Dear Blog Reader,

Discussions in this blog are based on quotes from my book titled Computer Validation: A Common Sense Guide and it is available in both hard copy and PDF electronic form at http://www.gxpinternational.com/books-briefings.html. The book’s 10 chapters describe computer validation practices that 20+ years of project and audit experience have shown to be practical to execute and that produce evidence which has passed audits and inspections in North America and Europe. The 29 chapter appendices provide full scale examples of validation document sets, policies, and SOPs from real projects to illustrate the concepts discussed.

This blog takes quotes from the book and expands on the ideas presented. In addition, electronic Chapter Briefing Units from the book can be used by you in PDF format for training purposes. You will find a number of published journal articles available for free download at my website www.gxpinternational.com along with a list of scheduled conference and seminar events. Your comments and concerns about validation topics can be sent to me at my email gxpintl@rcn.com. I look forward to a healthy exchange of ideas and wish you every success with your own computer validation adventures in 2013.

Teri Stokes, Ph.D., Director, GXP International

Tuesday, April 1, 2014

Validation Package Model – System Control

There are three streams of validation work that must be controlled and documented within each package. The second workflow documents physical and logical control of the system for both its software and its infrastructure platform. (p. 63)

There are three types of validation packages produced in a regulated software life cycle.
       Operational Qualification (OQ) – Documented evidence that a system operates as intended throughout its expected range as per design specifications. (Prepared by SW Supplier Team)
       Installation Qualification (IQ) – Documented evidence that all system components are installed to supplier instructions & user requirements. (Prepared by IT Team)
       Performance Qualification (PQ) Documented evidence that a system operates as intended in the user’s work process. (Prepared by End User Team)
A standard approach to all three packages is shown in the Figure 4.2 below.



The quality of computer system performance and data integrity is directly dependent on having a controlled and protected system configuration environment. In OQ, CASE tools must be qualified and managed. In PQ, production systems must be securely managed. Quality Management and Change Control practices and records are a big factor here including QA audits of the system and packages.

Excessive changes over time beg for revalidation of the system (IQ/OQ/PQ). Watch for it. Validation doesn’t end with Go-live of the users’ production system. It continues until the system is retired and taken off line. Patches and upgrades are potential risks and must be tested offline prior to use. System materials also need review for e3dits to match work process or program changes.

Next Month: Validation Package Model – Testing Control
There are three streams of validation work that must be controlled and documented within each package. With documented human control and system control in place, the successful validation team moves to formal testing of the system. (p. 64)