1.
GENERAL COMPANY INFORMATION
1.1 Name __________________________________________________________________ Address ________________________________________________________________ _______________________________________________________________________ Years in Business _________________________________________________________ Number of Employees _____________________________________________________Services Performed or Products Manufactured __________________________________
_______________________________________________________________________
_______________________________________________________________________
Prior Experience with (Company Name) ________________________________________
_______________________________________________________________________
_______________________________________________________________________
1.2 Please provide references for whom you have performed services similar to those to be performed for
(Company Name).
1.3 Describe the general financial status of your company.
Annual Sales _____________________________________________________________
_______________________________________________________________________
Current Financial Status ____________________________________________________
_______________________________________________________________________
Ownership Structure _______________________________________________________
_______________________________________________________________________
1.4 Do you have a Quality Assurance unit? If yes, how is it structured, and if no, how do you deal with
Quality Assurance functions? Please outline your Quality Assurance Units’ functions in software development.
1.5 Are you aware of the pharmaceutical industry practice of validating computerized systems? Are you
aware of FDA’s GMP requirements and how they apply to software used by FDA regulated industry?
1.5.1 Have you identified GMP requirements for your software? If so, what GMP issues have been
identified?
1.6 Do you have any experience in assisting a customer with validation of a system or its components? Please give an example.
2.
PRODUCT DEVELOPMENT INFORMATION
2.1 If product or service is of a customized nature, please provide major qualifications or resumes of
primary individuals involved.
2.2 Do you use professional standards? If yes, list; if no, describe your development process?
2.3 Are requirements and specifications written in early stages of development? If yes, describe this
procedure.
2.4 Do you follow a System Development Life Cycle approach or other formal system for software
applicationdevelopment? If yes, describe the system.
2.5 How do you assure that the methodology is followed? Describe. How do you document compliance
with the methodology?
2.6 Are throughs conducted at designated intervals during design? If yes, describe a typical
walk-through.
2.6.1 How are code walk-throughs documented?
2.6.2 Is this documentation available to the customer? To the FDA?
2.7 What procedure is followed when an error or anomaly is detected (e.g., program, system, hardware,
or data error)?
2.7.1 Is “unit” testing performed? How is it documented? Is this documentation available to the
customer? To the FDA?
2.7.2 Is software “integration” testing performed? How is it documented? Is this documentation
2.8 How is system testing performed and documented?
2.9 Who performs the tests?
2.10 Who approves the test plan and results?
2.11 Are challenges to the tests performed by someone other than the developer? Describe.
2.12 How do you assure that test procedures are followed?
2.13 Are test procedures routinely reviewed and updated? If yes, at what frequency?
2.14 At what point in new product or application development does the client or customer take ownership?
What software metrics are collected and evaluated?
3. TECHNICAL
DOCUMENTATION
Please advise if the following list of technical documentation is provided to a client or customer. If not, please offer explanation and alternative.
Diagnostic Kits
Description of Data Structures Sample of Output Reports
Hardware Manuals
Source Code
4. SECURITY
POLICY
4.1 Describe the physical security you have at the development facility.
4.2 Describe the specific forms of computer security in place to protect your software development.
4.3 Describe your software archiving and documentation storage procedures.
4.5 Describe how unauthorized changes to the source code are prevented.
5. CONFIGURATION
MANAGEMENT
5.1 Hardware/Equipment
5.1.1 Describe how a customer is notified of a recall.
5.1.2 Are recalls only honored during the warranty period?
5.1.3 Please provide warranty information.
5.2 Software
5.2.1 Describe the documentation/help on correcting bugs or errors when they are found.
5.2.2 Describe the documentation of error and solution.
5.2.3 Who authorizes software changes?
5.2.4 How do you ensure that the changes that are authorized are the ones made?
5.2.5 If you use procedures, are they adequate and complete, and do they provide control over
changes? Please provide an example of a control of change procedure.
5.2.6 If major changes to systems are released to the customer as new versions, when and how
are version numbers changed?
5.2.7 Describe how a customer is notified of a new version.
5.2.8 Are customers made aware of software defects detected by other customers? If so, describe
6. TRAINING
6.1 Describe the type of training you offer the customer.
6.2 Who performs the training?
6.3 Where is the training conducted?
7. PERFORMANCE
TESTING
7.1 List and describe the aspects of system performance that are tested (e.g., database, on-line
transaction volume, large dB batch processing, I/O performance).
7.2 Do you have performance testing results, and are they available for review? If yes, please be
prepared to provide these results.
7.3 Do you provide for user acceptance testing? Where and when does testing take place?
8. BACKUP/DISASTER
RECOVERY
8.1 Do you have a plan for software backup and storage of backups? If yes, please describe.
8.2 Do you have a plan for disaster recovery. If yes, please describe.
9.
Do you have a complete set of high level requirements for currently marketed systems?
9.1 Do you have a complete set of detailed software design specifications for currently marketed
systems?