What is QMS?

Quality Management System - A Quality Management System (QMS) is a collection of business processes focused on achieving quality policy and quality objectives to meet customer requirements. It includes the organizational structure, responsibilities, procedures, processes and resources for implementing and maintaining quality systems.

What is Validation?

Validation - is establishing documented evidence which provides an assurance that a specific process will consistently produce a product meeting its predetermined specifications and quality attributes.

When it comes to validation of software applications, validation means confirmation by testing and providing evidence that software conforms to user needs and intended uses.

Broadly, the FDA classifies computerized systems as follows:

• Controlling System (Computer System) which includes:

  • Software

  • Hardware

• Controlled Processes which includes:

  • Equipment

  • Operating Procedures and Documentation

Risk based approach to Validation - Risk based approach is a method of applying Quality Risk Management to identify, assess and control risk to patient safety, product quality, and data integrity, in order to manage risks to an acceptable level, and to determine a scalable approach to validation.

The FDA has been encouraging companies to take a risk based approach to comply with the regulations and protect patient health and safety. Validation activities must be commensurate with the risk that the system poses to patient safety, product quality or data integrity, should it not function as expected. Therefore, all aspects of the application or system do not have to be subject to the same level of rigor.

Validation V Model - As per the generally accepted industry standards, the V model is used to explain the approach and requirements of validation. V model stands for Verification and Validation, it was introduced by International Society of Pharmaceutical Engineers (ISPE) in the first edition of their Good Automated Manufacturing Practices guideline (GAMP).

Validation is aimed at providing documented evidence of quality. This is achieved by creating and maintaining adequate requirements documentation and testing these requirements in a validated test environment. The components of the V model are explained below:

Validation Plan

The Validation Plan defines the validation strategy, activities, deliverables, and responsibilities, including approvals that provide a high degree of assurance that the application or change will be fit for its intended use in its environment.

User Requirements

Requirements Specification defines the User requirements/User Stories and/or Business Processes of what the application is required to do from the end user’s perspective (intended use of the system), functional perspective, and must include regulatory requirements. Requirements/User Stories and/or Business Processes are used as the basis for selecting and/or developing/configuring an application.

Functional & Technical Design Specification

The Design Specifications capture the logic used to fulfill the Functional/Technical Requirements for enhancements, reports, forms or interfaces of the application. These Functional/Technical requirements are based on the User Requirements defined in the previous stage of the process. The Design Specification document details subsequent code development, the logic, components, technical settings, timings, process flow, programs, data structure, and provides screen layouts. The design document is also used to define and document any system customizations / configuration.

Installation Qualification (IQ)

FDA defines installation qualification as “Establishing confidence that process equipment and ancillary systems are compliant with appropriate codes and approved design intentions, and that manufacturer recommendations are suitably considered.” In general, this means ensuring that the installation and configuration of components (hardware and/or software) are in accordance with the approved installation procedures or guides, such as verifying the correct sequence of installation steps and version numbers.

Operational Qualification (OQ) / System Testing

System testing establishes objective evidence that the application has been installed or changed according to functional specification and the design documented in the requirements. Testing of User Stories and/or user and/or functional/technical requirements, compliance requirements and configuration. It combines the software, hardware, and the integration of this system with the other external systems.

Performance Qualification (PQ) / User Acceptance Testing

User Acceptance testing is associated with the business and operations analysis phase. The end users are the main performers of this testing based on test cases and scenarios that cover the business requirements to ensure that they have delivered the right software as per the specifications.

Validation Summary Report

A Validation Summary Report summarizes the compliance deliverables, the activities performed, documents deviations to the Validation Plan and provides an executive summary of the validation activities carried out. Test defects will be summarized in the Validation Summary Report. If this information is already included in a test report (e.g., system or UAT test report), a reference to the test report may be included.

Organizations that are involved in the development of products or services supporting human or animal health, including pharmaceutical, biotechnology and medical device products (including software), have to ensure that their computer systems (hardware and software) comply with the relevant GxP requirements