Computerized System Validation

Welcome to RMC Consulting Division at PARK RMC Office

行政書士 永田久雄

Hisao Nagata

Representative: Hisao Nagata
Address: 3-34-20 Asagaya-kita, Suginami-ku, Tokyo 166-0001

Telephone number / FAX number 03-6336-7141
Business hours 9: 30-17: 30
Regular holidays Saturdays, Sundays, and holidays

Introduction of our office


June 2018
Opened an IT consulting office dedicated to the Risk Management and Compliance (RMC) in the pharmaceutical industry, which was the last department at a major U.S. affiliated mega pharmaceutical manufacturer where the representative of this office has been belonged to.

April 2019
Registered as a park RMC office

July 2020
Registered with the administrative scrivener association as an administrative scrivener park RMC office to expand the corresponding business in handing legal documents and contracts in domestic business.

Our office has quality and security management know-how of computerized system construction that correctly complies with Rule 21 CFR Part 11 for implementing and operating electronic records and electronic signatures issued by the US Food and Drug Administration in 1999. Based on our know-how, we started as an IT consulting firm for pharmaceutical companies.
In addition to know-how for supporting clinical development support system development projects and large-scale system introduction projects that make full use of cutting-edge technology, we have pursued the optimal balance between modern technological trends and quality.
Since almost all data on regulatory affairs in these days is related to IT systems, internal control related to regulatory affairs applications and licensing matters and compliance measures in IT development have become almost seamless. Therefore, as an administrative scrivener office, we became an eligible office to provide one stop comprehensive services.

Skills based on Job Experience

IT QA skills based on 20 years of professional experience in leading Quality Management

  • CSV(Computerized System Validation) governance for various kind of  systems such as EDC (Electronic Data Capturing System) localization, CTMS (Clinical Trail Monitoring System), Patient Database, EDI (Electronic Data Interchange), Data management System, Knowledge Market Web solution, AEM (Adverse Event Monitoring) System, SAS, ASP and SaaS/IaaS/PaaS.
    • GCP relative applications, IoT System Development for clinical trial
    • SBMD (Software Based Medical Device) system development projects to align to the regulatory requirements of Pharmaceutical Affaires Act in Japan.
    • SAP R3
    • Argus Safety System 8.1.x (E2B R3 compliant), ARISg/j
    • Investigation for validation approach of eCTD submission process
    • Retirement of local GCP systems
    • Deployment qualifications for global regulated applications
    • eMVR (electronic Monitoring Visit Report) definition program
  • Day to day computerized system validation consultation to the customers in R&D
  • Librarian for the Trial Master File Room in representing R&D IT department
  • Strong communication skill based on World-wide communication path for working across departments and countries in the field of corporate regulatory compliance, research QA, internal audit, legal and informatics.
  • Knowledge to respond PMDA (a subsidiary organization of MHLW) and QA people in other prime pharmaceutical companies in Japan with the collaborative activity in PDA, which is an academic associations for studying and writing a guidance manual for CSV and preparation for CSV inspections by PMDA.
  • Serving as an Information Security Officer for clinical development Division to lead local R&D site to align with the global internal security standard from GCP data protection, HIPAA compliance, ER/ES compliance and Information Protection Management perspectives based on ISMS/ISO27001.
  • Hosting training session for learning SDLC, Regulatory Compliance in GCP area, Information Security System and 21 CFR Part11 including the difference against ER/ES guideline of MHLW

Selected Project Experience in IT Quality Risk Management

  • System qualification Lead for Veeva project in large global pharmaceutical company – June 2019 to June 2020
  • CSV Team Lead in SAP R3 implementation project in a large global pharmaceutical company – October 2017 to May 2018
  • Deputy Project Manager as Validation Lead for the IoT System Development project for clinical trial in a Large global Pharmaceutical Company – December 2016 to July 2017
  • Argus Safety System 8.1.x (E2B R3 compliant) implementation for three clients out of Top 10 Japan based Global Pharmaceutical Companies – October 2016 to July 2017
  • Compliance Lead of IT program for a cross-functional business units in a Large global Pharmaceutical Company as IT Q&C Manager – 2012 to May 2016
  • CSV Lead for multiple application in a Large global Pharmaceutical Company as QM staff – October 2001 to May 2016
  • Day to day validation consultation to IT colleagues of Architecture, Data Management, Sales & Marketing
  • Gap Analysis between 21 CFR Part11 and ER/ES guideline, EU GMP Annex 11 and ER/ES guideline
  • Leading information security officers in R&D division
  • IT Project governance in Department Leadership Team consisting of line mangers
  • Library management for regulated system CSV documents for inspection

