On March 3rd, the 2016 revision of ISO 13485 was finally released. The new revision is essentially an evolution of the 2003 revision and includes a number of changes and clarifications.
For Aligned Elements users, a change in section 4.1.6 might have some important implications. Whereas ISO 13485:2003 did not explicitly require computer systems used in the quality management system to be validated, the 2016 edition certainly does. ISO 13485 is now finally on par with FDA 21 CFR 820 on this matter.
Computer Software Validation is used to ensure that each computer system fulfills its intended purpose. It prevents problems with the software to reach the production environment. CSV is today used in many regulated industries and is today regarded as a good manufacturing practice.
Aligned Elements certainly fall into the category of Computer systems that must be validated according to ISO 13485:2016 and FDA 21 CFR 820. If you do not have CSV process in place, we do have some things that may help you.
Why is Aligned Elements not validated by Aligned AG?
Aligned Elements falls into the GAMP 5 Software category 4 - "Configurable Software". AE is a highly configurable software with the purpose of mapping the customer's QMS, as opposed to forcing the customer to change his processes and templates to match Aligned Elements.
When validating a software of Category 4, it is of course the particular configuration of the software that is validated. Since each Aligned Elements customer is using a different configuration (each customer has its individual QMS), we cannot foresee which configuration our customers will use.
As mentioned, we do supply a number of useful tools to make the validation process faster.
What do I need in order to validate Aligned Elements?
Even though ISO 13485:2016 and FDA 21 CFR 820 require Computer Systems used in the Quality Management System to be validated, they do not explicitly described how to do it. This is up to each organisation to decide.
With no intention to be a complete listing, you need at least the following things:
- A Standard Operating Procedure (SOP) that describes how Computer Software is validated in your organisation
- A validation plan, that describes:
- INTENDED USE of the computer system in question
- WHAT are you validating, i.e. which name, version, and configuration of the software including manuals and supplier information and target environment
- WHY are you validating this software to this particular extent (hint: the GMP Software Categories are a good starting place. A risk-based approach is also a viable starting point.)
- WHO is responsible for the software, for the maintenance of the software and who is responsible for the validation
- HOW do you intend to validate the software, what the acceptance criteria are, and in particular how do you intend to handle software errors detected during the validation
- DELIVERABLES i.e. the documentation you intend to provide
- Requirements and/or use cases describing how you intend to use the Computer Software.
- Tests verifying that the use cases and documenting any deviations found.
- A Validation Summary or Report stating the result of the validation, preferably with some kind of traceability, and whether the Computer Software should be cleared for use in the production environment
To make this process a bit simpler, we provide our customers with a pre-filled example validation kit of Aligned Elements that can be adapted to the individual needs of each organization.
Can Aligned Elements be used to document the validation of other systems?
Absolutely. Aligned Elements is very well equipped for documenting the validation of other systems (provided AE has been validated, of course). AE supports all steps of the CSV process, from evaluating the validation extent via checklists or using a risk-based approach, documenting requirements, use cases and test cases, executing test cases, analysing the test results, and finally supplying the necessary traceability reports.