Where computerised systems are used in pre/clinical studies (GLP, GCP), manufacturing (GMP) or distribution (GDP) of medicinal products, they must be validated. The task of an inspection is to check the reliability of a computer-aided system on the basis of the validation evidence. The inspection of computer-aided systems usually takes place within the framework of the GxP inspections, but can be set as a separate inspection focus of a specialist inspector. Existing guidelines for inspection or validation apply to all GxPs.
An inspection usually begins with the request of the following documents:
- Company policy for computer validation
- Validation masterplan
- Validation plans / validation reports
- SOPs for IT or computers
- Third party services for maintenance and support
- Inventory list of all computer-aided systems
- List of GxP relevant systems
- Details on data protection, change control, information security, configuration management
- Staff qualification and training
- Summary of significant changes since last inspection
The general inspection strategy is variable, but can be as follows:
- Assessment of the validation proofs of the GxP-critical systems.
- Assessment of the system for maintaining the validated state and interaction between different organisational units involved in the process (e.g. IT support and GMP process owners).
- Insight into printouts and archives.
- All points of EU GMP Guide Annex 11 are relevant.
- Evidence for change management, configuration management, accuracy or reliability (bug reports).
- System security, access control and data integrity are aspects that are relevant for many systems.
- Verification of the implementation of specifications.