Professional Documents
Culture Documents
1205
JUNE 2002
RATIONALE
Computerised systems are increasingly being implemented to realise operational benefits
within manufacturing working environments. It is essential that there are controls in place
to ensure such systems are validated as fit for purpose.
PURPOSE
To provide guidance when implementing GQP 1205 Computerised System Validation.
To provide specific additional guidance on the approach to validating different types of
computerised systems.
SCOPE
This guideline applies to all sites and companies manufacturing, distributing or marketing
materials, products or devices for use or sale by, or for, GSK.
This guideline applies to computerised systems that are used in support of those agency
regulated manufacturing of pharmaceutical, biologic/biopharmaceutical, and healthcare
products requiring computer validation. Agency regulations include but are not limited to:
Throughout this guideline GDP, GLP and GMP and are collectively referred to as GxP.
Page 1 of 104
GlaxoSmithKline
1205
JUNE 2002
SUMMARY OF REVISIONS
This replaces GQG 1205 dated October 2001, with the following revisions:
The Scope has been extended to introduce the use of GxP throughout the rest of the
guideline.
The section on Approach to Control Systems has been revised to improve guidance
on System Registers, and use of off-line simulation to support Operational
Qualification.
The Bibliography has been updated to reflect the latest edition of the good automated
manufacturing practice (GAMP) and PIC/S guidance on regulated GxP applications.
Page 2 of 104
GlaxoSmithKline
Management: Management Systems
COMPUTERISED SYSTEM VALIDATION
1205
JUNE 2002
CONTENTS
1. Introduction ................................................................................................................. 6
2. Responsibilities .......................................................................................................... 7
2.1. Senior Management................................................................................................ 7
2.2. System Owner/User Role........................................................................................ 7
2.3. Project Manager...................................................................................................... 7
2.4. Developer/Technical Role ....................................................................................... 8
2.5. Support/Maintenance Role...................................................................................... 8
2.6. QA/Validation Role.................................................................................................. 8
3. Site/Function Activities .............................................................................................. 9
3.1. Validation Master Plans .......................................................................................... 9
3.2. System Register...................................................................................................... 9
4. Prospective Validation.............................................................................................. 11
4.1. Planning Phase ..................................................................................................... 12
4.2. Supplier Assessment Phase ................................................................................. 13
4.3. Requirements Phase............................................................................................. 14
4.4. Design and Code Phase ....................................................................................... 14
4.5. Development Testing Phase ................................................................................. 20
4.6. Deployment Phase................................................................................................ 23
4.7. Use Phase ............................................................................................................ 28
4.8. Decommissioning Phase....................................................................................... 30
4.9. Cross Phase Activities .......................................................................................... 31
5. Retrospective Validation .......................................................................................... 32
5.1. Gap Analysis ......................................................................................................... 33
5.2. Priorities ................................................................................................................ 33
5.3. Interim Measures .................................................................................................. 34
6. Managing Hardware and Software........................................................................... 36
6.1. Hardware Categories ............................................................................................ 36
6.2. Software Categories.............................................................................................. 37
Page 3 of 104
GlaxoSmithKline
Management: Management Systems
COMPUTERISED SYSTEM VALIDATION
1205
JUNE 2002
Page 4 of 104
GlaxoSmithKline
Management: Management Systems
COMPUTERISED SYSTEM VALIDATION
1205
JUNE 2002
Page 5 of 104
GlaxoSmithKline
1.
1205
JUNE 2002
Introduction
Computerised systems for the purpose of this guideline are considered as consisting
of application software, data, and hardware platform collectively providing
functionality to a user or other computer system. Examples of computerised systems
include: laboratory systems, control systems, desktop applications (end-user
computing), IT systems, and IT infrastructure. Reports and sub-systems should not
be considered computerised systems in their own right.
Validation activities encompass the entire life of the computerised system, from
requirements definition to decommissioning, and employ quality practices known to
minimise errors. Validation does not end with implementation of computerised
systems, but includes maintaining computerised systems in a validated state and
using computerised systems in a compliant manner.
This guideline applies predominately to the introduction of new systems where it is
possible to build in validation requirements at each stage in the life of a computerised
system. Guidance includes:
Page 6 of 104
GlaxoSmithKline
2.
1205
JUNE 2002
Responsibilities
It is the responsibility of the personnel associated with computerised systems to
ensure that they understand the requirements of GQP 1205 and comply with it. This
guideline should be used by individual sites/departments as appropriate to prepare
their own local procedures. Validation and regulatory compliance is the responsibility
of each site/department and should be incorporated into their quality planning. Local
user, IT, controls engineers, laboratory technicians, and QA are expected to take an
active role. The senior management role is usually conducted in conjunction with
QA. Emphasis between roles will vary depending on the nature of the work being
conducted.
2.1.
Senior Management
Responsible for:
2.2.
2.3.
Project Manager
Responsible for:
Page 7 of 104
GlaxoSmithKline
2.4.
1205
JUNE 2002
Developer/Technical Role
Responsible for:
2.5.
Support/Maintenance Role
Responsible for:
2.6.
QA/Validation Role
Responsible for:
Page 8 of 104
GlaxoSmithKline
3.
1205
JUNE 2002
Site/Function Activities
3.1.
3.2.
System Register
System registers, providing an inventory of computerised systems should be
created and maintained for each site or company. Advice for centrally
developed/supported systems can be found in Section 12.
Note: Sub-systems and systems components should not be listed in the
system register. Each register should contain, as a minimum, the following
information for each system listed:
Name (by which the system is known and commonly referred to).
Electronic records
(see GQG 3202).
and
electronic
signatures
(ERES)
status
The basic attribute list is not exhaustive and may be extended as appropriate
to meet specific site needs.
The system register should cover all
Page 9 of 104
GlaxoSmithKline
1205
JUNE 2002
Examples
Laboratory System
pH Meter
Ultrasonic Bath
Mass Balance
HPLC
FTIR
Chromatography Data System
Robotic Systems
Process Control
Intelligent/Smart
PLCs
Instruments
SCADA System
A separate entry is required for
each physical system of the
same type.
IT System
(User)
One
entry
per
spreadsheet/database
applications.
GxP
Spreadsheet applications.
Database
applications
including Lotus Notes.
SAP R/3
BPCS
LIMS
Page 10 of 104
GlaxoSmithKline
Management: Management Systems
COMPUTERISED SYSTEM VALIDATION
1205
JUNE 2002
Prospective Validation
Validation of computerised systems requires careful planning to identify the set of
validation activities required from initial design through to implementation use and
final decommissioning. In practice in can be impossible to validate existing systems
where initial design requirements are no longer available or appropriate activities
were not performed or documented as the system was designed and implemented.
