Any organization that uses software to manage its data, systems, and processes should consider implementing the Computer System Validation (CSV) procedure. It is essential to ensuring that the system complies with norms and best practices in the pharmaceutical industry. Every part of the system, from the user interface to the back-end database, is validated during the process to make sure it complies with the criteria. Standard Operating Procedures (SOPs) must be developed as part of the process to guarantee that the system is regularly validated and maintained. The significance of CSV and the SOPs required maintaining compliance will be covered in this article.
You should have the following SOPs in place for compliance and operational purposes as well as inspection purposes.
The CSV SOP is the first. The validation life cycle should be overview and completely described in this SOP. The specifications for important areas like intended use, the validation master plan, the user and functional requirements specification, the system design specification, the traceability matrix, the installation qualification, the operational qualification, the performance qualification, the validation summary report, and the validation release memo should be part of this SOP.
The software development life cycle (SDLC) SOP is the second SOP that should be in place. This SOP should communicate with the CSV SOP and should specify the processes required to carry out the SDLC for custom applications.
A change control SOP is essential should be implemented as the third SOP. The procedure for controlling both software and hardware in the production environment should be clearly outlined in this SOP. Procedures provide an established, approved framework for carrying out tasks within a regulated environment. Additional procedures pertaining to regulated computer systems are necessary to meet the procedural control requirements of 21 CFR Part 11.
A good documentation practises SOP is the fifth SOP that is crucial to inspections. Having a system for recording your evidence of validation actions is crucial. The integrity of your CSV and change control documentation is ensured by implementing proper documentation practices.
A sixth SOP to have in place is a security SOP. This SOP should address physical access to buildings and data centers, networks, and passwords. FDA investigators are inspecting the security of buildings, data centers, and networks more frequently. They are also looking for the inclusion of a password policy in the security SOP or a stand-alone password policy. Further other SOPs that are considered to be an important part of any CSV program include: disaster recovery, backup and restore and deviation management.
The SOP related to training of employees about new hardware and software: The FDA is carefully reviewing the training records of software vendors so that they may ensure that only those with the necessary training and experience are working on developing and implementing software applications. A list of criteria for judging a software provider should be on the checklist. These include—but not limited to—the following: the requirements of 21 CFR Part 11, security, the software development life cycle (SDLC), training, and organizational structure.
Do you have the following SOP’s closely related to Computer System Validation?
After reading this blog, we hope you can understand the importance of computer system validation and properly use the proposed checklist and improve on it further.
Now that you know this:- hopefully you are in position to answer the Assignment(s)
- Please review the Computer system validation of recently installed equipment in your laboratory? Proper training given to employees before releasing the equipment for routine usage?
- In your lab, do computer system validation properly archived? Further easily retrievable at the time of requirement?
- Does your organization have the following SOP related to Computer system validation? Password policy? Data backup/Security/Archival/Disaster recovery and E-signs?
- Please review SOPs related to Computer system validation? Password policy? Data backup/Security/Archival/Disaster recovery and E-signs, do you find any gaps in the framing of these SOPs please highlight the same and bring them to the notice of QA department?
- Please note the audit points related to CSV practices/Password policy/E-signs and how they were rectified?/CAPA implemented?