Computer System Validation


Drug and medical device manufacturing in the modern world relies increasingly on computerized systems. Being highly regulated industries, ensuring quality and accuracy of data is paramount; and thus, Computer System Validation (CSV) is necessary to assure that critical processes are functioning properly.

FDA: Examples of Computer Systems

  • Automatic manufacturing apparatus
  • Control systems
  • Laboratory data capture devices
  • Automated laboratory equipment
  • Manufacturing execution systems
  • Laboratory, clinical or manufacturing database systems

Validation: Aspects

CSV is applied to many aspects of the healthcare and other regulated industries and businesses:
  1. Services
  2. Equipment
  3. Computer Systems Cleaning
  4. Processes

Validation: Objectives

The FDA defines process validation as "establishing documented evidence which provides a high degree of assurance that a specific process will consistently produce a product meeting its predetermined specifications and quality attributes." The objective of validation, therefore, is to produce documented evidence that parts of the facility will work correctly every time, when brought into use. The goal is also to make sure that quality is built in to the system at every step; and not just a factor at the 'output' end of the process chain.

Basic Requirements

Computer system validation requires, first, that you obtain or design a process that can consistently conform to requirements; and then that you run studies demonstrating that this is the case. Both tasks can be performed with the aid of the right statistical tools. Briefly put, the requirements are:
  1. Development of a validation plan
  2. Utilization of Standard Operating Procedures (SOPs)
  3. Documented Training on SOPs
  4. Development of detailed specifications
  5. Development of a test plan and/or test scripts

Both the FDA and ISO 13485:2003 require computer system validation. Many regulated companies, however, still use unvalidated computer systems. For a fuller understanding of FDA and ISO requirements, as well as an exploration of methods to meet them (with emphasis on currently used applications) please Read More >>

Computer System Process Validation

Process validation is a term used in the medical device industry to indicate that a process has been subject to such scrutiny that the result of the process (a product, a service or other outcome) can be practically guaranteed. This is vitally important if the predetermined requirements of the product can only be assured by destructive testing.

For a more detailed explanation, along with an analysis of the six most common problems with validation and verification processes, and a plan to overcome them, Read More >>

Failure of CSV: Common Reasons

Without adequate planning and preparation, computer system validation can encounter several problems, eventually leading to failure of the process. Problems include:

  1. Inadequate documentation of plans
  2. Inadequate definition of what constitutes the computer system
  3. Inadequate definition of expected results
  4. Inadequate specification of software
  5. Software that does not meet its specifications
  6. Unavailable source code for software

If you're looking for detailed recommendations for efficient execution of validation projects, as well as information on user validation as required by 21 CFR Part 11, Read More >>

CSV: Common Challenges

Computer system validation can come up against several challenges, including the risk of system failure, restrictive company policies and increasingly stringent regulatory requirements. Another significant issue is when users need to take action to balance the risk vs. cost equation after risk categories are defined. Check this webinar for More Information >>

CSV: Planning

It's clear that there is no substitute for proper planning before undertaking computer system validation. Once owners, deliverables and check points are in place, validation can actually be a streamlined and smoothly accomplished.

In the validation of moderate and relatively low-risk systems, a risk-based approach is also the ideal way to gain efficiencies. To evaluate a simple method to establish system risk level, Read More >>