Professional Documents
Culture Documents
(检验室)计算机化系统验证核心文件(中英文对照)
(检验室)计算机化系统验证核心文件(中英文对照)
PA/PH/OMCL (08) 69 R7
重庆求败首发于计算机化系统验证群二
QQ 群号 569962302
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
Note: Mandatory requirements in this guideline and its annexes are defined
using the terms «shall»or «must». The use of «should»indicates a
recommendation. For these parts of the text other appropriately justified
approaches are acceptable. The term «can»indicates a possibility or an example
with non-binding character.
注释:本指南及其附件的强制性要求是使用术语“应该”和“必须”来定义的。使
用“应该”表示推荐,对于这些部分,用其他适当的合理方法是可以接受的。术
语“能”表示一个可能性或一个具有非约束性特征的例子。
1. SCOPE 范围
This guideline defines basic principles for the validation of computerised systems
used within Official Medicines Control Laboratories (OMCLs) and having impact
on the quality of results, document control and data storage [1]. The purpose of this
validation is to guarantee confidence in the laboratory data captured, processed,
reported or stored by computerised systems. A validated system ensures accurate
results and reduces any risks to data integrity.
本指南定义了在官方药物控制实验室(OMCLs)中使用的计算机化系统的验证
的基本原则,并对质量结果、文档控制和数据存储产生了影响。这种验证目的
是为了保证计算机化系统获取、处理、报告或存储的实验室数据是可信的。经
过验证的系统可以确保准确的结果,并减少数据完整性的任何风险。
2. INTRODUCTION 介绍
第 2 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
considering the dependency of the correctness and traceability of test results of the
OMCL on the computerised systems.
验证活动的范围应该根据风险评估来定义,并考虑 OMCL 在计算机化系统上检
测结果的正确性和可追溯性。
This guideline is intended for use by OMCLs working under Quality Management
Systems based on the ISO/IEC 17025 standard, which use computerised systems
for a part or the totality of the processes related to the quality control of medicines.
该指南旨在供 OMCLs 在基于 ISO/IEC 17025 标准的质量管理系统下工作,该标
准使用计算机化的系统来完成与药物质量控制相关的部分或全部过程。
In order to simplify the guideline, the present core document contains a general
introduction and general requirements for different types of computerised systems.
This core document is supplemented with system-related annexes containing
additional requirements and/or practical examples of validation documentation,
which are to be used in combination with the general requirements given here.
为了简化指导方针,本核心文件包含了对不同类型的计算机化系统的一般介绍
和一般要求。本核心文件补充了与系统有关的附件,其中包含额外的需求和/或
验证文档的实际示例,这些文档将与这里给出的一般需求结合使用。
3. DEFINITIONS 定义
第 3 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
Computerised system: A broad range of systems including, but not limited to,
automated laboratory equipment, laboratory information management, and
document management systems. The computerised system consists of the hardware,
software, and network components, together with the controlled functions and
associated documentation.
计算机化系统:广泛的系统包括但不限于自动化实验室设备、实验室信息管理
和文档管理系统。计算机化系统包括硬件、软件和网络组件,以及控制功能和
相关文档。
User Requirement Specifications (URS): describes what the system should do.
The user requirements contain scientific, business, legal, regulatory, safety,
performance and quality aspects of the future system. The user requirements serve
as the basis for the Performance Qualification (PQ).
用户需求规范(URS):描述系统应该做什么。用户需求包含了将来系统的科
学、商业、法律、法规、安全性、性能和质量方面。用户需求作为性能确认
(PQ)的基础。
Black Box: a black box in this guideline is a system whose inner working is unknown.
黑盒:这个指南中的一个黑盒子是一个系统,它的内部工作是未知的。
第 4 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
第 5 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
表 1: 计算机化系统的分类(基于参考文献 6)
定义 举例 活动
计算器,显微镜,照相机,摄像机,标准办
公电脑,微波炉等。
无校准功能
操作系统 (例如 windows 系统,linux 系
豁免系统 无
统,Unix 系统),网络软件,安全软件 (例如
框架/分层软件 杀毒软件,防火墙), office 办公软件 (例
如 Word, Excel), 数据库软件(例如:
Oracle, SQL, Access), 等.
第 6 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
For equipment software, this information can be recorded in the equipment logbook.
对于设备软件,这些信息可以记录在设备日志中。
b) Validation 验证
Prior to routine use, the computerised system shall be validated.
