A RISK BASED APPROACH TO TESTING OF COMPUTERIZED GXP SYSTEMS, BOSTON, NOVEMBER 16-17, 2017
Testing is the science of identifying defects, so that they can be corrected, and of demonstrating that a system meets intended requirements. Testing computerized systems is considered a fundamental verification activity and appropriate testing is a regulatory expectation as described in many regulations e.g. EU GMP Annex 11.
"Evidence of appropriate testing methods and test scenarios should be demonstrated. Particularly system (process) parameter limits, data limits and error handling should be considered"
The regulated company is responsible for demonstrating compliance and fitness for use. Effective testing demonstrates compliance with regulatory requirements and ensures patient safety, product quality and data integrity as a result of controlling identified risks. The assurance that systems perform as intended for their use reduces the overall lifecycle of implementing and operating the system and prevents delays to the use of the system that might have been caused by the need to make corrections to the system.
Conversely, insufficient or inappropriate testing may cause problems later on in the lifecycle and these problems will be more costly, time consuming and troublesome to resolve. Potential consequences include a system that does not meet intended requirements, a costly program of corrections and increased maintenance and support costs.
Additionally, failure to appropriately test functions that have high impact on patient safety, product quality and/ or data integrity, may undermine the compliance and fitness for intended use of the system. Inadequate testing may lead to regulatory citations and possibly further regulatory action, damaging business credibility, reputation and potential for revenue.
The number and types of tests should be based on risk, complexity and novelty of the software. Testing should confirm that system specifications have been met. This may involve multiple stages of review and testing depending on the type of system, the development method applied and the use of computerized system. Regulated companies should be prepared to justify the adequacy of their testing approach.
A science quality management system such as ICH Q9 should be used to determine the appropriate level of verification and documentation. Tests should be designed to demonstrate that all required risk controls are in place. Proposed changes to the system should trigger an impact analysis to determine the extent of any reverification, including any regression testing required. Alterations to the system should be made only in accordance with a predefined change control procedure. Such change control procedures need to include provision for proposing, approving and / or backing out of the change.
This event will take place at Embassy Suites by Hilton Boston at Logan Airport, 207 Porter St, Boston, Massachusetts.
This seminar provides attendees with hands-on guidance on the testing of computerized and software systems that impact patient safety, product quality and data integrity. It will identify the testing that should be performed and the associated level of documentation. The areas covered are:
Who should attend: