Building Management System (BMS) is a wide range of applications which covers Heating Ventilation Air Conditioning (HVAC), Environmental monitoring, Fire Protection system, Alarms & Surveillance System, Lift Management System, Smart Building Technologies and Energy Conservations.

Why We Need to Validate a BMS?

The objective to conduct validation is to produce documents evident which ensure high level of confidence, ensuring system compliance, reduce risk of failures, and assurance that will improve operational efficiency to process. Validation is conducted to prove system functionality and consistently measure as per design specification.

Building Monitoring System (BMS) covers computerize system, network architecture, software as source code programming and instrumentations/ devices as controller (Input/output) whereas it is monitoring for GMP elements and Non-GMP elements. As parts of Code of Federal regulation, GMP elements/ critical areas are mandatory to VALIDATE. There has to be segregation physically and logically between GMP and Non-GMP elements to avoid conflict of I/O.

Regulatory Frame

EU Directive 2003/94/EC (Good Manufacturing Practice) – Article 8

“Premises and equipment to be used for manufacturing operations, which are critical to the quality of the products, shall be subjected to appropriate qualification and validation.”

Chapter 21 Part 11 Of the Code of Federal Regulation § 11.10 Controls for closed systems.

“Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records.”

Chapter 21 Part 211 of the Code of Federal Regulations § 211.68 Automatic, mechanical, and electronic equipment.

“Input to and output from the computer or related system of formulas or other records or data shall be checked for accuracy. The degree and frequency of input/output verification shall be based on the complexity and reliability of the computer or related system.”

System Evaluation

System evaluation is very crucial, evaluating the system against standards including GxP, evaluating the system against established requirements, evaluating the needs of system and environment configuration, evaluating the requirements for installation and training requirements.

Risk Assessment

Risk Management should apply throughout life cycle of computer system. Identifies the Critical Control Point to be defined, justified and documented. They key of risk assessment is in understanding of critical parameters that have high probability of affecting product attributes if deviate from ranges standard for a defined period of time.
Regulated Company must be able to justify their in-house standard, protocol, operation procedures, and records, acceptance criteria based on analysis and risk assessment into consideration.

Testing, Verification and Commissioning

Perform a commissioning procedure consisting of field I/O testing, sequential test phase test and commissioning and integrated system program commissioning for entire system.
Document all commissioning information on commissioning data sheets that shall be submitted prior to acceptance testing.

Prior to system program commissioning, verify that each control panel has been installed according to plans, specifications and approved shop drawings. Test, calibrate and bring on line each control sensor and device.

Some of Tests have to be conduct before/ during Factory Acceptance Test and or Site Acceptance Test, not limited to:

BMS Unit P&ID Verification

The objective of this verification is to ensure that all the system instrument and equipment have been properly connected, tagged, and identified, in accordance with the process and instrumentation diagram.

System Components Verification and Installation

The objective of this verification is to ensure that for each component required for the system, all of the as-found conditions comply with the specifications, and that the components required for this system are installed as specified.

Wiring and Cabling Verification

The objective of this verification is to ensure that all wiring and cabling to the system has been properly connected, tagged, identified, and is in accordance with manufacturers specifications and/or engineering drawings. During execution of this section ensure that equipment visually checked to ensure that all component and wiring securely mounted.

Input and Output Verification/ Test

The objective of this verification is to ensure that all input/output points are addressed properly and connected to the field devices as per manufacturer specifications.

System Sequence Test/ Phase Test

The objective of this system sequence test/ phase test is to ensure that all system schematic running as process flow which has been designed.

Software Functionality, Backup, Archiving, and Version Verification

The objective of this verification is to determine that the installed software is perfectly functioning as determined in this URS. Scope also includes verification of ladder logic program name, version number, archiving capability and ensuring availability of the backups.

Software Structure Verification

The objective of this verification is to verify integration of software and hardware as a complete system. Scope includes system setups (hardware and software), to align with user requirements. User would require full simulation and In Circuit Test for the BMS System.

IT Infrastructure Verification

The objective of this verification is to verify integration of software, hardware and networking as a complete system. Scope includes system setups, configuration of network, remote accessibilities and remote notification.

Validation Approach

Perform a complete set of Validation after completion of Site Acceptance Test (SAT) for the critical system which Direct Impact to the process quality.

Validation consist of Installation Qualification (P&ID check, instrument check, wiring check, safety check and instruments calibration as well), Operational Qualification consists of System Operational test verification comparing with Functional Specification of the system as define in the System Design Specification.

Document all Validations and information on Validation data sheets that shall be submitted prior to Validation testing.

Implementation of BMS

Nowadays, modern technology makes everything easily. Everything can be reach in hand. Building Management System (BMS) using Real time monitoring will be displaying process status, generate Reports (includes trends, graph), sensor calibration expiry, generate alarm & warning according pre-set value in the system and event recording.

