Dear Forum,

My company utilizes a software suite for tracking bugs, managing customer complaints and corrective/preventive action. The software is configurable, i.e. it allows the user to define workflows, reports, etc.

As this software is holding records related to the QA-System, I believe we need to validate it.

In my view, such a validation would be to look at the relevant procedures the Software should implement, and validate that these procedures have in fact been implemented correctly.

However, these procedures have now been changed to include the actual use of the software.(i.e. CAPA is registered so and so in this particular software suite etcetc)

My question is: is there any problem in incorporating the use of a specific software in a SOP, or should the SOPs be independent of the tools you use to perform them.

Any views would be appreciated

regards
d.

However, e.g. our SOP for corrective / preventive action states that

Hello there!

I sensed your post went down two paths-one is the validation of the software, and the other was the procedure for the software.

To your procedure question, I would think the procedure should most definitely address the specific software used. You would need to address how it is used, who has access, how to get access, entries, electronic records, retention, etc.

Now that is the procedure for the software system. I would not think you would need to address the software system specifically in every procedure. I might pick one consistent statement to use in all the procedures, and point to the one procedure covering it in more detail.

Is that anywhere near your request?

temujin,

Just to add on to Brad's good response,

The very word SOP means "Standard Operating Procedure" which means that the procedures should provide detailed steps / instructions required by you to operate the software.

Yes, this software should definitely be validated and this validation shall be contained seperately as Validation Protocol and report.

All the software related procedures regarding backups, other maintenance, upgrades etc can be in a seperate SOP and not in the SOPs meant for the users as those terms are "high level" and could confuse the system users.

Hope I have clarified. :D

Thanks to both...

We have one high level SOP for CAPA, which in turn is being referred to in the SOPs for "normal" users.

Finally, if I leave the high level SOP as it is (incorporating the software), against what should I validate the software. Directly against the requirements in QSR?

regards
t.

Dear Forum,

My company utilizes a software suite for tracking bugs, managing customer complaints and corrective/preventive action. The software is configurable, i.e. it allows the user to define workflows, reports, etc.

As this software is holding records related to the QA-System, I believe we need to validate it.
IF you print out the records as part of the normal use of the system there is no need to validate it.

In my view, such a validation would be to look at the relevant procedures the Software should implement, and validate that these procedures have in fact been implemented correctly.

If you decide that you need to validate the software then - IMO -you should start by making your User Requirements Specification. Follow up by making a validation plan, then IQ and OQ. Since it is configurable I believe that you need to perform a PQ where you test your specific configuration. Finish with a validation report summarizing all the testing being done. You can benefit from a matrix showing where your requirements are being tested. Keep in mind that you have to show Part 11 compliance if you are subject to FDA requirements.