What do we mean when we say Computer System Validation (CSV)? 


Computerized systems are an integral part for the manufacturing and testing of medicinal products. They must undergo validation in adherence to GxP standards with a paramount focus on ensuring data integrity. Computerized system validation (CSV) is a meticulously structured process aimed at guaranteeing that a computerized system consistently and reproducibly performs its intended functions while upholding the integrity of the data it handles. This validation process commences with the definition of system proposals and requirements and spans through the decommissioning of the system, encompassing the retention of electronic records in alignment with regulatory guidelines. Despite questions surrounding the associated effort, particularly in the context of quantifying direct financial benefits, the validation of computer systems is legally mandatory.

The validation of computerized systems remains essential for upholding regulatory compliance and safeguarding data integrity.

Why do we need CSV? 



The pharmaceutical industry operates under strict regulations, with quality management being crucial in every aspect. It is imperative to ensure the safety of the final product for distribution or sale, and CSV is an integral part of meeting compliance requirements. 


Accuracy - It is essential to trust the precision of a system. 

Security - The system controls access and maintains an audit trail to document when changes are made. 

Reliability - The process guarantees that the system's results can be trusted throughout its entire life cycle. 

Consistency - Relying on the consistency of data is crucial throughout the entire life cycle of the system. 

Here are key points related to 21 CFR Part 11


Electronic Records: The regulation outlines requirements for the creation, modification, maintenance, retrieval, and transmission of electronic records. It emphasizes the need for accurate and reliable electronic documentation. 


Electronic Signatures: Part 11 provides criteria for the use of electronic signatures, ensuring that they are legally binding and equivalent to handwritten signatures. It includes requirements for user authentication and the secure use of electronic signatures. 


Audit Trails: The regulation mandates the use of secure, computer-generated, time-stamped audit trails to independently record the date and time of operator entries and actions. 


Access Controls: 21 CFR Part 11 requires the implementation of access controls to ensure that only authorized individuals have access to electronic records and electronic signatures. 


Validation: Systems subject to Part 11 must undergo validation to ensure that they perform as intended. This includes validation of software, hardware, and computer systems used in FDA-regulated processes. 


Documentation and Recordkeeping: The regulation establishes requirements for the creation and maintenance of accurate and complete copies of records in both human-readable and electronic form. 


Training: Organizations are required to provide training to personnel who use electronic systems or create electronic records to ensure their understanding of the system and compliance with Part 11 requirements. 


It's important to note that compliance with 21 CFR Part 11 is essential for companies operating in FDA-regulated industries. The regulation has implications for the use of electronic systems in clinical trials, manufacturing, and other aspects of the product development life cycle. As regulations may be subject to updates, it's advisable to refer to the latest version of 21 CFR Part 11 or consult with regulatory authorities for the most current information. 

Regulations and Guidelines 

EU Annex 11  / FDA 21 CFR Part 11 – Electronic Records and Electronic Signatures (ERES) 


  • „ Electronic record means any combination of text,…“ 

  • „ Electronic signature means a computer data compilation of…“ 

  • „ Each electronic signature shall be unique…“ 

  • „ User Requirements Specifications should describe…“ 

  • „ Data should be secured by both physical and electronic…“ 

  • „ Regular back-ups of all relevant data should be done.“ 

Contact your local Service & Sales Partner

Elke Wieser

Computer system validation
Contact us

Grazia Desantis

Contact us
[Translate to English:]

Christian Patterer

Contact us

Joris Buffels

Contact us
[Translate to English:]

Markus Hegenbart

Contact us

Eduard Sarbu

Contact us

Tomasz Feret

Contact us

Hendrik Pantlen

Contact us