Perform the Facility Management (Generate reports, graph and annunciate alarms) when there is a problem and to ensure that monitored data is securely stored and have not been altered for future reference (audit/ investigation).

User/ client responsibility to provide proper procedure on the Data Recovery and Software Back-up Procedure and manage the stored data location as per company policy.

Defining of BMS Alarms

Correct strategy has to carefully implement to comply with regulatory requirements for BMS system itself. During conducting Risk Assessment and measurement studies should be assess for critical elements on the software features which derive as alarms, reporting, data historical tabular in total point of view to avoid unnecessary alarms, eg. Sometime in the Operation mode, door open by operator and it will be immediately trigger an alarms due to differential pressure out of ranges. It is very difficult if we have to acknowledge alarms and answer in the event of OOS/ CAPA raise by QA.

Statistical Process Control/ Conditioning Alarms should be implement and access through Risk Management, Validated and Documented as evidence.

Review of Electronic Records and Electronic Signatures

BMS system continuously records data in real time monitoring with certain define period of data collection. When BMS system consider and define as “critical” in the GMP environment, assessment of direct impact to the system should be made. Relevant parties should be manage, control on the reviewing of the electronic records, applies signatures and by proper procedure.

Electronic records and signatures should be define clearly during generate the User Requirement Specification (URS) and it is verify during design review and testing/ validation.


  • GAMP 5: Risk Based Approach to Compliant GxP Computerized System.
  • Title 21 Code of Federal Regulation, 21 CFR Part 11: Electronic Records, Electronic Signatures.
  • ISPE Pharmaceutical Engineering Guide, Commissioning and Qualification.


  • Zoher

    I am looking for guidance on BMS Computer software Validation for the FDA Regulated Industry. Can anyone suggest how to proceed.

  • Kieron Ryan

    From experience in order to full comply with FDA requirements Honeywell have a “bolt on” to their BMS operator work station.
    Having reviewed this some time ago it appeared certified (at the time).

    I have no doubt that to acquire a full FDA certified system you will need to talk to a product manufacturer (like Honeywell) and not just a system installer.

  • Frank Cheng

    Risk Assessment for BMS is the key to validation, but you just put forward the problem and provided no clues on that. In fact, GMP and GEP issues may be combined to make a GMP and GEP compliant BMS by developing a CMP (commissioning master plan).

Similar articles:

Changes to equipment and documentation is an integral part of the whole GMP process in any regulated facility. In this article we will discuss how equipment is designed in a GMP facility and how good documentation practices are an essential part of quality assurance and GMP.

The content of this article has been taken from module 7 of our eLearning module on Good Manufacturing Practices (cGMP) within the life sciences.

You can view this module in full by viewing the video below.

cGMP eLearning Module – Compelling, Engaging and Interactive



All equipment is designed, constructed and located to suit their intended use and to facilitate easy maintenance and cleaning.

Equipment is installed in such a way as to prevent any risk of error or of contamination, and cleaned according to detailed and written procedures and stored only in a clean and dry condition.

Production equipment should be designed in such a way as not to present any hazard to the products.

The parts of the production equipment that come into contact with the product must not be reactive, additive or absorptive to such an extent that it will affect the quality of the product and thus present any hazard.

Any defective equipment should, if possible, be removed from production and quality control areas, or at least be clearly labelled as defective. When not in use, equipment should be covered to ensure it remains clean.


Balances and measuring equipment of an appropriate range and precision should be available for production and quality control operations.

All measuring devices are required to be calibrated and checked at defined intervals by appropriate methods, and adequate records of such tests should be maintained.


Fixed piping should be clearly labelled to indicate the contents and where applicable, the direction of flow.

Water pipes used in production (e.g. Purified Water, Water for Injection) are sanitised according to written procedures that detail the action limits for microbiological contamination and the measures to be taken.

Electrical circuits should be identified, and a record maintained of the load on each circuit to prevent inadvertent overload.


Good Documentation Practices are an essential part of quality assurance and GMP.

It is important for a manufacturer to get the documentation right in order to get the product right.

GMP Documentation e.g. Site Master File, Specifications, Batch Manufacturing Formulae, Batch Manufacturing Records, Processing, Labelling, Packaging, Testing Instructions, Standard Operating Procedures, Protocols, Technical Agreements, Records, Certificates of Analysis, Reports etc. should contain the following attributes of a good document:

They should be:

  • Attributable
  • Legible
  • Contemporaneous
  • Original
  • Accurate
  • Complete
  • Durable
  • Corroborated
  • Version Based
  • Accessible
  • And Authorized

Change Control

Change to GMP documentation, equipment, processes, systems, instrumentation, test methods, etc. are required to be controlled under a formal change control program.

