What You Need to Know About CSV in the Life Sciences Industry
Table of contents
Computer System Validation, or “CSV”, is a process of testing and qualifying a computerized system to ensure that it works as intended in a consistent and reproducible manner that is as safe, secure, and reliable.
CSV is a top priority for pharmaceutical, biotech, and medical device companies, which must show that all computer systems can ensure patient safety, product efficacy, and data integrity by being fit for their intended uses.
What Are the Purposes of CSV?
CSV is the FDA’s response to an increasingly growing demand from the life sciences industry to use paperless systems. The purpose of CSV is to reduce and mitigate compliance risks before a particular system goes live and maintain compliance when computer systems are modified or upgraded.
What Are the Benefits of CSV in Pharma?
There are many benefits, but here are the most significant ones:
-
Business Continuity: CSV helps identify system weaknesses before they become major problems and, thus, reduce the downtime
-
Compliance: CSV demonstrates your commitment to complying with guidelines set by regulatory agencies.
-
Peace of Mind: By completing CSV, you’re ensuring that your computer software performs consistently and is fit for its intended use.
How Is CSV done?
Any life sciences company must perform CSV in line with FDA and other global regulatory guidelines. The level of documentation required is typically addressed through adherence to the GAMP-5 V-model:
Figure 1: GAMP 5 V-model, highlighting the documentation that is required based on the applicable category, where Category 1 is tied to Infrastructure software, Category 3 is non-configurable software, Category 4 is configured software, and Category 5 is custom software.
-
Create a Validation Plan: Think of the validation plan as a strategy. It outlines the approach you'll take to CSV and what steps you must take to meet your objectives. It should include clear outcomes, acceptance criteria, and required activities.
-
Define User Requirements Specifications (URS): The URS defines clearly and precisely what the user wants the system to do and what attributes it should have. Additionally, it describes any non-functional requirements and constraints. It should be driven by the business process needs and include requirements related to patient safety, product quality, and data integrity.
-
Specify Functional Specifications (FS): The FS defines the full system functionality, including how the user and business requirements are satisfied. It is the basis for the system design, customization, development, and testing.
-
Outline Design Specifications (DS)/ Configurations Specifications (CS): Based on the type of the system, these specifications, if needed, provide a detailed technical expansion of the FS.
a. The DS is the activity that involves both hardware and software as a combined document.
b. The CS details the configuration parameters and how these settings address the requirements in URS.
-
Write IQ/OQ/PQ Tests Scripts
a. Installation Qualification (IQ): The process of validating that the system is successfully installed according to specifications and requirements in the specified environment.
b. Operational Qualification (OQ): The process of validating that the system is operating as intended and that requirements are verified/tested against the FS document.
c. Performance Qualification (PQ): The process of validating that the system is performing satisfactorily for its intended purpose and that requirements are verified/tested against the URS document.
-
Create a Validation Summary Report: The validation summary report summarizes your CSV process. For example, it will describe:
a. Activities carried out during the Validation
b. Any deviations made (and the justifications for the changes)
c. Limitations and restrictions
d. Incidents
e. Corrective actions
-
Maintain System Release Documentation: Even once the system has been accepted and released for use, there are still maintenance needs to consider. Compliance is achieved through using up-to-date documented procedures. All documentation and training should cover use, maintenance, and management in activities such as:
a. Security and System Administration
b. Change Management Process
c. Backup and Restore
d. Periodic Review
e. Data Archival and Retrieval
How Can STAEDEAN Support Your CSV Compliance Effort?
STAEDEAN follows a risk-based approach to CSV called Computer Software Assurance (CSA). This streamlined, pragmatic approach meets regulatory requirements by critically assessing relevant risks and confirming that testing, documentation, and evidence collection align with any risks that have been identified.
By choosing STAEDEAN as your partner, you’ll benefit from our compliant framework and commitment to good practices. We also offer a set of tools to simplify the validation process and reduce the effort to achieve compliance.
Support for CSV in life sciences Industries | STAEDEAN
Although the validation process may seem overwhelming, the STAEDEAN Life Sciences Validation Toolkit can help. Our experienced team will give you the guidance you need to complete your CSV and meet your compliance requirements. Whether you’re in life sciences, we have a CSV solution for your needs.