Votre navigateur est obsolète !

Pour une expériencenet et une sécurité optimale, mettez à jour votre navigateur. Mettre à jour maintenant


Ludivine RICHARD


36 years old
Driving License
Libourne (33) France
Professional Status
Open to opportunities
About Me
Welcome on my CV webpage !
You'll find here all information about my professionnal experiences.

Please feel free to contact me if you think that I can support your business.

You can download this CV in pdf format using the icon for that purpose.

Consulting Engineer

Since 2021
  • IT Infrastructure Qualification and regulatory support for IT activities processes
  • RFI/RFP formalization
    Processes design and detailed user requirement specifications for Regulatory Affairs activities
  • Computerized Systems GxP Compliance Training & personalized support in the development of associated skills
  • Information Security Management System Rollout (ISMS)

    ISO 27001 certification preparation (France and Italy)

    Documentation writing, SOP, work instruction, monitoring, operational checks
    • IT asset lifecycle and inventory
    • computer room and physical security
    • patch management
    • access management

    Modelization of work processes / workflow diagrams

    Workshops facilitation with the IT, HR and legal teams

    Conducting Interviews of IT Leaders, situation analysis, picture overview

    Supplier security assessement
    --- Governance ---
    • process modelization (diagram flow + related activities description)
    • methodology for assessment - simple & flexible
    • periodic review strategy
    --- Operational Activity ---
    • carrying out supplier evaluations
    • use of the secure score card platform, CSA reports
    • exchanges, interviews with suppliers
    • drafting of the evaluation guide based on questionnaire
    • drafting of the evaluation report, conclusion and internal recommendation of reliability of the supplier
    =tool=Excel, Score Card, Confluence

    Presentation of the ISO 27002 standard controls
    • organizational
    • people
    • physical security
    • legal
    • technical

    Risk Register
    --- Governance ---
    • risk classification methodology
    --- Operational Activities ---
    • risk collection
    • assessment
    • mitigation
    • remediation measure
    • acceptance
    • follow-up
    =tool= Confluence

    Remediation plan
    • prioritization
    • affectation
    • follow-up
    =tool= Jira
  • ITS Lifecycle Audit including IT infrastructure and security based on GxP regulations and cybersecurity referential (preparation, conduct and reporting)
  • Strategy | Steering and Governance for the activities related to the GxP Compliance of CS for the company group (international)
    • Construction and implementation of the service offer
    • Management of the service center and tutoring of an apprentice
    • Definition of the Business Plan, Roadmap and Projects prioritization to 2021-2025
    • Participation in Inspections and Audits
    • Central Systems Validation Master Plan
    • Animation of the international community of computerized systems validation
    • IT infrastructure qualification strategy
    • Training & Onboarding for newcomers related to the GxP compliance of computerized systems

    Success: Definition and structuring of the service offering, Confidence, Efficiency, Creation of an international community, Integration of IT quality reflexes
    Communication Skills
  • Operationnal | Computerized Systems Validation for centralized and deployed IS (Core Model and Roll-Out)
    • Construction of compliance dossier for several systems | Validation deliverables (Validation Plan and Report, Risk Analysis, Protocols, Deviations, Incidents, Test, Report, Migration - keywords: IQ/OQ/PQ).
    • Impact analysis and definition of the maintenance of compliant systems in operation
    • Support for the definition of processes and needs, writing of user guides, administrator, technical architecture file, data flow, functional risk assessment
    • Processing of GxP changes, incidents, problems and validation non-conformities (ITSM), deviations, CAPA etc.

    Success: Record time to build the ITSM compliance file despite the health context
  • Cybersecurity
    • Construction, implementation and management of a cybersecurity awareness program for the company's 6000 employees
    • Reporting of the activity and management of the weekly points of the network and security team with the objective of structuring and making visible the different technical projects

    Success: Involvement of international IT platforms, phishing simulation campaigns and e-learning strategy (contents, planification, "bad-clickers" "VAP", etc.)
  • IT Business Partner & Project Management
    • Support for the definition of user requirements for the digitization of the global archive management process, RFP contribution
    • Fluidification of relations - Interface with Business - IT - Purchasing - Legal departments
    • Contribution for implementing an IT project management methodology
    • Realization of the associated opportunity study and selection of the supplier
    • Contribution to the investment committee presentation

    Success: Supplier selection process, integration of GxP constraints, acceptance by the investment committee.
  • Day of pedagogical course (Evaluation Unit - Validation of Information Systems)
    • Teaching and discovery of the basic principles and regulations associated with the management of computerized systems in a pharmaceutical environment.
  • International Symposium (intervention as conference)
    • Provide an understanding of computerized systems used in the pharmaceutical industry, access management and data integrity principles (ALCOA) | International Master's Degree Chemical Analysis and Quality Control of Drugs and other Health Products

