Early this month, we had our Webinar uncovering how Symbios’ eQMS, powered by Microsoft365 technologies, is enabling smart compliance for international growth.
The live Q&A session was a dynamic exchange, allowing us to tailor our insights to the audience specific queries. Now, we’re excited to unveil the valuable answers that emerged, shedding light on common doubts and concerns.
Watch the video of the live Q&A session of our Webinar or read the transcript here below.
According to your experience when being audited for eQMS validation after the first-time implementation, what were the notified bodies asking for? Which evidence were they looking for? Ultimately, how did they validate your system?
Because it was the first-time implementation of the software both notified bodies who audited us asked us similar things. They did ask for a complete intro of the entire system, so we showed them from beginning to end what we did in terms of what we are trying to achieve, the projects, timeline etc. – keep in mind that we had communicated them years in advance our plans and the implementation of such software, so they knew it was happening – so we explained our entire plan. Concretely, on very specific points and evidence they wanted to see, it is similar to the standard Software Validation Protocol, so if you are a company that produces software, you’re probably familiar with all these protocols. For example, we needed to provide user requirement specifications, software validation plan, software validation report, user acceptance tests for operational qualification, installation qualification, the work constructions for the different type of users and they wanted to also see the training records of all our users. I trained every single employee according to their different roles, whether they have read-only access, or are readers, contributors, signing and approving documents, or authors of the documents – they were trained for their different roles. They wanted to see training proof, work instructions for the different roles as well as all the typical standard software validation protocol documentation I listed previously.
Why did your journey take so long? According to your presentation it seems that the software implementation took about a year. Could you perhaps explain the reasons for such a timeline and the approach used for this implementation?
We purposely decided on this timeline. Our approach was: we’d rather go slowly and surely instead of just rolling out something that later presents several issues. We wanted to really do the planning phase in a slow mode, knowing that we had all these evidence that we needed to provide to the certified bodies. It is a long process to map out everything: the user requirement specifications, the user acceptance testing. I mean we are talking about, if you are familiar with these documents, 100s of pages of documentation to show exactly what’s happening for both migration and for final roll out. So, you have the migration phase, with our 12000 quality documents that we needed to migrate and that required another set of documentation – so we needed to plan that, we needed to make sure that migration was completed and collaborate with all the employees, who are key to the success of this platform. The acceptance tests were real testing with real people and that required a large set of different tests for each type of user to do live testing and to document all that testing phase. So, we needed to make sure that we schedule the proper time for all these people to collaborate for the testing, document it and so forth. This is why we decided to take this step by step approach in such long roll out.
Where is the data stored once it is migrated to the platform and who is actually monitoring it?
Thank you for asking. The data is stored in the client Microsoft cloud. So that client has full control over it. It is not hosted by BPA, it is hosted by Microsoft in the client tenant. Therefore, all data and files will be stored there, in your trusted location.
Can your QMS be integrated with other systems?
Yes, it can. You have seen in the presentation when I was logging a non-conformity that I was connecting to the Dynamic365 ERP system for which we provide a connector. Hence, we keep on leveraging the Microsoft technology also in this case. We can certainly connect with other systems: Microsoft 365 and SharePoint are very well known and well used systems all over the world, so a lot of connectors exist (such as Power Automate connectors, third party vendors connectors). Additionally, the system we want to connect with usually provides its own connectors to make the link between Microsoft and SharePoint. So normally we don’t have to develop these connectors, as we use already available connectors existing in the market.
