The process of proving that a computer system, which is being used in the lab, can generate results that satisfy the established needs of a particular analytical application is known as computer validation. Pharmacy companies must go through this procedure to make sure they follow Food and Drug Administration (FDA) and Good Manufacturing Practises (GMP) guidelines. This article tries to address some of the often asked queries about GMP/FDA compliance and computer validation.
In which intervals do systems have to be validated?
Generally, concrete intervals are not defined in the regulations. The companies should set their own SOPs as per regulatory guidelines, in this context, a yearly assessment is recommended. Other options are when system gets breakdown or when new software or hardware is being installed. In the case of major changes a revalidation must however be carried out.
Does a software supplier have to be audited at all events, or would it be sufficient if the supplier filled in a questionnaire which would then be assessed by the QA unit?
A software supplier has to be assessed at any rate. This can be done by means of an audit, but it is not absolutely necessary. The question whether a questionnaire is sufficient should be answered by the pharmaceutical entrepreneur in dependence on the criticality of the software, but also on experiences with the supplier. If the supplier “only” provides personnel working according to SOPs created by the customer, an audit is not necessary. However, it must be proved that these persons have been trained. Here organizations should have well defined Vendor selection process, based on scientific rational and have well defined SOPs for the same.
Is it necessary to approve hardware and software suppliers formally?
There is no requirement for the hardware and software vendors to receive formal clearance. However, it must be verified that only previously evaluated and approved vendors are used for placing orders. Organizations should have a clear vendor selection process that is founded on scientific reasoning and has clear SOPs for it.
How detailed do specifications have to be?
The intended quality is always specified in specifications. So that they may serve as the foundation for the tests, they must specify the requirements. They must therefore be testable, meaning that the consumer must be able to verify that he has received what he requested. The customer will sufficiently detail what he expects or orders just for commercial/regulatory reasons.
Traceability matrix – what is necessary? Must an end user have a traceability matrix, administrate it and validate it?
The user has to be able to show that his user requirements were checked during the validation. A traceability matrix is an instrument for proving this. What is essential in this context is that the requirements can be traced from the specification via the risk analysis to the test. It should be seen as a checklist that asks whether the specified requirements have been implemented and where the proof can be found.
Do you have the following SOP’s closely related to Computer System Validation?
After reading this blog, we hope you can understand the importance of computer system validation and properly use the proposed checklist and improve on it further.
Now that you know this:- hopefully you are in position to answer the Assignment(s).
- Do your organization have SOP for Vendor selection? Well defined questioner for Vendor selection?
- Please review the Computer system validation of recently installed equipment in your laboratory? Proper training given to employees before releasing the equipment for routine usage?
- In your lab, do computer system validation properly archived? Further easily retrievable at the time of requirement?
- Does your organization have the following SOP related to Computer system validation? Password policy? Data backup/Security/Archival/Disaster recovery and E-signs?
- Please review SOPs related to Computer system validation? Password policy? Data backup/Security/Archival/Disaster recovery and E-signs, do you find any gaps in the framing of these SOPs please highlight the same and bring them to the notice of QA department?
- Please note the audit points related to CSV practices/Password policy/E-signs and how they were rectified?/CAPA implemented?