Implementing change in a validated system is a crucial time for ensuring it remains controlled. As a result, it is essential that change management is carefully planned and implemented.
This is particularly important for compliance reasons, not least because a carefully planned and documented change management process demonstrates to regulators that validated systems remain in a controlled and validated state after the changes take effect.
Categorising the Planned Change
Not all changes in validated systems are the same. For example, changes can be minor, or they can be complex and far-reaching.
In manufacturing environments, you can normally categorise the changes being requested in three ways. By doing this, you can assess the resources you will need to successfully implement the change and ensure your processes and systems remain validated.
The three main categories of change in a change management process are:
- Minor – minor changes require minimal testing to ensure re-validation. You can normally limit this testing to the specific element that is the main subject of the change.
- Major – major changes require more wide-ranging re-validation efforts. This often means testing and re-validating areas that are both directly and indirectly impacted by the change.
- Critical – critical changes typically involve re-validating the whole system. These are the most resource intensive and high-risk change management processes.
Do You Always Need to Re-Validate When a Change is Made?
Typically, yes, particularly in manufacturing environments that are heavily regulated such as in pharmaceuticals manufacturing and medical device manufacturing.
The question is more about the scale of the re-validation effort that is required. In other words, is the change small and likely to have a minor impact? If so, minimal testing is required. For more substantial changes, however, further re-validation work up to full re-validation may be required.
Change Management Steps to Ensure Systems Remain Controlled and Validated
Step 1 – Assess the Change Request
This includes assessing whether the change request is clear and whether the requirements and objectives of the change are well-defined. It’s also important to assess whether the change request is justified, i.e. is it worth doing given the impact it could have on the already validated system.
Step 2 – Assess the Impact
You then need to assess the impact the change is likely to have on the controlled system. Often this involves conducting a risk assessment. A risk assessment will help to identify the parts of the system that require re-validation and new testing.
Step 3 – Document the Expected Outcomes
The risk assessment and analysis of the impact of the change will produce a set of expected outcomes. You should document these outcomes as part of the change management process.
Step 4 – Implement the Change in a Safe Environment
This could be a sandbox environment on a computer system, for example. If the change is being made to a manufacturing process, machine, or piece of equipment, the safe environment could be a digital twin. The safe environment could also be on a physical machine or manufacturing process while production is shut down.
Step 5 – Testing
Test the changes you have made and their impact on the system in the safe environment. This testing should be measured against the expected outcomes documented earlier. The results of the tests should be also be documented.
Step 6 – Implement the Changes in the Live Environment
Once you are happy with the results of testing in the safe environment, you can move to implementation in the live environment.
Step 7 – Testing and Re-Validation
Further testing and re-validation should take place with full records kept of all tests and test results.
Step 8 – Update Validation Documentation
The change you have implemented is likely to have made the existing validation documents out-of-date. You need to update these documents with the new information, specifications, processes, etc.
Step 9 – Train Users
Finally, it may be important to re-train users on how the changes implemented will affect them.
The Change Management Process
Ensuring your systems are validated during periods of change, however minor the change, requires careful planning and proper change management. This ensures ongoing regulatory compliance and makes the overall process more efficient.