Team Tuesdays: What you don’t know can hurt you

by | Apr 2, 2019 | Adamas News, ADAMAS Team Tuesdays

I’ve been at ADAMAS for over two years now, and am Head of Practice, Computer Systems Compliance. There are many things I enjoy about my job and respect about the company I work for.
Firstly, there’s our people and their undeniable expertise; there isn’t anyone here who didn’t have significant industry experience even before they joined ADAMAS, let alone now.
Then, there’s our Quality Management System (QMS); we have a full-time, close-knit team of highly-experienced experts who work to the same quality-management standards, guaranteeing the best service to all our clients on every project.
But I’d say the most significant is the variety of enquiries we receive and being able to help clients across all kinds of organisations: from small, niche software developers to huge pharmaceutical companies and everything in between.
It’s not just the nature of the people we help and their queries that are varied, either. At ADAMAS, we cross all the GXPs and look at all kinds of computer systems. That encompasses CTMSs, IRT, eCRFs, eTMFs and advanced technologies like wearable medical technologies, systems based on Blockchain and the computerised elements of companion-diagnostic tools.
On a typical day, I can also be anywhere in the world, performing audits and evaluating the regulatory compliance status of computer systems for clients. Travel is becoming less frequent, however, as ADAMAS is innovating with its remote-auditing practices and procedures to deliver assessments remotely – saving our clients money and getting the job done even more quickly and efficiently.
Regardless of my location, no two days in my position are the same… though there is one big challenge I continuously see clients face. It’s one of the most prevalent obstacles and one of the most rewarding to help companies overcome, and I’ve discussed it in my recent blog post, “Who’s afraid of the dark?”.
Many organisations don’t know what risks to quality and compliance their computer systems represent … and possibly have a lack of concern around the consequences of staying in that “darkness”.
Many clients’ internal and vendor Computer Systems Compliance (CSC) audit programmes are not well- developed, their own processes and procedures aren’t subject to audit, and they have a QA programme that doesn’t include CSC: data integrity, validation, security and other areas that can cause real problems.
Some are using legacy systems designed 10 or 15 years ago, at a time when validation practices and processes weren’t as common, well-understood or well-enforced by regulatory agencies.
Others are using third-party providers that haven’t ever been audited. By simply trusting that these third parties have robust policies and procedures, and that work is being carried out correctly even if systems have never been tested, clients are taking a huge leap of faith that could have a fateful landing. Especially when they’re handling regulated data or processes.
In my role, I’m responsible for performing audits of vendors and suppliers for my clients; conducting audits of clients’ own internal CSC practices, identifying gaps and challenges here; and consulting and advising clients developing new systems, helping them to build these in the most compliant manner with an effective Systems Development Lifecycle (SDLC).
And I’m determined to bring clients into the light, turning “the unknown” into something real, respected and resolved by performing a robust yet pragmatic and risk-based analysis of regulatory compliance and risk.
Can you be sure your data stands up to examination, by the FDA, EMA, MHRA and other bodies? If the answer isn’t a firm “yes”, I’d be delighted to help.
After all, my most rewarding days are those in which I reassure worried clients – while remaining pragmatic – that myself and the rest of the team at ADAMAS can help them identify, understand and manage the risks associated with their systems. And that even more importantly, we can help them resolve these issues before they jeopardise their regulated activities. Which they will, if left uncovered.
ADAMAS not only audits before the authorities do, we also offer an all-encompassing range of services, spanning gap analysis, consultancy, hands-on assistance, SDLC development, the creation of IT QMSs and more. That’s even more variety for you!
To find out more about what I do at ADAMAS and how I can assist you, or to learn about the company itself further, feel free to send me a message on here, at or contact us.

Matt Barthel

Head, Computer Systems Compliance & Data Protection Officer
ADAMAS Consulting Ltd