在常规使用前,计算机化系统应该验证。
第 7 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
The extent of validation will depend on the complexity and intended use of the
computerised system being validated. The validation effort can be scaled and
adapted to the type of system justified by documented risk assessment. The
categories mentioned in this guideline (see table I in Section 3) can be used in
OMCLs for risk assessment。
验证的程度将取决于被验证的计算机化系统的复杂性和预期用途。可以对验证
工作进行扩展,并根据文档化的风险评估来调整系统的类型。本准则中提到的
类别(见第 3 节表 1)可用于 OMCLs 进行风险评估。
URS, validation plans, test and release can also be performed on a rolling basis,
if an iterative process (agile software development) is used.
如果使用迭代过程(敏捷软件开发),则可以在滚动的基础上执行验证计划、
测试和发布。
The plan includes the date, the responsible person and the acceptance criteria for
each review or test, or at least a reference to these tests.
该计划包括日期,负责人和验收标准,每一次审查或测试,或至少是对这些测
试的参考。
第 8 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
(2) Manual calculation of computerised system calculation data (see Annex 1);
and/or
计算机化系统计算数据的手工计算(见附件 1);和/或
(3) Using a second, independent computerised system tool to review correctness
of calculations and/or analytical results;
使用第二个独立的计算机化系统工具审查计算和/或分析结果的正确性;
and/or 和/或
For the validation of a computerised system that does not belong to the OMCL (e.g. a
computerised system from the Agency/Authority), a simplified validation (e.g.: a
Function Control Test) can be performed by the OMCL, taking into consideration
the specific functionalities for the OMCL, to check compliance with the ISO 17025
requirements and the OMCL guidelines.
为了验证不属于 OMCL 的计算机化系统(例如机构/管理局的计算机化系统),
OMCL 可以执行简化的验证(例如:控制功能测试),同时考虑到 OMCL 的具体功
能,以检查符合 ISO 17025 要求和 OMCL 指南的情况。
第 9 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
For analytical instruments where the raw data cannot be modified by the user
(e.g. stand-alone balance, pH meter) instrument calibration is considered as sufficient
to demonstrate the system is fit for purpose.
对于用户无法修改原始数据的分析仪器(例如,独立天平、pH 计),仪器校准被
认为足以证明该系统适合于使用。
CombiStats templates and data sheets shall be protected from accidental mistakes and
editing. Four different levels of protection are available (each one with or without
the use of a password). The User Manual can be used by the OMCL for further
details, and to choose the strategy, depending on the internal policy and decision.
CombiStats 模板和数据表应防止意外错误和编辑。有四种不同级别的保护(每个
级别都有或不使用密码)。OMCL 可以使用“用户手册”获得更多细节,并根据
内部政策和决定选择策略。
第 10 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
Validation of complex computerised systems begins with the definition of the User
Requirements Specification (URS), which will serve as a basis for the validation
requirements. A validation plan is needed, based on risk assessment, describing the
different validation activities planned for the system, and the responsibilities of the
different persons involved in the validation process. Then test protocols for IQ, OQ
and PQ shall be prepared taking into consideration the user requirements and the
acceptance criteria. Test protocols or checklists provided by the supplier can be used
for IQ and OQ, when available. The process is finalised after the issuing of the
various test reports and a final validation report with the statement that the
computerised system is suitable for the intended use. If deviations are identified
during validation, they must be addressed and the impact on the adequate
functioning of the system shall be evaluated.
复杂的计算机化系统的验证始于用户需求规范(URS)的定义,它将作为验证要求
的基础。需要在风险评估的基础上制定一项验证计划,说明为系统规划的不同
验证活动,以及参与验证过程的不同人员的责任。然后,应考虑到用户要求和
验收标准,制定 IQ、OQ 和 PQ 确认方案。供应商提供的测试方案或清单可以用
于 IQ 和 OQ(当可用时)。在发出各种测试报告和最后确认报告后,该程序即告
完成,并说明该计算机化系统适合于预期用途。如果在验证过程中发现了偏差,
则必须处理这些偏差,并评估对系统充分运作的影响。
In the case of a computerised system for analytical procedures such as an assay, the
software is an integrated part of the test procedure. The respective SOP should
include or make reference to the sample, the reference standard, reagent preparations,
use of apparatus and its computerised system as a unit, generation of calibration
curve by means of a computerised system tool, use of calculation formulas, etc.
