ERP for regulated process industries: Distinguishing between verification and validation

In the course of setting ERP selection criteria, keep in mind the differences between verification and software validation.
By David Saunders August 22, 2017

When considering enterprise resource management (ERP) for regulated industries, in particular an ERP selection project for the pharmaceutical, medical device and biotech industries, the sector faces a complex environment of multiple regulatory agencies dictating process control.

Organizations within this highly regulatory sector heading into an ERP project are challenged to better grasp the relationships between regulatory compliance requirements and enterprise software systems.

To illustrate the regulatory challenges, noted here are just a few of the mandates ERP project teams must keep in mind:

  • cGMP – current Good Manufacturing Practices are a set of regulations established by the U.S. Food and Drug Administration (FDA) to help ensure that various products are safe and effective for human consumption and use.
  • GAMP5: Good Automated Manufacturing Practices is a set of guidelines for pharmaceutical manufacturers. They are designed to ensure that pharmaceutical products meet minimum quality standards.
  • FDA 21 CFR part 11 – This regulation establishes requirements for electronic records, electronic signatures and handwritten signatures executed to electronic records.
  • FDA 21 CFR 820 – This cGMP requires that a quality system is in place to ensure that medical devices meet or exceed quality requirements.
  • FDA 21 CFR 210-212 – These cGMP regulations affect the pharmaceutical and drug-related industry. CFR Part 210 deals with the manufacturing, processing and holding of drugs, while CFR Part 211 deals with finished pharmaceuticals. Part 212 focuses on radioactive drugs used in medical imaging equipment.

Verification vs. validation with ERP for regulated industries

When ERP consultants partner with heavily regulated companies such as pharmaceutical, medical device, and biotech, an important aspect of managing business risk is directly related to the organization’s enterprise systems going through a software validation process.

In these environments, a software validation:

  • Confirms that the system is compliant with all appropriate regulatory requirements
  • Ensures that the system operates in such a way that it meets user requirements in a consistent manner.

In the course of setting ERP selection criteria it is useful to keep in mind the differences between verification and software validation.

To that end, it is important to note the distinguishing characteristics of both verification and validation.

Verification – Are we building the product right?

When considering verification, here’s the key question to ask: Is the product being built properly?

  • Verification defined: Verification is defined as "the act of reviewing, inspecting or testing, in order to establish and document that a product, service or system meets regulatory or technical standards."
  • Verification objective: The objective of verification is to ensure that the product is being built according to the requirements and design specifications. In other words, to ensure that products, services, or systems meet their defined requirements.

Validation – Are we building the right product?

When considering validation, here’s the key question to ask: are we building the right product?

  • Validation defined: Software validation is the process of evaluating software during or at the end of the development process to determine whether it satisfies specified business requirements.
  • Validation objective: The objective is to ensure that the product meets the user’s needs, and that the specifications were correct in the first place.

David Saunders, Ultra Consultants. This article originally appeared on Ultra Consultant’s website. Ultra Consultants is a CFE Media content partner. Edited by Hannah Cox, content specialist, CFE Media, hcox@cfemedia.com.