The Cove Business Standards Discussion Forums
Software validation of Data Exporter
Please read this thread...
Software update
Software validation of Data Exporter
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Software validation of Data Exporter

Monitor the Elsmar Forum
Courtesy Quick Links


Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services


Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC



International Standards Bodies - World Wide Standards Bodies

AIAG - Automotive Industry Action Group

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Some Related Topic Tags
iso 13485:2016, software validation
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #1  
Old 15th November 2017, 02:33 PM
pmg76's Avatar
pmg76

 
 
Total Posts: 3
Question Software validation of Data Exporter

Hi All,

I'm working on performing software validation as described in ISO 13485:2016 for a "Data Exporter" that generates a Risk Summary Document.

We store our Risk Analysis in a "ticket-like" application. Every Risk Analysis is stored in a separate ticket and contains all required information and justifications.
To generate the Risk Summary Document where we also evaluate the Residual Risk, we use a "Data Exporter" software that collects part of the Risk Analysis information. The generated document is then sent for reviewing and finally approval.

My questions are:
1) Do we need to validate this software? (I assume that this is YES, however I would like to know why do I need to validate a software that generates a document that is afterwards reviewed by a real person)
2) As storing information into data system is very common nowadays, then there must be examples related to "Data Exporter" software. Do you know where can I find this kind of examples?
3) One of the biggest risks for this software is data corruption due to software bug. However this is part of the software verification process. Do we need to consider this as a risk or not?

Let me know if my explanation is not clear enough...


Last edited by pmg76; 15th November 2017 at 03:49 PM.

Sponsored Links
  Post Number #2  
Old 15th November 2017, 06:44 PM
yodon

 
 
Total Posts: 1,156
Re: Software validation of Data Exporter

You need to have a risk-based means to determine whether and to what extent you validate. Based on just what you said, I would hesitate to say that the 100% output review would be a justifiable reason to not validate. What if the software completely lost a record?

I always recommend:
* Create a Master Validation Plan (MVP) that establishes a risk-based approach to validation decisions
* Compile (and maintain) your inventory of software that you use in execution of the quality system
* Use the risk-based approach defined in your MVP to drive the decision to validate or not and to drive the rigor of validation if validation is, indeed required

Bear in mind that having a system validated is not a one-time event. If you ever make updates to the software, that can (likely) take it out of the validated state and you'd need to re-validate. Other things may also change (support software, network, underlying OS, etc.). A system needs to be established to monitor all this and determine if re-validation is required. (Again, the frequency of such reviews would be risk-driven).

I'm a little unclear what you mean in your 3rd item by "this is part of the software verification process." Can you clarify that?
Thank You to yodon for your informative Post and/or Attachment!
  Post Number #3  
Old 22nd November 2017, 09:29 AM
pmg76's Avatar
pmg76

 
 
Total Posts: 3
Re: Software validation of Data Exporter

Hi!

Sorry for the delay! and Thanks a lot for your answer!

1) The lost of records is one of the possible risks that we evaluated.
To clarify more: The "ticket-like" application can list all risks for a particular product and provides a total count. The "Data Exporter" also provides a total count. These two values must be equal and they can easily be verified by the reviewer of the document. However, the reviewer needs "Training" to check this point every time a new risk summary is released. Would this be an appropriate control measure in this case?
Another alternative would be to introduce a verification process in the Data Exporter application. For example, check the same total count in the "ticket-like" application. But then this new process would most likely introduce a new risk. Where do we stop?

2)
Quote:
Bear in mind that having a system validated is not a one-time event.
Not at all. This is the reason I want to perform automatic validation using a kind-of unit test approach.

3)
Quote:
I'm a little unclear what you mean in your 3rd item by "this is part of the software verification process." Can you clarify that?
As this is a software then it will have bugs. These bugs may introduce data corruption in the exported information (for example: one of the risks has an evaluation of "Unacceptable" but the tool export it as "Acceptable" due to a bug). I'm assuming this kind of bugs will be eliminated during the verification process (we use a "standard" software development process).
In spite of my naive assumption there is still the possibility that bugs can create data corruption, do we need to evaluate the risk that a bug in the application will corrupt the exported data?
  Post Number #4  
Old 24th November 2017, 11:59 AM
yodon

 
 
Total Posts: 1,156
Re: Software validation of Data Exporter

Quote:
In Reply to Parent Post by pmg76 View Post

Not at all. This is the reason I want to perform automatic validation using a kind-of unit test approach.
Strictly speaking, unit testing is low-level testing not generally performed in validation. Automated testing is a generally done at the system level. I may be just quibbling over terminology.

Quote:
In Reply to Parent Post by pmg76 View Post

I'm assuming this kind of bugs will be eliminated during the verification process (we use a "standard" software development process).
Bugs can't be eliminated in verification, they can only be revealed. Use of a rigorous development process only reduces the likelihood of error introduction.

Quote:
In Reply to Parent Post by pmg76 View Post

In spite of my naive assumption there is still the possibility that bugs can create data corruption, do we need to evaluate the risk that a bug in the application will corrupt the exported data?
Sure, no software is completely bug-free. Yes, you should evaluate the risk and if the consequences of failure (data corruption) are sufficiently high and the current controls cannot bring that down, you may indeed need to consider other types of controls - which could include manual, independent inspection of the output.
Thanks to yodon for your informative Post and/or Attachment!
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > > >

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
Quality System Database Validation - FDA's General Principles of Software Validation SpeedRacer24 Qualification and Validation (including 21 CFR Part 11) 20 16th June 2018 06:32 PM
Diversified Data Systems OpenMETRIC software Data Export Mike302 Calibration and Metrology Software and Hardware 1 12th May 2015 07:30 AM
Drug Product Label Printing Software Validation - PQ Validation erniel Software Quality Assurance 2 13th November 2013 06:11 AM
Software Validation vs. Validation of the Application of Computer Software somashekar ISO 13485:2016 - Medical Device Quality Management Systems 16 4th May 2011 01:12 AM
Software Validation Procedure Question - Complaint Handling Process software BMSHAHAN Software Quality Assurance 9 18th July 2008 09:19 AM



The time now is 02:50 AM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.



Misc. Internal Links


NOTE: This forum uses "Cookies"