The client intended to perform a risk assessment of their current practices, documentation, infrastructure, and software to determine if any business and/or regulatory compliance risks existed, and to develop a mitigation plan. The assessment was to be conducted with respect to US and EU regulatory requirements (for example, GDPR, Annex 11, HIPAA, FDA predicate rules, and 21 CFR Part 11).
Hawkins Point Partners leveraged our IT Quality Framework and accelerators to perform the desired risk assessment and mitigation strategy. We performed discovery sessions with client personnel to understand current and planned processes and practices. We reviewed procedures, vendor agreements, and evidence documents for business and/or compliance risks. We also analyzed the current infrastructure and security, networking, server, and storage devices for business and/or compliance risks. In addition, software platforms were assessed for business and/or compliance risks.