Computer System Validation (CSV)
Validation of computerized systems in the pharmaceutical industry and medical devices
These days, computerized systems play a central role in the development and manufacture of pharmaceuticals and medical devices. If such a system is used in critical business areas, the company must provide documented proof in the context of a software validation that the system works according to predefined specifications and that this standard is also upheld during everyday operations.
In areas that are subject to public health authority regulations (GxP) such as the pharmaceutical industry and medical devices, quality is ensured through the validation of computerized systems (CSV) according to predefined industry standards (e.g. GAMP 5, FDA Guidelines, PICs). The term CSV covers various issues of validation and qualification of computer systems, from the software application to the IT infrastructure to the system control and auditing.
Since 1996, DHC has been involved in the validation of various, but especially complex computer systems, such as ERP systems, document management systems, Clinical Trial Software, LIMS, etc.
Our validation approach is methodical, process-oriented and risk-based. Here we focus on the Lifecycle Model (V-Model) for the latest version of GAMP, the ISO standards (such as ISO 13485) as well as the regulatory requirements of 21 CFR (Part 11, 820…) and the European authorities. However, even agile development methods (e.g. SCRUM) can be covered by our validation methodology.
As part of the validation, we simultaneously define the operational IT service processes necessary to achieve a valid state. We also consider the integration into an existing quality management system.
With our Simple Validation Services, DHC provides you with a proven process and risk-based approach based on a constantly updated unique methodology for the pharmaceutical industry and medical devices (“Validation Concept”). Our approach is clearly scalable and thus easily adapted to the respective industry and company requirements.
When implementing the project (“Project Execution”), our experienced consultants work according to the lifecycle model (V-model).
At the beginning of every successful validation is the detailed planning: In the design phase, the technical specifications are drawn up and risk analyses are carried out. In the design review, you determine whether all user requirements have been implemented in the specifications and whether all points were evaluated for GMP risk. After the implementation the test phase begins, followed by the verification and the release if applicable. When the required documentation has been verified, the validation is complete.
Based on our many years of validation and industry experience, we have developed best practices for you, such as SOPs, templates, SAP Business Processes and SAP URS. This gives you a fast and structured project schedule and provides the desired cost effectiveness.
Support tools, such as SAP Solution Manager, provide computerized documentation, change and test management. With the process management tool DHC Vision, we offer a solution for process-oriented validation based on the DHC reference processes.
DHC – Your partner for Software Validation / Computer System Validation (CSV) in the GxP Environment
We can advise you – whether in the field of GMP (Good Manufacturing Practice), GLP (Good Laboratory Practice), GCP (Good Clinical Practice) or in the manufacture of medical devices – and professionally implement the national and international requirements for validation.
- Our special knowledge of validation and IT compliance is complemented by our industry experience and our expertise in process and project management.
DHC can support you in the following areas, specifically: - Coaching, planning and implementation of prospective and retrospective validation projects, including planning and the execution of test management
- Creating a validation strategy, the validation plan, the required life cycle documents and the validation report
- SAP ERP Central Component (ECC) validation and SAP S/4 HANA validation
- Validation of IT systems and review of IT systems for GMP, GLP and GCP Compliance (IT compliance)
- Qualification of IT infrastructure and IT services
- Validation of cloud computing systems
- Agile methods / Scrum
- Risk management and checklist-based risk analysis (e.g. according to ICH Q9)
- Preparation for inspections, conducting internal and external audits (Audit Management)
- Trainings and GxP Training Management, implementation of validation workshops and development of company-wide policies for computer validation incl. the associated operating procedures (SOPs)
- Development of quality management systems
- Assessments, gap analyses, action plan, 21 CFR 11 Analysis
- ISPE GAMP 5 Life Cycle & Methodology (from the validation plan to change management)
- Implementation of requirements management and moderation of workshops
- Support and implementation of change management & deviation, incident and CAPA management
- Review of validation documents (project audit)
- Bridging resource bottlenecks on individual validation tasks
Validation of various complex computerized systems
DHC has many years of experience in the validation of various complex computerized systems.
These include the following systems:
- ERP Systems
- SAP incl. SAP Solution Manager
- Oracle Applications
- Microsoft Dynamics AX/NAV
- proprietary ERP systems
- Document management systems
- EMC Documentum incl. special interface with QUMAS, DocCompliance, First Doc, McLaren, C6
- Saperion
- ELO
- DHC VISION
- Laboratory Information Management Systems (LIMS)
- Labware
- SampleManager
- SAP QM
- KinLIMS
- IT systems in a clinical setting
- Clinical Trial Management Systems
- IT Service Management Systems
- SAP Solution Manager
- HPQuality Center
- BMC Remedy Action Request System
- Frontrange ITSM
- Pharmacovigilance
- ARISg
- PV Works
- Adam&Eve
- In-house developments
- Facility Management Systems
Consulting and Review of IT-Systems for GMP, GLP und GCP Compliance
Companies need to meet diverse requirements these days. In addition to the customer’s requirements, above all there are laws, standards and guidelines, compliance with which can be closely monitored and access to some markets is only possible with total conformity to these requirements. All activities involved in the implementation and compliance with regulatory requirements are summarized today in the term “Compliance”. In software, we speak of “IT Compliance,” and Computer System Validation (CSV) is an essential part of it.
Safely avoid Audit Findings and Warning Letters DHC can support you in the implementation of regulatory requirements for computer system validation, thus ensuring the required IT Compliance. This way, you are safe from the negative consequences of a flawed validation, because if you do neglect something, you are in danger of receiving a problem report (Form 483) or a warning (warning letter) from the FDA, if the company operates in the US market. Corrective action must then be taken immediately within a fixed framework. Otherwise all production processes might grind to a halt.
Don’t let it get to that point; rely on our experience and best practices, with which we have been consulting pharmaceutical companies and medical experts for almost 20 years.
We provide:
- GMP, GLP and GCP compliant IT systems and processes
- FDA and EMA compliant work (21 CFR Part 11, Annex 11, GAMP 5)
- Less time and cost for validation
- Increased security in internal and external audits
- Implementation of the risk-based approach based on our validation strategy and best practices
Pharmaceutically and medically relevant legal requirements and standards
Validation is required by various national and international legal requirements and standards. These include EU directives and national drug laws as well as the quality management standard DIN EN ISO 13485 and the requirements of the US Food and Drug Administration (FDA). For pharmaceutical companies, the regulations 21 CFR and EU GMP are also relevant for the validation of computer systems. In most cases, the validation itself takes place in accordance with the industry standard GAMP 5.
EU
- GAMP 5
- Annex 11 to the EU GMP Guideline
- EU-GMP Guideline Chapter 4: Documentation
- Requirements for the storage of electronic data
- Requirements for electronic signatures and signals
USA
- 21 CFR Part 11
- General Principles of Software Validation
- Guidance for the Content of Premarket Submissions for Software Contained in Medical Devices
- Electronic Source Data in Clinical Investigations
- Guidance for Industry Computerized Systems Used in Clinical Investigations
Other
- PIC/S: Good Practices for Computerized Systems in regulated “GxP” Environments
- Methods and tools
- GxP, ISO 13485,
- SOX, SOX EU,
- ISO 9001: 2000, EFQM
- PDCA Deming Cycle, QFD
- FMEA, HACCP, ISO 14791
- ISO 17779, GSHB, ISO 27001
- COBIT, ITIL®