ISO 13485 software validation process: everything you need to know

When you're implementing an electronic medical device quality management system, your ISO 13485 software validation process is of the utmost importance. You'll need to ensure that your system is working, continues to work as expected and meets the requirements of ISO 13485.

There are no shortcuts in this process. However, we provide a structured approach that will help you demonstrate compliance to regulations and standards such as ISO 13485 before, during and long after you've implemented quality management software.

What is software validation?

Businesses must carefully consider the impact of introducing new software applications, particularly where the solution is mission-critical or where the company needs to demonstrate compliance with regulations and standards.

Once the software is installed it must be checked periodically to make sure that it's correctly configured and working as it should. This is called software validation.

When is it necessary to validate quality management software?

Quality management software must be validated when a computer system is used in a good practice (GxP) process to revise the quality of a product or to generate information for regulatory bodies. Validating the software helps reduce risk and legal liability, and provides evidence that the computer system is fit for purpose.

Requirements for ISO 13485:2016 validation

In the latest version of ISO 13485, the standard has more explicit requirements for software validation. The standard specifies that any business wanting to achieve certification must:

• Develop procedures to validate and revalidate your quality management system software
• Develop an approach that is proportionate to the risk being taken
• Use procedures to validate and revalidate other software applications
• Validate computer software applications for their intended use
• Validate software whenever its intended use changes
• Maintain a record of your software validation and revalidation activities

What does a software validation process look like?

First, you need to adopt an approach which is proportionate to the level of risk that you're taking by using your electronic quality management system. Here's an example of a software validation process:

1. Understand the operational requirement
2. Produce a specification of the requirements
3. Choose a trusted supplier
4. Verify the software's capabilities
5. Validate the implemented system
6. Use formal change control, including revalidation
7. Resolve any non-conformities and deviations

Validation test plans

To validate your quality management system software, you'll need to put together a validation test plan. This is a document detailing the objectives, process required, description of the process, expected result, actual result and any comments or observations. 

How Ideagen can help with the validation

Ideagen will help you meet the ISO 13485 software validation requirements. We make sure that the validation process progresses smoothly and quickly by lessening the impact of many of the most time and resource-consuming tasks. Ideagen also provides you with templates and support throughout the validation test planning process.

We offer:

• System specification requirements (before you buy the system)
• Operational Qualification (OQ), Performance Qualification (PQ) and Installation Qualification (IQ) documentation
• Validation test scripts
• Validation test plans
• Validation templates
• Software verification
• System change control and validation
• Problem resolution process and tracking

Find out more about how our software can support you with ISO 13485 software validation here.

Written by

Alexander Pavlović

Alex produces targeted content to help Ideagen’s readers and customers navigate the complex world of quality, governance, risk and compliance.

Alex has worked with brands such as BT, Sodexo and Unilever and is passionate about helping businesses build a cohesive, collaborative culture of quality.