The following sections describe the validation activities appropriate to a new system.
However, these life-cycle requirements should be considered when attempting
retrospective validation of existing systems.
The validation life-cycle activities and their order should be documented in a
validation plan. A description of each phase of the life-cycle validation activities is
presented below as a sequential process, however certain activities may overlap or
be combined. The validation plan should define such overlaps and amalgamations.
All validation activities should be carried out in a safe and secure manner, observing
local safety procedures and requirements. A number of key issues should be
addressed as soon as reasonably practical. Examples include procurement (supplier
capability), regulatory expectations for electronic records/signatures, data integrity,
user security, and hand-over issues such as advance knowledge of operation and
support requirements.
Page 11 of 104
GlaxoSmithKline
1205
JUNE 2002
For the purpose of this guideline the following generic validation life-cycle is
presented. The application of the life-cycle will vary as appropriate to the type of
computerised system being validated. Later sections in this guideline address how to
approach the validation of laboratory systems, control systems, desktop (end-user)
applications, IT systems, IT infrastructure and software tools.
4.1.
Planning Phase
Business Requirements
This high level document describes the functions to be carried out, the
operating environment and constraints, regulatory or otherwise.
The
emphasis is on the required functions and not the method of implementation
and should therefore not be product specific. The business requirements will
often document the business case and approval for work and capital
investment. The approved business requirements should provide sufficient
information for the compliance assessment and system selection activities to
be completed.
Compliance Assessment
All computerised systems should be assessed during the early planning phase
to determine if there is a GxP impact and, therefore, whether the system
should be validated or not. The compliance assessment should be approved
by QA/Validation.
The Compliance Assessment should include a review of COTS product
license requirements and release notes in order to determine any
impact/restrictions on use within specific operating environments.
Electronic Records and Electronic Signatures Assessment
Where the compliance assessment indicates a GxP impact an ERES
assessment should be planned based on the guidance offered by GQG 3202.
Validation Planning
The validation plan is a document (or group of documents) stating the
standards and the methods employed to maintain quality through the system
life-cycle and to establish the adequacy of performance of the computerised
system. Key roles and responsibilities, deliverables and authorities should be
defined in the validation plans.
The validation plan should be initiated at the earliest practicable stage and
may be reviewed and updated through subsequent stages of the project. A
rationale supporting any validation decisions made should be included within
the validation plan. Validation plans should take account of the different
software categories comprising a computerised system and the mix of GxP
Page 12 of 104
GlaxoSmithKline
1205
JUNE 2002
and non GxP components (see GQG 1401A). Guidance for the scope of
validation required for different types of computerised system is defined in
Section 6.
The need to conduct GxP Risk Assessments should be considered. Where a
need is identified, the timing of/and approach to assessments should be
documented in the Validation Plan. For larger, more complex projects, GxP
Risk Assessments may be conducted at several key phases of the system
lifecycle. The IT Risk Management Framework can be used to help facilitate
GxP Risk Assessments for larger projects.
Where there are validation plans for both the process/equipment/area and
computerised system, then these should cross-reference each other. If the
computerised system is relatively small and contained in its entirety within a
stand-alone piece of equipment, then the validation plan for the computerised
system may be embodied within the overall validation plan for the equipment.
4.2.
Effectiveness of testing.
Page 13 of 104
GlaxoSmithKline
1205
JUNE 2002
Requirements Phase
Business requirements are further developed to produce what is commonly
called a user requirements specification (URS). The URS should focus on
what the system should do and not to detail how to achieve this, i.e. design
statements should not be incorporated. For large and complex systems, a
number of URSs may be required. For small and simple systems the
business requirements and URS may be combined.
The URS provides a statement of process/functional requirements of the
proposed system. Each requirement should be categorised in order to define
the level of importance, e.g. must, should, and could. All URS requirements
should be successfully validated before system use unless otherwise justified
and approved.
Each URS requirement should be:
Referenced to facilitate
Traceability Matrix [RTM]).
Testable/measurable.
requirements
tracking
(Requirements
The URS provides the basis for system acceptance testing and should be
approved before a design review is conducted.
Requirements Traceability
An RTM or other equivalent mechanism should be established in order to
provide a means of demonstrating how a particular function of a
system/application has been validated through design (including any DQ),
programming (including source code review), and testing (pre-qualification, IQ,
OQ, PQ).
4.4.
GlaxoSmithKline
1205
JUNE 2002
Page 15 of 104
GlaxoSmithKline
1205
JUNE 2002
All ranges, limits, defaults and specific values that the computerised
system will accept.
Security.
Disaster/failure recovery.
Detailed design specifications may be split into discrete elements for example,
hardware design specification and software design specifications. Further
subdivision is common for larger systems where for example unit/module
design specifications may be produced. Other documentation includes:
Cabling/wiring schedules.
The design of a system should consider the partitioning of GxP and non-GxP
elements such that they can be validated and supported separately.
Page 16 of 104
GlaxoSmithKline
1205
JUNE 2002
Data Definition
Data dictionaries, architectures and flow should be defined. Actual data to be
loaded into tables, files and databases should be specified by reference to its
source. Data dictionaries should be used to describe different data types.
The data definition may standalone as a separate document or be
incorporated within functional/design specification.
Specific functional aspects to be covered by the data definition include:
Fit for purpose: To generate confidence that the system will satisfy the
users requirements, have the necessary attributes of reliability,
maintainability, usability, and minimise hazards. Methods such as a
FMEA (failure mode effects analysis) or CHAZOP (computer hazard
and operability study) should be used to verify the design.
GlaxoSmithKline
1205
JUNE 2002
After the review a report should be prepared and approved summarising the
design review. The report should clearly state if the quality of the design is
acceptable, list any deficiencies together with details of planned remedial
action.
Design reviews may be known as design qualifications (DQ). Their scope of
application may include use of the computerised system in its wider context
including equipment, procedures, and operator interaction.
It should be understood that the requirement for this design review does not
mean that other routine reviews are no longer appropriate. Activities and
documents should be reviewed and approved as defined in the validation plan
and management procedures.
Coding, Configuration and System Build
Prior to commencement of coding, configuration or system build the design
review should have been successfully completed. All software (including
configuration) should be developed with good programming practices to
appropriate standards.
Software/configuration developed internally should adopt programming
standards. Such standards should reflect the type of programming language
used, e.g. structured, object oriented, ladder logic, etc.
Typically,
programming standards will address:
Software/configuration
structure).
In-code documentation.
Branching.
