Data-Handling Software for a GLP Environment: Development and Validation Requirements -

Data-Handling Software for a GLP Environment: Development and Validation Requirements

Dec 1, 2006
By: N. Matthijs, B. Dejaegher, Y. Vander Heyden
LCGC Europe
Volume 19, Issue 12

As the use of digital computers escalated over the past forty years the financial costs of software failure increased correspondingly, and the importance of software testing grew.

Software development and validation are simultaneous processes. The processes of software testing start at the birth of the product and go on during the whole of its construction. Verification and validation are difficult because a developer cannot test the software forever and it is hard to estimate how much evidence is sufficient.

When applied to a computer system, validation, as defined by the FDA, can be interpreted as documented evidence, which provides a high degree of assurance that a computer system performs its intended functions accurately and reliably.¹

The standard definition of verification is based on the question "are we building the product right?" (i.e., assuring that the software is developed correctly). The software should perform to predefined specifications and an analysis is done to ensure that all required specifications are met. Validation is the process of finding out "whether the product being built is right" (i.e., it should do what the user expects it to do, meaning it should satisfy all functional requirements set by the user). Validation is done during and at the end of the software development process.

The validation of software to be used in a GLP environment is described in this article. The software for robustness testing (SRT) has been designed to simplify the process of setting up and interpreting robustness tests and to generate reports with the outcome from those tests.²

Figure 1.

SRT is the software implementation in Microsoft Excel XP of guidelines described in reference 2. Figure 1 shows the steps of a robustness test. Sections (1) and (3) are included in the software, which is written using visual basic for application (VBA) under Microsoft Office 2002 and requires an IBM-compatible PC (Pentium Processor, 32 MB RAM) with Excel 2002 (XP version) or a higher version installed.

Compliance of the software with computer systems validation requirements and integrated 21 CFR Part 11 requirements will be discussed.³ The importance of integrating validation into the system lifecycle using a structured approach called the life cycle of computer validation is emphasized.

Software Validation

Computer systems validation (CSV) — life cycle model: Software quality is achieved through the application of validation procedures throughout the whole development process. The FDA's guideline on validation states that development of validation documents is essential.¹ The documentation is needed to prove that the system works as intended, that it is reproducible and that it meets the established specifications and qualifications.

Figure 2.

The methodology followed is provided in the general computerized systems validation (CSV) model, presenting the different tasks and documentation necessary to support the validation and development of software (Figure 2).⁴ This is a V-shaped model, also called V-model. The model shows that programming is not the first step and is only started after careful planning and documentation.

The software validation process then goes through different phases, which are called installation qualification (IQ), operational qualification (OQ) and performance qualification (PQ).

The V-model methodology is initiated with a validation protocol describing the procedures to be followed within the creation and validation of the system. This document also provides a high level description of the overall philosophy, intention and approach. The user requirements specifications (URS) document, created in a second step, represents the user's needs and the intended uses of the product.

12 3 4 5