Pzimmermann92
Starting to get Involved
Hello.
I am trying to figure out the best way to follow our flowchart (QMS) in the quality procedure “validation of software applications”.
We have recently implemented software as part of a manufacturing process, which simplifies the search for the results of testreports of our tested PCBA’s. These results are checked by the operator to ensure a report was automatically stored by the test program (resulting from a corrective action due to incidentally missing reports). The search for the results is done via an SQL database visualisation program (custom written by an IT company within a microsoft based program for our need).
Unfortunately the QP was set-up by an employee who does not work here anymore, the references to wherefrom he has set up the flowchart are unclear, thus for me it is hard to understand why the flowchart was made the way it was made.
The problem: According to ISO13485 there should be a risk based approach for software validation. However i do nowhere find any specific requirements (also not in other standards such as 62304).
Now the software must be validated/verified. According to the flowchart, there is no need for validation, only verification (and also to be listed in the software application list with reference to the verification report).
But here comes the problem:
The last flow-chart step before the block which says: “Very limited risk involved, only verification of requirements or purchasing specifications apply” states: “Is output of the software independently verified 100%?”
In no standard, or otherwise on the internet i find a such a descriptive requirement. So i am looking for how to understand/interpret this question (Maybe we are missing a standard / TR / other document?)..
I hope someone understands my question and can help me further.
Thank you in advance!
Best regards, Patrick.
I am trying to figure out the best way to follow our flowchart (QMS) in the quality procedure “validation of software applications”.
We have recently implemented software as part of a manufacturing process, which simplifies the search for the results of testreports of our tested PCBA’s. These results are checked by the operator to ensure a report was automatically stored by the test program (resulting from a corrective action due to incidentally missing reports). The search for the results is done via an SQL database visualisation program (custom written by an IT company within a microsoft based program for our need).
Unfortunately the QP was set-up by an employee who does not work here anymore, the references to wherefrom he has set up the flowchart are unclear, thus for me it is hard to understand why the flowchart was made the way it was made.
The problem: According to ISO13485 there should be a risk based approach for software validation. However i do nowhere find any specific requirements (also not in other standards such as 62304).
Now the software must be validated/verified. According to the flowchart, there is no need for validation, only verification (and also to be listed in the software application list with reference to the verification report).
But here comes the problem:
The last flow-chart step before the block which says: “Very limited risk involved, only verification of requirements or purchasing specifications apply” states: “Is output of the software independently verified 100%?”
In no standard, or otherwise on the internet i find a such a descriptive requirement. So i am looking for how to understand/interpret this question (Maybe we are missing a standard / TR / other document?)..
I hope someone understands my question and can help me further.
Thank you in advance!
Best regards, Patrick.
