I wonder if it is possible that the validation of a computerized system has no expiration date, and that maintaining the validated state is verified only by means of a change control management .
Or must have an expiration date of the computerized system validation, despite having a change control system.
Thanks in advance.
There are many factors that could influence the state of validation of a software application beyond direct changes to the application, including but not limited to:
- OS patches / upgrades
- support library patches / upgrades
- support application patches / upgrades
- network changes
- disk space availability
So expectations for a periodic review are well-founded.