1. Project scoping & planning
Define intended use, system boundaries, and GxP impact. Establish the Validation Master Plan ( VMP ) and align stakeholders on validation scope.
CSV for GxP
Computer System Validation Lifecycle ( GAMP5 Step-by-Step)
The CSV lifecycle follows a risk-based path, ensuring requirements are defined, tested, and maintained throughout the system’s life. Each phase produces evidence that supports inspection readiness.
2. Risk assessment
Perform a formal risk assessment to determine which functions need the most rigorous testing. GAMP5 emphasizes focusing effort on high-risk areas tied to product quality and patient safety.
3. User Requirements Specification ( URS )
Capture what the system must do in business terms. URS drives design decisions and becomes the backbone of traceability testing.
4. Functional & Design Specifications ( FS / DS )
Translate requirements into technical details. Functional specifications describe how requirements are met; design specifications document architecture and configuration decisions.
5. Configuration or build
Configure or build the system according to the approved specifications. Vendor documentation and configuration settings are captured for evidence.
6. Installation Qualification ( IQ )
Verify the system is installed correctly in the target environment, including hardware, software versions, and infrastructure prerequisites.
7. Operational Qualification ( OQ )
Test functional requirements, security, and error handling under controlled conditions. OQ proves the system performs as designed.
8. Performance Qualification ( PQ )
Simulate real-world workflows to confirm the system performs reliably in production-like scenarios. PQ often includes user acceptance testing.
9. Traceability & validation report
Maintain a Requirements Traceability Matrix ( RTM ) to ensure every requirement is tested. Summarize results in a Validation Report and secure approvals before go-live.
10. Change control & periodic review
Maintain the validated state with formal change control and periodic review. Evaluate system changes, audit trails, and performance metrics to confirm continued compliance.
Need support executing the lifecycle?
We provide validation plans, protocols, and execution support to keep CSV evidence aligned with regulatory expectations. Explore the documentation deliverables that correspond to each phase.