在分析程序的计算机化系统中,如分析程序,软件是测试过程的一个完整的部
分。相应的 SOP 应包括或参考样品、参考标准、试剂配制、仪器及其计算机化
系统作为一个单元的使用、利用计算机化系统工具生成校准曲线、使用计算公
式等。
Examples of validation of complex systems are given for Excel spreadsheets (see
Annex 1) and LIMS/ELN/ERP/CDS (see Annex 2).
Excel 电子表格(见附件 1)和 LIMS/ELN/ERP/CDS(见附件 2)给出了复杂系统的验
证实例。
A record of the issues identified by the users and the actions taken should be kept.
应保存用户查明的问题和采取的行动的记录。
In the event of changes in the computerised system, including version updates, these
should ideally be done first in a test environment after which the validation status
第 11 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
The extent of the revalidation will depend on assessment of the change(s), which
shall be documented. One possible approach could be the use of logbooks as it is done
for equipment, and/or using a documented change control procedure.
重新确认的范围将取决于对变更的评估,并应记录在案。一种可能的方法可以
是使用日志,就像对设备使用日志一样,和/或使用记录在案的更改控制程序。
The OMCL should endorse a policy to check the computerised system periodically,
to avoid any error and guarantee the maintained validated status of the system.
The frequency of the reviews should be defined on a risk-based approach.
OMCL 应批准一项定期检查计算机化系统的政策,以避免任何错误,并保证系
统保持有效状态。应根据基于风险的方法确定审查的频率。
Computerised systems must be protected against any intrusion that could change the
data and affect the final results.
计算机化的系统必须受到保护,以防任何的入侵,这可能改变数据并影响最终
结果。
Server rooms should have restricted access and have the conditions necessary to
ensure the correct functioning of equipment (control of temperature, firefighting
measures, Uninterruptible Power Supply - UPS, etc.).
服务器机房应受到限制进入,并具备确保设备正确运行所必需的条件(温度控制、
消防措施、不间断电源-UPS 等)。
第 12 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
Computers should be locked after use and the users should not be allowed to change
date and time settings.
计算机应该在使用后被锁定,用户不应该被允许更改日期和时间设置。
The hardware used must fulfil the technical requirements so that the work to be
completed can be carried out. Such requirements include e.g. minimum system
requirements indicated by the manufacturer of the equipment. These requirements
should be predefined in accordance with the intended use.
所使用的硬件必须满足技术要求,以便完成工作。这些要求包括设备制造商所
指出的最低系统要求。这些需求应该按照预期的使用进行预定义。
The hardware components must be installed by skilled personnel (e.g. staff from
the Information Technology (IT) Unit, a technician from the manufacturer of the
equipment, or other trained personnel), and must be checked for their functionality
and compared with the requirements.
硬件组件必须由技术人员(如信息技术(IT)部门的工作人员、设备制造商的
技术人员或其他受过培训的人员)安装,并且必须检查其功能,并与需求进行
比较。
第 13 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
The computerised system should keep a record of any critical actions that occur, for
example who has accessed it and when, any deletion or change of data, etc. If a
computerised system does not automatically record an audit trail, an alternative
record shall be kept by the OMCL.
计算机化系统应该记录任何发生的关键动作,例如谁访问过它,什么时候,任
何删除或更改数据等等。如果一个计算机化的系统不能自动记录审计跟踪,那
么另一个可供替代的记录将由 OMCL 保持。
Users shall not be allowed to amend or switch off the audit trails or alternative
means of providing traceability of user actions.
不允许用户修改或关闭审计跟踪或提供用户行为可跟踪性的替代方法。
The need for the implementation of appropriate audit trail functionality should be
considered for all new computerised systems. Where an existing computerised system
lacks computer-generated audit trails, personnel shall use alternative means such as
procedurally controlled use of logbooks, change control, record version control or
other combinations of paper and electronic records to meet the requirement for
traceability to document the what, who, when and why of an action.
对于所有新的计算机化系统,应该考虑实现适当的审计跟踪功能。在现有的计
算机化系统缺乏计算机生成的审计跟踪,人员应当使用替代方法等过程控制使用
日志,变更控制,记录版本控制或其他组合的纸张和电子记录符合要求的可追溯性
记录,做了什么,谁,时间和为什么行动。
If electronic signatures are used, a statement about the equivalence of the electronic
signature to the handwritten signature or similar legal statement must be available.
