Continuous Validation FAQs
The definition: "Continuous validation is providing documented evidence to certify that an app not only met the pre-established acceptance criteria, but “continuous” to meet thus mitigating the risk of unknown changes."
Continuous validation is not just a "point in time" validation. It is a type of validation which connects various points in time (initial, patch, upgrade validation) with continuous smoke and regression testing. This feature provides the documented evidence that the an app worked well not just at discrete points in time in the past, but continues to function as expected in the present. This also mitigates the risk of any change in either the IaaS/PaaS layer (for cloud apps) or the underlying IT infrastructure (for on-prem apps) that can potentially alter its behavior.
Continuous Validation is GxP compliant and based on a sophisticated Model Based Testing Framework. Once the Continuous Validation model is built, it can be used to perform initial validation as well as be run at regular intervals to "continuously validate" with no human intervention ("lights out mode").
- Initial Validation
- Patch & Upgrade Validation
- Regression Testing
- New Feature Testing
- Performance Testing
- Security Testing
- Continuous Validation (a unique and bonus feature)
A true "cloud" is designed to constantly release changes so that the end customer can leverage these innovations and thus increase productivity. However, this presents a dilemma for the traditional validation folks who are used to reviewing each change and then addressing it one way or the other. If you want to embrace the Cloud, the compliance perspective must change from examining every change by the Cloud Provider (which is practically impossible considering the velocity of changes) to ensuring your requirements are met constantly. This can be achieved with the "continuous" validation framework where by you are constantly (for example: daily) testing to ensure your requirements are met in spite of the changes.
xLM's QMS is based on industry standards as well as applicable GxPs. xLM's QMS is a robust framework based on ISO 9001:2015, GAMP 5 and ASTM E2500 as well as FDA 21 CFR Part 11, EudraLex Annex 11. xLM's QMS enables us to deliver our managed services that not only meets, but exceeds the expectations of regulatory agencies in the USA, Europe and Japan.
xLM provides various KPIs and dashboards that provide a window into real-time validation. Some examples are:
- Requirements to Test Case Heatmaps
- Test Execution Historical Graphs and KPIs
- Test Deviation KPIs and Dashboards
xLM has built-in support for multi-browser and multi-OS testing.
xLM has built-in support to test all industry standard APIs including Web Services and REST APIs.
Combinatorial Testing is an integral part of our continuous validation framework because it not only reduces cost but increases the efficacy of our testing strategies. This is even more important since the complexity of software apps are increasing exponentially.
xLM has developed an Accretive Model for Cloud Infrastructure Qualification.
cDI FAQs
- Auto ticket summaries
- Auto-generated response
- Ticket solution suggestions
- Automated script generator
- Automated issue suggestions: Uses machine learning to suggest issues based on user activity and patterns.
- Predictive prioritization: Helps prioritize bugs and issues based on their potential impact and severity, using Al.
- Smart search: Enhances search capabilities with natural language processing to understand the context of queries.
- Similar issues: Recommends similar issues to avoid duplicates and streamline workflow.
- Next-gen project templates: Suggests project templates based on the team's needs and past project setups.
- Smart links: Automatically transforms links pasted Into pages Into rich content previews.
- Content recommendations: Suggests relevant articles and documents to users based on their work and interests.
- Meeting notes assistant: Summarizes key points and action items from meeting notes using natural language processing.
- Page Insights: Provides suggestions for improving content quality and engagement based on analytics.
- Incident prediction: Identifies patterns that could indicate potential incidents before they occur.
- Smart alert routing: Automatically routes alerts to the most appropriate responder based on past incident data.
- Noise reduction: Filters out redundant alerts using Machine Learning to reduce noise and focus on critical issues.
- Al-Powered Detection: MTR uses Al algorithms to analyze behavior patterns and detect anomalies that may indicate a threat. This includes identifying suspicious activities and malware that traditional signature-based detection methods might miss.
- Machine Learning Models: It incorporates advanced machine learning models that are trained on vast datasets of security threats. These models improve over time, adapting to new threats and reducing false positives.
- Threat Hunting: Leveraging Al, MTR conducts proactive threat hunting across the network. This involves searching for signs of compromised systems and indicators of attack (loAs) that suggest a breach or an ongoing attack.
- Automated Response: MTR utilizes Al to automate certain response actions to threats, enabling faster mitigation and reducing the window of opportunity for attackers. This includes isolating affected devices, terminating malicious processes, and applying security patches.
- Behavioral Analytics: By analyzing the behavior of users, applications, and network traffic, MTR identifies patterns that deviate from the norm, which could indicate a cyber threat or compromise.
