ISO 13485 software validation process: everything you need to know
26 October 2017

When you're implementing an electronic medical device quality management system, your ISO 13485 software validation process is of the utmost importance. You'll need to ensure that your system is working, continues to work as expected and meets the requirements of ISO 13485.
There are no shortcuts in this process. However, we provide a structured approach that will help you demonstrate compliance to regulations and standards such as ISO 13485 before, during and long after you've implemented quality management software.
What is software validation?
Businesses must carefully consider the impact of introducing new software applications, particularly where the solution is mission-critical or where the company needs to demonstrate compliance with regulations and standards.
Once the software is installed it must be checked periodically to make sure that it's correctly configured and working as it should. This is called software validation.
When is it necessary to validate quality management software?
Quality management software must be validated when a computer system is used in a good practice (GxP) process to revise the quality of a product or to generate information for regulatory bodies. Validating the software helps reduce risk and legal liability, and provides evidence that the computer system is fit for purpose.
Requirements for ISO 13485:2016 validation
In the latest version of ISO 13485, the standard has more explicit requirements for software validation. The standard specifies that any business wanting to achieve certification must:
- Develop procedures to validate and revalidate your quality management system software
- Develop an approach that is proportionate to the risk being taken
- Use procedures to validate and revalidate other software applications
- Validate computer software applications for their intended use
- Validate software whenever its intended use changes
- Maintain a record of your software validation and revalidation activities
What does a software validation process look like?
First, you need to adopt an approach which is proportionate to the level of risk that you're taking by using your electronic quality management system. Here's an example of a software validation process:
- Understand the operational requirement
- Produce a specification of the requirements
- Choose a trusted supplier
- Verify the software's capabilities
- Validate the implemented system
- Use formal change control, including revalidation
- Resolve any non-conformities and deviations
Validation test plans
To validate your quality management system software, you'll need to put together a validation test plan. This is a document detailing the objectives, process required, description of the process, expected result, actual result and any comments or observations.
How Ideagen can help with the validation
Ideagen will help you meet the ISO 13485 software validation requirements. We make sure that the validation process progresses smoothly and quickly by lessening the impact of many of the most time and resource-consuming tasks. Ideagen also provides you with templates and support throughout the validation test planning process.
We offer:
- System specification requirements (before you buy the system)
- Operational Qualification (OQ), Performance Qualification (PQ) and Installation Qualification (IQ) documentation
- Validation test scripts
- Validation test plans
- Validation templates
- Software verification
- System change control and validation
- Problem resolution process and tracking
Find out more about how our software can support you with ISO 13485 software validation here.
Related blog posts
Here are some more blog posts that you might be interested in.
7 Questions Answered on ISO 13485: 2016 validation requirements

With ISO 13485:2016 now published, many of our medical device customers are experiencing some uncertainty about the impact one of the key changes may have on their business: computer software validation now a requirement for ISO 13485.
So...
Continue readingISO 13485:2016 7.3: Medical device design controls and why they’re important

Medical device design controls are a set of policies and practices intended to ensure consistent translation of input requirements into a physical product that meets those requirements.
Good design controls are important to: