The Cove Business Standards Discussion Forums
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >
Forum Username

Elsmar Cove Forum Visitor Notice(s)

Wooden Line

Software Validation Guidance Suggestions

Monitor the Elsmar Forum
Courtesy Quick Links


Links Elsmar Cove visitors will find useful in the quest for knowledge and support:

Jennifer Kirley's
Conway Business Services


Howard's
International Quality Services


Marcelo Antunes'
SQR Consulting, and
Medical Devices Expert Forum


Bob Doering
Bob Doering's Blogs and,
Correct SPC - Precision Machining


Ajit Basrur
Claritas Consulting, LLC



International Standards Bodies - World Wide Standards Bodies

AIAG - Automotive Industry Action Group

ASQ - American Society for Quality

International Organization for Standardization - ISO Standards and Information

NIST's Engineering Statistics Handbook

IRCA - International Register of Certified Auditors

SAE - Society of Automotive Engineers

Quality Digest

IEST - Institute of Environmental Sciences and Technology


Some Related Topic Tags
gamp validation procedures, guidance documents, software validation
Reply
 
Thread Tools Search this Thread Rate Thread Content Display Modes
  Post Number #1  
Old 10th July 2018, 03:49 PM
Mark Meer

 
 
Total Posts: 891
Thank You! Software Validation Guidance Suggestions

I'm looking for suggestions of guidance on how best to plan, execute, and document software validation - for both OTS software we use at our facility, as well as software we develop.

Major consideration is that we are a small company with limited resources, and the requirements/intended-use of all software we use/develop have low risk profiles. For the most part it's pretty simple stuff - excel calculations (maybe some macros), OTS micro-controller flash programming, document storage/retreival...

I'm familiar with the FDA's "Principles of Software Validation" guidance (as it's free), and I've looked at some other threads, where the following suggestions come up:
- GAMP 5 Manual
- ISO/TR 80002-2:2017 (yes, we are a medical device company)

Question: Given our pretty basic needs (uncomplicated/low-risk & OTS software, limited resources), are documents such as GAMP 5 & ISO 80002-2 useful (over-and-above free guidances such as the FDA's)? If so, what do they offer? Have people found these particularly useful for their own practices? Are there any other guidances you'd recommend?

Any feedback/advice much appreciated!
MM

Sponsored Links
  Post Number #2  
Old 10th July 2018, 04:33 PM
Marcelo Antunes's Avatar
Marcelo Antunes

 
 
Total Posts: 3,364
re: Software Validation Guidance Suggestions

My opinion is that GAMP is too much for most of the medical device industry. ISO TR 80002-2 was created to specifically deal with the new "risk based" activities of ISO 13485:2016, meaning you can tailor the process depending on the risk.

There's several other guidances, general and for other industries. One example are the IEEE standards (which are usually usable together with ISO documents). I don't think they are that welcoming (most that I know are more complicated, in fact).

PS.: I was a member of the team that created ISO TR 80002-2, but I'm not suggesting it because of that :-P
Thank You to Marcelo Antunes for your informative Post and/or Attachment!
  Post Number #3  
Old 10th July 2018, 05:08 PM
Mark Meer

 
 
Total Posts: 891
re: Software Validation Guidance Suggestions

Quote:
In Reply to Parent Post by Marcelo Antunes View Post

My opinion is that GAMP is too much for most of the medical device industry. ...There's several other guidances, general and for other industries....I don't think they are that welcoming (most that I know are more complicated, in fact).
Thanks Marcelo, the "welcoming" part is certainly a consideration. Someone posted in another thread that GAMP 5 manual is in excess of 350 pages! ...probably overkill for us.

But to your general statement that it is "too much for most of the medical device industry", I would have thought that, in principle, a more thorough coverage of the topic would be MORE appropriate to the medical device industry due to its generally higher risk, no?

Quote:
In Reply to Parent Post by Marcelo Antunes View Post

ISO TR 80002-2 was created to specifically deal with the new "risk based" activities of ISO 13485:2016, meaning you can tailor the process depending on the risk.
If ISO TR 80002-2 treads a lot of the same territory as ISO 14971, then I'm dubious as to its utility (for our organization). We've got a pretty good handle, IMO, on risk-based processes. Like I say, I'm more interested in guidance on the execution and documentation. The (free) FDA guidance, seems to have a lot covered (including risk), so I'm curious what these paid standards such as ISO TR 80002-2 offer? Does it, for example, provide any real-world examples?
  Post Number #4  
Old 10th July 2018, 05:18 PM
Marcelo Antunes's Avatar
Marcelo Antunes

 
 
Total Posts: 3,364
re: Software Validation Guidance Suggestions

Quote:
In Reply to Parent Post by Mark Meer View Post

Thanks Marcelo, the "welcoming" part is certainly a consideration. Someone posted in another thread that GAMP 5 manual is in excess of 350 pages! ...probably overkill for us.

