1 product worth 45.55 in your cart
go to the checkout


The validation plan is a strategic document that should state what is to be done, the scope of the approach, the schedule of validation activities and tasks to be performed.

The plan should also state who is responsible for performing every validation activity. Once reviewed the validation plan should then be signed off by the associated project team members.

The Validation Project Plan (VPP)

Validation plans are documents that express the philosophy of the company and how they intend to establish a working model for the project at hand. Validation plans state who is responsible for performing development and validation activities, who identifies which systems need to be validated and who identifies the nature and extent of the inspection and testing expecting for each system and who outlines the framework to be followed to accomplish the validation.

In general the project validation plan describes the organization, activities, and tasks involved in the development of a computerized system including:

  • Organizational structure of the computerized project
  • The departments or individuals responsible
  • Resource availability
  • Risk management
  • Time restrictions
  • The SLC and methodology that needs to be followed
  • Deliverable items
  • Overall acceptance criteria
  • Development schedule and timeline
  • System release sign-off process
  • Sample formats for key documentation

Verification of Documents

During the execution of a project, verification will check the reliability of the work as established by the project plan so that when the due dates for completion or handover arrive a high degree of certainty exists that the system is fully validated.

When multiple departments are involved in a project, the system owner will take responsibility for the validation documentation. Other department will provide documentation and personnel to support the development, validation and maintenance effort.

Predicated Regulations

Validation plans are not required by any of the predicated regulations but are considered a key project management practice. Validation plans are an essential documents for the overall management of projects, and are crucial for the success of the project.


Typically, managers their peers, end-users, and those responsible for delivering the system, approve validation plans. Quality assurance may also sign the document. The validation project plan and the requirements specification deliverable, together define the technical and regulatory requirements applicable for a project.

When to Start the MVP

Project validation plans should typically start during the early stages of the project, its usually the first document that will get attention. Initial project concepts and planning estimates should be elements in the creation of a project validation plan.

The initial project verification activities will assess the project teams capability to produce a validated system and provide input for defining the level of testing effort expected. Project verification will identify any critical deviations to the expected project timing and quality levels, as well as other issues affecting the timely approval of the validation report.

Approved Version

An approved version of the validation plan should be available when a computer technology supplier or contract developer is being selected, and should be updated whenever project events or verification results require a change.

Documents that support the update of the validation plans are:

  • System requirements
  • Criticality and complexity analysis
  • Project verification results
  • Other system descriptions

Validation Plan Format

The format of a validation project plan is flexible and may incorporate Gnatt charts. The contents of the validation plan may include, but are not limited to the following list:

Document Control Section

  • System/Installation name
  • Author(s)
  • Creation, save and print date
  • Version number
  • Document identification
  • Reviewer and review date
  • External document references
  • Table of contents
  • Intended audience
  • Scope
  • Objective
  • System description
  • Validation acceptance criteria
  • Verification activities and deliverables

Qualification Activities and Deliverables

  • Qualification planning
  • Project verification
  • Installation qualification
  • Operational qualification
  • Performance qualification
  • Process validation (if applicable)

Roles and Responsibilities

  • Application owner
  • Project management
  • QA
  • Validation team
  • Computer technology supplier or contract developer

Project Schedule

  • Project activities
  • Project documentation and delivery

Plans and Protocols, How Many?

When developing the validation plan, a decision has to be made about the manner in which the documents will be organized.

Small System

For small systems, it is possible to integrate the validation plan and all protocols into one document, and have one report to summarize all results.

Large System

For large system with many components, a validation project plan can be created that divides the validation effort into smaller, more manageable units with separate plans.

Multiple versions of the plan and protocols could be needed, with intern or partial reports.
The review and approval of the plan by QA is optional, but will provide an endorsement that the plan conforms to the current written procedures on computer systems validation, and that the document incorporates applicable regulatory requirments.

Validation Schedule

Validation plans and associated schedules are live documents that should be reviewed periodically. It’s a good idea to designate the system owner to ensure that the plan is always current.

As part of the conceptualization period, senior managers are presented with , and estimate the total effort to be expended (including maintenance for the project). Maintenance of existing software can account for over 70% of all effort expended by a software organization and this cost will be passed on to the customer.

As part of the schedule, it should be considered that the majority of the development of computer systems fails due to poor gathering of requirements. An investment up front can yield notable savings later.
The following list is a good example of items that need to be tracked as part of the project schedule.

  • Project kick off
  • Validation plan preparation, review and approval
  • Training of the validation team
  • Applicable SLC periods and events
  • Quality checkpoints for review
  • Project documentation due dates
  • Supplier or contractor developer audits
  • Development and approval of procedural controls
  • Specific plans and protocols for IQ/OQ/PQ
  • Development of traceability analysis and verify the traceability of design and testing elements against user requirements
  • Monitor the execution of specific protocols
  • Assemble, review and approve the results
  • Assemble, review and approve the final


  • Dr. Narayan G K A S S

    This is a new interactive format that is very ueser friendly.