Selected Project Experience in IT Security Risk Management

  • Information Protection Program, Handling Sensitive Information Protection project
  • Security assessment for local applications servers
  • Annual review for data protection level on information objects inventory
  • Web server security consultation and vendor education for sales & marketing promotion
  • Vendor security audit for HR outsourcing firm, MR outsourcing firm and IT vendor
  • Assessment for Privacy data
  • Security investigation for merger

Hosting and supporting audits

  • Hosting PMDA inspection for EDC Solutions
  • Site support of hosting the SOX internal Audit for Business Technology IT
  • CPRM Audit hosting for clinical systems
  • Conducting Investigator site audit for EDC deployment solution
  • Conducting vendor quality audit for CRO and contracted Lab.
  • Conducting 56 IT vendor/data center audits in APAC region to prequalify them as best partners
  • Site support of SOX Audit

Hosting Professional Training on:

  • Computer System Validation governance
  • Technical writing training
  • Standardization for Project Governance approach to disseminate new global SDLC(Software Development Lifecycle)
  • Global training class on behalf of APAC colleagues on new SDLC global standard
  • SAFE infrastructure study project
  • Internal Digital Signature Deployment project
  • Global alignment of Information Protection Management Guideline deployment Project
  • Hosting ERES Global training in Tokyo


  • ISO Provisional Auditor (JIS Q 9001:2015 (ISO9001) since January, 2017 and JIS Q 27001:2014 (ISO27001) since January, 2004)
  • PMP, Project Management Professional qualified by PMI since August, 2007
  • CISA, Certified Information System Auditor qualified by ISACA since May, 2011
  • Certified administrative procedures legal specialist since July, 2020


  • Gyoseishoshi Lawyers of Tokyo
  • ERES Committee member at Data Integrity team, PDA (Parenteral Drug Association) Japan
  • Project Management Institute

Service Scope and Typical Fee


  1. Corporate account to access required internal document folders and web site to be prof\vided by client organization during contract executions
  2. Segregation of Duty (SOD) is not disturbed by organizational design and relative contracts
  3. Corporate solution for digital signature is ready to use and account must be deployed to each person by themselves
  4. Point of contact person is in the field of ITQA

Service Scope

<Contract Type: Time & Material>

ITQA Adviser for CSV(Computerized System Validation) Lead and staff

Classroom training for CSV 

  • Basic ITQA Training for CSV Staff, and Lead Role in R&D area
  • Guidance for SOPs of client
  • Compliance research service for GxP regulations
  • Quality procedures, and security procedures
  • On the Job Training for Testers in executing system tests
  • Quality consultation

Deliverables review for project documents and providing feed back to authors on,

  • Risk assessment report
  • Program plan
  • Project Management Plan
  • URS, FDS
  • Validation Plan
  • Validation Report
  • System Test Plan
  • UAT Plan
  • System test summary report
  • Defect summary log/bug list for system testing
  • UAT summary report
  • Deployment Plan
  • Deployment Report

Assessment support

DIRA: Data Integrity Risk Assessment

       Risk assessment for IT project initiation, regulatory compliance impacts, and security impact

       Assessment for data protection level from Information Security Management perspective

<Contract Type: Sales of material with following up service>

      CSV Guidance for IT project engineers

       Typical project document templates based on Rational Unified Process (RAP)

Typical Fee

Time charge rate for T&M contract in spot service

  • 25,000 JP Yen per hour for short term contract less than 4 weeks

Time charge rate for T&M contract in the service longer than 1 month

  • 100,000 JP Yen for membership fee for baseline consulting (Komon-ryou)
  • 160,000 JP Yen per day, with limitation of  two days (0.4FTE) per week at maximum
  • Further details to be estimated and shown in a proposal based on the meeting.

Main Page