Close
Risk assessment, being an integral part of the validation should be robust enough to identify the key risks at initial stage for a successful validation and implementation of the software. Risk assessment with an effective mitigation plan and identified actions ensure a robust and error free system for an effective and compliant system with identified safeguards. In recent times, risk assessment has become a critical and integral part of computer system validation as some manufactures have faced increased regulatory consequences related to data integrity and their computer system validation approach.
1. Combined efforts for risk identification:-The combined efforts from vendor and the regulated users ensure effective deployment and testing of software. Considering the complexities of various processes, preliminary risks should be better identified at initial phase and should be included in the preliminary risk assessment document. Mitigation plan and associated actions can be derived mutually from both the ends. The document should be on the critical processes and factors to include all the associated risks.
2. Coverage of risks during the entire validation lifer cycle:-The Risk assessment should cover the entire validation life cycle. It’s not possible to identify all the risks at initial phase and user might subsequently identify other risks during User Acceptance tests and training to functional users. All the identified risks should be captured in the risk assessment along with agreed action plan
3. Identification of threats:- it’s important to identify threats during preliminary risk identification with use of rating with reference to severity and probability of occurrence based on which the regulated company can take necessary steps to reduction of identified threats. It might include protection against natural disasters, fire and water control system, power provision system and climate control systems
4. Identification of preliminary risks:- The preliminary risk should include all the risk associated with various process and current controls available to mitigate those risks. It might include security controls, control for key-decisions , data integrity (Viz data transfer from on stage to another), entry authentication, password protection, electronic signature and audit trails
5. Functioning of risks control features:- In few cases, it’s possible to check the mitigation and security control only at the time of UAT and process execution. Any failure of such process and security controls should be documented as a deviation and the mitigation plan needs to be addressed. In the end, risk assessment can be summarized by preparing a summary of findings and recommendations.
In a nutshell, a risk based validation is must for implementing any of the business process in a regulated environment. A multistage approach with identification of threats and preliminary risks and then checking of effectiveness of controls and action plan ensure a comprehensive process verification to comply with regulatory expectations.
QEdge Quality Management Software Suite
Contact Us
6th Floor, Arista, 100 Feet Anand Nagar Rd, Jodhpur Village, Ahmedabad, Gujarat 380015
Phone : +91-79-66214899
Email: sarjen@sarjen.com
