Pharma Computer validation


I am interested to know how the computer validation be proceeded for pharma/biopharma projects. What are the requirements and documents required apart from 21 CFR part11? What sort of knowledge is required for a personal new to software validation to pharma/biopharma projects.


I am also looking for same, can any one please guide us

If you look at GAMP 5 published by ISPE you will find lots of useful information.

GAMP = Good Automated Manufacturing Practice
ISPE = International Society for Pharmaceutical Engineering


Get some expert advice. Purchase at least all the documents mentioned here.

Validation is a process by which “documented evidence is established to provide a high degree of assurance that a specific process will consistently produce a product meeting its pre-determined specifications and quality attributes”.

We can apply the same terminology to “Verification” within a GAMP®5 environment.

GAMP®5 is a set of procedural steps (common language) to assure a correct implementation of pharmaceutical projects – help suppliers prove their systems meet agreed specifications.

GAMP® Good Practice Guide: Risk-based Approach to Electronic Records & Signatures
The appropriate management of electronic records and signatures is of current concern to both the regulated life science industry and its regulators. GAMP® Good Practice Guide: A Risk-based Approach to Compliant Electronic Records and Signatures has been developed by GAMP® Forum, a technical subcommittee of ISPE, to provide timely and much needed guidance in this area. It supplements the existing GAMP® Guide for Validation of Automated Systems. This Guide provides new comprehensive guidance on meeting current regulatory expectations for compliant electronic records and signatures, which includes the need for record integrity, security, and availability throughout the required retention period. This is achieved by well-documented, validated systems, and the application of appropriate operational controls.

GAMP® Good Practice Guide: Validation of Laboratory Computerised Systems
The GAMP® Good Practice Guide: Validation of Laboratory Computerised Systems provides a harmonised overview of the key elements involved in the life cycle of laboratory computerised systems, from initiation to retirement. The focus of the Guide is on computerised laboratory instrumentation, data management, and analysis systems. It is intended as a supplement to The Good Automated Manufacturing Practice (GAMP®) Guide for Validation of Automated Systems in Pharmaceutical Manufacture - GAMP® 4. The scope of this guidance includes laboratory computer systems used within the regulated healthcare industries subject to Good Manufacturing Practice (GMP), Good Laboratory Practice (GLP), or Good Clinical Practice (GCP). This GAMP® Good Practice Guide describes systems categorisation and risk assessment processes which can be used to determine a rational, scalable approach to the validation of laboratory computerised systems, by building upon the GAMP® 4 software categories.

GAMP® Good Practice Guide: Validation of Process Controls Systems
Looking for measurable benefits to process control systems for both users and suppliers in relation to cost, quality, and speed-to-market? ISPE’s second GAMP® Good Practice Guide: Validation of Process Control Systems (VPCS) considers how life cycle activities may be applied to a range of control, monitoring, or analytical systems designed to manage production processes. Learn how more efficient system start-up and effective validation increases quality, while a faster procurement process, project life cycle, and validation effort positively impact time to market. Process Control Systems direct data coming from sensors, in analogical or digital format, which are then processed and used for the physical management of devices that support manufacturing and laboratory processes. Part of the series of GAMP® guidance on specific topics and produced by the Process Control Special Interest Group (SIG) of the GAMP® Forum, Validation of Process Control Systems is an expansion on the general principles discussed in Section nine of the Good Automated Manufacturing Practice (GAMP®) GAMP® 4 Guide for Validation of Automated Systems. In addition, this Guide presents a standard approach and documentation set to further reduce project execution, integration services, validation, and reworking costs. Practical examples on how to apply GAMP® principles to process control equipment are included in order to clarify what is considered to be a recommended practice within a particular regulatory area or equipment type.

GAMP® Good Practice Guide: Testing of GxP Systems
Provides users with a pragmatic guide to testing of computerised / software systems based upon that systems’ impact upon (pharmaceutical or equivalent) product quality, data integrity and other factors. The key objective of this guide is to encourage Users and Suppliers to work together to ensure adequate test coverage and minimise any duplication of effort. Specifically, the guide sets out to identify to Suppliers and Users the testing that should be conducted on products and applications and the level of documentation required. Where Suppliers do not meet these expectations, the guide identifies suitable User risk mitigation strategies, including the execution of additional User testing or the selection of alternative Suppliers and/or products.

Thankyou sir… thank you very much. You have given me necessary information which i am searching for months. I have experience in equipment validation. i am trying develop knowledge in software validation. Yours information is very useful to me.

For a COTS system there are three primary areas of compliance for the software vendor and similar areas for the software users. I’ll just explain the software users here.

  1. SOPs that explain the IT infrastructure for the system.
  2. Product features: there are about 45 features that the software needs to have; such as a minimum 8 character password, audit trail, user name appears on screen at all times, etc. E-signatures are a must for a document management system.
  3. User validation: there is a standard set of 10 software validation documents.

The 10-step Risk-Based approach to validation uses fill-in-the-blank Word templates. It asks all the right questions and can be used for any computer system validation. I’ve used it 192 times. It is much more understandable than GAMP or V-model descriptions. Check out
the go to Books and you will see it.

There is a three-hour training course that covers all these areas. Refer to

This seems to be a kind of sales promotion and sould be forbidden here in this forum.

I will allow it this time, but any more obvious sales promotions will be banned