GLOBAL (QUALITY)

MANAGEMENT SYSTEM

COMPUTER
SOFTWARE(CS)LIFECYCLE
Global DTI
August 2023

FOR INTERNAL USE ONLY © Copyright

WE ALL OWN COMPLIANCE
 We will conduct business with integrity
and honesty in compliance with all laws,
company policy, and our values
 We are committed to produce products
and deliver services that are safe and
of the highest quality for our customers

Page 2
FMC’s Current Process Flow
 Observations 4

Category / Process Activities Current process Comment

Module
Business Process maps, process modeling and other documentation associated with the
Process Analysis analysis of current business processes

Requirements A requirements specification is a comprehensive description of the intended Referred in Step 3 of Process flow Availability of
Specification purpose and environment for software. It fully describes what the software will requirements
do and how it will be expected to perform. document seems to
be conditional

Vendor Risk A formal assessment of the Vendor and their total quality management system Reference of GBL-SOP-000027 for
Assessment to ensure their policy, procedures and practices are robust enough be compliant Supplier assessment
with organization regulatory and other standards.

Risk Assessment The objective of the risk assessment is to assess GxP and business priority, Step 5 depicts Patient Safety Risk assessment of
high/medium business requirements to determine the recommended testing Impact Assessment (PSI) requirements to be
based on risk performed to identify
the level and type of
testing

Business Impact Describes the business use and various business risks of a business application Operation Plan, Step
Assessment(BIA as well as the requested Disaster Recovery parameters: Recovery Time 12 covers Business
) Objective (RTO) and Recovery Point Objective (RPO), and/or the option to not Continuity process
have Disaster Recovery and accept that risk. however BIA process
has not been defined

FOR INTERNAL USE ONLY © Copyright

Compliance/ Describes the activities that must be performed to provide evidence that the The plan shall be
 Observations 5

Category / Process Activities Current process Comment

Module
Traceability The Traceability Matrix links the user and functional requirements, to their Traceability Matrix
Matrix corresponding design/configuration specifications, test scripts and production has not been referred
release.

Stage Gate Quality reviews executed at the end of the phase to provide independent To identify that all
Assessment perspective on the process adherence of software quality relevant activities
have been
performed and
documented

Design Describes functional and technical design and also are used to design software
Specification features

Test Setting up test environment Referred in Step 10 of process

Environment flow
Set up

Test Protocol This document describes the overall test strategy and test approach for project Test protocol or plan
document has not
been referred

Change Changes to the software as required Referred in Step 21 with reference

Management of Change Request Log GBL-
FORM-000032, Change control
Form (CCF) GBL-FORM-
000033
FOR INTERNAL USE ONLY © Copyright
 Observations 6

Category / Process Activities Current process Comment

Module
Operational Create Documentation (User Manual, Standard Operating Procedures (SOPs), Referred in Step 12 of process flow
Documents Work Instructions (WIs), Communications Plan, Back up plan, DR BCP )

Test Report Final report that summarizes the outcome of Test Protocol execution.

Hypercare This includes package assembled products, installation on production Reference of User guidance
Transition Plan environment, preparation of end user training material and knowledge transfer. document in Operational Plan
This will also include the preparation of the Operations Run Book (ORB) that
will be handed over to the Application Operations team once the system goes
live. This includes the Service Level Agreement (SLA) that has to be followed by
the Operations team

Production Setting up production environment Referred in Step 10 of process flow

Environment
Set up

Compliance Summarizes the compliance deliverables, the activities performed, documents CSA report
Summary deviations and provides an executive summary of the validation activities
Report carried out.

FOR INTERNAL USE ONLY © Copyright

 Observations 7

Category / Process Activities Current process Comment

Module
Periodic review Optional process activity: It is recommended to conduct periodic reviews of the Referred in Step 22 of process flow Periodic review
and revalidation validated software system to ensure ongoing compliance and effectiveness and frequency has been
to revalidate the software system if significant changes are made that could defined according to
impact its functionality or regulatory status PSI(direct and
indirect)

Configuration It is a summary of the features and contents for the software build, including Track and control
Control version; and contains general release information, installation instructions, an versions of software
Document itemized list of all the configured elements, and recovery instructions. to be released for the
system’s operational
environment.

Incident Manage Incidents, Manage Problems, Manage Service Requests, Manage Events Referred in operational activities .
Management Step C

Continual Service management Knowledge Repository Operation plan , step

Service 12 refers creation of
Improvement training documents,
user manual etc

Change Control A formal approved request or an order for the implementation of a change to Referred in Step 21 of process flow
the system which is usually submitted in a Change Management System. For
GxP projects, the use of an authorized Change Management System is
mandatory,
FOR INTERNAL USE ONLY © Copyright
 Observations 8

Category / Process Activities Current process Comment

Module
Retirement Plan The Retirement Plan describes the approach for retiring the application Retirement plan has
(decommissioning of the system) and specifies any additional deliverables to be not been referred
produced.

Retirement A required deliverable that documents and summarizes the results of the Referred in Step 23 of process flow
Report retirement activities as described in the Retirement Plan including deviations
from the Retirement Plan.

Compliance Identifies the compliance requirements for the software being delivered Reference of
Analysis Compliance Analysis
was not available

Access Security should be part of the core design and Segregation of Duties must be Referred in Step 16 of process flow
Management considered to ensure each individual has the appropriate access with reference of the User
Account Control Form (UACF) GBL-
FORM-000034

Defect Report Test script failures will be documented in the form of a defect report. GxP Reference of deviations to be
defects must be closed prior to implementing the application and/or applying documented in CSA report
the change into the production environment.

Signoffs and All validation project artifacts must be signed-off / approved Referred in process flow as
Approvals applicable

FOR INTERNAL USE ONLY © Copyright