Home
Contact Details DOC SHOP
Introduction.
Doc Applications
Validation Enquiry
Site Statistics
Site Problems
Phone; 703-9035
Free Newsletter
Contact Us Directly.
Protocols & Plans: Agency Reviewed
Autoclave Validate
Computer Validation
Biotech Validation
Computer Qualify
Comb'd IQ-OQ-PQ
Utility Air Valid'n
Com. Vender Audit
Design Qualification
Design Validation
Facility Qualification
HVAC Qualification
Comb'd IQ-OQ
IQ/OQ/PQ Proto'ls
Installation Qualify
Installation Validation
LAN Validation
Operation Qualify
Operat'l Validation
Performance Qualify
Performance Validat
Pharma Validation
Process Qualification
Process Validation
Spreadsheet Validat
Software Qualify
Software Validation
Steam Quality
Temp. Mapping
User Requirements
Validation Plans.
Val. Master Plans
Validation Packages
Procedural Docs: FMEA
Gap Analysis Tool
cGMP Validation
Predicate Rules
Risk Assessment
SOP for SOP
SOP for cGMP Rev
SOP Validation
Validation Matrix
Vender Audit.
Hard Ware/Copy BSI Standards
Contracted Validate
Data Loggers
Quality Manual
Humidity Calibration
Validation Manual
Tele Conference
Technical Info: CSV Annex 11
Free Vendor Audit
GAMP 5
Glossary
GMP Problems.
Hardware Validation
Measuring Instr's.
Med Devise Validate
Mixing
21 CFR Part 11
Part 11 Update
21 CFR Part 211
21 CFR PART 820
Pharma Maint'ance
Protocol Standards
Validation Protocols.
Validation Blog
Video News
Retro-Validation
Warning Letters
Your Free Glossary
General Info: Calculators For All
Conditions of Use
Corpus Clock
Customer List
Easy Business
Procedures
Product for License
Regulat'y Authorit's
Computer Val Process
Useful Links.
Free Downloads
Advertising With us.
21 CFR Part 11.
CAPA Audit
Validation Academy

SOFTWARE VALIDATION.

Software validation, customer city skylines. this one is Soul.

Software validation documentation logic diagram.

Software Validation Documentation Introduction.

Software Validation starts with a user requirement document (URS).  When either management by policy; or an employee by cause; requests that a controlled process is instigated or an existing controlled process requires a serious modification (miner modification would be controlled under change control ), a User Requirement Specification (URS) document is raised.  Over the course of several meeting the URS is fleshed out to document all aspects of the requirement.  It is important that the document is properly scoped in order that the procurement , installation, commissioning, validation, user training, maintenance, calibration and cleaning tasks are all investigated and defined adequately.

 

To scope and define an adequate validation procedure the URS has to be detailed sufficiently for various assessments to be made.  The main assessment that concerns us with software validation documentation is the risk assessment.  This assessment is only concerned with ensuring that the degree of validation that is proposed; is compliant with the regulatory requirements.

So at this early stage it is required to execute a risk assessment against the URS to see what category the software validation is going to be.

 

To learn more about this Validation Risk Assessment contents, click here;  VRA    

To purchase a ready to use Validation Risk Assessment document, click here;  VRA

It is a mandatory requirement that certain aspects of this assessment are documented and held as a regulatory required record.  These are;

Does the software validation require Full Life Cycle validation ?

Does the use of the software produce records that must comply with 21 CFR Part 11 ?

If the data requires to be Part 11 compliant, how is that to be being achieved?

The answers to these questions are required to enable the Validation Plan (VP) to provide sufficient information to the protocol writers, to enable them to define the correct content for the Installation Qualification  (IQ). Operational Qualification  (OQ) and the Performance Qualification  (PQ) protocols.  

The VP is then used by the protocol writers as the official mandate for protocol content in the software validation task. 

Software validation documentation dataflow diagram.

Full Life Cycle & Standard Cycle Validation.

The outcome of the VRA drives a split in software validation documentation scope, if the VRA categorises the software validation as requiring Full Life Cycle Validation (FLCV); then a considerable amount of the software validation effort is put into establishing how the software originated, was designed and developed, in order to establish that its basic concept and development can be considered robust , sound and in accordance with best practices . 

The original development plans , code reviews, methods reviews and testing plans must be available to enable this software validation documentation to be executed successfully.  Once this proof of quality build is establish, validation then follows a more convention path in code / procedural / security verification / functional inspections and verifications.



