Tuesday, 27 June 2017

Computer Systems Validation


The MHRA are continuing their series on data integrity and computer systems validation. The latest blog post has some useful information (this time from Balall Naeem), such as:

If you are able to obtain validation documentation here are some suggestions on what you do next as a minimum:
  1. If you receive a validation report check it, make sure it corresponds to the version of the software you are using. If it details the systems functionality then make sure all the functionality you are using is covered in the report.
  2. If you receive a validation pack does it show the system to be successfully validated, i.e. has all the functionality you intend to use been tested and passed? Is it evident who the tester was and have they signed and dated everything correctly? Is it evident how test fails have been rectified? Is there anything that might cause you concern such as a missing follow-up test after a fail or undecipherable testing?
  3. Are the dates sequential? Was all testing completed before the product was released? Were all the specification requirements and test scripts agreed and signed off before the build had been completed? Was the validation report issued prior to release?
  4. If you have concerns can you address them? Are you able to self-validate or mitigate them in another way?
  5. Do a formalised risk assessment, document your findings and record any mitigating action you are going to take.
For further details, see MHRA

Posted by Dr. Tim Sandle