But to your general statement that it is "too much for most of the medical device industry", I would have thought that, in principle, a more thorough coverage of the topic would be MORE appropriate to the medical device industry due to its generally higher risk, no?
Not exactly (and the "higher risk" is debatable :-P). The point is how ISO 13485:2016 handles software validation. It was decided to require validation to all application of software (and remove the old "that affects the product"or something like that), so ALL use of software in the QMS needs to be validated. On the other hand, so as not to create an overburden requirement, we introduced the requirement of risk-based approach and activities for the software validation, which let's you tailor the software validation effort (and which is mirrored in ISO TR 80002, which has a toolbox with several activities, some mandatory, but most voluntary, to be chosen depending on the risk).


Quote:
If ISO TR 80002-2 treads a lot of the same territory as ISO 14971, then I'm dubious as to its utility (for our organization). We've got a pretty good handle, IMO, on risk-based processes. Like I say, I'm more interested in guidance on the execution and documentation. The (free) FDA guidance, seems to have a lot covered (including risk), so I'm curious what these paid standards such as ISO TR 80002-2 offer? Does it, for example, provide any real-world examples?
Sorry, I did not understand you did not know ISO TR 80002-2. I was talking about the approach and activities of software validation being based on risk, as I mentioned above. ISO TR 80002-2 also has several examples of application in the annexes (14 examples, in fact).
Thank You to Marcelo Antunes for your informative Post and/or Attachment!
  Post Number #5  
Old 11th July 2018, 01:16 AM
somashekar's Avatar
somashekar

 
 
Total Posts: 5,371
Re: Software Validation Guidance Suggestions

If I am using an ERP s/w and the same is under annual maintenance contract with upgrades, does it meet the requirement of validation of the ERP s/w...
  Post Number #6  
Old 11th July 2018, 06:20 AM
Marcelo Antunes's Avatar
Marcelo Antunes

 
 
Total Posts: 3,364
Re: Software Validation Guidance Suggestions

Quote:
If I am using an ERP s/w and the same is under annual maintenance contract with upgrades, does it meet the requirement of validation of the ERP s/w...
Nope. Validation is a confirmation that your intended use of the software is fulfilled. Upgrades have nothing to to with that.

On the other hand, after any update, you need to verify the need for re-validation. This can be very resource-consuming...
  Post Number #7  
Old 12th July 2018, 12:38 AM
somashekar's Avatar
somashekar

 
 
Total Posts: 5,371
Re: Software Validation Guidance Suggestions

Quote:
In Reply to Parent Post by Marcelo Antunes View Post

Nope. Validation is a confirmation that your intended use of the software is fulfilled. Upgrades have nothing to to with that.

On the other hand, after any update, you need to verify the need for re-validation. This can be very resource-consuming...
I understand what you mean now. But the ERP customization project was the purpose to make the ERP meet our intended use. Without affecting our intended use, there would be upgrades to add a feature, which may or may not be used by us. It may be considered as an improvement in the MIS.
So is my ERP by virtue of the customization and effective use stand validated...
Reply

Lower Navigation Bar
Go Back   The Elsmar Cove Business Systems and Standards Discussion Forums > >

Bookmarks



Visitors Currently Viewing this Thread: 1 (0 Registered Visitors (Members) and 1 Unregistered Guest Visitors)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Forum Search
Display Modes Rate Thread Content
Rate Thread Content:

Forum Posting Settings
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Emoticons are On
[IMG] code is On
HTML code is Off


Similar Discussion Threads
Discussion Thread Title Thread Starter Forum Replies Last Post or Poll Vote
Medical Device Software Validation Guidance ASimo Software Quality Assurance 3 8th February 2013 09:17 AM
Design validation challenges - Suggestions for an effective validation method normzone Qualification and Validation (including 21 CFR Part 11) 5 2nd April 2012 04:53 PM
Software Validation vs. Validation of the Application of Computer Software somashekar ISO 13485:2016 - Medical Device Quality Management Systems 16 4th May 2011 01:12 AM
Guidance on ISO 13485 Section 7.5.2. about Software Validation Padams13 ISO 13485:2016 - Medical Device Quality Management Systems 15 22nd December 2009 09:42 PM



The time now is 12:30 PM. All times are GMT -4.
Your time zone can be changed in your UserCP --> Options.



Misc. Internal Links


NOTE: This forum uses "Cookies"