top of page
Download white paper: Why Include Cybersecurity as part of GXP Vendor Qualification

Learn how including cybersecurity can enhance vendor qualification while also showing regulators a strong Third Party Risk Management program.

About the Authors

Paul A. Steiner Ph.D, CQA has a consulting business providing services in the areas of pharmaceuticals (GMP, GCP, GLP, GPVP) and medical devices with emphasis on quality systems, regulatory compliance, supplier qualification audits, chemical, manufacturing and control (CMC) and materials and process science (advanced fiber composites and adhesives).  Often serving as an expert witness in his consulting roles, he is also an ASQ CQA (certified quality auditor).  He has performed over 200-300 audits spread over four continents in his career to date, primarily as lead auditor.


Before going into business for himself, Paul A. Steiner was the head of quality at the last few pharmaceutical companies for which he worked.  He has worked in quality assurance in pharmaceutical / biopharmaceutical and medical device companies some of which included, FibroGen, Gilead, Vivus and Affymetrix to name a few.  With a Ph.D. in organic chemistry from the University of Washington and an undergraduate degree in chemistry and chemical engineering from Cornell University, he started his career at Bio-Rad Laboratories as a scientist working in R&D and process development/engineering.  With roles of increasing responsibility in technical management, he spent most of his career working for companies which were to some degree “virtual”.  Dr. Steiner has technical and management experience spanning all phases of the product lifecycle from early research and development through cGMP quality operations.

Thomas Lee Ph.D is the CEO of the Silicon Valley based VivoSecurity, a company focused on data collection, regression modeling and AI to quantify cyber security risk. Thomas has spoken at the Richmond Fed research conference 2018, invited participant at Richmond Fed cyber security workshop 2019, invited speaker at O.R.X Toronto & Milan 2018, speaker at OpRisk North America 2018, ACAMS panelist 2019, PRMIA NYC & BCG 2018, multiple patents for quantifying cyber security risk. Thomas holds degrees in Physics and Electrical Engineering from the University of Washington in Seattle, and an MS and PhD in Biophysics from the University of Chicago.

QA White paper 1 screen shot.jpg
bottom of page