Error/exception handling.
Expandability considerations.
structure
and
consistency
(i.e.
modular
Page 18 of 104
GlaxoSmithKline
1205
JUNE 2002
The configurable
specifications.
elements
of
the
application
fulfil
design
Page 19 of 104
GlaxoSmithKline
1205
JUNE 2002
Unit/Module testing.
Integration testing.
Interface testing.
System testing.
Page 20 of 104
GlaxoSmithKline
1205
JUNE 2002
Test plans may be embedded in validation plans, combined with test cases, or
exist as separate documents. Test plans should be reviewed and approved
before the defined testing begins.
Test Case
Test cases provide the methods by which tests are conducted and the
acceptance criteria against which the test results are assessed. Test cases
should not introduce new requirements or specifications. Each test case
should include:
Objective of test.
Page 21 of 104
GlaxoSmithKline
1205
JUNE 2002
Acceptance criteria.
The detail of necessary testing will require some judgement. Test cases
should provide 100% requirements coverage to the URS/Functional
Specification. This can be achieved by showing within the RTM that all
URS/Functional specification sections have an associated test case. Full
branch/decision/condition coverage testing within the functionality supporting
these requirements is not usually practical. Testing nevertheless should aim
to challenge the system and demonstrate it as fit for purpose. It would be
expected that all product quality related data input/output and product quality
related decision points would be tested.
Test Results
All raw data and derived results obtained should be indelibly documented,
reviewed for integrity and against acceptance criteria, and subsequently
approved. The use of ticks, crosses, 'ok' or other abbreviations to indicate
acceptance are not generally accepted by regulatory authorities and should be
avoided. The testing results should include:
Inconsequential issues raised with the test cases (e.g. typographical errors not
affecting the integrity of testing) can be annotated as cosmetic changes,
signed and dated, on the test case. Inconsequential issues raised with test
cases are not logged as test failures but the nature of the annotation should
be registered in the incident log so that the resolution can be tracked.
Test Failures
The person approving the test cases should consider the consequences of a
failure on the validity of completed testing. Further testing should be
performed/repeated where necessary. All test failures should be recorded in
incident logs.
Page 22 of 104
GlaxoSmithKline
1205
JUNE 2002
The results of testing are analysed and summarised in a test report that
should state:
The test report should not exclude any test data. The test report may be
combined with the test results.
4.6.
Deployment Phase
On completion of successful testing the system is ready for installation into the
final operational environment. During this phase the hardware and software
installation is qualified and operational checks are performed.
During this phase it is necessary to ensure that arrangements for the use and
ongoing systems support and maintenance are either established or that
documented plans have been prepared to ensure that these arrangements are
in place when the system becomes operational.
Page 23 of 104
GlaxoSmithKline
1205
JUNE 2002
Data Load
Plans, procedures and protocols should define the data load process. All GxP
data should be at least double-checked to verify that it has been correctly
loaded. Other checks should be put in place as required to verify original GxP
data is correct.
Statistical sampling can be used to check other data commensurate with the
business need to verify data integrity. Rationales justifying sampling regimes
should be defined. Automated data load tools should be validated.
Where data representative of the live environment is required for testing or
where data load/migration routines need to be tested prior to final load, the
data load/migration activity may be phased.
Operational and Support Plans
Operational and support plans should be established in order to ensure that
SOP, training, service contracts, business continuity plans, etc are
established, reviewed, approved and where appropriate tested before the
computerised system becomes operational. Support organisations (both
internal and external) should be periodically audited to verify continued service
in support of GQP 1205 and associated GxP regulatory expectations.
Security Management
User Procedures
Maintenance
Page 24 of 104
GlaxoSmithKline
1205
JUNE 2002
Performance monitoring.
Backup copies of all software and relevant data (see GQG 3202) should be
taken, maintained and retained within safe and secure areas, protected within
fire safes. Backup and restoration procedures should be verified.
Archiving and retrieval procedures for data should be specified, tested, and
approved before the system is approved for use. Careful consideration should
be taken of special requirements affecting the retention preservation,
protection and confidentiality of electronic records, including their associated
audit trail information (see GQG 3203 and 3301).
All software (e.g. source code, compilers, operating system) and reference
(supplier) documentation should be available for inspection and copies should
be available for business continuity. Copies of the software should be
retained within safe and secure areas, protected within fire safes. Where
access to software is restricted, formal agreements should be established to
ensure software can be accessed when needed, e.g. ESCROW accounts.
Training
Training plans should be established for use and support of the computerised
system.
Page 25 of 104
GlaxoSmithKline
1205
JUNE 2002
Installation Qualification
Checks should establish that the installation has been completed in
accordance with system specification. Checks should be based on:
The boundary of the system and hence the scope of the IQ should be defined
in the validation plan. An IQ summary report should be prepared and
approved prior to OQ commencing.
Operational Qualification
OQ should only commence on successful completion of IQ and involves user
acceptance testing of the base functionality of the computerised system.
System tests from the developer may be used to reduce the amount of OQ
testing conducted. The suitability of such testing and available documentation
must be reviewed and approved by QA for this purpose.
Testing should be designed to demonstrate that operations will function as
specified under normal operating conditions and, where appropriate, under
realistic stress conditions, OQ should cover:
It may be
Page 26 of 104
GlaxoSmithKline
1205
JUNE 2002
Batch reports.
Label variants.
GlaxoSmithKline
System availability.
System stability.
1205
JUNE 2002
Use Phase
This phase of the system life-cycle describes the period of time when the
system is in operational use.
Service Level Agreements (SLA)
Certain requirements of the Use Phase may be provided by internal or
external support organisations. In such cases, a SLA or other similar
contractual document should be established to define the support service
provision. SLAs should address:
Scope of service.
Page 28 of 104
GlaxoSmithKline
1205
JUNE 2002
Escalation procedures
Page 29 of 104
GlaxoSmithKline
1205
JUNE 2002
Upgrades
Upgrades to software (including new releases and bug-fixes) and hardware
(including model upgrades and replacement with like-for-like equivalents)
should be managed through change control. Necessary validation for the
upgrade will be influenced by:
Complexity.
Criticality.
Any requirements for refresher training should be reviewed (see also section
on deployment phase).
Reviews may recommend revalidation exercises for particular computerised
systems. Refer also to section on retrospective validation for guidance.
4.8.
Decommissioning Phase
At the end of the operational life of a system a process of decommissioning
takes place, which includes archiving data and system software. Careful
consideration should be taken of special requirements affecting the retention,
preservation, protection and confidentiality of electronic records including their
associated audit trail information (see GQG 3202 and 3301).
