660 likes | 680 Views
Learn about the process of computer system validation, including planning, requirements analysis, design, implementation, testing, acceptance, and ongoing maintenance. Understand the scope and effort required for validation activities and the importance of documentation control.
E N D
Riunione Gruppo GCP Qual è il Processo della Computer System Validation? Dr. D. Marcozzi Head of Clinical and CSV QA dept. of SIGMA-TAU Milano, 31 marzo, 2005 Q
CONVALIDA • FORNITORI • Analisi e Gestione del RISCHIO • Nuova visione delle CONVALIDE Parleremo di: Q
Si si …un bel vestito…. Cos’è la CONVALIDA? Q
Cos’è la CONVALIDA? Mi dicono che avrei fatto una CONVALIDA?? Q
Cos’è la CONVALIDA? O meglio…………. Q
Personnel Software Hardware Instrument Documentation Documentation Control System Procedures Infrastructure Operating Environment Primo: cos’è un Computerized System? Q
Validation is…. “Establishing documented evidence which provides a high degree of assurance that a specific process will consistently produce a product meeting its pre-determined specifications and quality attributes” Q
Current Validation is the entire procedure of gathering documented evidence that a computer-related process or a system performs according to its intended function reliably and consistently throughout its life. Q
Le parole “CHIAVE” • Documented • Process/system • Pre-Determined • Quality Attributes • Entire Procedure • Reliably and consistently • Life Q
Validation is a PROCESS, not an event Validation activities span the entire System Life Cycle: • Planning • Requirements Analysis • Design • Implementation • Testing • Acceptance • On going • Retirement The life cycle concept of Computer Validation Q
Planning and ImplementationA Life cycle approach Requirements Maintenance System Selection Operation Specify & Design Documentation User Qualification Build Supplier Testing Q
Planning and ImplementationA Life cycle approach URS PQ FS OQ DS IQ System Build Q
Planning and ImplementationA Life cycle approach Planning Validation Plan Specifications URS, FS, DS (required) Test Planning (IQ,OQ,PQ) Doc. come testare il sistema Testing Test e risultati Review Validation Report Q
Validation activity and “life cycle” PROJECT ACTIVITY USER REQUIREMENTS FUNCTIONAL SPEC. HW E SW DES. SPEC. SW MODULE DES. SPEC. MECH. & ELECTRIC SPEC. HW MANUF. & ASSEMBLY CODE SW MODULES EQUIP. MANUF. & ASSEMBLY HW TESTING SW MOD.& INTEGR. TESTING EQUIP TESTING HW, SW, EQUIP. INSTALL. HW ACCEPTANCE TESTING SYSTEM ACCEPTANCE TEST. MAINTENANCE CHANGE CONTROL LIFE CYCLE PHASE PLANNING & SPECIFICATION DESIGN CONSTRUCTION TESTING INSTALLATION ACCEPTANCE TESTING OPERATION VALIDATION ACTIVITY VALIDATION PLAN SUPPLIER AUDITS SPEC. REVIEW DESIGN REVIEW COSTRUCTION & CODE REVIEW MONITOR SUPPLIER IQ OQ PQ VALIDATION REPORT ONGOING OPERATION Q
Validation Scope and Effort Validation Scope and Effort should be commensurate with impact and value of data, process, results. . . size and complexity of the system and how critical it is in your routine and non-routine operations Q
Tanto più un sistema è critico e complesso tanto maggiore sarà lo “sforzo” di convalida…quindi… Q
Sistemi Be-spoke Sistemi Customizzati Sistemi Standard Q
Basic Approach to Validation • Validation is a process, not an event • Planning activity should be performed as a Team • Keep the validation process under control Q
Le finalità….da GCP Qualora si avvalga di sistemi elettronici di elaborazione dei dati e/o sistemi di inserimento a distanza per la gestione dei dati relativi alla sperimentazione, lo Sponsor…. Garantire e documentare che il sistema elettronico per l’elaborazione dei dati sia conforme ai requisiti di completezza, precisione, affidabilità stabiliti dallo Sponsor e che questi siano conformi alle caratteristiche prefissate (cioè Validazione) Q
Le finalità • Validating Data • Validating the System handling the Data Q
Nel 1999… l’FDA Pubblica una nuova Guidance for Industry “Computerized System Used in Clinical Trials” Per essere accettabili, i dati debbono soddisfare certi elementi fondamentali di qualità se raccolti e registrati elettronicamente o su carta I dati debbono essere: ttribuibili (Source & Recorder are Known) eggibili (Human readable) ontemporanei (Recorded when observed) riginali (Honest data/not fraud) ccurati (Correct, repeatable results) A L C O A Q
ALCOA Q