Software that is not classified as requiring FLCV treatment, does not require this depth of verification into quality build history and is validated mainly by the more convention path in code / procedural / security verification / functional inspections and verifications.



FDA Expectatios are:

SOP for Computer Equipment Validation.

The SOP for Software Validation documentation continues to be an extremely popular document. This document leads you through the validation process, from the URS to the final P2Q.

SOP for Software Validation (Issue-1)) -- $22.00
Quantity

CLICK HERE TO PROCEED TO SOFTWARE VALIDATION DOCUMENTATION SECTION.

Software Validation and Testing.

Dynamic Testing.

Dynamic testing verifies the execution flow of software, including decision paths, inputs, and outputs. Dynamic testing involves creating test cases, test vectors and oracles, and executing the software against these tests. The results are then compared with expected or known correct behavior of the software.  Because the number of execution paths and conditions increases exponentially with the number of lines of code, testing for all possible execution traces and conditions for the software is impossible.

Static Analysis.  

Code inspections and testing can reduce coding errors; however, experience has shown that the process needs to be complemented with other methods. One such method is static analysis . This somewhat new method largely automates the software qualification process.  The technique attempts to identify errors in the code, but does not necessarily prove their absence.  Static analysis is used to identify potential and actual defects in source code.

Abstract Interpretation Verification.

A code verification solution that includes abstract interpretation can be instrumental in assuring software safety and a good quality process. It is a sound verification process that enables the achievement of high integrity in embedded devices. Regulatory bodies such as the FDA and some segments of industry recognize the value of sound verification principles and are using tools based on these principles.

Software Conception and Inception.

Establish the End Users high level requirements.

These must be based on the functionality as the end user will see it.  They must cover all aspects of using the software and be sufficiently detailed to enable the development team to clearly and concisely understand what the future product plans are.

Define the detailed functionality requirements.

This stage develops and expands the end user’s requirements, and drills down to a sufficient level of detail required for the development team. As each detailed requirement document is completed, it is subjected to peer review and acceptance by a representative from development, quality assurance, architecture, product management, and development management.

Define the software structure and technical design specification . 

Based on the high level requirements (URS level 1 ), establish a suitable product architecture taking the end user requirements and the required functionality requirements into account.  This task should be structured in parallel with defining the detailed requirements. 

Product Development.

The software development team executes the detailed requirements and the technical architecture. This process is best commenced only when both parts of the requirements document have been completed, reviewed and approved. 

Quality Assurance.

The QA team must sit in at all stages from conception to completion and hand over to end user.  They are not there to review the software.  They are there to ensure that best industry practices are used and that company software policy and procedures are strictly adhered to.  They will ensure that the software created by the development team meets the defined requirements and is supplied to the end user complete with all necessary support documentation.  They will ensure the software is installed and used in accordance with company requirements practices & procedures, and all relevant cGMP regulations.

FDA latest guidance on 21 CFR Part 11.

This graphic depicts software validation documentation that is used.

It now appears that the current FDA Guidance rules pertaining to 21 CFR Part 11 may be with us for a longer time than was originally anticipated.  So we have incorporated the guidance suggestions in their latest guidance document, into this Validation Risk Assessment (VRA) (now issue 10).  This VRA document now comes with a downloadable matrix for registering the justification for all your Part 11 assessments.  This is now a mandatory requirement. 

Part 11 will be interpreted narrowly; we are now clarifying that fewer records will be considered subject to part 11. (extract from FDA document)
 

This would appear to mean that the original all embracing approach to all electronic records is to be dropped and the rigors of part 11 applied only to the data that directly affects product quality and safety, and record (of the product) integrity. 

For those records that are to remain the subject of 21 CFR Part 11 , we will apply discretion in the validation of audit trails, record retention, and record copying.  (extract from FDA document)
 

This would appear to mean that if your in-house document control is secure and robust; then it will be acceptable in the matter of audit trail / record retention and record copying.  

We will enforce all predicate rule requirements, including predicate rule record and recordkeeping requirements. (extract from FDA document)
 

This is a statement to the effect that in all other ways 21 CFR Part 11 will be enforced. 

Accordingly, we recommend that, for each record required to be maintained under predicate rules, you determine in advance whether you plan to rely on the electronic record or paper record to perform regulated activities. We recommend that you document this decision (e.g., in a Standard Operating Procedure (SOP), or specification document).  (Extract from FDA document )

SOFTWARE VALIDATION DOCUMENTATION.