Page 30 of 104
GlaxoSmithKline
Management: Management Systems
COMPUTERISED SYSTEM VALIDATION
1205
JUNE 2002
Page 31 of 104
GlaxoSmithKline
1205
JUNE 2002
Documentation Management
The validation
documentation.
already exist,
documentation.
stored.
Retrospective Validation
Computerised systems should be validated prospectively. It is not acceptable to
implement a new computerised system and knowingly defer validation until after its
implementation. Retrospective validation, however, is acceptable when a change in
use brings a validation requirement to an existing system that did not previously
require validation. It is also acceptable to conduct retrospective validation when
addressing a change in regulatory requirements/expectations. Otherwise it is
expected that validated computerised systems will have been maintained in a state of
compliance.
Page 32 of 104
GlaxoSmithKline
1205
JUNE 2002
Gap Analysis
A systematic survey and gap analysis should be conducted on legacy
computerised systems.
The basis for assessing any gap should be
GQP 1205 and this GQG, plus any other relevant policies and guidelines such
as GQP 3202 and GQG 3202 on ERES. A checklist can be developed for the
validation documentation and an analysis made as to whether there is any
existing documentation, and where there is documentation, whether it fulfils
the intent of validation documentation outlined in this guidance.
5.2.
Priorities
Priorities should be established from the gap analysis and any retrospective
validation requirements identified. Prioritisation should take into account
relevant factors such as:
Page 33 of 104
GlaxoSmithKline
Severity of non-compliance.
Validation status.
1205
JUNE 2002
A high level strategy for the site or for specified departments should be
developed to document the prioritisation and any key milestones.
Interdependencies between different streams of work should be clearly
identified. In some cases full compliance will not be possible until the software
supplier makes a new release of software/hardware available. Interim
corrective actions should be considered until a fully compliant solution can be
applied.
Immediate priorities are those computerised systems directly involved with the
manufacturing and despatch process and the critical quality related activities
that these systems support. Where non compliant legacy computerised
systems apply to a number of steps in the manufacturing and despatch
process, a step by step flow chart of the process highlighting the role of the
computerised system at each stage should be prepared.
Critical activities that relate to product quality should be identified and the
reliance on the legacy system should be assessed. Supplementary interim
measures should be used where the critical activity cannot be assured due to
the reliance on the computerised system. These interim measures must be
sufficient to ensure product integrity and effective disposition and release but
should be no more extensive than is necessary to achieve this.
5.3.
Interim Measures
An interim measure is an additional control applied in the process that reduces
the reliance on the computerised system performing a critical function. This is
normally achieved by requiring human rather than computer decision making
and often requires additional hard copy documentation.
Interim measures should be recognised as temporary and not be viewed as a
long-term alternative.
The inherent non-compliance of the legacy
computerised system must be addressed through further longer-term
Page 34 of 104
GlaxoSmithKline
1205
JUNE 2002
corrective action plans. Both short-term interim measures and the longer-term
plan for final measures should be available to show to inspectors.
The following are important principles that need to be understood in applying
interim measures:
Interim measures do not eliminate the need for full corrective actions
and do not overcome system non-compliance.
Current hard copy systems that are already in place may provide the basis for
the interim measures and minimise the need for additional documents. Such
documents may require only minimal change to content or to the review and
approval mechanisms. The key aspects of these documents are:
They are a formal record and must be maintained with the batch
documentation.
Page 35 of 104
GlaxoSmithKline
1205
JUNE 2002
Extra personnel may be required to install and operate interim, as these will
usually require additional activities. The number of personnel will depend upon
the extent to which existing documentation can be used and the extent to
which interim measures are required. The main impact will probably be on
quality organisation personnel.
To minimise the disruptive effects of introducing additional procedures it is
crucial that each site focuses only on the critical quality related activities.
However, it is also important to understand how computerised systems
support the complete manufacturing and despatch process as this can be
more extensive than is expected. Examples of other activities include facility
maintenance scheduling, and customer complaints.
Each site will need to identify how it can justify the continued use of
computerised systems supporting such activities without the use of interim
measures. Justifications should be documented in rationales approved by
QA.
6.
Hardware Categories
6.1.1.
6.1.2.
GlaxoSmithKline
1205
JUNE 2002
Software Categories
It is important to understand that computerised systems often consist of
multiple software elements and that within a single system these elements
may represent a variety of software categories.
6.2.1.
6.2.2.
Category 2 Firmware
Typically these are embedded in commercially available pieces of
electronic equipment designed to perform discreet operations.
Configuration may be required in order to set up runtime environment
and/or process parameters. The name, version number and any
configuration/calibration for the firmware should be documented and
verified (installation qualification). Functionality should be tested
during OQ. Change control should be applied to manage any change
to firmware or configuration parameters. Operational procedures
should be established and training plans implemented. Supplier audits
may be needed for highly critical or complex applications.
Bespoke/custom firmware should be considered as Category 5.
Examples include weigh scales, bar code scanners, three-term
controllers.
Page 37 of 104
GlaxoSmithKline
6.2.3.
1205
JUNE 2002
6.2.4.
GlaxoSmithKline
1205
JUNE 2002
Page 39 of 104
GlaxoSmithKline
6.2.6.
1205
JUNE 2002
Category Software
Type
Validation Approach
Operating
Systems
Firmware
COTS
Standard
COTS
Software
Packages
Configurable
COTS
Software
Packages
Bespoke/
Custom
Software
Page 40 of 104
GlaxoSmithKline
6.2.7.
1205
JUNE 2002
Documents typically
prepared by GSK
Software
Category
2
Business Requirements
Comments
Compliance Assessment
System Register
Validation Plan
Supplier Audit
User Requirements
Specification (URS)
ERES Assessment
System Overview
Functional Specification
Detailed Design
Specifications
Data Definition
Design Review
Development Testing
Data Load
Installation Qualification
Operational Qualification
Performance
Qualification
Validation Report
Archiving and
Decommissioning
Note: No specific validation activities for standard COTS compilers and operating systems
beyond documenting version details.
Page 41 of 104
GlaxoSmithKline
7.
1205
JUNE 2002
Standard COTS supervisory control and data acquisition systems with user
configuration. Some of these systems can be considered as 'SCADAs'
because the PC supervises in the instrument activity (test parameters etc.)
collects the analytical data (e.g. spectra) and then performs data analysis
(e.g. spectral library matches).
laboratory
system.
Includes
Page 42 of 104
GlaxoSmithKline
7.2.
1205
JUNE 2002
FTIR spectrophotometry.
