interviewing2b: Regular V Model Computer System Validation, is this still feasible?

Computer system validation has been getting increasingly complex and with a growing number of details required, while often the validation effort overshoots the implementation or development work spent. The increasing number of parallel activities, agile development processes and strengthening of regulatory requirements necessitate the usage of a scalable validation methodology. Take a look in an interview with Björn Adams, our CSV Factory Lead to find more on how to deal with such a challenge.

B: Indeed, what we can see has happened over the last decade - especially the last 5 years - is an increasing complexity of computerized systems. These systems nowadays are much more integrated with other solutions than they were a few years ago. Often in addition the effort for customizing of systems is increased as well. On top of this, newer solutions and architectures like cloud or blockchain have started to find their way and use cases into the pharma world . Besides those “pure” technical reasons, the international and national regulations have also massively increased. And this is true not only for GxP critical aspects, even regulatory requirements for non-GxP systems are getting more challenging.

B: We have several aspects to consider for this. The fundamental aspects around GxP systems have not changed, here it is more of a question how a regular GxP conforming computer validation can be executed in a way that is still manageable. Imagine 10-15 years ago, most IT solutions were more isolated systems, and a classical GAMP 5 validation framework could apply as-is. Today we see globally deployed solutions with multiple integrated applications which are exchanging massive volumes of various electronic records (e.g. Big Data, AI/Machine Learning applications), hosted on cloud platforms, and all this must be validated by following an agile / iterative implementation strategy – you see then how a regular GAMP5 set up might come to a limit here. Aside from the main driver being based on the solution architecture, public authorities have released in recent years more and more regulations which even non-GxP validations may need to consider, like for example the EU GDPR. Individual countries and markets have also selected to base their regulations on EU or USA FDA standards. By looking just these two facts, we can easily see that CSV can hardly be compared to what was done 10 or 15 years ago when GAMP 5 was drafted and published.

B: Well, we may not need to see this as black or white. The fact is that a current validation requires much more knowledge about the system architecture, the sequence of activities as well as a very good understanding about the processes etc. A “traditional” validation plan will not effectively cover all the problems we discussed. On the other side, there are so many smart tools available which help to reduce the effort for creating the necessary validation documentation in a more modern way - think about testing tools, document management systems or even the so-called “paperless validation” solutions. All this can help to make a tailored and scalable validation possible, while keeping the costs and effort down.

B. Not entirely - in a sense, regular V Models or GAMP 5 based templates and SOPs might need some interpretations. Otherwise, you may run into risk by creating a validation approach and corresponding effort which is not helping to effectively validate a system, or the effort spent for validation activities gets undefendable. But this does not mean that GAMP 5 as a methodology, the regulations, or even the organization’s SOPs should not be consulted or being adhered to.

B: A deeper understanding of the solution architecture, what must be validated and at what level according to the regulations, and in which sequence the validation activities must take place.

B: Not necessarily, you cannot be an expert in all these areas for sure, but a CSV Lead should have a broader understanding of various fields related to the solution being validated and not just only understand and follow the rules for CSV. Of course, this needs to be in sync with the different solutions as well as the project/ implementation activities. So, in order to accomplish this a close - and especially early - communication and involvement into the initial project activities may help the Validation expert here.

B. Absolutely! But not by simply following GAMP5 and copying an “out-of-the-box” validation process. Here, a more tailored validation should be considered in order to maximize gains versus effort – and money - spent.

i(nsight)2b will bring you insights and news about implementation strategies, CSV methodologies and interesting insights around new technologies, platfroms and more. Here we will share our latest insights from within the Pharma, Biotech, and IT industries.