Computer System Validation (CSV) is a documented process for assuring that a computer system does what it is designed to do. Not performing certain computer system validations in accordance with Best Practices could be against the law.
Both the EMA and FDA have rules and regulations in effect for GMP (Good Manufacturing Practices), GLP (Good Laboratory Practices), GVP (Good Pharmacovigilance Practices) and GCP (Good Clinical Practices).
CSV can prevent software problems before reaching the usage environment. In particularly in the clinical trial field, malfunctioning computer systems can cause serious adverse consequences for the patient. This could in turn lead to lawsuits, fines or eventual shutdown.
Anyway, CSV is often perceived as a limit to the technological progress and innovation into the Project.
Delays and costs increased during the different phases of a project are often attributed to CSV activities, in particular during the Test phase.
The causes of the delays in the testing phases are attributable to rigid test structures or documentation issues, test script and/or tester errors. Often, the delays are not attributable to actual software problems discovered during formal test phase. The Risk-based approach is applied attributing high-risk thresholds that generate the need to test everything.
This result is an inefficiency in the test phase which also affects the effectiveness of the tests themselves.
Now more than ever it is time to rethink our traditional CSV approach. An approach that aligns with Computer Software Assurance (CSA) will result in the implementation of the computer system software in an efficient and innovative manner while remaining in compliance with regulatory requirements & GAMP 5.
A strong Quality Management System allows to change your approach from CSV to CSA.
How is it possible?
There are four parameters to consider:
- Vendor Qualification process
The vendor qualification process allows to assess the vendor quality level and the validation documents. It allows to leverage the vendor documentation, reducing the internal validation effort. Also for high-risk areas it may be possible to leverage testing performed by the supplier so that repeat testing is not required.
- Risk Management Process
A well-structured risk management process allows to assign the right risk level to each system function on the bases of the evaluated impact on the patient safety, product quality and the data integrity. It also allows to take different test approach and define the necessary evidences.
- Change Management Process
If the validation process is supported be a robust change control process, it is ensured that only relevant functions affected by the change should be tested.
- Qualified Personnel
Aware and trained personnel, supported by a robust standard operating processes will allow to structure the test scripts effectively, reduce the documents issue and the tester errors.
This means that is possible to invert the percentage:
75% of effort spent on documenting testing; 25% of effort spent executing testing.
25% of effort spent on documenting testing; 75% of effort spent executing testing.
Is your quality system managed properly?
Would you like to reduce your effort for the Test phase?
With our team of experts, we support our customers in planning, conducting, reviewing and maintaining the validation status of their applications through GxP assessment, validation planning, user requirement analysis and authoring as well as IQ/OQ/PQ authoring and execution including validation reports.