Ed ora… gli attori… FORNITORE CLIENTE Q
CLIENTE FORNITORE Q
CLIENTE IT USER QA Q
FORNITORE COMMERCIALE e…… Q
According to specific rules or guidelines defined for each environment QA Q
Il peso del QA…. IT QA Q
Il peso del QA…. Requisiti Regolatori Requisiti di Processo Requisiti Tecnici QA IT Pianificazione e Testing Qualifica dei fornitori Qualità della documentazione Q
Valutazione Fornitori Il QA… ovunque nella CSV Risk Assessment Definizione Requisiti Utente Definizione delle politiche di convalida Piani e test di convalida Revisione ed Approvazione dei documenti di convalida Q
Il QA… ovunque nella CSV Approvazione dei cambiamenti Revisione ed Approvazione delle SOPs di convalida e CSV generali Audit periodici Punto di riferimento normative CSV Q
Training • Vendor Evaluation • Gestione Documentazione di Convalida • Change Control • Configuration Management • Problem Reporting • Security • Back-up • Restore • Archiving Clinical Data • Maintenance • Disaster Recovery/Business Continuity • Periodic Review E le SOPs? QA Q
FORNITORE COMMERCIALE e…… Q
Planning and ImplementationA Life cycle approach URS PQ FS OQ DS IQ System Build Q
Evaluation should preferably be derived from a reliable audit of the software developer (supplier), performed by the end user’s organization or a trusted and competent third part. Q
Da GMP….. ...Validation should be considered aspart of the complete lifecycle of a computer system. This cycle includes the stages of planning, specification, programming, testing, commissioning, documentation, operation, monitoring and modifying… (by supplier!). The software is a critical component of a computerized system. The user of such software shouldtake all reasonable steps to ensure that it has been produced in accordance with a System of QualityAssurance. Q
GAMP Client responsibility Supplier responsibility Audit Report Planning Validation Plans Test Plan Validation Master Plan Design Spec. Functional Spec. Specifications User Requirement Specifications Quality and Project Plan SOPs Testing Protocolli DQ, IQ, OQ, PQ Factory/Site Acceptance Test Master Index Validation Summary Validation Report. Report IQR, OQR, PQR On-Going SOPs User Manuals CS Validation Documents Q
Why do we have to audit the Suppliers? • The primary purpose of an audit is to assess the controls, procedures, and practices which are in place for the development and maintenance of a product • Is a form of review that provides confidence concerning the validity and accuracy of a product or processnow and in the future • Audits should be viewed as a learningexperience and should be conducted as a cooperativeeffort Q
SW Supplier Evaluation Intent “To ensure that the supplier produces a quality product, and to obtain information to plan computer validation activities” “Tools” Collection of available information Request for Information (questionnaire) Audit Follow up Q
RISKS Supplier Evaluation Tools EVALUATION THROUGH REFERENCES EVALUATION THROUGH EXPERIENCES REQUEST FOR INFORMATION 3RD PARTY AUDIT SPECIFIC FIRM AUDIT COSTS Q
Supplier Qualification model Site Audit Telephone Audit SYSTEM RISK CATEGORY EVALUATION COST Request for Information (RFI) Information from other companies or from market Q
Check…Independence of SW Validation Validation activities should be conducted using the basic quality assurance precept of “independence of review”. Self-validation is extremely difficult; an independentreview is always better. Q
Check…Independence of SW Validation Computer system validation should be performed by personsotherthanthoseresponsibleforbuilding the system. Q
Validation: Client Responsibility ! Manufacturer has flexibility in choosing how to apply the validation principles, but retainsultimate responsibilityfor demonstrating that the software has been validated. PLANNING Normative Guidelines Q
Client Responsibility ! Client with regulatory responsibility needs to assess the adequacy of the software developer’s activities and determine what additional efforts are needed to establish that the software is validated. Q
Supplier selection (and supplier) is important ...but Validation Responsibility is always on the Client’s side Q
Validated Packages don’t exist!! Suppliermayprovide a “ValidationPackage”, showing that the standardversion of the product has been validated “in Factory” Client has to perform an “on-Site” Validation Q