    Intervention 2 to 3 days per year in university courses

    Face-to-face or distance learning sessions. Creation of dynamic and fun practical exercises allowing a better approach to the memorization of the basic principles of the demonstration of the computerized systems compliance used in the pharmaceutical environments
    Animation of educational games aimed at memorizing ALCOA principles
Learn more
  • Mangement of the validation project for a Computerized Maintenance Management System (CMMS)

    • Resumption of the User Requirement Specifications (URS)
    • Validation strategy definition and data migration in accordance with the regulations, good practices and internal procedures of the company
    • Functional risk analysis review and data integrity analysis
    • Support of junior staff in the realization of activities and elaboration of deliverables used to build the Coswin system GxP compliance set of documents
    • Advice and recommendation related to the software configuration during weekly projects meetings to fluidify and lighten the process of demonstrating conformity
    • Creation of a model documentary package (set of template documentation) for system and data migration (Plan, Tests, Reports)

    Success: Inter-company cooperation – one of the junior staff was from another company
  • IT Infrastructures Qualification – Definition & Implementation of a strategy

    • Assessment of the maturity level of the key process of the IS department
    • Situation Analysis | Advice adapted to the context | Gaps identification related to the management of IT platforms and activities related to their operation
    • Audit animation | Opening/closing meeting | Formalization of synthesis and action plan | Audit report
    • Construction of a roadmap for the preparation of the compliance project
    • Elaboration of the IT infrastructure qualification strategy, including the drafting of a qualification procedure and master plan
    • Planification and definition of a prioritization methodology for the qualification of infrastructure components, assistance in carrying out the inventory
    • Creation of the documentary package allowing the qualification of the elements identified as “GxP” (Plan, Test Checklist, Report, IT service provider audit)
    • Training kit for the operational teams

    Success: Creating a link between technical-oriented IT teams and quality-oriented qualification/validation teams.
  • Management of Computerized Systems Validation projects

    • Organization of the biomedical subsidiary local system validation following reorganization
    • Monthly presentation of the status of the validation of the IS of the perimeter, maintenance of the schedules
    • Launch of compliance projects and validation files for existing systems
    • Documentary review of the main deliverables and models
    • Resumption of inventories of computerized systems
    • Management of a junior whose first experience in IS validation
    • Participation in the resolution of deviation/CAPA/changes
    • Periodic system review
    • Internal training

    Success: Evolution and positive communication in the context of a special relationship between IS management and quality assurance
  • Qualification strategy for excel sheet systems

    • Creation of a compliance and validation kit for excel file system (standard URS, protocol, standardized test sheet, report, training material)
    • Setting up of the follow-up of the implementation of the compliance

    Success: Business operational teams are convinced of securing access and data from Excel-type files used in a regulated context
  • Validation of computerized systems in the quality control laboratory

    • Management of two validation projects for computerized systems used in the quality control laboratory
    • Supervision and development of validation skills of a “Junior” consultant (mission carried out in pair)
    • Writing of System Validation Plans, Functional Risk Analyses, Qualification Protocols (QI/QO/QP), QI Test Scripts, Qualification Reports, Traceability Matrix, Final Validation Report
    • Support on execution of QO/QP tests

    Success: Assembly of the two validation files with beginner key user, a junior consultant and a period falling in the month of May in record time and deadlines. The project was more than efficient
  • IT infrastructure qualification – Definition & Implementation of a Strategy

    • Assessment of the maturity level of the key process of the IS department
    • Situation analysis | Advice adapted to the context | identification of gaps in the management of the IT platforms and activities related to their operation
    • Audit animation | Opening/closing meeting | Formalization of synthesis | Audit report
    • Construction of a road map for the preparation of the compliance
    • Elaboration of the IT infrastructure qualification strategy, including the drafting of a qualification procedure and master plan
    • Planning and definition of a prioritization methodology for the qualification of infrastructure components, assistance in carrying out the inventory
    • Creation of the documentary package allowing the qualification of the elements identified as “GxP” (Plan, Test Checklist, Report, IT service provider audit)
    • Training kit for the IT operational teams

    Success : New recurring missions assigned by the client.
  • Data Integrity and IS GxP Compliance Audit

    Control of IS data integrity
    • Assessment of IS life cycle maturity and associated quality processes
    • Situation analysis | Advice adapted to the context | Gap identification
    • Audit animation | Opening/Closing meeting | Formalization of synthesis | Audit reports
    • Provision of recommendation | Elaboration of an action plan
  • Validation of an ERP

    • Realization and review of deliverables related to the validation process (user requirements, validation plan, risk analysis, test plan and script, traceability matrix, report)
    • Elaboration of an audit grid for an outsourced IT service provider

    Success : Adjusting the system validation effort to the context and scale of a very small company.
  • Qualification documentation review during the implementation of new infrastructure components

    • Review and approval of quality documentation related to IT infrastructure (server, network, storage, virtualization, backup): requirements specification, plans, risk analysis, protocols, test cases, reports
    • Contribution to the development of the company’s quality culture
    • Provide expertise in terms of methodology to meet the company’s IT quality standards
  • Review the methodology for the qualification of internalized hosting spaces

