Validation of software used in production and QMS - Part 3 Validation Protocol and Reports
We continue this series on validation of software used in production and QMS with the Validation Protocol and Reports.
The Validation Master Plan (VMP) comes with other documents:
- The Validation Master Plan template itself, it contains general provisions for software validation,
- The Validation Protocol template, it contains the application of the VMP for a given system,
- The Validation Report template, it contains results of the validation protocol for a system,
- The Final Validation Report, it contains the conclusion of the validation of a system.
I share these templates with the conditions of CC-BY-NC-ND license.
This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 France License.
Content of the Validation Protocol
The validation protocol is the instanciation of the provisions of the Validation Master Plan (VMP). You will have one validation protocol per system needing validation.
The content of the validation protocol repeats the phases found in the VMP, with specific provisions, if needed.
For example, a system of low level of concern may have a validation protocol with IQ and PQ only, considering that OQ is not mandatory given the system features. Of course, skipping OQ shall be documented!
Content of the Validation Reports
The validation reports are simply the records of validation protocol.
The validation report is filled with data gathered during qualification phases. There may be a single report recording all phases or multiple reports. When qualification phases are long or verbose, having a report per phase is a good option.
The validation report ends with a conclusion about the conformity of the product versus requirements verified during the phase. It's important to keep this part hence it inks the status of the system at the end of the phase. That's also a cultural way of doing this in the world of physical equipment qualification!
Final Validation Report
The final validation report contains:
- The identification of the system that is validated,
- The final conclusion about the validation.
The identification is important, to be sure which version is validated and who can use what in routine. This is also a favorite way of auditors to search for pitfalls in the identification of the validated system.
The final conclusion is about the compliance of the system versus regulatory requirements. Note the difference between validation reports (compliance to requirements in the scope of the phase) and the final validation report (compliance to regulatory requirements).
That's the end of this series about computerized systems validations.
With all this templates and explanations, you should be ready to perform you own computerized systems validations. Feel free to ask questions in comments!