IT Risk and Control in Regulated Environments

The Life Sciences industry is one of the most regulated industries in the world, and is subject to regulation by different government agencies. Pharmaceutical, biotechnology, clinical research, medical device and healthcare companies are required to meet relevant GxP requirements for their business operations which involves well-trained personnel. In order to be compliant with the Sarbanes-Oxley (SOx) Act, all US publicly held companies must establish internal controls and procedures for financial reporting to reduce the possibility of corporate fraud.

As such, personnel working in regulated organizations should be skilled in quality and risk management and computerized system validation activities to ensure these organizations are in compliance with pertinent regulatory requirements. CTG can provide training to your employees to ensure they are appropriately trained and have adequate skills and experience to perform their assigned duties.


Currently no (other) upcoming dates are planned for this course

Course Objectives

The goal of this course is to provide a full understanding of the fundamental principles of IT Risk and Control in Regulated Environments.

Each participant will have gained knowledge about following topics:

  • Concepts and requirements necessary for compliance with GxP requirements and standards for life science industries
  • Good Documentation Practices
  • Pertinent regulations and industry guidelines
  • Computerized system validation process following the GAMP V-model
  • Operational validation activities (maintaining compliance)
  • Computer system requirements applicable to GxP environments, reflection of regulatory expectations and best practices in writing requirements
  • Testing phases of computer system validation
  • Common quality practices for electronic records and electronic signatures (ERES) (21 CFR Part 11, EudraLex Volume 4 Annex 11)
  • Concepts and practical application of requirements with regard to ERES and remediation of ERES compliance gaps
  • Concepts and practical application of requirements with regard to risk management
  • Common understanding of the IT Infrastructure Qualification process and an overview of the main IT Infrastructure components that can be subject to IT Infrastructure Qualification
  • Common understanding of the Sarbanes-Oxley act to be able to understand the necessity of implemented controls in companies that are subjected to SOx regulation

Typical Audience

The IT Risk and Control in Regulated Environments Training courses are designed for Business, QA/Compliance, IT personnel and auditors that are new to the regulated environment. It is important, and is also a regulatory requirement, that all individuals working within the Life Sciences industry receive GxP training and are capable of performing their assigned duties.

Course Prerequisites

A basic knowledge of English is required.

Course Delivery

The training is given in a classroom format and is structured in various modules to offer flexibility and to cater for participant needs and circumstances by considering prior learning and level of staff experience. It consists of a curriculum of six courses which comprises multiple modules. The length of each module ranges from 1 to 4 hours and may include exercises, workshops, and formal assessments.

Courses can be given in English or in Dutch. Course material is in English.

Course Venue

The course duration is 6 days.
This course can be given at the client’s site or at CTG.

Course Administration


€ 4050 per person
€ 3650 per person on second subscription for the same company
€ 3240 per person on third (or more) subscription for the same company
All prices are VAT excluded; course material, lunch and beverages included.


  • By Participant: If a subscribed course participant is replaced by another participant or if the public course is postponed to a later date, no cancellation costs apply. A participant or a group that fails to attend, or thatcancels a course without at least 15 working days written notice prior to the course start, is liable for the full subscription cost.
  • By CTG: CTG reserves the right to cancel a course at any time.

Course Logistics
All classroom courses start promptly at 9 am and are scheduled until 5 pm. All courses are organised at the CTG premises in Diegem (Belgium).
All courses can be given at the client site and are available for groups as well. Please contact us if you wish further information.

The standard language of each course is English.

* Prices subject to VAT

Course Outlines

Introduction to Life Sciences

  • Introduction to Life sciences
  • Good Documentation Practice in Life Sciences
  • Overview of Pertinent Regulations & Guidelines

Introduction to Quality Risk Management

  • Fundamentals of Risk Management

Using Electronic Record and Electronic Signatures in Regulated Environments

  • Introduction to Electronic Signatures and Electronic Records

Introduction to Computerized System Validation (CSV)

  • CSV Fundamentals
  • Maintaining Validated Systems

Introduction to Computerized System Validation (CSV)

  • Writing SMART Requirements
  • Writing Effective Test Plans & Reports

Introduction to Sarbanes-Oxley (SOx) Compliance and IT Infrastructure Qualification (ITIQ)

Meet our trainers

CTG's trainers are experts in their domain and bring the course content based on their experience. Meet some of our trainers below.
Trainings Done
Happy People
Hours of Training
Cups of Coffee



CTG Belgium NV

Woluwelaan 140A
phone: +32 2 720 51 70
fax: +32 2 725 09 20


Buffalo, New York

800 Delaware Ave

Buffalo, NY 14209-2094

phone: +1 716 882 8000

fax: +1 716 887 7464