Networks and interfaces within the laboratory system and to any other
connected system (see guidance on IT Infrastructure).
7.3.
Responsibilities
Many laboratory systems require both process and computer validation.
Combining process and computer validation offers an opportunity to
consolidate roles and amalgamate documentation.
For example, the
QA/Validation role may be taken by someone in a department that is
responsible for quality (e.g. QA/QC laboratory personnel), or a member of the
local QA/Validation personnel. Combining roles may be the only practical way
to tackle simpler laboratory systems.
Where roles are combined it is essential that the person conducting the work
is suitably qualified for the combined role and that they do not review or
approve their own work. Independent developer, user and QA/Validation
Page 43 of 104
GlaxoSmithKline
1205
JUNE 2002
Systems Register
All laboratory systems should be maintained on a single register at a site or
laboratory level as appropriate. The definition of what comprises a system
needs careful consideration. For example, many laboratory systems comprise
of a number of interchangeable items that should be managed under change
management not the system register.
7.5.
Validation Life-Cycle
The validation approach for a laboratory system may incorporate a number of
separate validation strategies as appropriate to its components. For example,
the overall validation approach to a SCADA system that controls several
balances might be to validate the balance based on the use of standard
firmware, and to validate the SCADA software based on the use of userconfigurable standard software.
The basic validation life-cycle for laboratory systems should be in line with this
guideline and support where necessary process validation requirements.
Simple COTS instrument, complex COTS instrument, configurable laboratory
automation, and Bespoke/custom laboratory application should be validated
focused on Category 2, 3, 4 and 5 software respectively but taking into
account any other software categories present in the laboratory system. The
following points provide some additional specific guidance for each of the
life-cycle phases as described in Section 4.
7.5.1.
Planning
Requirements should be specified by the users in consultation with
developers and laboratory personnel. Where new laboratory systems
are being introduced, either as a project in its own right or as part of a
larger project, it is important that the laboratory system (high level)
requirements are considered and identified at the project planning
Page 44 of 104
GlaxoSmithKline
1205
JUNE 2002
Supplier Assessments
Supplier audits should be conducted for configurable software
packages and bespoke/custom software (see Section 6). Supplier
audits are not required for standard COTS software. It is important to
appreciate, however, that many COTS laboratory systems are sold in
very small numbers and the argument that they represent standard
software may not be appropriate. Rationales justifying why supplier
audits are not necessary should include information on how many
products for the version of interest have been distributed for use and
are currently supported.
7.5.3.
Requirements
Requirements should describe the intended use and equipment type,
including:
7.5.4.
User operation.
Environmental constraints.
Detailed Design
The documentation to support the design and code phase of the
life-cycle should be provided by the supplier of the laboratory system.
This design documentation is expected to comprehensively describe
the functionality of the laboratory system. This information may be
available for standard systems in the form of a datasheet published by
the supplier. Configuration aspects of the laboratory system should
Page 45 of 104
GlaxoSmithKline
1205
JUNE 2002
Code Review
Source code reviews should be conducted for bespoke/custom
software (see Section 6). Evidence that the supplier has performed
source code review of the laboratory system should be available from
the supplier. Where code reviews have been conducted by the
supplier, auditing should be considered to ensure that the reviews
have been completed by competent individuals, independent from
those developing the code/configuration. When this evidence is not
available a review should be performed to identify what action needs
to be taken.
7.5.6.
Development Testing
It is expected that evidence of supplier development testing and
calibration should be available as part of the laboratory system
documentation.
Where the supplier does not provide specific
evidence of functional testing, an increased level of user acceptance
testing, which is supported by a testing rationale/plan, will be required.
7.5.7.
Pre-Installation Testing
Pre-installation testing should focus on ensuring the correct
configuration/set-up has been conducted, including any calibration.
7.5.8.
Qualification
IQ and OQ are typically combined. However, separate IQ and OQ is
recommended for complex laboratory systems. These qualification
protocols should be based on the requirements that are documented
in the system and functional requirement documents. Wherever
possible, provide specific documented evidence of testing in the form
of hard copy printouts.
PQ should be based on verifying system suitability tests. Other
testing requirements may also be included from the business and user
Page 46 of 104
GlaxoSmithKline
1205
JUNE 2002
Use
Ongoing use of the laboratory system should be supported by system
suitability testing, change control and routine recalibration.
7.5.10. Decommissioning
Special activities for archiving and decommissioning are required if
there are electronic records. Record retention policies may require
the supporting user and supplier documentation to be archived when
the equipment is decommissioned.
7.5.11. Special Considerations for Simple COTS Firmware
Instrumentation
COTS firmware instrumentation is non-configurable but the user can
perform calibration/parameter set-up. The validation requirements for
any associated personal computer workstations should be considered
separately.
For instrumentation the term qualification is sometimes used rather
than validation. This is because validation is largely based on
calibration and system suitability testing.
Nevertheless simple
validation plan and validation reports should still be produced.
Business and user requirements specifications are typically combined
as a single document that is designed to support the purchasing
process. Since the instrumentation is generally purchased on the
basis of equipment catalogues or supplier datasheets, it is expected
that the functionality will be pre-set and designed for a specific task. It
should be normal practice to use the suppliers standard literature
(datasheets) to document the functional specification. Where these
documents are generic (i.e. covering a range of models), the
requirements, specifically associated with the laboratory system are
subject to this validation exercise, and should be clearly identified
within the validation and support documentation. No further design
and code documentation is required.
Pre-installation testing should focus on ensuring the correct
configuration/set-up has been conducted, including any calibration. It
should be recognised, however, that pre-installation testing is not
Page 47 of 104
GlaxoSmithKline
1205
JUNE 2002
Page 48 of 104
GlaxoSmithKline
7.6.
1205
JUNE 2002
8.
Laboratory Systems
Categories
pH Meter
Ultrasonic Bath
Mass Balance
1, 3, 4
1, 3, 4
1, 3, 4, 5
FTIR Spectrophotometry
1, 3, 4
1, 3, 4, 5
1, 2, 3, 4, 5
3 or 4
GlaxoSmithKline
1205
JUNE 2002
Embedded systems.
Standalone systems.
Loop controllers.
Page 50 of 104
GlaxoSmithKline
1205
JUNE 2002
Networks and interfaces within the process control system and to any
other connected system.
8.3.
Responsibilities
Particularly for large DCS systems there are likely to be multiple
equipment/system suppliers, possibly systems integrators (configuring the
systems), a managing contractor and project team.
For systems where separate process and computer validation plans exist, the
interfaces and responsibilities of the computer and process validation
specialists should also be considered.
