Risk Based Computer System Validation

FDA requires that all software in computer systems used in GxP activities be validated. The validation of computer system software is completely different from that of device software (embedded software). Verification is much more than testing. It is testing plus design control and configuration management.

How to plan and conduct a risk-based validation will be explained. The overall risk for a computer system is a combination of software complexity and product risk as determined by probability, severity, and detectability rankings. Also involved in the risk evaluation is the requirement for purchased software supplier qualification. You’ll learn how to integrate risk-based supplier evaluation into the validation process. The validation Master plan and System Validation Plans will be explained.

Testing, based on risk, includes requirements validation and IQ, OQ, and PQ. A procedure for each level of complexity and risk will be described.

• How to manage the validation process
• Validation life cycle models and Validation Plan contents
• How do you determine the complexity category of your system based on GAMP 5 principles
• How to evaluate risk level using GAMP 5 modifications the IS14971 procedure
• What level of testing is necessary based on software complexity and risk
• Integrating software supplier evaluation in the validation process
• What documentation is necessary
• How to minimize documentation reduces costs based on risk
• How to plan and conduct IQ, OQ, and PQ

The validation of computer system software is entirely different from that of device software (embedded software). Attempting to conduct a CSV following device software validation concepts could result in a 483 or rejection of a product approval submission.

• Computer system developers
• Systems development engineers
• Lab Managers and Analysts
• Production Managers
• Engineering managers
• Quality Assurance
• Regulatory Affairs
• Operations
• Engineers
• Quality Engineer
• QA/QC Professionals
• Engineering/Technical Service Professionals
• Consultants
• Operations and Manufacturing
• Compliance Professionals

Edwin Waldbusser, is a consultant retired from industry after 20 years in management of development of medical devices (5 patents). He has been consulting in the areas of design control, risk analysis and software validation for the past 8 years. Mr. Waldbusser has a BS in Mechanical Engineering and an MBA. He is a Lloyds of London certified ISO 9000 Lead Auditor and a member of the Thomson Reuters Expert Witness network.