如果使用电子签名,必须提供关于电子签名与手写签名或类似法律声明的等效
性的声明。
i) Backup 备份
Traceability must be ensured from raw data to test results. If all or part of the
traceability of parameters relevant for the quality of the results is available only
in electronic form, a backup process must be implemented to allow for recovery
of the system following any failure which compromises its integrity. Backup
frequency depends on data criticality, amount of stored data and frequency of data
generation.
第 14 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
可追溯性必须从原始数据到测试结果。如果所有或部分与结果质量相关的参数
的可追溯性仅以电子形式保存,则必须实现备份过程,以便在任何损害其完整
性的失败之后恢复系统。备份频率取决于数据的临界程度、存储的数据量和数
据生成的频率。
A procedure for regular testing of backup data (restore test), to verify the proper
integrity, readability of the electronic record and accuracy of data, should also be in
place. This restore test can be integrated into the periodic review of the system.
定期测试备份数据(恢复测试)、验证电子记录的完整性、易读性和数据准确
性的程序也应该到位。这个恢复测试可以集成到系统的定期检查中。
k) Training 培训
Correct use and validation of the computerised system shall be ensured. This can be
done either by appropriate and documented training or through detailed
information in the relevant SOPs or context related information in the software.
对计算机化系统的正确使用和验证应予以保证。这可以通过适当的和有记录的
培训,或者通过软件中相关的 SOPs 或上下文相关信息的详细信息来完成。
Training shall be performed before first use and after every major change in
the software(e.g. version upgrade). The persons responsible for the validation shall
have training on the validation process.
培训应在首次使用前进行,并在软件的每次重大更改之后进行(例如:版本升
级)。负责验证的人员应当对验证过程进行培训。
第 15 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
l) Documentation 文件
第 16 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
表2: 计算机化系统文件
可被使用的信息/文件 豁免系统 简单系统 复杂系统
清单,名称,版本,计算机化系统的唯一标识 X X X
原始文件 (CD-ROM…) 或 者 计 算 机 化 系 统 安 装 的 存 储 位 置 , 计算
X X
机化系统的计算机环境管理
计算机化的系统投入运行的日期 X X
负责计算机化系统的负责人 X X
在适用的情况下,制造商的名称、许可证号码和序列号或其他唯一标识 X X
在适用的条件下,计算机化系统运行的条件
X X
(硬件、操作系统、…)
如果有的话,制造商的验证证书 X X
制造商的说明,如果有的话,或者参考他们的位置 X X
关于用户执行的配置/修改的验证文档,这些文档可以影响结果 X
开发和验证计算机化系统的人的名字,以及验证日期 X
源代码(如果可用) (X)
操作指导(SOP) X X
关于计算机化系统定期审查和审计结果的文件 X
关于计算机化系统验证的文档 X
对失败的跟踪、过程的维护、变更、更新的版本,以及适当的配置管理 X X
培训记录(取决于系统的复杂性) (X) X
备份数据的常规测试记录(恢复测试) X X
[3] EU Guidelines to Good Manufacturing Practice (GMP). Annex 11. Computerized Systems.
[4] OECD Series on Principles of Good Laboratory Practices and Compliance Monitoring.
Number
17. The Application of the Principles of GLP to Computerized Systems. Environment
Monograph no. 13 (2016).
[5] U.S. Food and Drug Agency (FDA) General Principles of Computerized system
Validation; FDA Glossary of computerized system and computerized system development
terminology.
第 17 页/共 18 页
PA/PH/OMCL (08) 69 R7 – 计算机化系统验证 –核心文件
[7] D. J. Finney - “Statistical Method in Biological Assay”, 3rd Edition, Griffin, London (1978). [8]
WHO TRS 996 Annex 5 - Guidance on good data and record management practices (2016).
译者注:
1、本文件适用于检验室的计算机化系统。例如对于计算机化系统的分类,有点
粗糙,不应扩大其适用范围。
2、本文件在计算机化系统验证的深度和广度方面,都比较简单,希望读者认清,
而不应当做验证的全部内容。
翻译:重庆求败
不足之处敬请谅解,如有意见和建议,请提交到:计算机化系统验证群二 QQ
群号 569962302。
第 18 页/共 18 页