Book Reviews

Book Review - Computer Validation: A Common Sense Guide

Computer Validation:A Common Sense Guide

by Teri Stokes, Ph.D.

With the title “Computer Validation, A Common Sense Guide” my first thought was this book had to be a challenge to write, especially if the content lived up to the promise. While the requirement for Computer Validation has existed for the industry more than 25 years, in practice it is still often seen as a subjective and challenging activity – the intent of the book is to provide a practical approach for the process.

The main topics of this book of over 340 pages include a history of the regulations, explanations of the numerous roles and their responsibilities and required activities for successful outcomes, a large number of example documents, and principles and guidance from an author who has more than 20 years experience.

It begins by providing a clear and insightful summary of the regulations and guidance that have shaped CV practices. Every major influence on current practice is covered, from FDA’s Blue Book guidance in 1983 to the very recent reissue of EU GMP Guide Annex 11 in 2011. The aims and expectations of regulatory authorities are well summarised into common themes and the first chapter ends with a useful summary of principles that bring sharp clarity to the common intent of regulators worldwide.

Several chapters are devoted to explaining the roles required for successful computer validation. The first role is that of managers and expectations for sponsorship and active engagement with the projects are described. The book gets across the key message that validation is a process that must be strongly supported by management, from the identification of a need for a system through to its archival when the system is replaced or redundant. The guidance to management rightly conveys that computer validation cannot be achieved by a single person as a one-time activity; it is a lifecycle activity that must be supported by the organisation throughout the life of the system.

The book describes the typical validation activities from identifying the team, development of requirements for the system, dealing with suppliers including auditing of practices, testing, managing the infrastructure requirements and completing the validation package. Useful guidance is given on building reusable packages that can be repeated for installations of similar systems. As the activities are described, detailed roles and responsibilities are identified for the activities. Some of these are too fragmented, e.g. seven roles are identified for formal testing and this granularity could confuse less experienced readers – who appeared to be the key target audience. Another example is the testing role of “Witness” whose responsibility is focused on ensuring test materials are prepared and collected properly rather than actually witnessing any activity – this and the follow-on impact of so many role acronyms in the example documents is a bit confusing. To its credit the book mentions that people can perform multiple roles and these can be combined or split to fit the size and scope of the system.

There is a logical flow and value to the real life examples provided throughout the book and readers of all skill levels should find useful bits to apply to their own projects. There are some odd suggestions such as printing different parts of the document set on different colour paper and keeping documentation in envelopes. It took several encounters with the term “Test Envelope” for me to realise the author was describing the retention of documents in an envelope rather than introducing some testing standard or concept.

A disappointment is that the book provides very little in the way of risk management guidance to focus validation activities. Every practitioner struggles with the areas of focus, level of detail in which the effort should be conducted and how to vary the intensity of specifications, testing and other controls. Given the revision of Annex 11 in 2011, with its expectation for the extent of validation and data integrity controls to be based on a risk assessment, I had expected guidance on varying the approach to match the level of risk. However, the coverage of risk analysis is limited to example forms with yes/no questions to determine if validation is required. Simple advice on where and how to focus computer validation on the functionality most critical to patient safety would have been a valuable addition.

In conclusion, this is a worthwhile book that conveys a lot of practical experience and guidance for anyone involved in computer validation. Overall, the book delivers on its title as a common sense guide.

Reviewed by Ellis Daw, Director of Quality Applications Shared Service at GlaxoSmithKine, Research Triangle Park, NC, U.S.A.

Published by Biopharm-Guides (

ISBN: 933722-54-1. 36 pages.   Price $22.