Computer System Validation

Our Computer System Validation consultants, engineers and specialists can assess your computer systems compliance assessment or validation against regulatory and industry guidance’s:

  • GAMP software life cycle development model (V model) and/or
  • FDA 21 CFR Part 11 on electronic records, electronic signatures and/or
  • PIC/S annex 11 on validated computer systems

We recommend that any new computer system validation effort, or remediation complies with the above requirements.

A risk based approach to compliant GxP computerised systems

After extensive consultation with industry and regulators (FDA and MHRA), the ISPE published GAMP 5 in February 2008. The Good Automated Manufacturing Practice (GAMP) Guide – A Risk-Based Approach to Compliant GxP Computerized Systems. This guideline describes a set of principles that ensure that products manufactured using computerised systems meet their prescribed quality attributes. One of the core principles of GAMP 5 is the use of the risk assessments to focus scarce resources on critical to quality attributes and maximising the use of vendor quality systems and documents.

GAMP 5 is commonly used at all stages of development in most industries i.e. pharmaceutical, medical devices and biologics.

Assessing the business risk and risk to patient of computer systems

This is an area many of our clients struggle with and from experience often get very wrong, unnecessarily wasting money.

Our validation professionals can offer training and coaching; provide pro forma procedures and forms; lead risk assessments but most importantly a pragmatic methodology and an independent sanity check. Our advice is tempered with the experience across many industry types and differing validation approaches.

Our approach risk assessment is guided by the Quality Risk Management methodology found in GAMP 5, ASTM 2500E, ICH Q9 and Annex 11 and 20 of the PIC/S code for Good Manufacturing Practice.

Our recommend isto use a multidisciplinary team and assess the risk at multiple layers, system, module, component and finally elemental functionality. Each time trying to strip out chunks of testing. This combined with a simple scoring system, i.e. a maximum scoring of 1 to 3, Low, Medium and High, judge the Severity of the risk, likelihood of Occurrence and the probability of Detection documented in a matrix which indicates the level of qualification or validation recommended. It also provides a measurable risk score that could be used to demonstrate a reduced risk score as part of a risk management strategy.

Assessing the FDA CFR part 11 requirements

In practice, the Part 11 regulations require drug makers, medical device manufacturers, biotech companies, biologics developers, etc, to implement controls, including audits, system validations, audit trails, electronic signatures, and documentation for software and systems involved in processing electronic data.

The data is very specifically (i) required to be maintained by the FDA predicate rules or (ii) used to demonstrate compliance to a predicate rule.

This is an area many clients need assistance from our validation professionals to assist with these assessments.

Developing User Requirements Specifications

When considering a new computer system, or modifications to an existing one, our constants start with a User Requirements Specification (USR). A USR describes the functional and non-functional requirements of the software and hardware in order to meet the users’ needs.

CiPharma consultants help you develop a URS that then forms the basis for the design and development (if any) of the computer system. They will ensure that your URS is complete, realistic, definitive and testable.

By using Quality-by-design principles, CiPharma consultants can perform design reviews to determine the optimal design of the computer system, ensuring Quality, safety and effectiveness are designed and built into the

Qualification/Testing Protocols

Testing computer systems presents many challenges for Life Science professional and can be very and time consuming.CiPharma’s validation contractors are dedicated to developing and implementing testing protocols.

We undertake testing on a fixed price basis, or we can operate on a time plus basis to perform the testing & documentation under your supervision. It is important to note that installation qualification (IQ), operation qualification (OQ) and performance qualification (PQ) are less favoured now. They have been replaced with “verification”, where the emphasis is now on activity verification,.