TABLE OF CONTENTS Following from our initial discussion of risk assessment in Chapter 5, the next stage in the process is to carry out a risk assessment of each function to determine if the function is business and/or regulatory risk critical (C) or not (N). This risk assessment methodology uses the tables from the URS that have two additional columns added to them as shown in Table 4.
How requirements are traced to the testing phase and also the validation summary report is also discussed here after the introduction started in Chapter 7.
Clause 227:
The extent of validation necessary will depend on a number of factors including the use to which the system is to be put, whether the validation is to be prospective or retrospective and whether or not novel elements are incorporated.
Section on Validation18:
We recommend that you base your approach on a justified and documented risk assessment and a determination of the potential of the system to affect product quality and safety, and record integrity.
Section 4.331:
For GXP regulated applications it is essential for the regulated user to define a requirement specification prior to selection and to carry out a properly documented supplier assessment and risk analysis for the various system options.
Section 4.829:
Validation coverage should be based on the software s complexity and safety risk not...