For less complex systems roles and responsibilities may be combined,
however independent developer, user and QA/Validation roles should always
be assigned.
Responsibilities should be clearly defined throughout the lifetime of the
system.
8.4.
Systems Register
The definition of what comprises a system needs careful consideration.
Where a large DCS is interfaced to embedded PLCs controlling process
equipment, the PLCs may be considered separate systems as they provided
discrete standalone functionality.
8.5.
Validation Life-Cycle
The validation of control systems is one element of the equipment/process
validation. Control systems validation should be in line with this guideline and
support the process validation requirements. The following points provide
some additional process control specific guidance for each of the life-cycle
phases as described in Section 4.
Page 51 of 104
GlaxoSmithKline
8.5.1.
1205
JUNE 2002
Planning
For projects where control systems are only a part of a larger project,
it is important that the control system (high level) requirements are
considered at this stage. The user should specify requirements in
consultation with developer/engineers.
Control systems should be assessed for applicability with the
electronic records, electronic signatures regulations. For systems
where the regulations apply consideration as to how the system will
comply should be included within the requirements and functional
specifications. GQG 3202 provides additional guidance on ERES
requirements.
Co-ordination of activities with those defined in any associated
process/equipment validation plans is essential, particularly during the
IQ and OQ stages. For small process control systems, the validation
activities may be encompassed within the overall project validation
plan.
8.5.2.
Supplier Assessments
For embedded control systems it may be more efficient to have a
combined audit to establish the suppliers capabilities with respect to
mechanical and electrical activities in addition to control system
development.
Development and maintenance organisations may operate from
different locations and to different quality management systems. The
need to assess both the development and maintenance organisation
should be assessed and documented in the validation plan.
8.5.3.
Requirements Phase
The user requirements specification (URS) for large applications,
e.g. DCS or SCADA, may involve the development of a separate URS
for just the control system. The advantage of this approach is that it
helps to focus the software developer on the control functionality
aspects. A separate requirement specification should provide
appropriate production process and product information, electrical and
mechanical details and performance requirements.
For embedded systems the control system functions may be included
within the overall specification for the machine or equipment.
The physical parameters to be monitored/controlled and the data to be
generated by a control system should be clearly documented during
the specification phase. These parameters and data should be
Page 52 of 104
GlaxoSmithKline
1205
JUNE 2002
reviewed
with
regard
to
their
overall
function
(GxP, safety/environmental, process control) and level of criticality. A
categorisation of parameters and data should be carried out to ensure
the design and testing of both hardware and software associated with
each is appropriate for the function and level of criticality. This
information provides the basis for the traceability of critical parameters
and data through the design process to the final testing stage. This
traceability can be documented as a requirements traceability matrix
(RTM).
8.5.4.
Embedded system.
Complex DCS.
Page 53 of 104
GlaxoSmithKline
1205
JUNE 2002
Process description/sequences.
Interconnection drawings.
Design Review
The fundamental purpose of a design review is to ensure that the user
and functional requirements have been addressed satisfactorily within
the design of the system. Mechanisms such as requirement
traceability matrices (RTM) can therefore assist in the design review
process.
For larger systems with multiple design documents, there are likely to
be multiple design reviews. Some form of hazard and operational
study (e.g. CHAZOP) should also be performed on the system.
For larger and/or more complex control systems some detailed design
information may not be available until later stages of the project,
e.g. alarm settings. The use of 'holds' within documents is
recommended to allow work to continue, with each hold logged and
subject to review once resolved.
For embedded systems where there are no safety/operability issues,
design review may consist of a simplified process to ensure that GSK
requirements have been covered within the suppliers standard
document set.
Code Review
During the design phase the configuration languages and complexity
should be considered in order to establish the approach to code
review.
Where the supplier has conducted code reviews, auditing should be
considered to ensure that competent individuals have completed the
reviews and that they are independent from those developing the
code/configuration.
Page 54 of 104
GlaxoSmithKline
8.5.5.
1205
JUNE 2002
Page 55 of 104
GlaxoSmithKline
1205
JUNE 2002
Deployment Phase
Operational and Support Planning
Control systems should have hardware maintenance and diagnostic
procedures, a list of manuals or procedures specifying how the
equipment and process instrumentation will be maintained and
serviced, including security methods for computer hardware.
Installation Qualification
The purpose of IQ is to demonstrate that the system (including
software, hardware and equipment) has been installed according to
the manufacturers specifications.
The configuration parameters of standard instruments should be
recorded in the equipment IQ.
Hardware and equipment IQ establishes that adequate documentation
for the installation of the system is available, and that the system is
properly installed (as per the appropriate specifications).
A typical list of documentation that should be available for hardware
and equipment IQ includes, but is not limited to, the following:
Page 56 of 104
GlaxoSmithKline
1205
JUNE 2002
Operational Qualification
The purpose of OQ is to ensure that the system functions in the user
environment as intended.
This area will ensure that physical devices attached to the control
system operate correctly and over the required ranges (may be
termed hot loop testing). This area also includes testing of trips,
interlocks and any other safety/guarding devices.
This aspect may also cover verifying display information, and verifying
that devices can be operated (manually) from the system note that
this activity may be conducted as a separate activity. Data capture,
archiving and retrieval systems can also be tested within this phase.
This should be designed such that the testing covers the entire range
of the systems specified operating parameters and also demonstrates
system repeatability over a number of test runs.
System tests should include testing the system under stress
conditions where these cannot be effectively tested during factory
acceptance testing. Some examples are:
Page 57 of 104
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
8.5.7.
1205
JUNE 2002
Use Phase
Operational and support plans are implemented as stated in the
management principles. Periodic review and revalidation will be
conducted in accordance with criticality of the system to the
production process.
8.5.8.
Decommissioning
For control systems with ERES functionality particular care should be
given to archiving of the electronic records, raw data and system
software (including configuration).
For control systems with non-standard data formats and hardware
consideration should be given to migrating data to portable data
formats (using a validated process) or retention of hardware to allow
retrieval of data/records.
8.5.9.
Configuration
Management
and
Incident
Page 59 of 104
GlaxoSmithKline
1205
JUNE 2002
Page 60 of 104
GlaxoSmithKline
8.6.
1205
JUNE 2002
Categories
Loop Controllers
process 2
2, 3
1, 2, 3
1, 2, 4
1, 5
1, 4
1, 3, 4
1, 3, 4, 5
1, 3, 4
1, 3, 4, 5
(configured,
but
no
user 1, 4
1, 4, 5
Smart Instruments report one process parameter (on an exception basis the
instrument can be interrogated for configuration such as range and
engineering unit). Intelligent instruments (e.g. Fieldbus devices) control
multiple process parameters and implement control functions.
