Computer System Validation


Computer System Validation is an extremely important subject for Quality Management System of highly regulated companies. In fact, every company focusing on medical device or pharmaceutical business needs to perform validation of their computer systems. This becomes even more important with the spread of digital health device and software-based medical devices.

Firstly, the ISO 13485:2016, for example, establishes that all the softwares used in the framework of a Quality Management System validation before their use.

Methodology for Computer System Validation

ISPE (International Society for Pharmaceutical Engineering) provides one of the most and complete guideline for the validation of computerised system. In fact, ISPE publishes regularly guidelines to support the validation of computerized systems for pharmaceutical or medical device sector.

The GAMP Guideline for Computer System Validation

GAMP stays for Good automated manufacturing practice and the full name of the guideline is GAMP 5 Guide: Compliant GxP Computerized Systems. The guideline provides extensive guideline on the validation of software using a risk-based approach. You can refer to the picture below for an overview of the GAMP approach for validation:

The responsibility of computer system validation is shared between the supplier and the user. To clarify, the user is the company which is using the computer system for the design or manufacturing of medical device or pharmaceutical products. The supplier is the provider of the software system.

Risk-based approach for Computer System Validation

As mentioned before, ISO 13485 requires the application of a risk-based approach to determine the extent of the validation efforts towards a computer system. There might be different ways to apply a risk-based approach. On possibility is to divide the software application in different categories, such as:

  • Off-the-shelf software
  • Configured Software
  • Custom Software

The type one the extent of the validation depends from the category of the software. For example, for off the shelf software, the following scheme describes the possible approach:

In conclusion, for an in-depth overview of the strategy to follow for validation of computerised system, refer to this full procedure!

Leave a Reply

Your email address will not be published. Required fields are marked *