Computer Validation Master Plan

Table of Content:

  1. Introduction
  2. Purpose and Scope
  3. Regulatory Standards
  4. Responsibility and Training

4.1          Validation Resources

4.2          Authority and Responsibility

4.3          Training

  1. Validation Approach

5.1          Risk Assessment

5.2          System Life Cycle

5.3          New or Legacy Systems

5.4          Regulatory Guidelines

  1. Software Development and Validation – Category 4 and 5 Software
  2. System Documentation
  3. Security of Computer Systems
  4. Batch Release
  5. Electronic Data, Electronic Records and Signature
  6. Computerised Systems

11.1        Wide Area Network (WAN)

11.2        Other Computing Systems

Sample Content

Introduction

[Enter company name] manufactures and distributes a range of sterile and non-sterile, liquid, veterinary biological and pharmaceutical products from their sites [address].

The GMP facility has Code of Good Manufacturing Practice (cGMP) licenses with the [List all licenses]

The core business focus is manufacturing and packaging of human and veterinary medicines in various forms. These include sterile injectable vaccines, oral, powders, creams, ointments, lotions, pastes and tablets and pour –on drenches.

This document aims to summarise the overall intentions and approach to the validation of computer system or automated system (known hereafter as computerised systems).

It is intended to be a working document and will be periodically updated by site management responsible for the execution of validation.

Systems addressed by this document are contained in the following list.

[List of Computerised and Automated Systems] used in the facility. 

This Computer Validation Master Plan (CVMP):

  • Identifies which computerised systems are subject to validation or qualification
  • Identifies appropriate standards and guidelines to be referenced.
  • Describes functional requirements for testing.

Purpose and Scope

The purpose of the Validation Plan will be to outline the principles and objectives of the Computer Validation Program for the [site]. Validation activities will be determined to be the sum of all activities that are conducted to ensure that the systems of manufacture are sufficient to produce products of a high quality that are safe for the intended user of the product.

The control of computer systems which impact GMP activities is important to assure control of processes, assessment of data, accuracy of manufacturing and control records and compliance with industry regulations.

This guideline provides guidance on how to validate computer systems that relate to GMP. This document should be considered as a guide; it is not intended to establish any mandatory or implied standard. Alternative approaches may be applicable.

This document will define the validation of all GxP computerised systems used by [company] including, where appropriate systems used by administration and quality groups (QA, QC, Regulatory Affairs Validation). This document does not define the requirements for the validation of Excel spreadsheets.

Regulatory Standards

[Company] agrees to comply with Good Validation Practices for computerised systems as defined in the code of GMP [reference].

Responsibility and Training

1.1      Validation Resources

[Company] will provide an appropriate level of competent resources to ensure the achievement of the outlined Validation program, with consideration of the risk to quality associated with the manufacture of products at [company] manufacturing sites.

1.2      Authority and Responsibility

The general authority and responsibilities for undertaken Validation projects are defined in the Validation Master Plan (VAL-080)).

[Company] acknowledges computerised systems require special expertise and the co-ordination of key personnel and those involved with operation and maintaining computer systems.

Persons with appropriate expertise should be responsible for the design, introduction and regular review of a GxP related computer system.

The responsibilities of the key persons in manufacturing and quality departments are not changed by the use of computers. Electronic signatures are the legally binding equivalent of any written signatures they may replace.

1.3      Training

Persons responsible for the operation and management of computerised system shall be appropriate trained. The requirement of training includes ensuring those responsible for aspects of design, validation and installation of computerised system.