Sandbox
As pharmaceutical plants adopt automated systems and digital management platforms, the integrity and reliability of computerized systems become critical. Computer Systems Validation (CSV) is the formal process of documenting that a computerized system meets its pre-defined specifications. The global standard for CSV is the ISPE’s GAMP 5 (Good Automated Manufacturing Practice) framework.
The V-Model Lifecycle Approach
GAMP 5 advocates for a structured "V-model" lifecycle approach, which maps development activities directly to validation testing:
- User Requirement Specification (URS): The foundation document detailing what the system must do from a user perspective.
- Functional Specification (FS): Translates the URS into specific software and hardware capabilities.
- Testing Phase (IQ/OQ/PQ): Installation Qualification (IQ) verifies components are installed correctly, Operational Qualification (OQ) tests functional thresholds, and Performance Qualification (PQ) confirms the system functions reliably under normal load.
GAMP 5 Software Categories
To optimize validation efforts, GAMP 5 divides software into categories based on complexity and customization:
- Category 1: Infrastructure software (e.g., operating systems) — requires only version control.
- Category 3: Non-configured software (commercial off-the-shelf) — requires basic verification of installation.
- Category 4: Configured software (e.g., LIMS, SCADA) — requires verification of configuration settings against user requirements.
- Category 5: Custom software (bespoke code) — requires full life-cycle validation, design reviews, and source code audits.
Risk-Based Validation
By conducting a formal risk assessment (typically using FMEA), validation teams can focus resources on high-risk functions that directly impact product quality, data integrity, and patient safety, ensuring a cost-effective and compliant validation process.
