GAMP® 5 defines a set of fairly typical roles in validation.
While there’s nothing that requires this structure or these titles, it’s helpful to see the breadth of involvement in validation:
The main roles and responsibilities include:
- Process Owner
- System Owner
- Subject Matter Experts
- Quality Unit
- Supplier
- End User
Process Owner
They are ultimately responsible for the business process and compliance aspect and they are usually the head of the functional unit or department using that system.
They are also responsible for ensuring that the computerized system and its operation is in compliance and fit for intended use in accordance with applicable Standard Operating Procedures (SOPs) throughout its life cycle.
Responsibility for control of system access should be agreed between the process and system owner.
Ownership of the data held on a system should be defined and typically belongs to the process owner.
Specific activities may include:
- Approval of key documentation as defined by plans and SOPs
- Providing adequate resources (personnel including SMEs, and financial resources) to support development and operation of the system
- Ensuring adequate training for end users
- Ensuring that SOPs required for operation of the system exist, are followed, and are reviewed periodically
- Ensuring changes are approved and managed
- Reviewing assessment / audit reports, responding to findings, and taking appropriate actions to ensure GxP compliance
- Coordinating input from other groups (e.g., finance, information security, safety, legal etc)