This month, Sharon Strause, an industry consultant, provides a look back at "Computer System Validation Part I: Testing and Verification of Applications Software" by Leonard J. Goren.
Throughout BioPharm International's 25th anniversary year, we have looked back at articles published in the first volume of the journal. This month, Sharon Strause, an industry consultant, provides a look back at "Computer System Validation Part I: Testing and Verification of Applications Software" by Leonard J. Goren.
Computer system validation has changed in the past 25 years as technology has become more complex. The majority of the documentation requirements and software tests Leonard Goren listed in his article, "Computer System Validation Part I: Testing and Verification of Applications Software," are still applicable today. One of the key missing procedures required to execute computer system validation well is the supplier management process, which should include the requirements for a vendor audit. A vendor audit determines the vendor's capability of producing a software application that can be validated for a regulatory company's use. A vendor audit verifies how the code was developed, documented, and tested in all stages of the development process. A vendor audit determines the quality system procedures that a vendor has in place to ensure a well-developed software application. The audit determines how code is managed (i.e., configuration management), reviewed, internally documented, tested for the use and misuse of its software, and changed. The vendor audit captures how data produced by the software meet the requirements document, which starts the process of a vendor audit. CGMP requirements are established in the company's requirements document for the software application including any audit trail functionality; how the code is managed from an infrastructure perspective (e.g., local, wide area, and web networks); and disaster recovery process (i.e., backup process and offsite code management). A thorough vendor audit showing good development practices will then allow a company to qualify the software's installation on their equipment, and validate it for their use according to the computer system validation procedures in place at the company. If practices at the vendor are not quality capable, then a company can either chose another vendor or know in detail the additional requirements that would need to be completed to fulfill the requirements of computer system validation. This could mean thoroughly testing the software for accuracy of the stated requirements of the software as it is received before ever beginning the actual "validation for use" that is in place at the company.
The other crucial document that must be in place prior to assessing any vendor is the requirements document. Goren addresses the functional requirements in his 1988 article, but today, a requirements document includes functional, technical, and regulatory requirements for a software application. A completed requirements document helps to determine the types of applications that should be assessed and also the types of testing that may be required to ensure workability of the software. It's an important starting point in the computer system validation process. Having a computer system validation process that starts with requirements and includes a good process for supplier management and auditing can help to minimize the validation of an application or make it more complex.
—Our Retrospective series has included updates on separations technology, mammalian cell culture, industry perceptions, orphan drugs, mAbs, GMP training, cleanroom management, and more. For a complete list of Retrospectives and their original 1988 articles, visit BioPharmInternational.com/Retrospectives
Drug Shortages and Complying with FDA’s 21 CFR 211.110 Guidance
April 2nd 2025Susan J. Schniepp, distinguished fellow at Regulatory Compliance Associates, and Rona LeBlanc-Rivera, PhD, principal consultant, Regulatory Affairs at Regulatory Compliance Associates, answer some questions about FDA’s January 2025 21 CFR 211.110 guidance document.
AES Clean Technology Launches Next-Generation OSM Utility Solution for Cleanrooms at INTERPHEX 2025
April 2nd 2025Officially launched at INTERPHEX 2025, the Omni ASCENT is a next-generation off-site manufactured vertical utility solution that offers optimized cleanroom flexibility and efficiency.