Hi,
I have been given the task of generating a SOP for periodic review of equipment. I havent had much exposure in this area and would appreaciate if anyone could provide me with the vital information that should go into this SOP (including what assessment forms would need to be filled out) or if anyone would have a template for this SOP.
Kind regards
SFlan
Hi SFlan,
First of all you need to find out what regulatory aspect you are basing this review against. When you know this I would then set up a matrix and analyse each equipment type against this. The result of this assessment would then allow you to identify any gaps that exist and then use these gaps to do any remediation testing that needs to occur.
The initial matrix may look something like:
[TABLE=“width: 561”]
[tr]
[td]#
[/td]
[td]Requirement
[/td]
[td]Finding Description
[/td]
[/tr]
[tr]
[td]1
[/td]
[td]General Principals of Software Validation - Final Industry Guidance,
GHTF 5.3 & 5.4
[/td]
[td]Computer HW/SW validation requirements verified, as appropriate
● Application source code
● Training of operators
● Security
● Software Configuration Control
● Disaster Recovery, Backup & Restore
● System logbook
● Validated Version
[/td]
[/tr]
[tr]
[td]2
[/td]
[td]FDA General Principals of Software Validation, Final Industry Guidance and GHTF 5.4, pg 10
[/td]
[td]Failure Modes/Alarms verification
[/td]
[/tr]
[tr]
[td]3
[/td]
[td]FDA General Principals of Software Validation, Final Industry Guidance and GHTF 5.4, pg 11
[/td]
[td]Boundaries Challenge Testing (ex. response to unacceptable input or output values)
[/td]
[/tr]
[/table]
We have an in-house periodic review procedure which has a number of forms capturing information in relation to equipment/facilities/utilites and ccomputerised systems.
Starting point should to define what equipment you are going to review first and what criteria you are using for this. A risk-based approach will help you define your periodic review schedule based on frequency/duration of operation, age of equipment (e.g. length of time since last qualification) criticality (business criticality and with respect to quality critical attributes of your manufacturing process), frequency of routine maintenance etc. etc. All this information should help you define a schedule indicating that your most critical and/or oldest systems will be reviewed first.
Review then will concentrate on performance history of the equipment as determined through historical review of planned preventative maintenance, breakdowns, service reports, calibration certificates (including drift analysis), deviations, audit observations, change control etc. Maintenance and calibration should be reviewed not only to demonstrate that the activities were performed on time and passed acceptance criteria but also that they are still fit for purpose - is instrument criticality properly defined, do critical instruments have correct range, accuracy etc.?
Design criteria should be checked to ensure that the P&ID is still reflective of the equipment, the equipment meets current regulatory requirements, review original validation documents and perform gap analysis - are original materials of construction still acceptable to industry etc. Again, a lot of this is driven by a risk-assessment.
The output of all of this should be a decision as to whether your equipment remains in a validation state and requires no further action other than a further review in X years; the equipment remains fit for intended use however additional requalification is required; equipment is not fit for intended use and will be removed from use until requalification is completed.
It can be a lot of work for complex systems but it is a great document to present to auditors as it demonstrates control, provides an opportunity to plug any gaps and provides an overview of the equipment which is generally sufficient to keep focus away from your original documentation which could be years old.
Nice response erez
[quote=erez]We have an in-house periodic review procedure which has a number of forms capturing information in relation to equipment/facilities/utilites and ccomputerised systems.
Starting point should to define what equipment you are going to review first and what criteria you are using for this. A risk-based approach will help you define your periodic review schedule based on frequency/duration of operation, age of equipment (e.g. length of time since last qualification) criticality (business criticality and with respect to quality critical attributes of your manufacturing process), frequency of routine maintenance etc. etc. All this information should help you define a schedule indicating that your most critical and/or oldest systems will be reviewed first.
Review then will concentrate on performance history of the equipment as determined through historical review of planned preventative maintenance, breakdowns, service reports, calibration certificates (including drift analysis), deviations, audit observations, change control etc. Maintenance and calibration should be reviewed not only to demonstrate that the activities were performed on time and passed acceptance criteria but also that they are still fit for purpose - is instrument criticality properly defined, do critical instruments have correct range, accuracy etc.?
Design criteria should be checked to ensure that the P&ID is still reflective of the equipment, the equipment meets current regulatory requirements, review original validation documents and perform gap analysis - are original materials of construction still acceptable to industry etc. Again, a lot of this is driven by a risk-assessment.
The output of all of this should be a decision as to whether your equipment remains in a validation state and requires no further action other than a further review in X years; the equipment remains fit for intended use however additional requalification is required; equipment is not fit for intended use and will be removed from use until requalification is completed.[/quote]
Thanks guys for the helpful info…
Kind regards
SFlan
We have in place a computerized system periodic review to be executed every 3 years (at least). This re-evaluation consists in a report organized like the following: