Risk Based Approach To Computer Validation
In recent years, a risk-based approach has been adopted within the industry, where the testing of computer systems (emphasis on finding problems) is wide-ranging and documented but not heavily evidenced (i.e. hundreds of screen prints are not gathered during testing). Annex 11 states "Risk management should be applied throughout the lifecycle of the computerised system taking into account patient safety, data integrity and product quality. As part of a risk management system, decisions on the extent of validation and data integrity controls should be based on a justified and documented risk assessment of the computerised system."
The subsequent validation or verification of computer systems targets only the "GxP critical" requirements of computer systems. Evidence (e.g. screen prints) is gathered to document the validation exercise. In this way it is assured that systems are thoroughly tested, and that validation and documentation of the "GxP critical" aspects is performed in a risk-based manner, optimising effort and ensuring that computer system's fitness for purpose is demonstrated.
The overall risk posed by a computer system is now generally considered to be a function of system complexity, patient/product impact, and pedigree (Configurable-Off-The-Shelf or Custom-written for a certain purpose). A lower risk system should merit a less in-depth specification/testing/validation approach. (e.g. The documentation surrounding a spreadsheet containing a simple but "GxP" critical calculation should not match that of a Chromatography Data System with 20 Instruments)
Determination of a "GxP critical" requirement for a computer system is subjective, and the definition needs to be tailored to the organisation involved. However in general a "GxP" requirement may be considered to be a requirement which leads to the development/configuration of a computer function which has a direct impact on patient safety, the pharmaceutical product being processed, or has been developed/configured to meet a regulatory requirement. In addition if a function has a direct impact on GxP data (security or integrity) it may be considered "GxP critical".
Read more about this topic: Validation (drug Manufacture)
Famous quotes containing the words risk, based, approach and/or computer:
“If you love the good thing vitally, enough to give up for it all that one must give up, then you must hate the cheap thing just as hard. I tell you, there is such a thing as creative hate! A contempt that drives you through fire, makes you risk everything and lose everything, makes you a long sight better than you ever knew you could be.”
—Willa Cather (1873–1947)
“Few white citizens are acquainted with blacks other than those projected by the media and the so—called educational system, which is nothing more than a system of rewards and punishments based upon one’s ability to pledge loyalty oaths to Anglo culture. The media and the “educational system” are the prime sources of racism in the United States.”
—Ishmael Reed (b. 1938)
“I have watched ... many literary fashions shoot up and blossom, and then fade and drop.... Yet with the many that I have seen come and go, I have never yet encountered a mode of thinking that regarded itself as simply a changing fashion, and not as an infallible approach to the right culture.”
—Ellen Glasgow (1873–1945)
“The archetype of all humans, their ideal image, is the computer, once it has liberated itself from its creator, man. The computer is the essence of the human being. In the computer, man reaches his completion.”
—Friedrich Dürrenmatt (1921–1990)