1 product worth 45.55 in your cart
go to the checkout

0
shares

When we talk about validation and the requirement to validate even the simplest of software solutions, there is nearly always a negative, resistant atmosphere created straight away. Furthermore, even though the art of validation has evolved as have rules, regulations, best practices and various methodologies. Validation is a lifecycle which is living and breathing, it has matured with age and doesn’t have to be cumbersome anymore.

Whether you’re validating some simple equipment as part of a process or validating a large computerised system supporting 20,000 global users, a robust tried and tested method will serve you equally as well. The industry has moved into taking a risk based approach to validation and this makes perfect sense; adopt a proficient risk management methodology, identify your risks what can’t be easily and safely mitigated can built into the systems requirements and you’re more or less good to go.

Myth Based Approach to Validation

For years a lot of pharma businesses have taken the approach that in order to satisfy regulatory expectations that everything should be validated all of the time, this is simply not the case; in most instances validating everything, everytime is just a waste of time, money, human resources and the various rain forests of the world.

I don’t know whether this has yielded as a result of validation or quality personnel being afraid they’ll be blamed if something were to go wrong, or whether the governing corporate policies and procedures, especially of the largest pharma companies have interpreted the predicate rules in an ‘overkill’ fashion to cover their own backs in the long run. Either way, it doesn’t matter – as long as the risk assessment or assessments are facilitated properly and the right mix of stakeholders and subject matter experts (SMEs) attend then there should be no issue.

Use a Proven Methodology

There are numerous approaches to risk management and I think that the ASTM Standard “E2476 – Standard Guide for Risk Assessment and Risk Control as it Impacts the Design, Development, and Operation of PAT Processes for Pharmaceutical Manufacture” is a very good document and will provide anyone new to risk management with a lot of valuable information, not least about the process of risk management but there is also a lot of very critical references within this standard that are also invaluable. This information in this standard will be beneficial to anyone, regardless of their experience in the field of risk management.

One of the most important aspects of risk management is to get the right mix of SMEs, for example if a project was raised to install, say 5 additional controllers to a SCADA system to reduce the risk of the existing controllers being at the maximum level of usage most of the time, a good risk assessment would provide the basis for determination of the level of validation required. Firstly you’d probably already have a validation framework and documentation repositories that would cater for the change, but who would you invite to the meeting?

Skill Sections VS Actual Skills

An automation resource would be a good starting point, but after review – you’d need both a software and hardware engineer, why? Because these two people see the change as two different things, the software guy is concerned with programming of the hardware; the hardware guy is concerned about the capability of the hardware and the operating environment. From a software point of view, the controller can be managed from the data centre or via remote desktop through the associated software application, but this wouldn’t be accessible without the hardware having firstly been basically configured and installed. In addition, without an IT SME we wouldn’t know truly whether the network can facilitate the change; we’d need an operations SME to help co-ordinate any potential downtime that this new installation might take and we’d need quality and validation staff to prepare and approve documentation.

The bottom line is to remember that people see things from different angles – and quite rightly so! The more time spent up front on the risk assessment means that the validation effort is reduced and usually more robust to go with it. Try and get the relevant stakeholders on board and get them to agree to supply you with your SMEs, if this is a problem for whatever reason, such as people are on different shifts or busy in other areas when you need them then consider holding multiple risk assessment meetings so that all stakeholders and SMEs are involved formally and everything has been covered. A few risk assessments of between 1 and 2 hours each is nothing in terms of time being well spent, without these the validation effort could be exponentially greater not to mention the risk of risk.

A Pointer in the Right Direction

If you’re unsure where to start, ITIL and PRINCE2 have risk management methodologies. ICH Q9 is a Guideline for Quality Risk Management and there are many risk management sources and concepts listed in the E2476 standard (as mentioned above), GAMP also has a section on risk management. If your company already has procedures in place and you think they’re cumbersome, overkill or both – trying reading up of the sources of the methodologies outlined. You may well be surprised and find that they do actually facilitate a lean, risk based approach to risk management if you understand the overall subject matter better.

0
shares

  • DURGA PRASAD

    Great article.
    I think you must take some risk assessment points from ISO 14729 document too.
    I thank you for sharing such a good article.
    Regards

  • DURGA PRASAD

    Great article.
    I think you must take some risk assessment points from ISO 14729 document too.
    I thank you for sharing such a good article.
    Regards

  • George

    Good article. The knee jerk reaction that you must validate everything diminishes the effectiveness of the process and reduces the credibility of those involved. Getting the right people involved up front is the key. Thank you.