Page 61 of 104
GlaxoSmithKline
9.
1205
JUNE 2002
9.2.
Are typically not 'stand-alone' programs, for execution they rely upon
the environment provided by the package from which they were
created.
GlaxoSmithKline
1205
JUNE 2002
Responsibilities
For smaller desktop applications, which are expected to be the majority of
cases, roles may be combined such that the author performs the roles of User,
project manager, and Support/Maintenance. These roles may also be
assigned to one, two or three different people depending on the complexity
and size of the effort. However, independent review is required. A person
should never sign as reviewer or approver of their own work.
Authors should be competent in the development and/or configuration
capabilities of the packages from which they develop desktop applications.
The QA/Validation role can be assumed by someone in a department that is
responsible for quality (e.g. QA/QC laboratory personnel) or a member of the
local QA/Validation staff.
The specific assignment of personnel to roles should be defined during
validation planning.
Page 63 of 104
GlaxoSmithKline
9.4.
1205
JUNE 2002
System Register
A list of desktop applications requiring validation should be maintained on a
system register (see Section 3). Desktop applications such as spreadsheet
and databases however are extensively used applications and the vast
majority do not require validation. As a consequence it may only be practical
to list those requiring validation on the system register. Where this approach it
taken it should be documented in a rationale approved by QA.
9.5.
Validation Life-Cycle
Two approaches to desktop application validation are provided, one for very
simple 'one-off' applications that are typically used once or a very limited
number of times and another for more complex applications that are difficult to
verify or will be used for an extended period of time.
The approach for one-off desktop applications is based on a complete review
of the results and retention of evidence to support that review (e.g. printing
and retaining verified spreadsheet formulas) rather than adherence to a
life-cycle. The one-off approach may also be appropriate for easily verified
applications that will be used indefinitely, for example, a spreadsheet that
simply reformats a small amount of information from another system.
The approach for desktop applications not considered one-off will broadly
follow the validation life-cycle described in Section 4 but guidance is provided
for streamlining activities in accordance with the scale of the application.
9.5.1.
Page 64 of 104
GlaxoSmithKline
1205
JUNE 2002
GxP desktop applications that are not one-off should have a written
assessment of GxP significance and be maintained on a systems
register in the same manner as other systems.
9.5.2.
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
information is included.
A suggested title for the composite
description of this information is 'specifications.'
Literature references to support calculations or other specific
requirements should be used rather than replication of the information
in the specifications when the source documents are controlled and
maintained to appropriate retention schedules.
Design review should be conducted in accordance with the guidance
provided in Section 4 but the summary of the review, and any planned
remedial activities to address deficiencies, may be included in the
Specifications documentation. A separate design review report is
suggested only for the more complex desktop applications.
Coding, Configuration and System Build
Coding or configuration prior to design review is acceptable for simple
applications in which there is minimal time lost and minimal risk if the
application does not provide the intended functionality. This exception
is strongly discouraged for relatively complex applications such as
those requiring more than one or two hours of development and
testing effort.
Code Review and/or Configuration Review
When the desktop application includes development of
bespoke/custom source code, a review of that code should be
performed to determine the following:
GlaxoSmithKline
1205
JUNE 2002
Page 68 of 104
GlaxoSmithKline
1205
JUNE 2002
Page 69 of 104
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
Page 71 of 104
GlaxoSmithKline
1205
JUNE 2002
Validation Report
It is recommended that the validation report follows the same structure
and format as the validation plan. For example, if the complexity of
the application requires a separate validation plan then a separate
validation report is anticipated for consistency. For simple
applications, the validation report information may be combined with
other deliverables in the development testing (execution/results) and
deployment phase.
It is critical that the document containing the validation report
information be signed-off prior to use in the end-user environment.
Post Implementation Monitoring
Post implementation monitoring should be considered only for the
more complex desktop applications such as multi-user databases.
Decommissioning
Special consideration should be given to ensuring retrievability of
desktop applications after their decommissioning. For example, it is
common for only one or two people in a department to be aware of a
desktop application that performs critical calculations for product
release decisions. If decommissioning is not properly managed, the
application can effectively disappear once the limited number of
knowledgeable personnel have left the company or taken other
positions. Archival of the software package required for execution of
the desktop application, for example a specific version of MS Excel,
should also be considered to ensure operability of the retrieved
application.
In addition to archival of the application and any associated data, the
decommissioning process should ensure that all documentation can
be identified, located and retrieved by persons other than those that
created and maintained the application. It is recommended that the
archive and decommissioning process include formal, documented
hand-over to personnel that can ensure availability throughout the
required retention period. The systems register should be updated to
reflect the decommissioned status of the application.
Cross Phase Activities
All cross phase activities described in Section 4 apply (including
requirements traceability matrix) but may be scaled to size and
complexity of the application.
Page 72 of 104
GlaxoSmithKline
9.5.3.
1205
JUNE 2002
Page 73 of 104
GlaxoSmithKline
1205
JUNE 2002
Categories
Database Applications
functions)
standard
(user
configuration
of
GlaxoSmithKline
1205
JUNE 2002
Distribution Systems.
Schedulers.
Financial systems.
Purchasing systems.
Page 75 of 104
GlaxoSmithKline
1205
JUNE 2002
Page 76 of 104
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
Business consultants.
System Integrators.
Application suppliers.
Hardware suppliers.
Support organisations.
GlaxoSmithKline
1205
JUNE 2002
Page 79 of 104
GlaxoSmithKline
1205
JUNE 2002
Page 80 of 104
GlaxoSmithKline
1205
JUNE 2002
Transfer synchronisation.
Data translation.
Data mapping.
Page 81 of 104
GlaxoSmithKline
1205
JUNE 2002
Data Load
Data load/migration often takes place in stages. Initially, migration of
a limited sample of data may take place to enable early testing. As
testing progresses, greater volumes of data may be migrated to
enable comprehensive testing of business scenarios. A final data
load/migration will be required prior to system cut-over in order to
synchronise data between the new system and legacy systems.
Statistical rationales should be used to justify different approaches
data load verification.
The design phase should have previously considered data migration
in terms of:
Data archiving.
GlaxoSmithKline
1205
JUNE 2002
User Procedures
Training
Security Management
Page 83 of 104
GlaxoSmithKline
1205
JUNE 2002
Page 84 of 104
GlaxoSmithKline
1205
JUNE 2002
This plan should state how changes are to be made and by which
groups. The plan should also state the tools to be used to make
changes.