- Adaptive Threat Response: Al is used to tailor the response to the specific characteristics each detected threat, ensuring that the response is proportional and effective.
- Security Analytics and Reporting: MTR provides detailed analytics and reports on security events, leveraging Al to highlight trends, identify vulnerabilities, and recommend actions to improve security posture.
- Integration: MTR integrates with other products using Al to provide a coordinated and comprehensive security strategy across endpoints, networks, and cloud services.
- ContinuousValidation incorporates Computer Vision, Al LLMs to identify Ul screen objects. This new technology is far superior than traditional test automation technologies. This enables xLM to manage software changes very efficiently and reliably.
- xLM is investing in Al LAM (Large Action Model) technology to mimick how a human interacts with software. This will enable xLM to fully integrate next gen test automation technology into the platform. This will help us increase coverage, perform more advanced testing, manage changes efficiently while increasing compliance.
Step 1
- GxP Data Integrity
- Data Governance
- Data Lifecycle
- Original Records / True Copies
- Computer System Transactions
- Audit Trails
- Data Review
- User Access/System Admin Roles
- Data Retention & Archival
- Backup & Disaster Recovery
- File Structures
- System Validation
- System Interfaces
- Data Risk Assessments
- Cyber Security Posture
Step 2
- Formulate recommendations based on Gap Analysis.
- Finalize an implementation plan based on your priorities, objectives, resources, current systems/contracts, budgets and DI gaps.
Step 3 (Optional)
- Appoint a fractional vCISO from our partner Trava Security and a fractional vCQO from xLM.
-
This will ensure leadership within your IT in areas of Cyber Security and IT Quality.
Step 4
- Develop an IT Quality Manual.
- Identify all new policies and procedures that need to be developed.
- Identify existing policies and procedures that need to updated.
- These policies and procedures need to address, but not limited to the following areas: IT Security, Acceptable Use, Identity and Access Mgmt, Incident and Problem Mgmt, Risk Managment, Information Classification, IT Asset Protection, Business Partner Risk Mgmt, Change and Configuration Mgmt, Business Continuity and Disaster Recovery, IT Infrastructure Qualification, IT Supplier Auditing, etc..
- Develop/Update and obtain approvals on the Quality Manual and Policies / Procedures.
Step 5
- Identify cDI Managed Services required to fill in the gaps and comply with the new IT Quality Manual.
- Finalize MSA for Subscriptions.
Step 6
- xLM's team will follow their onboarding process for each of the Managed Services.
- The end result is deployment of a validated instance for each of the managed cDI services.
- Customer Training.
- Data Migration and corresponding validation.
- Hypercare Support.
- Ongoing managed services.
Step 7
- Conduct monthly status calls to provide various metrics related to the performance of managed services.
- Continuous Improvement.
-
Ongoing Change and Configuration Mgmt.
xLM's cDI managed services complies with FDA's CSA.
- Every managed service is qualified in a xLM Test Environment.
- Every customer instance is deployed and validated.
- Customer's instance is maintained in a validated state with 100% regression.
- Every service is evaluated for 21 CFR / Annex 11 compliance and such features are included in Qualification / Validation testing.
- Every single validation artifact is released for customer's QA approval.
- The entire validation library is organized and made available in a dedicated portal.
- The following cDI instances are configured and managed by xLM. These Services are available to the customer to use on a daily basis:
- ContinuousDM
- Continuous ALM
- ContinuousRM
- ContinuousSM (for opening tickets and approving them)
- We recommend that you use ContinuousALM for managing your Validation Assets (Systems).
- You can manage projects, products and validation tasks here.
- ALM fully supports Requirements, Specification, Tests and Test Case as well as Test Execution Mgmt.
- You can manage bi-directional traceability.
- Export any report into word so that you can use your own templates before approving. For example an URS, FDS, Test Protocol, etc.
- Yes. We can completely manage your IT Infrastructure.
- This includes both On-Prem and Cloud Assets.
- We can manage your GxP IT Assets as well as Non-GxP Assets including Desktop PCs and Laptops.
- We provide 24/7 365 support.
- Our Change and Configuration Mgmt coupled with state of the art Al based pro active toolset ensures IT compliance.
- We will be reporting to your Internal IT and QA.
- It does depend on the Service Bundle your choose.
- Generally speaking, all our services will be provide by working hand in hand with your IT leadership.
- xLM will be part of your IT Department and will coordinate as required.
- Since we provide managed services, the burden on your IT is very minimal since we bring the best toolset and industry best practices with a goverance framework that exceeds FDA or any other health authority expectations.
- Yes. Our Engagement Manager can coordinate an audit.
- We will also provide our Quality Manual and a comprehensive xLM QMS documentation once the contract is signed.