  • suresh Garg

    Please send format

  • Duchnicz

    please, send me an example on electronic VMP. Do you have any other softwares for other validation documents ?

  • Navdeep Singh

    this is really an elaborated and useful information

  • Mohan Dass

    give me an example of a good validation report

  • Ranjit Barshikar

    This is excellent. It will help to all concerned in a big way if implemented.

  • mattossa

    An article of high value; thanks for your contribution.

  • Gilbert249

    Kindly share the format with me. Thanks a lot!!

  • Mohamed Orouk

    please, send me an example on electronic VMP. Do you have any other softwares for other validation documents ?

  • http://www.resmed.com Pete Thakor

    Please send me the copy of VMP. It will be very helpful. Thanks.

Similar articles:


Training of personnel on deviation reporting and deviation handling is essential to a successful implementation of deviation management. All personnel must have a clear understanding of the deviation concept on all level of operation.

From a cleaning employee to a top level manager, everyone in the organization must apply deviation management procedure or instructions.

In order to do that, it must be mandated that all employee will attend at least once per year training on how to identify and report deviations.


The Three Levels

It is important to keep record of all the training’s performed in order to demonstrate to auditors that all personnel in the organization are competent and can report, handle, and/or manage deviations in a swift and accurate manner.

There are three levels of training on deviation management:

  1. Level 1: Identifying deviations and reporting them
  2. Level 2: Deviation Handling and Investigating
  3. Level 3: Deviation’s Corrective and Preventive Action

Level 1: Identifying Deviations and Reporting Them

  • This level of training should be mandated for all employees.
  • In this level, the trainee must learn how to notice and identify a course of actions or results which might indicate that something deviated from the standard and approved procedures in the quality management system.
  • This particular skill is crucial to the deviation reporting.
  • The trainer must spend considerable time developing attention to details in trainees. This particular competency forms the basis on which the trainer will build the trainees knowledge of deviation management.
  • The second obstacle to overcome is to make the employees understand that deviation reporting isn’t the equivalent of mistakes reporting.
  • In my experience, at first, many employees will see deviations as a way for the top management to record their mistakes for performance evaluation and bonus estimation.
  • The trainer must explain that it is the opposite of that concept, deviation reporting is your chance to express your interest in preserving the quality of the product or the service you provide in your organization.
  • It asserts your loyalty to the a quality based product and/or service and your devotion to the company’s standards.
  • Level 2: Deviation Handling and Investigating

    • This level of training is exclusive for management staff, including both lower and upper management.
    • In this level of training, the trainer must focus on investigational techniques and root cause analysis.
    • The basis of the training is risk analysis. The trainer must be an expert in risk identification, assessment, evaluation, reduction, and communication.
    • Other essential techniques include listening skills, communication, team work, and meeting management. These skills must be honed by the trainees during the training and during normal working hours.
    • The trainer must emphasis that this level of training is a mere introduction into deviation handling and that practice makes perfect. The reason is no one can develop all the skills necessary for investigating and solving complex deviations in one training module. The experience of the person practicing those tasks is the ammunition that would help him or her succeed at his or her job.

    Level 3: Deviation’s Corrective and Preventive Action

    • This level of training is exclusive to quality assurance personnel and upper management (including other department’s managers).
    • The aim of this training is to develop the ability of trainees to find the most efficient and effective actions to correct and prevent the deviation from reoccurring.
    • As we mentioned in 3.1.8. there are several points to consider when taking corrective and preventive actions. These points must be included in the training.
    • The trainer can be someone with experience with the applied procedure for corrective and preventive action in the organization and it would be better if he or she is experienced in risk management as mentioned in level 2 training.
    • If the training is being conducted for the first or second time, the trainer must emphasis to upper management that the trainee will need time to develop the experience necessary for them to create systematic actions with little to no side effects.
    • This training must conclude that the personnel required to decide the corrective and preventive actions must convene periodically in order to discuss the effectiveness of their actions and see what they can improve in their decision approach.

    Optional Training Sessions

    There are several competencies which are essential to successful deviation management, time management is one, communication management is also an essential feature which is greatly needed for the continuous and effective follow-up of deviations throughout the organization.


Similar articles:


Not all suppliers are the same, for example when you buy a car or a house, time and effort is dedicated into finding the best provider with the best product in terms of quality and reliability.

Choosing a Vendor

The same methodology needs to be dedicated when choosing a vendor for your business. Not only will you be purchasing their products or services, but you will also be dealing with them on a regular basis hence your personal relationship most also be strong.

Regulated Environment

When working in a regulated environment one of the key questions that needs to be considered is will the product of service affect your product quality. If the answer is yes then it is paramount that you can trust your supplier/vendor and the quality of their product or service

Supplier Qualification Online Course

This module is taken from our course on Supplier Qualification.


About Us

Learnaboutgmp is a cloud based learning management system (LMS) designed specifically for life science and regulatory organizations. Our LMS contains the courses you need to help you achieve regulatory compliance. With new courses published every month and existing courses updated in line with regulatory changes we are your true continuous learning platform.



Similar articles: