CONTENTS
1. What is the main object of validation of your computerized system?
2. What approach did you use to validate CS?
3. What stage of the life cycle is your System at?
4. What category does your system software and hardware belong to?
5. Are the roles and responsibilities of members of your validation team defined?
6. What are the main eligibility criteria for your System?
7. How the product/service provider was selected?
8. How do you implement the risk management process in the CS validation process?
9. What method was chosen to assess the risks of your System?
10. How is the traceability of a CSV project carried out?
11. How do you manage the information security of the CS?
12. What is the approach to testing a software product?
13. What caused the transition through the stages of software product testing?
14. How was the initial data entered into the system?
15. How is the training of people involved in the functioning of the System carried out?
16. How do you manage incidents and deviations?
17. How do you manage change?
18. How do you backup and restore your data?
19. Do you periodically review the quality of the System?
20. Do you ensure the continuity of the System?
Introduction
Current trends in the development of technical regulation and legislation in the pharmaceutical industry establish requirements that the management of electronic data during production and quality control is part of ensuring product safety for the end user.
One of the principles of effective functioning of a computerized system (CS) is quality management based on facts. However, this requires the development and implementation of modern approaches that allow at a new level to carry out the procedure for assessing and predicting the factors affecting the System (limit the parameters).
Evaluating the quality of computerized systems is an important task, the solution of which will determine the ability of the software product to meet the planned needs in the specified operating conditions at all stages of the life cycle. In this regard, as mandatory requirements, the need for validation of critical computerized systems is introduced, according to the results of which, the risk of harm to the consumer through the products produced under the control of this system will be minimal.
Computerized Systems Validation (CSV) is critical to patient safety and helps establish a fixed order of accuracy, reliability, data integrity, and consistent intended performance of a computerized system.
No matter how perfect a computerized system is in terms of its convenience, stability, or other user characteristics, if it does not meet regulatory requirements, it cannot be used. Hence, validation is an ongoing necessity. But there comes a time when it is not enough to say that the system is validated. The validation of the System still needs to be protected in front of the auditor, otherwise all the efforts spent will go down the drain, and it will be necessary to start validating anew. In order to avoid criticism from the auditor, it is a good idea to be prepared and protected by introspection on key parameters.
Based on an in-depth analysis, a number of problems related to the development, implementation and application of computerized systems based on basic international standards were identified, and a hypothesis was put forward for obtaining effective analysis and use of computerized systems.
Based on many years of experience, an attempt was made to develop a standardized algorithm for analyzing and evaluating the current situation of the System with the subsequent determination of organizational and technical validation measures that will satisfy the relevant regulatory requirements in the long term.
The results of introspection will tell you what should be done to successfully pass the audit of the System, as well as collect the missing elements of a holistic picture the Validated System.
This book is a kind of pocket guide to System Validation, which is designed to help expand the boundaries of understanding the current state of your System and identify gaps in the organization of the System lifecycle management process, as well as avoid blunders when conducting external audits.
1. What is the main object of validation of your computerized system?
What?
As part of the validation of the CS, even at the initial stages of the project, it is very important to clearly define the object of validation. The scope of the validation work, its complexity and depth depend on what will be the object of validation.
The object of CS validation can be both a computerized system as a whole and its individual structural elements (subsystems, blocks, modules, IT infrastructure as a whole or a certain type of equipment (server, peripheral, workstations)).
For what?
Depending on the selected object of validation is determined:
validation strategy;
required resources;
eligibility criteria;
detailed elaboration of user requirements;
risk assessment methodology;
objectivity of supplier assessment;
design specifics;
testing depth.
How?
In the process of determining the object of validation, it is necessary to take into account that it may include both objects that are critical in terms of product quality assurance (i.e. objects that have a direct or indirect impact on the quality of products or on the results of quality control of these products) and non-critical objects that do not affect the quality of products.
To determine the object, it is important to gather a group of subject area experts and, based on the expertise, taking into account the criticality, importance, capabilities and goals of the enterprise, to determine the object of validation of the CS.
Identification of the validation object is necessary to determine what resources will be needed for conducting validation tests; to decide whether validation will be carried out according to standard procedures and methods, or whether these methods need to be developed additionally.
Validation tests should be aimed at neutralizing any possible negative impact of each individual object, regardless of its criticality.
Objects that are critical:
equipment (server, technological, for quality control, auxiliary, measuring equipment);
modules, functional blocks directly related to the production process of finished products (production planning, inventory management, laboratories);
processes, operations, actions (technological process, auxiliary operations, quality control, etc.).
Depending on the role and value of the object of validation, a team of experts is created. All test items within a certain test phase must be fixed and placed under change control before tests are performed.
Where?
As a result of the definition of the object, the information is recorded in the validation master plan (VMP), which is fundamental in the validation project of the CS.
What approach did you use to validate CS?
