Lack of Assessment of Automated Test Execution Tools
Automated test execution tools can be used to improve efficiency and effectiveness. Like other software, test automation software may be standard, configurable, or custom, and should be specified and verified appropriately based on an assessment of risk; however, auditors frequently note that GxP software developers do not assess these tools before using them.
Commercial or established tools are considered to be GAMP Software Category 1 and ussually have a low impact on product quality or patient safety; therefore, they are considered to have a low risk priority and do not typically need to be validated. However, appropriate assessment of the tool should be carried out before use.
The assessment and verification of a computerized test tool should focus on demonstrating that the tool is fit for purpose as far as critical requirements
The level of required verification depends on the nature of the tool and the degree of configuration and customization. Typically if a well known and accepted tool is used, a proof of its fitness for the intended purpose would be enough. This proof should focus on the critical requirements, including:
-
Security of test data (e.g. role based permissions and user retriction, use of audit trails). The verification should focus on the implementation of security through the use of logical and/or physical security controls and procedural controls.
-
Enforcement of defined test processes or workflow.
Custom or highly configured test automation tools may, based on a risk assessment, require detailed requirements definition, specifications and verification.
Whether you are a GxP software developer, auditor, inspector or an end user, remember that the test tools used for automated testing of GxP systems are required to be assessed, and that based on that assessment, a verification or testing approach will be defined to demonstrate the tool’s fit for purpose.
REFERENCES
-
International Council for Harmonization (ICH): ICH Harmonized Guideline, Integrated Addendum to ICH E6(R1): Guideline for Good Clinical Practice E6(R2). Step 4, version 9 November 2016.
-
GAMP Good Practice Guide: A Risk-Based Approach to Testing of GxP Systems. ISPE. 2012
SIGN UP for our newsletter to stay up to date on all our new articles
👉 https://www.pharmity.com/blog/#newsletter
Author: Dr Leire Zúñiga, Director and Principal GCP Consultant
PHARMITY, 1st of September 2020