What is Software Code Review & Its Checklist to review source code in Computer system validation?

 


In Earlier post we understood what is Traceability Matrix, Its Use, & Benefits   in Computer system Validation.

Now in this article we are going to understand what is Software Code Review & Its Checklist to review source code in Computer system validation?

Software code review is performed to detect and fix coding errors before the system goes into formal testing. It verifies that the software has been developed in accordance with the design & programming standards have been followed.

Software code review is performed when supplier audit is not possible & vendor unable to provide strong evidence.

Data Integrity App

If vendor provide satisfactory evidence that source code was developed in effective manners & follow guidance software development life cycle then source code review not required.

Software code review is often implemented as code inspections & code walkthroughs. Such static analyses provide a very effective means to detect errors before execution of the code.

Code review is best done as early in the process as possible, preferably before submitting a module to test.


Software Code Review Checklist

A checklist is a useful means of ensuring that common mistakes are identified.

General

       Comments must be added at the beginning and the end of the blog code that user modify.

       Comment must clear, correct & it explain purpose.

       All parameters have descriptive names?

       Does the code work? Does it perform its intended function, the logic is correct etc.

       Is all the code easily understood?

       Does it conform to your agreed coding conventions? These will usually cover location of braces, variable and function names, line length, indentations, formatting, and comments.

       Is there any redundant or duplicate code?

       Are Folder names and types in conformity with the content and standard of developing tools?

       Do loops have a set length and correct termination conditions?

       Do the names used in the program convey intent?

Documentation

       Do comments exist and describe the intent of the code?

       Are all functions commented?

       Is the use and function of third-party libraries documented?

       Are data structures and units of measurement explained?

       Is there any incomplete code? If so, should it be removed or flagged with a suitable marker like ‘TODO’?

Security

       Are all data inputs checked (for the correct type, length, format, and range) and encoded?

       Where third-party utilities are used, are returning errors being caught?

       Are output values checked and encoded?

       Are invalid parameter values handled?

Performance

       Are there any obvious optimizations that will improve performance?

       Can any logging or debugging code be removed?

Testing

       Is the code testable? The code should be structured so that it doesn’t add too many or hide dependencies, is unable to initialize objects, test frameworks can use methods etc.

       Do tests exist, and are they comprehensive?

       Do unit tests actually test that the code is performing the intended functionality?



 “Trust but Verify “ Ronald Reagan

 

Across the internet, there are millions of resources are available which provide information about Everything.

 

If you found all content under one roof then it will save your time, effort & you will more concentrated on your important activity.

Data Integrity App

 

Our Data integrity app will helpful for understanding what Data integrity & CSV really means & How 21 CFR Part 11, EU Annex 11 & other regulatory guidelines affects in pharmaceutical Industry.

 

Data Integrity App Include 

- Basic Data Integrity Concepts

- ERES & Its Requirement

- CSV & Its best practices 

- Mock Inspection and General Q&A

- Checklist for inspection

- Inspection Readiness

- Useful SOP’s

- Stay Regulatory Compliant.

 

“Stay One Step Ahead in Pharma IT Compliance” 


Data Integrity App Link:


https://play.google.com/store/apps/details?id=com.innovativeapps.dataintegrity

 

Try our "Data Integrity" app which helps you to better understand current regulatory agencies thinking on Data Integrity & CSV.


Comments

Post a Comment

Popular posts from this blog

What is System Release Certificate (SRC) in computer system validation?

Image
  In Earlier post we understood What is Validation Master Plan, Its content & Regulatory requirement in Computer system validation? Now in this article we are going to understand what is System Release Certificate (SRC) in computer system validation. System Release Certificate (SRC) is authorizes the release of System for use in the Production Environment at Location for the users in the department. The objectives of this SRC are to certify that System has been successfully validated and can be used by the users in the department at Location. It is essential because it confirms that all project/system has been completed as per regulatory standard mentioned in project plan.   This certificate provides confirmation that all activities specified in the validation plan have been completed & all acceptance criteria have been met and the software is ready for deployment. All system-related documents/procedures will be provided, developed and/or will be revised be...
Read more

What is RTM & Its importance in CSV?

Image
  In Earlier post we understood What is Configuration Specification, Its Roles & Elements in Computer system Validation. Now in this article we are going to understand What is Traceability Matrix, Its Use, & Benefits    in Computer system Validation.   What is Traceability Matrix? (TM) A TM is a document that co-relates any two-baseline documents that require a many-to-many relationship to check the completeness of the relationship. It is used to track the requirements and to check the current project requirements are met. What is RTM? RTM is a method used to establish the relationship between documents. Its purpose is to ensure that requirements have not only been traced to the appropriate design elements but also that requirements have been met through test or other means of verification. The traceability matrix is a tool both for the validation team, to ensure that requirements are not lost during the validation project, and for auditors, t...
Read more

GxP Assessment & Categorization of Computerized System

Image
The first stage of whether a system requires a validation is to identify whether the system has a GxP impact. The result of the GxP Assessment and system Category checklist decided whether Validation required for computerized system. If Outcome is “GxP Applicable” then follow Computer system validation procedure and other risk assessment for validating the system. All systems which handle data or processes which fall under the impact of GxP or any other regulatory requirements must be validated Determine whether the application has been validated elsewhere you in organization. The amount of work required may be significantly reduced by referring some of the deliverables in as in state or with slight changes. The details must be addressed in the change control. If required any “Non GxP Applicable “systems that process data critical to operations of the business such as those involving financial, certain personal data etc. Quality assurance, IT, CSV responsibility person, HOD of ...
Read more