    • Harmonize the qualification process for IT hosting spaces in collaboration with the US teams

    Success: methodology that has become a recognized reference everywhere at a big pharma
  • Change Advisory Board

    • Evaluation of the impact of changes on IT infrastructure
    • Support for the change of practices during the modification of the ITSM

    Success : Raising awareness of the people involved to reduce the number of refusal of changes
  • IQTC Training

    • Creation of training materials
    • Training of newcomers to the principles of validation of computerized systems and of IT teams in the process of installation, qualification and execution of test cases

    Success : Work in an international environment – be managed remotely from the US by a non-French speaking person
  • Computerized Systems Validation

    o Management of validation projects in the areas covering the life cycle of a drug and support functions (R&D, Pharmacovigilance, Quality Control Laboratory, Production, Quality, IT Infrastructure)
    o Definition of the validation strategy for each type of computerized system
    o Organization of schedules, performance analysis of validation projects and recommendation of an optimal organization around the systems in order to reduce the overall validation load
    o Training, awareness and animation of project teams
    o Monitoring of all validation projects
    o Maintaining the validated status of all the computerized systems under my responsibility
    o Justification of computerized system validation methodologies and presentation of validation files during inspections by authorities
    o Elaboration of deliverables related to the validation of computerized systems (URS/ validation plan/ risk analysis/ protocols/ tests/ qualification reports/ validation reports/ procedures/ forms/ instructions/…)
    o Monitoring of new regulations, writing letters, etc.
    o Audit and evaluation of software suppliers
  • IT Administration and Support for GxP regulated application

    o Resolution of technical problems
    o Qualification and compliance management of the IT assets used in a regulatory context
    o Global Empower Administrator
    o Technical configuration assistance
  • Support R&D department IT domain management

    o Collection and formalization of user needs
    o Participation in the selection of tools and suppliers of IT solutions
    o Follow-up and management of the implementation of new solution and evolution of IT tools
    o Management of services (acquisition/ replacement of computerized systems, qualification execution)
    o Project delivery planning
Learn more
  • We perform from time to time on stage with our music band
  • Member of the cultural association Fest'O Chai which organizes festive and musical events in the heart of the Libourne vineyards (near to Bordeaux that is famous for the wine!)
  • Regulatory watch, discussion groups, IT articles, magazines, white paper, blogs, publications, etc.
  • Education & parentalité (yes I'm a mother!), psychologie & développement personnel
  • Yoga
  • GxP (GMP / GLP / GCP / GDP / GVP) EudraLex, OECD, and other regulation aencies
  • FDA 21 CFR part 11, 210 & 211, 58, 820, ...
  • GAMP5, ICH Q9, ITIL v3, PIC/S, ISO 27000 series, ISO 13485, ISO 14641, 13489, ISO 2859
  • Prioritize the different projects
  • Identify the actors and their roles (RACI)
  • Plan and track the status of tasks
  • Anticipate project risks
  • Unite the teams towards a common goal
  • Lead and Facilitate meetings
  • Collaborative work - remotely
  • Respect of deadlines according to the context
  • Independant| B2 Level (last formal evaluation: 2013)
  • Meeting facilitation, Training, Conference
  • Writing and reading of documentation, regulations, technical guides, articles, videos, webinars, etc.
  • Travels abroad
  • Bureautique : Ms Office & Google
  • Diagrammes : lucidchart, ms visio...
  • Gestion de projet : smartsheet, ms project, excel
  • Dessin - captures écran : outil capture, gadwin, ShareX, PicPick, ...
  • Plus d'une vingtaine d'applications utilisées en industrie pharmaceutique sur les périmètres laboratoire R&D et CQ, outils qualité, pharmacovigilance, production...

Formations en cours

Since 2021
> Certification TOSA Ethical Hacking

> Cybersecurity Information System Officer

> Certification Marketing Digital

> Copywriting
> ITS Quality Training Curriculum - Sanofi

> Cloud Computing et réglementation pharmaceutique - COETIC

> Management Transversal - DEMETERH Conseil

> Communication orale efficace - CECA

> Journée Data Integrity - Waters

> Maintien d'un système informatisé dans son statut validé et mise en oeuvre de sa maintenance - Cefira

> Comportement à adopter en inspection - Ceva

> cGMP (current Good Manufacturing Practices) - Philippe JOLY

> Bonnes Pratiques de Laboratoire - CALYREM

> Bonnes Pratiques de Laboratoire Vétérinaires - SIQUALIS

Stage en langue anglaise


November 2012 to February 2013
Cours d'anglais individuel en face à face
=> niveau B2 (indépendant) selon le standard du Cadre Européen Commun de Référence pour les langues


September 2005 to June 2009
> BTS Informatique de Gestion - Administration de réseaux locaux d'entreprise
Formation effectuée en alternance - CFA Gustave Eiffel - Bordeaux (33)
2007 - 2009

> Baccalauréat STI - Génie Electrotechnique
Lycée Gustave Eiffel - Bordeaux (33)
2005 - 2007