SMJConsulting´s Approach to CSV Projects
When it comes to CSV projects, SMJConsulting uses the GAMP5 framework. According to the GAMP5 framework, there are four life cycle phases in a computer system and each phase contains a number of individual activities. However, there are also a number of supporting processes that take place across the phases of the life cycle such as risk management, document management, repair activity, security management, etc and should be included when visualizing the CSV process.
The CSV Life Cycle used by SMJConsulting includes:
- Concept Phase: This is a high-level overview of the system and design considerations.
- Project Phase: Gives a detailed description of the system and objectives.
- Operation Phase: Defines how the system will be managed during operations.
- Retirement Phase: Defineshow to retire the system.
CSV Concept Phase:
The concept phase is where SMJConsulting and the Client conceive the the idea for a computer system. This phase includes mainly data gathering (vendors, costs, high-level project plan, resources, timelines, benefits, restrictions, and justification of the requirement for the system).
Under the Concept phase SMJConsulting and the Client performs the following specific activities:
- System Software Categorization.
- Risk Assessment.
- Supplier Assessment.
This activity defines the specific aspects of the system such as:
- Overall requirements of the system.
- Critical functions it will be controlling.
- Available options for hardware and software platforms.
- Overall regulatory impact of the proposed system.
- Novelty of the system and its complexity.
- Requirement for document control
- Testing that is required (what are the considerations for operating and maintaining the system?)
- The data and records that will be generated and subsequently retained.
System Software Categorization:
The range of activities required to validate a computerized system depends on the type of software the Client is using. The GAMP 5 framework categorizes software into 4 types. The category into which the client´s software falls into, will determine the validation approach, the amount of time the project takes and the deliverables.
SMJConsulting uses a risk-based approach to CSV, saving time and effort. A quality risk assessment is carried out to determine if the computer system has the potential to impact product quality, patient safety or data integrity in a way that could ultimately harm the patient.
This phase involves narrowing down the vendor options and getting an idea of the cost to be included in the business case. The response from the vendors will detail how their system can meet our client´s requirements, alongside an estimated cost.
2. Project Phase:
Planning activities are finalized at this stage; the user requirement specifications, functional specifications, and design specifications are developed.
Specific activities in this phase include:
- Utilizing the CSV Process V model.
- Risk assessment.
- Writing Standard Operating Procedures.
Documentation completed within this stage includes:
Validation Master Plan (VMP):
Depending on the size of an organisation there may be several sub validations plans within the validation master plan (site, departmental or system-specific) or there may be multiple validation master plans, one for each business unit.
In order to satisfy the regulatory requirements, a brief description of the system is required.
Definition and Description of the following is required:
- Hardware /Firmware.
- Computer System (Controlling System).
- Operating procedures and people.
- Data managed by the system.
- Equipment controlling function or process.
User Requirements Specification (URS):
The URS spells out what the Client needs from the software and how they will use it. It also contains any constraints such as regulations, safety requirements or operational requirements. The specifications must be agreed between the end-user/customer and supplier. The URS will have input from the process owners, system owners, technical subject matter experts (SMEs), quality and the supplier where required.
The functional specification contains a detailed description of how the system will meet each of the requirements outlined in the URS such as:
- How the software works.
- What data needs to be captured?
- User interfaces.