This program must consist of Quality oversight to review the proposed changes, evaluate the potential impact of the change, determine any potential risk to product quality, and to establish the required level of supplemental validation/documentation required for the change.

In many instances, changes will also require submission to the Health Authority for approval of the change.

For example, changes impacting the submission documentation are subject to post approval change guidances according to the Health Authority regulations.

Change Control is a critical aspect of the GMP systems.

If you want to learn more about cGMP or if you want to evaluate our eLearning module for your company you can find more information here.


Similar articles:

The enduring assets of a laboratory’s work are the records that document those activities. When laboratory records are used to support a regulatory function, they are considered to be legal documents.

Laboratory Data Integrity – eLearning Course


For records to be considered reliable and trustworthy they must comply with the following criteria:

  • Legible and Understandable – they must be able to be read and understood for the lifetime of the record, without having to refer to the originator for clarification. The information may be needed in five, ten or twenty years’ time, perhaps after the originator is no longer available
  • Attributable – who made the record or created the data and when?
  • Contemporaneous – the record must be made at the time the activity was performed
  • Original – the information must not be written on a post-it, piece of scrap paper, sleeve of a lab coat etc. and then transcribed.
  • Accurate – no errors or editing without documented amendments
  • Complete – All the information and data associated with the analysis is included
  • Consistent – All elements in the sequence of analysis must be date & time stamped and must be in the expected order
  • Indelible – Records are made on to controlled documents, such as laboratory notebooks or controlled worksheets, or saved to electronic media
  • Available – over the entire lifetime of the record for review, audit and inspection

1. Legible and Understandable

A record that cannot be read or understood has no value and might as well not exist. All records should be composed so they conform to grammatical convention which should be consistent throughout.

It is best to avoid buzzwords, cliques and slang as these are prone to change with time and are often not understood outside a particular locality. It is always good practice to have any record reviewed by a second person as this can often highlight any ambiguities.

2. Attributable

The identity of the person creating a record should be documented. For paper records this is normally done by the individual signing and dating the record with their signature.

As the record you may be signing may be a legal document, you should clearly understand the implication of your signature. A signature should be individual to a specific individual and the practice of signing someone else’s name or initials is fraud, and is taken very seriously.

3. Contemporaneous

All records must be made at the time an activity takes place. Delaying writing up, for example until the end of the day, will inevitably affect the accuracy of that record as details can be forgotten or miss-remembered.

4. Original

All records must be original; information must be recorded directly onto the document. This avoids the potential of introducing errors in transcribing information between documents.

If information from an instrument is printed out, by the instrument, that printout is the original record and should be signed, dated and attached to the record.

5. Accurate

The record must reflect what actually happened. Any changes should be made without obscuring or obliterating the original information, the use of whiteout or correction fluid is prohibited.

Any changes made to a record should be signed by the person making the change and dated to show when it was made and a written explanation should also be provided. Remember, the record may be needed after you have left the company and cannot be contacted for clarification.

6. Complete

The record must contain all information associated with the analysis of the sample, including system suitability tests, injection sequences, processing methods, sample preparation procedures and results.
This must also include any reinjections or repeat analysis performed on the sample.

Remember the position of the regulatory authorities for something that needs to be done is – ‘if it isn’t documented it’s a rumour’. However, failing to disclose reanalysis or reinjection of samples will undermine confidence in the reliability of the records.

7. Consistent

Consistency in this context refers to the sequence of the component events, which the analytical method comprises, being performed in a logical order.

For example it is not possible to commence the HPLC run before the samples have been prepared, therefore the balance printout for the sample weights should be date/time stamped at least one or two hours prior to the sample injection time, to allow time to prepare the samples. Therefore all date/time stamps should be in the expected sequence.

In order to avoid confusion in this respect, it is worth ensuring all instruments that produce date/time stamped printouts are time synchronised. This is best done by reference to a standard reference time, such as a national online time server.

8. Indelible

Indelible means the record must be legible for the lifetime of the record and once it has been made it cannot be removed.

Hand written entries of information should be made in ink and not pencil which can be erased

If printouts are made on thermal paper, which darkens with time, a photocopy should be made; this should be certified as an accurate copy of the original print and attached

If print outs are attached to a page they should be

  • Secured to the page with acid free glue and industrial strength Sellotape
  • Signed and dated across the attachment and the page
  • Annotated with a reference to the document

9. Available

All records should be available for inspection, audit and review for the lifetime of the document. If a document is requested during a regulatory audit, it should be produced within thirty minutes.

Therefore, the laboratory should establish an easy to reference archive system. Records should be archived so as to preserve their integrity, such as

  • Secure facility with restricted access
  • Effective fire suppression
  • Protection from dampness or humidity
  • Controlled access to Document

Check Out Our Laboratory Data Integrity eLearning Module

If you are looking for a way to train your staff on the importance of data integrity in a regulated environment check out oureLearning Course.


Similar articles: