SMB Validation

Given the fact that most of the systems needing to be compliant are usually found not to be compliant and are usually replaced, does it make sense to do a gap analysis or go directly to remediation?

Some feel that since most systems that have been assessed by gap analyses in the past have turned out to be non-compliant with Part 11, it would save time and money to not do a gap analysis. Like all compliance decisions that an organization must make, this is a personal one. The overall goal is to achieve compliance with Part 11 for applicable systems in order to provide reliability and trustworthiness for the ERES generated/managed by those systems. How you get there is not regulated. Perhaps future FDA Part11 guidance documents will comment on the 'no gap analysis' methodology??