R-019-001 Software validation report_Atlassian_2023
Scope
The aim is to gather additional requirements and configuration specifications not encompassed within the application, together with their respective validations. This ensures adherence to both our internal requirements and those imposed by regulatory bodies. This involves detailing specifications and criteria which are external to the application but fundamental for ensuring our outputs align with all requisite standards and regulations.
Software description
Name
Atlassian
Manufacturer
Atlassian corporation (Atlassian Pty Ltd and Atlassian US, Inc.)
Intended use
We selected Atlassian to have a controlled system to be used:
- As Design History File (DHF), to contain all the records required during the manufacturing process
- To register and follow up all the non-conformity and corrective and preventive actions (NC & CAPAs).
Risk-based analysis
Design History File (DHF)
Atlassian is also used as a DHF to register, monitor, review and approve all the software as medical device life cycle information required by the applicable regulations. Failure of the release feature of the application configuration would result in a quality problem that foreseeably compromises safety. As such, we have determined that this function pose a high process risk.
Non-conformities and corrective and preventive actions (NC & CAPAs)
Failure of the NC & CAPAs application to perform as intended may delay the follow up of the NC & CAPAs, but would not result in a quality problem that foreseeably compromises safety, as twe have additional processes in place for containment of non-conforming product. As such, we have determined the initiation operations did not pose a high process risk.
Requirements and design specification
Design History File (DHF)
- Requirement 01: Users sign the documentation according to their role and in compliance with the 21 CFR part 11.
- Requirement 02: When the users log in to the DHF they can check the identification of the product and the
T-012-005 Design change controlrecord. - Requirement 03: Users can register the requirements, activities, tests, and version releases on their corresponding section.
- Requirement 04: Users provide the information specified at the
GP-012 Design, redesign and developmentprocedure.
Non-conformities and corrective and preventive actions (NC & CAPAs)
- Requirement 01: Users sign the documentation according to their role and in compliance with the 21 CFR part 11.
- Requirement 02: User can identify the status of the non-conformities according to
GP-006 Non-conformities. Corrective and preventive actions:- Reception
- CAPAs
- Efficacy verification
- Impact verification
- Solved
- Requirement 03: User is able to transfer the NC status as follows:
- Reception to Solved
- Reception to CAPAs
- CAPAs to Efficacy verification
- Efficacy verification to Impact verification
- Impact verification to Solved
- Efficacy verification to CAPAs
- Requirement 04: User provide the information specified at the
GP-006 Non-conformities. Corrective and preventive actions.
Assurance activities and test plan
In addition to the tests and checks designed to ensure the configuration complies with the establised requirements, we have performed an assessment of the system capability (see R-002-007 Process validation card 2023_003) and a supplier evaluation (see R-010-001 Suppliers evaluation), being considered the only tool providing, in the same ecosystem, a task manger, a knowledgebase and a git code repository. This makes it perfect to manage all the process mentioned: QMS, DHF and NC & CAPAs applications.
Design History File (DHF)
| ID | Test description | Acceptance criteria | Requirement tested |
|---|---|---|---|
| Test 01 | Verification of the electronic signature | Signature comply with the regulatory requirements | Requirement 01 |
| Test 02 | Verification that the users can provide all the information required at the GP-012 Design, redesign and development | Templates are correct | DHF Requirement 03, Requirement 04 |
| Test 03 | User validation: to perform a simulation of the performance of the DHF configuration | Satisfactory simulation without errors | DHF Requirement 02, Requirement 03, Requirement 04 |
Non-conformities and corrective and preventive actions (NC & CAPAs)
| ID | Test description | Acceptance criteria | Requirement tested |
|---|---|---|---|
| Test 01 | Verification of the electronic signature | Signature comply with the regulatory requirements | Requirement 01 |
| Test 02 | Verification that the users can provide all the information required at the GP-006 Non-conformities. Corrective and preventive actions | Template is correct | NC Requirement 04 |
| Test 03 | Verification of the different status for the NC and the flow is properly established | Flow defined properly | NC Requirement 02, Requirement 03 |
Test Results and deviations detected
Design History File (DHF)
Test 01
- Result: Pass
- Deviation: No deviations found
Test 02
- Result: Pass
- Deviation: No deviations found
Test 03
- Result: Pass. The simulation performed worked as expected.
- Deviation: No deviations found
Non-conformities and corrective and preventive actions (NC & CAPAs)
Test 01
- Result: Pass
- Deviation: No deviations found
Test 02
- Result: Pass
- Deviation: No deviations found
Test 03
- Result: Pass
- Deviation: No deviations found
Non-conformities status
Non-conformities flow
Design review
| Result | |
|---|---|
| Have the appropriate tasks and expected results, outputs, or products been established for each software life cycle activity? | TRUE |
| Do the tasks and expected results, outputs, or products of each software life cycle activity: | |
| Comply with the requirements of other software life cycle activities in terms of correctness, completeness, consistency, and accuracy? | TRUE |
| Satisfy the standards, practices, and conventions of that activity? | TRUE |
| Establish a proper basis for initiating tasks for the next software life cycle activity? | TRUE |
Conclusion
Design History File (DHF)
Non-conformities and corrective and preventive actions (NC & CAPAs)
No errors were observed in the fields destined for filling the required information. Incorrectly inputting text into the fields is immediately visible and does not impact the risk of the intended use.
In addition, some fields are mandatory for the user to fill in, to avoid lost of required information, and other fields have predefined choices to ensure the proper information is completed.
Signature meaning
The signatures for the approval process of this document can be found in the verified commits at the repository for the QMS. As a reference, the team members who are expected to participate in this document and their roles in the approval process, as defined in Annex I Responsibility Matrix of the GP-001, are:
- Author: Team members involved
- Reviewer: JD-003, JD-004
- Approver: JD-001