Maintenance
GlaxoSmithKline
1205
JUNE 2002
Page 86 of 104
GlaxoSmithKline
1205
JUNE 2002
Performance Qualification
PQ for the IT system should be conducted under live operating
conditions. This generally involves running the system under the
control of normal SOPs and tracking certain events and performance
conditions. PQ should consider:
Validation Reporting
Multi-site IT systems may be deployed in a phased manner.
Consideration must be given to the phasing, e.g. a validation report
should be considered for each site or business. The validation report
should respond to the site validation plan and the generic project
validation plan. Validation reports can leverage quality reports where
available.
Where parallel operation is required (see introduction to deployment
earlier in this section) the following considerations should be made
and documented:
Which system holds the master data for the purpose of decision
making?
Page 87 of 104
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
Categories
1, 3, 4, 5
1, 3, 4, 5
1, 3, 4, 5
Electronic
(EDMS)
Document
Management
system 1, 3, 4, 5
1, 3, 4, 5
Page 89 of 104
GlaxoSmithKline
1205
JUNE 2002
Standard desktop.
Servers.
Networks.
Service management.
Page 90 of 104
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
Detail
General Management
Training,
Service
contracts, etc.
Servers
Mainframes
level
agreements,
Network Management
Desktop Management
Establishment
of
standard
hardware/software installation,
decommissioning, maintenance
protection,
distribution
of
upgrades, etc.
Security Management
Physical
security,
logical
security,
password
ageing,
user
account
management, access rights, installation of
anti virus software, handling of virus alerts
and infections, etc.
Data Management
Quality Management
Internal
audit
process,
document
management,
record
management,
corrective and preventative action, process
improvement, GxP training, etc.
desktop,
changes,
of virus
software
Page 93 of 104
GlaxoSmithKline
Change
Configuration
Management
Continuity
Management
1205
JUNE 2002
recovery
and
contingency
Page 94 of 104
GlaxoSmithKline
1205
JUNE 2002
validation. Central and site teams should agree relationships between central
and site activities and documents. Central development and support groups
and Site Validation should work with Global Computer Validation (GCV) in
order to facilitate consistent validation (e.g. use of templates) and maximise
use of central documents without duplicated site effort.
12.4. System Register
Sites should keep an entry in their System Register for those
applications/products they use that are centrally developed/supported.
Central support groups should maintain a System Register of sites using the
GxP systems they support.
12.5. Validation Life Cycle
Validation Plans
Each implementing site should develop a Validation Plan. The Validation Plan
should reference the central Validation Master Plan (or Quality Plan as
appropriate) in addition to defining site-specific validation activities. Both Site
Validation Plan and central Validation Master Plan (Quality Plan) should
clearly differentiate central team accountabilities and deliverables from site
validation accountabilities and deliverables.
Consideration should be given to GxP and non-GxP components of the
application/product (GQG 1401A provides further guidance). Further, certain
sites may not be using the application/product within a GxP environment and
as such, those elements of the site implementation need not be validated.
Supplier Assessment
Interfaces between suppliers supporting central and site activities should be
clearly defined. Central development and support teams should assure the
quality of suppliers supporting central activities. Centrally organised Supplier
Audits should be conducted in conjunction with Global Computer Validation.
Suppliers supporting local modifications should also be subject to supplier
assessment.
Central Activities Supporting Validation
The central implementation team should conduct activities to the agreed
standard in order to avoid or minimise additional work required to achieve
validation. Key documents supporting validation should be reviewed by
central and/or site validation teams as appropriate.
Centrally supported infrastructure should be incorporated within central
activities.
Page 95 of 104
GlaxoSmithKline
1205
JUNE 2002
Procedures.
GlaxoSmithKline
1205
JUNE 2002
Interfaces between central support teams and sites should be defined and
appropriate SOPs established to manage the interfaces. Support service
arrangements should take account of different time zones. SLAs should
ensure that sites are given notification of upgrades to central elements of the
application/product in order to allow appropriate impact assessment and
revalidation planning. SLAs should address requirements for access to
centrally held documents to support maintenance and inspection readiness.
Change Management.
Page 97 of 104
GlaxoSmithKline
1205
JUNE 2002
Diaries.
E-mail.
Page 98 of 104
GlaxoSmithKline
1205
JUNE 2002
Address books.
Page 99 of 104
GlaxoSmithKline
1205
JUNE 2002
Validation Requirements
Directly
supporting
GxP functions
and
associated
records
Validation required.
Tools should be
validated as computerised system. The costs
associated with validating bespoke/custom
may be prohibitive to their use. Where ever
possible COTS tools should be used.
Application
Development
and
Diagnostic
Tools
Security
management on
validated systems,
Test record
management for
validated systems,
Change control must be applied to manage Management of
upgrades to development and diagnostic change control &
tools in order to determine the impact of new, configuration records.
modified or removed features on developed
applications.
Spreadsheets
packages, database
packages, PLC
programming tools,
system operation and
Change control must be applied to manage diagnostic tools used
upgrades to development and diagnostic to support validated
tools.
applications.
Examples
Word processing.
Compilers
Validate as per Section 6.
and Operating
systems
UNIX, DOS.
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
GlaxoSmithKline
Management: Management Systems
COMPUTERISED SYSTEM VALIDATION
1205
JUNE 2002
GlaxoSmithKline
1205
JUNE 2002
understand the validation approach taken, and appreciate why certain project
and validation decisions were taken.
A SOP should be prepared to describe how inspections are to be managed
from the notification of an inspection, through its completion. The inspection of
computerised systems is usually included within the scope of such SOPs.
Advice on how to handle inspection scenarios should be handled through
training rather than the SOP.
16. Bibliography
Food and Drug Administration (FDA), Guide to Inspection of Computerised systems
in Drug Processing, 1983, Technical Report, Reference Materials and Training Aids
for Investigators.
Food and Drug Administration (FDA), Glossary of Computerised system and
Software Development Terminology, 1995.
Good Automated Manufacturing Practice (GAMP) - Guide for Validation of
Automated Systems Version 4, 2001, published by International Society of
Pharmaceutical Engineers (ABPI and IQA Approved Supplier Guidance in
association with ISPE).
Parenteral Drug Association (PDA), Validation of Computer Related systems, 1995,
PDA Journal of Pharmaceutical Science and Technology, Technical Report 18.
Pharmaceutical Inspection Co-operation Scheme (PIC/S), Good Practices for
Computerised Systems in Regulated GxP Environments, Document PI 011-1 (Draft),
January 2002, Pharmaceutical Inspection Convention.
REFERENCES
GQG 1401A
GQP 1204
GQP 3202
GQP 3301