management Leader, IQVIA Quality Compliance

Data integrity is a major concern in the manufacture of pharmaceutical and medical device products. Some manufacturers believe that without the proper controls in place, an electronic quality system presents more opportunities for data integrity occurrences than with a manual/paper QMS. Ask the prospective vendor what controls are made in their eQMS to ensure production and laboratory data is not manipulated to meet release specifications. Ask what controls are also in place to ensure that audit trails for the management/approval of production and laboratory data are not modified. Phil Johnson, Senior Principal, IQVIA Quality Compliance

Best Practices for Next-Generation QMS

This ebook examines six key imperatives for successful Next-Generation Quality Management.

Best Practices for Next-Generation QMS

Pilgrim Quality Solutions

Pilgrim pioneered quality management software more than 25 years ago for regulated enterprises that needed a better way to deliver, track and oversee quality-related activities.