Why is necessary to qualify IT Infrastructure and what does it mean?

IT Infrastructure Qualification

One of the most important aspects to qualify the IT Infrastructure is the regulation compliance, in fact, it can be found in several points like:

  • “The application should be validated; IT infrastructure should be qualified.” Eudralex, Volum 4, Annex 11.
  • “GxP computerized systems should be validated for intended use, supporting infrastructure qualified, and equipment qualified and calibrated as necessary”. ISPE GAMP Guide: Records and Data Integrity.

The regulation compliance is not the only important aspect, qualifying an IT infrastructure also ensures the required mechanisms to manage it.

To qualify an IT Infrastructure is not obvious, depending on the scenario, one strategy or another should be applied to address it. Once the qualification is finished, a control of it is ensured and the assurance of how to deal with any setback in a quick and efficient manner. Moreover, also detects no conformities or uncovered risks that can jeopardize the service operation or data loss or other relevant risks.

But, what does it mean that an IT infrastructure is qualified?

Basically, an IT infrastructure must comply with all requirements (regulatory, technical and user). In general, in a qualified IT infrastructure the following items should be accomplished:

  • Control: All IT infrastructure elements should be identified and characterized and their configuration should be recorded and versioned.
  • Compliance: Some requirements arise from guides and regulation and they must be met.
  • Documentation: Like procedures, work instructions, operating manuals, changes, licenses and incidents or problems of the IT infrastructure.
  • Maintenance: To ensure that mechanisms to maintain the qualification status are available to handle future changes and service operating, in order to be ready before Go live.

Examples of qualifications: Datacenter, Network, Storage, Clients, Cloud service, Security Systems, Antivirus, Virtualization, Operating Systems and as processes like Backup & Restore, Disaster Recovery and User Management.

So important is to have GxP applications validated as having all IT infrastructure that supports it qualified.


Follow us on Twitter: PharmaITPS

Leave a Reply

Your email address will not be published. Required fields are marked *