If you are certified according to DIN EN ISO 13485, or if that's your goal, you've probably come across tool validation before. Perhaps this article can help you and shed some light on the subject.
Why do we need tool validation?
The main reason, and probably also the reason you came across this article, are chapters 4.1.6, 4.2.5, and 7.6 of DIN EN ISO 13485. These require that computer software applications be validated as part of the quality management system. The focus here is on computer software used to monitor and measure requirements. However, not all tools need to be validated. The need is especially true for tools that influence processes, occupational safety, or product safety. It is also important to consider the probability of detecting a tool error.
This is referred to as a risk-based approach. The greater the impact of a tool on the aforementioned aspects and the lower the probability of detecting an error, the more detailed the validation will be. For example, a process description can specify which documents need to be created depending on the tool's criticality and area of application.
Important terms for tool validation
The following terms are the most important parameters for tool validation and for determining the validation scope. These metrics are used to determine the tool's impact (TI), the error detection probability (TD), and the resulting tool confidence level (TCL). The following procedure serves as an example and is a streamlined way to determine the scope of tool validation and to be able to reproduce it later during the audit.
Tool Impact (TI)
The Tool Impact describes the influence of the tool on the safety of the product/work safety/processes and can be divided into TI-0 (Tool has no impact on security) and TI-1 (Tool may endanger the safety of the product/work safety/processes).
No matter which level the tool is classified into, there should always be a brief explanation for this.
Tool Error Detection (TD)
Tool Error Detection is used to estimate the probability of detecting a tool error. Tool Error Detection can be set to three levels. These can be TD-0 (high probability of detection), TD-1 (Tool error is probably detected) and TD-2 (Tool error is probably not detected).
Here, too, a brief justification for the classification is necessary.
Tool Confidence Level (TCL)
The tool confidence level is derived from the TI and TD points described above. Using the following matrix, you can assign the tool to the appropriate confidence level. It allows for a quick determination based on the previously made assessments.
Using the Tool Confidence Level determined above, the resulting follow-up activities can be derived from the next matrix depending on the classification. The table shows examples of other documents that can/must be created as part of a tool validation. It is clear that with higher TCLs, the scope of necessary activities also increases. This once again reflects the risk-based approach to tool validation.
Different validation scope depending on TCL
Our recommendation is to always create a validation plan and report for all tools to be validated!
The validation plan first provides basic information about the tool, its intended use, and, for example, a justification for selecting it. The factors TI, TD, and TCL should then be classified so that the necessary validation scope can be determined.
The validation report shows the result of the validation as well as the planning of possible follow-up activities (e.g. revalidation or similar).
At a higher TCL (in our case, starting at TCL-1), the tool poses greater risks, and validation therefore requires more detailed design. Depending on the classification within the company, the validation plan and report are then supplemented by a test specification and report. Here, various test cases covering all the tool's requirements are defined and verified.
For an even higher TCL (here, TCL-2), additional documents are required. These include an installation qualification (describes the procedure for installing the tool) and an FMEA (failure mode and effects analysis, which identifies possible failures, their impact, and appropriate mitigations).
Do you have anymore questions?
Are you currently undergoing a tool validation and need support? MEDtech is at your side as your QM partner and will help you impress the audit with complete, standards-compliant documentation. Feel free to contact us!
Best regards,
Eva Maier