 


CLICK HERE FOR FURTHER DETAILS OF DOCUMENTATION AVAILABLE
Copyright © 2005




World Wide Regulatory Authorities.

World Health Org.
Home Page
Med & Standard
Medic: Quality Assurance.  
Certification.
Prequalification.  

North America

USA:
FDA: Home Page
Evaluation & Research.
Biol Evaluation 

CANADA:
Canada: Home Page.
 Health Food Branch
Drugs and Health Products.
Ther'tic Directorate

South America:
Arg'tina: Min Health

Bolivia: Min Health.

Brazil: Min Health.
Chile: Health Min .
Col'bia: Min Health .
Ecuador: Min Health
El Sal: Min Health.
Guat'la: Min Health
Guyana: Min Health.
 Jam'ca: Min Health.
 Mexico: Min Health .
Nic'gua: Min Health   
Panama: Min Health  
 Peru: Min Health
T & T: Min Health 
Uruguay: Ministry of Health .

 

Europe:

GERMANY:
Ministry of Health
Drugs & Medical Devices.

UNITED KINGDOM:
Dept of Health
 Med.Health Reg


FRANCE:
Ministry of Health.
Safety of Health Agency

ITALY:
Min of Healt.
Nation Inst Health 

SPAIN:
Ministry of Health.
Medicinal Products

SWITZERLAND:
 Of Public Health
Ag Therap Products. 

EURO AUTHORITIES:
Austria: Min of Labour.
B'gium: Min Soc Affairs.
Belgium: Phar Inspect
 Bulgaria: Min Health.
Bulgaria: Drug Agency 
 Croatia: Min Health
Czech R: Miny Health
Czech R: Drug Control
 Denmark: Min Health
Denmark: Med Agency
Estonia: Ag Medicines 
Finland: Ag Medicines 
 Greece: Org Medicines 
Hungary: Inst Pharmacy 
Iceland: Medic. Con.Agency 
Ireland: Med Board 
Latvia: Agency Med 
Lithuania: Med Agency 
Lux'ourg: Min Health 
Malta: Min of Health 
Netherlands: Ministry Health. 
Neth'lands: Med Board 
Norway: Min of Health.  
Norway: Med Agency. 
 Poland: Min Health
Poland: Med Institute 
 Portugal: Min Health
Portugal: Inst Pharmacy. 
Romania: Min Health, 
S Marino: Min Health. 
Slovak Min of Health
 Slovenia: Min Health 
Sweden: Med Agency
 Turkey: Min Health
 Ukraine: Min Health.


RUSSIA:
Federation: Mednet.
Ministry of Health.

INDIA:
Ministry Health Welfare.
Drug Standards Organ.

CHINA:
Ministry of Healthl.
Food & Drug Admin.


JAPAN:
Japan: Ministry of Health.
Japan: Pharm/Dev Agen.

AUSTRALIA AND NEW ZEALAND:
Australia: Dept Health
Australia: Med Authority.
New Zealand: Min Health
New Zealand: Med Auth.

ASIA-PACIFIC AUTHOR's:
Bangladesh:Min Health.
Brunei: Ministry Health
Fiji: Ministry of Health
Hong Kong: Dept Health
Indonesia: Min Health
 Korea: FoodDrug Admin.
Malaysia: Min Health 
Malaysia: Control Bureau.
Nepal: Ministry of Health.
Nepal: Dept Drug Admin.
Pakistan: Min of Health. 
Papua New Guinea: Dept Health
Philippines: Dept Health
Singapore: Min Health
Singapore: Health Auth
Sri Lanka: Min of Health 
Taiwan: Dept Health
Taiwan: Foods & Drugs
Thailand: Public Health.
Thailand: Food & Drug 
Vietnam: Min of Health

Middle East.

Bahrain: Min of Health
Israel: Ministry of Health
Jordan: Min of Health
 Lebanon: Min Health
Palestinia: Min Health
Saudi Arabia: Min Health
UAE: Ministry of Health.

REPUBLIC OF SOUTH AFRICA:
Dept. of Health 
Medicines Control Council.

OTHER AFRICAN AUTHORITIES:
Botswana: Min of Health.
Ghana: Ministry of Health.
Kenya: Ministry of Health. 
Maldives: Min of Health.
Mauritius: Min of Health.
Morocco: Min of Health.
Namibia: Min of Health. 
Senegal: Min of Health.
Swaziland: Min Health. 
Tanzania: Min Health.
Tunisia: Min of Health.
Uganda: Min of Health