Hi,
I’m new to the area of Computer Systems Validation (qualified microbiologist!) and the company I work for are not well versed on the topic either. I have through research managed to self educate myself on the whole regulatory aspects and guideline documents out there on the validation of Computer systems 21 CFR part 11 and predictive rules, Annex 11 of the Eu GMP, PIC/s guidelines CEFIC guidelines GAMP 5 etc, and I am well aware that “risk assessment” is the Buzz word of the whole approach taken.
I am the validation lead on site to manage the successful Validation of an electronic webbased Quality Management system called trackwise. I am wondering if anybody could share there approach/experiences in the validation of sush a system?
Additionally my company has purchased the IQ OQ package from the vendor, however due to the budget constraints of such a small company they have little funds to enable a constant link back to the vendor specialists on issues. additionaly we do not have an IT department on site.
If anybody could share their experiences it would be really appreciated
Is there anyone in your company who has gone through the validation lifecycle before and understands the flow of documentation and testing that is applicable for your system?
Is there anyone in your company who has gone through the validation lifecycle before and understands the flow of documentation and testing that is applicable for your system?[/quote]
Hi Graham,
No nobody has experience with Computer Systems Validation lifecycle at all but validation lifecycle for other areas is well established.
I am making good use of GAMP 5 at the moment (but realise meeting Regulations is the primary focus). Gap analysis between the system currently in place (paper based) and what the configured electronic system will mirror is my next step. From there I’ll conduct a risk assessment of each function and establish from there the level of testing required, where to apply electronic signatures etc. We have bought the IQ OQ package from the vendor and OQ for their system is completed however I think I am right(?) in thinking that we will need to test whatever configured elements of the system are in place and integration elements, servers etc.
Currently reviewing vendor documentation to ensure it is filed out etc in correct way deviations etc are closed…
A good starting point would be to develop a URS that tells you what exactly you wanted the system to do.
The URS is a very important document in relation to developing a test plan for your system. For example you have a OQ from the vendor but how can you be sure that all testing is satisfied in this?
Remember you are validating for the intended use of your system so how you want the system to work will dictate the level of testing you are going to implement.