Rocco Timpano – Sr Director IT Quality & Compliance – Governance, Risk, & Compliance

1. Rocco Timpano – Sr Director IT Quality & Compliance – Governance, Risk, & Compliance • Christopher McElroy– Director IT Quality & Compliance – R&D/Medical Business Partner

2. IT QA – Perspective • Challenges and Opportunities • New Technology (e.g. Cloud Computing) • Various Solutions (e.g. Definition of Public (external multi tenant) vs. Managed hosting (OOD) vs. Private (Internal Cloud)) • Mobil vs Medical Devices • (ref: http://www.fda.gov/downloads/MedicalDevices/DeviceRegulationandGuidance/GuidanceDocuments/UCM263366.pdf) • Personal Computing Devices • Outsourcing (multi-Level) • Standards; Config Mgmt; Sub-sourcing; Vendor Auditing • Overlapping Compliance Requirements (Regulatory and Statutory) • (e.g. Multi Country BOH, Data Privacy, SOX) • 20th century CSV • Based on demonstrating control - where people knew where their hardware was located, what software had been loaded onto it and knew the names and qualifications of the personnel supporting their computing environment. Example: Who can log in? Do I know where my data is? Who can see my data? Is my data secure? • 21st Century CSV • Regulators allowing for adoption of a Risk Based approach. Opportunity (through PRISME) can a industry forum be formed to allow for the discussion, sharing, and leveraging risk based strategies with CSV.