Updating an IQ for COTS

Dear All,

I have a COTS Standard software package installed on a few desktop PCs (Windows-based computer). This tool is used within a validated process to perform some quality checks on pdf files. Until now, we installed this software on local PC filling an IQ (by local IT support - on site) .

Now, we have a corporate system (Microsoft SCCM) to manage our windows-based computer and software distribution. Users can now request this tool (package) and the installation could be completed automatically (but a popup will appear on users’ PC, and user needs to click next, next, finish by him/herself). They only need to ask for a remote intervention from local IT support to be able to insert the license code and activate the software (local administrator privileges needed).

How I should update the IQ? I should add all the step to request the software, the “next next finish steps” did by the user and the “activate it” step by the IT personnel? Or an IQ is needed for the latest step only (manually activate the software) ?

Many thanks for your advices.

any ideas?

Hello Joozeppeh,

I would think it would be good to include these steps for consistency with the overall process.

Whatever process is followed up the user should be seen in the IQ.

Other opinions are welcome too.


Interesting question, thanks for posting.

If I understand correctly, SCCM is primarily a tool to facilitate installation; something like an install wizard on corporate steroids. Is that close?

If that’s the case, then you need to assess if there’s anything SCCM could do to influence the installation. Are there configuration settings that could impact how the application to be installed runs? For example, will SCCM, based on the user identity, enable the application to be installed with administrator privileges? Another example: you have qualified your application based on a specific configuration (e.g., release 1.2.3). Will SCCM go look for patches / updates and install those without warning? That could certainly influence the application!

As usual, I think it goes back to a risk assessment. Look at how SCCM can influence the installation and ensure the IQ adequately addresses any risks. Installation qualification isn’t so much about the mechanics of installing but a confirmation that the installation is done per the defined configuration.