ComplianceOnline

Computer System Validation


CSV (Computer System Validation) is also known as software validation. Validation projects are carried out by regulated companies to demonstrate that their software or system is working as it should and not in ways it wasn't designed to.


Reduce costs for compliance with data integrity 21 CFR Part 11 SaaS/Cloud EU GDPR

The FDA defines validation as

"Confirmation by examination and provision of objective evidence that software specifications conform to user needs and intended uses, and that the particular requirements implemented through software can be consistently fulfilled" - General Principles of Software Validation: Final Guidance for Industry and FDA Staff

For a better understanding, here's a breakdown of the definition:

"Confirmation by examination"

  • User needs and intended uses must be defined.
  • Examples of users include patient, a hospital employee, a lab technician, a quality assurance engineer, or a factory employee.
  • Inspect the software to ensure that it meets the requirements and that it will be suitable for the intended use.

"provision of objective evidence"

  • Software requirements must be identified. All validation efforts and test results should be documented.

"user needs and intended uses"

- Examine the software to ensure that it satisfies the user's expectations and needs. This may include design evaluations, code reviews, and testing, among other things. Define what the user is supposed to do with the software and how they are going to utilize it.

"particular requirements implemented through software"

Ensure that the standards can be met on a consistent basis (not only in one specific circumstance). This could include stress testing numerous data sets, performance testing with a large number of users in a variety of locations, testing with multiple browsers or web apps, testing on multiple devices including apps for mobile devices, and so on. Define how the software must function in order for the intended use to be possible.

"consistently fulfilled"

It is necessary to obtain objective proof of this confirmation for inspections. All validation efforts and test results should be documented. The test must ensure that the software will function in all possible scenarios.

FDA: Examples of Computer Systems

  • Automatic manufacturing apparatus
  • Control systems
  • Laboratory data capture devices
  • Automated laboratory equipment
  • Manufacturing execution systems
  • Laboratory, clinical or manufacturing database systems

Validation: Aspects

CSV is applied to many aspects of the healthcare and other regulated industries and businesses:

  1. Services
  2. Equipment
  3. Computer Systems Cleaning
  4. Processes

Basic Requirements

Computer system validation requires, first, that you obtain or design a process that can consistently conform to requirements; and then that you run studies demonstrating that this is the case. Both tasks can be performed with the aid of the right statistical tools. Briefly put, the requirements are:

  1. Development of a validation plan
  2. Utilization of Standard Operating Procedures (SOPs)
  3. Documented Training on SOPs
  4. Development of detailed specifications
  5. Development of a test plan and/or test scripts

Failure of CSV: Common Reasons

Without adequate planning and preparation, computer system validation can encounter several problems, eventually leading to failure of the process. Problems include

  1. Inadequate documentation of plans
  2. Inadequate definition of what constitutes the computer system
  3. Inadequate definition of expected results
  4. Inadequate specification of software
  5. Software that does not meet its specifications
  6. Unavailable source code for software

Computer System Process Validation Process validation is a term used in the medical device industry to indicate that a process has been subject to such scrutiny that the result of the process (a product, a service or other outcome) can be practically guaranteed. This is vitally important if the predetermined requirements of the product can only be assured by destructive testing.

Failure of CSV: Common Reasons

Without adequate planning and preparation, computer system validation can encounter several problems, eventually leading to failure of the process. Problems include:

  1. Inadequate documentation of plans
  2. Inadequate definition of what constitutes the computer system
  3. Inadequate definition of expected results
  4. Inadequate specification of software
  5. Software that does not meet its specifications
  6. Unavailable source code for software

CSV: Common Challenges

Computer system validation can come up against several challenges, including the risk of system failure, restrictive company policies and increasingly stringent regulatory requirements. Another significant issue is when users need to take action to balance the risk vs. cost equation after risk categories are defined. Check this webinar for More Information >>

CSV: Planning It's clear that there is no substitute for proper planning before undertaking computer system validation. Once owners, deliverables and check points are in place, validation can actually be a streamlined and smoothly accomplished.

In the validation of moderate and relatively low-risk systems, a risk-based approach is also the ideal way to gain efficiencies.