  • George

    Good article. The knee jerk reaction that you must validate everything diminishes the effectiveness of the process and reduces the credibility of those involved. Getting the right people involved up front is the key. Thank you.

  • siddhipharma

    Nice Article.
    It increase value reading if article contain link of “E2476 – Standard Guide for Risk Assessment and Risk Control ” too.
    Especially section “Skill Sections VS Actual Skills: was really very good.

    Regards’
    Ash!sh
    Director- Siddhi Pharma
    URl : www. siddhipharma.blogspot.com
    mail : siddhi.pharma@yahoo.com

  • siddhipharma

    Nice Article.
    It increase value reading if article contain link of “E2476 – Standard Guide for Risk Assessment and Risk Control ” too.
    Especially section “Skill Sections VS Actual Skills: was really very good.

    Regards’
    Ash!sh
    Director- Siddhi Pharma
    URl : www. siddhipharma.blogspot.com
    mail : siddhi.pharma@yahoo.com

Similar articles:

0
shares

Not all suppliers are the same, for example when you buy a car or a house, time and effort is dedicated into finding the best provider with the best product in terms of quality and reliability.

Choosing a Vendor

The same methodology needs to be dedicated when choosing a vendor for your business. Not only will you be purchasing their products or services, but you will also be dealing with them on a regular basis hence your personal relationship most also be strong.

Regulated Environment

When working in a regulated environment one of the key questions that needs to be considered is will the product of service affect your product quality. If the answer is yes then it is paramount that you can trust your supplier/vendor and the quality of their product or service

Supplier Qualification Online Course

This module is taken from our course on Supplier Qualification.

 

About Us

Learnaboutgmp is a cloud based learning management system (LMS) designed specifically for life science and regulatory organizations. Our LMS contains the courses you need to help you achieve regulatory compliance. With new courses published every month and existing courses updated in line with regulatory changes we are your true continuous learning platform.

0
shares

Similar articles:

0
shares

Choosing the correct software for your organisation is a tricky task and even more so when you are working in a regulated environment.

It’s one thing finding a great software package but if the vendor does not take their quality system seriously this could have a dramatic effect on the evolution and robustness of the solution.

They need to take their quality efforts as seriously as you take yours otherwise product quality and patient safety could be compromised.

An overall quality audit should be performed on each vendor before a decision is made, below are a list of questions that you could ask each vendor specifically on their quality system.

If the software vendor does not take their Quality System seriously you need to walk away.

Quality System Questionnaire

  1. Does the company have an established and Documented Quality System?
  2. Does the Quality System adequately reflect the client’s quality engineering policies?
  3. Is the responsibility for Quality defined (SOP)? What are their qualifications?
  4. Is Quality System documentation adequately controlled in terms of review, approvals and distribution
  5. Is the QS documentation regularly updated and otherwise maintained appropriately? (frequency)
  6. Are there procedures for reviewing the performance of the QS e.g. Internal Audit, Management Review?
  7. Are there training procedures and Job specifications? Are these adequate for the Maintenance of the QS
  8. Is there a Quality Plan for the Design, Development and Implementation of the products?
  9. Do the company use Sub Contractor’s?
  10. Do the company have control over any Sub Contractor’s QS? e.g. Vendor Assessment, Specification, Documentation review and approval?
  11. Do the company have access to relevant Sub-contractor Quality documentation?
  12. Is Sub Contractor’s Quality System compatible with the previous questions of this section?
  13. Have the Sub Contractors been audited? Review the report?
  14. Has accreditation/registration been achieved for: BS 5750 Pt. 1 or 2, TickIT, ISO 9000, Other (name
  15. Does the company operate to GAMP for computer systems?
  16. Are there SOPs for QC? Is there a release procedure?
  17. Is there an out-of-specification procedure?

Choosing the correct software application for your organization is a very tricky task and one that takes alot of upfront planning in order to make the correct choice.

The task has even got more difficult with the emergence of cloud based technology and how that impacts the overall validation process.

Remember to outline your requirements clearly and get buy-in from the other business owners.

0
shares

TOP

Similar articles: