COMPUTER SYSTEM VALIDATION (CSV)
Computer system validation (CSV), also known as software validation, is how companies regulate their softwares or systems to ensure that they are performing the way they are supposed to work. The FDA defines software validation as, “Confirmation by examination and provision of objective evidence that software specifications conform to user needs and intended uses, and that the particular requirements implemented through software can be consistently fulfilled.” CSV is crucial in delivering quality and reliable patient care as any medical device software issues can cause serious harm or death.
One methodology to implement CSV projects is called the “V Diagram,” which uses the following V-shape system build proceeding down the V-shape to System Build and then back to the top right:
- Validation Plan: The validation plan is the first step of CSV and determines roles, responsibilities, and the acceptance criteria of what approach to be used.
- User Requirements Specification (URS): This step describes what users need from the software and how it is used. Additionally, it contains any critical constraints such as regulations, safety requirements, operational requirements, etc.
- Functional Specifications (FS): The FS document describes how the software needs to work and look to meet the user’s needs. It might range from descriptions of how specific screens and reports should look, describe data that needs to be captured, include logic & calculations, or how it will comply with regulatory requirements.
- Design Specifications (DS): This document contains all technical elements of the software that includes everything from file structures, field definitions, data flow diagrams, entity relationship diagrams to required hardware, operating systems, application versions, middleware, etc.
- System Build: This step is where your organization either develops or purchases a CSV software and configures it to the previous specification documents, including unit testing and integration testing.
- Installation Qualification Tests (IQ) Tests: In this step, software is first installed in a test/validation environment to confirm that the software or system is installed and set up according to Design Specifications.
- Operational Qualification (OQ) Tests: Also known as function or system testing, this step tests that there are no bugs and that all functionality definined in Functional Specifications is present and working correctly.
- Performance Qualification (PQ) Tests: Also known as user acceptance testing, this step is used to confirm that the software will meet the user’s needs and fits its intended use.
- Reporting: The final step of the validation is to create a summary, often called the Validation Report/ Validation Summary/ System Certification, which provides confirmation that each goal of the Validation Plan has been completed. The Validation Report provides an overall summary of testing results, confirmation that all acceptance criteria have been met and the software is ready for implementation.
Computer System Validation (CSV) is crucial for ensuring that softwares and systems used in life sciences meet FDA and other regulatory agencies’ standards. Failure to comply could have very expensive and reputation damaging consequences. To ensure organizational success, companies should regularly run CSV projects and make updates and improvements when necessary.