Learnaboutgmp Community

Part 11 testing how much is required

Happy new year to everyone,

Basically I have an application that contains somewhere close to 50 different tables in the schema, close to 30 of these tables can be updated or modified to some extent.

My question is do I need to create Part11 tests to ensure that each table is working correctly

ie.

When a change is made the Audit Trail is updated
When something is deleted is the Audit Trail is updated
When data is inserted the Audit Trail is updated.
etc etc

So for example if I have maybe 10-15 tests for each table does that mean
for 30 tables i will have

10-15 tests X 30

This is alot of testing is there anyway to minimise this.

Thank you,

Chandra

Hi Chandra

First of all this is avery good question and quite a complxed one too.
From my experience to date there should be no requirement to test every table that can be modified throughout the application. For example let’s say we are dealing with an application like LIMS or SAP with 100’s of different tables in the schema all in a relational design. Is it possible to test for modify-delete-update-audit trail for each table, the answer is yes.

Is this realistic, no. If you were to test every single table then the protocol would be enourmous, you would have to get alot of input from the developers of the system which again is not practical from a validation perspective.

So how do you validate such a system, in my opinion a team would be assembled that know how the system works, super users. All of the various processes should be mapped and the the most critical ones should be tested in this way. Say for example there is a sign-off after a critical piece of quality data has been entered then the tables associated with this should be tested for Audit Trails etc.

The point I am trying to make is that the system must be analysed by people that know the system in order to come to a proposal as to how the system should be validated.

This can be detailed in the risk asssessment or possibly the OQ detailing the rational as to why this approach was taken.
As long as the approach is documented then a reasonable Auditor should have no issue with it.

Regards