Blog

The Top 53 Computer and Software Validation Regulations | IVT

Computer and software validation is the most dynamically changing field for GXP-regulated industries. Confronted with increasingly complex technologies, cloud computing, data security issues, and digital media, companies are consistently struggling to remain compliant in the face of increased regulatory scrutiny.

This past April, IVT hosted the annual Computer and Software Validation conference. Taken from the presentations, a comprehensive and robust list of regulations, guidances, and resources can be extracted. Presented below, the following materials can be used to ensure global regulatory compliance, as well as lean and efficient validation, for your computerized systems and software products.


US Food and Drug Administration

  1. Code of Federal Regulations Title 21 Part 11, read it here.
  2. Code of Federal Regulations Title 21 Part 210, read it here.
  3. Code of Federal Regulations Title 21 Part 58, read it here.
  4. Code of Federal Regulations Title 21 Part 312, read it here.
  5. Code of Federal Regulations Title 21 Part 314, read it here.
  6. Code of Federal Regulations Title 21 Part 812, read it here.
  7. Code of Federal Regulations Title 21 Part 316, read it here.
  8. Code of Federal Regulations Title 21 Part 600, read it here.
  9. Code of Federal Regulations Title 21 Part 601, read it here.
  10. Code of Federal Regulations Title 21 Part 606, read it here.
  11. Code of Federal Regulations Title 21 Part 820, read it here.
  12. Code of Federal Regulations Title 21 56, read it here.
  13. Code of Federal Regulations Title 21 Part 50, read it here.
  14. Code of Federal Regulations Title 21 Part 814, read it here.
  15. Guidance for Industry Part 11, Electronic Records; Electronic Signatures - Scope and Application, read it here.
  16. “Current Status And Future Directions Of Part 11,” September 21, 2004.
  17. “Update on Part 11 Regulation and Guidance,” September 12, 2006.
  18. Guide to Inspection of Computerized Systems in Drug Processing: Blue Book, read it here.
  19. Guide To Inspections of Computerized System In The Food Processing Industry, read it here.
  20. General Principles of Software Validation; Final Guidance for Industry and FDA Staff, read it here.
  21. The FDA Perspective on Human Factors in Medical Device Software Development, read it here.

European Union

  1. Eudralex Volume 4, Annex 11: Computerised Systems, read it here.
  2. Eudralex Volume 4, Annex 11: Qualification and Validation, read it here.
  3. Eudralex Volume 4, Chapter 9: Self Inspection, read it here.

International Organization for Standardization

  1. ISO 13485:2003 Medical devices -- Quality management systems -- Requirements for regulatory purposes, read it here.
  2. ISO 14971-1:1998 Medical devices -- Risk management -- Part 1: Application of risk analysis, read it here.
  3. ISO/IEC 27001:2013 Information technology -- Security techniques -- Information security management systems -- Requirements, read it here.

International Electrotechnical Commission

  1. IEC 60601-1-6:2010 Medical electrical equipment, General requirements for basic safety and essential performance – Collateral standard: Usability, read it here.
  2. IEC 62366:2007/(R)2013 Medical devices – Application of usability engineering to medical devices, read it here.

Pharmaceutical Inspection Convention and Pharmaceutical Inspection Co-operation Scheme

  1. Pharmaceutical Inspection Convention (PIC) GMP Guideline PI 011-3 Good Practices for Computerized Systems in Regulated “GXP” Environment, read it here.

International Society for Pharmaceutical Engineers

  1. GAMP 4 Guide.
  2. GAMP® 5: A Risk-Based Approach to Compliant GxP Computerized Systems, read it here.
  3. GAMP Good Practice Guide: Risk Based Approach to Operation of GXP Computerized Systems, read it here.

International Conference for Harmonisation

  1. ICH Q8, Pharmaceutical Development, read it here.
  2. ICH Q9, Quality Risk Management, read it here.
  3. ICH 10, Pharmaceutical Quality System, read it here.

National Institute of Standards and Technology

  1. The NIST Definition of Cloud Computing, read it here.

General Services Administration

  1. FedRAMP Control Quick Guide, read it here.
  2. FedRAMP Continuous Monitoring Strategy & Guide, read it here.
  3. FedRAMP Security Controls, read it here.
  4. FedRAMP Standard Contract Clauses, read it here.

Media/Other

  1. Understanding the Cloud Computing Stack: SaaS, PaaS, IaaS, Rackspace, October 22, 2013, read it here.
  2. PCI Quick Reference Guide, read it here.
  3. Cloud Computing Risk Intelligence Map, Deloitte, 2010, read it here.
  4. Enterprise Risk Management for Cloud Computing, COSO, 2012, read it here.
  5. AWS Risk and Compliance, November 2013, read it here.
  6. Securing Data at Rest with Encryption, AWS, November 2013, read it here.
  7. Cloud Computing Management Audit/Assurance Program, ISACA, 2010, read it here.
  8. Principles behind the Agile Manifesto, 2001, read it here.
  9. Agile versus Waterfall development, 2013, read it here.
  10. Eight Lessons in Mobile Usability Testing, LogiGear Magazine, September 23, 2013, read it here.
  11. Infrastructure Qualification Proposed Standard, read it here.
  12. Information Technology Infrastructure Library, read it here.



Product Added Successfully

This product has been added to your account and you can access it from your dashboard. As a member, you are entitled to a total of 0 products.

Do you want access to more of our products? Upgrade your membership now!

Your Product count is over the limit

Do you want access to more of our products? Upgrade your membership now!

Product added to cart successfully.

You can continue shopping or proceed to checkout.

Comments (0)

Post new comment

The content of this field is kept private and will not be shown publicly.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
  • Use to create page breaks.
Image CAPTCHA
Enter the characters shown in the image.