|
R – package risk (baseline risk)
|
||||
|---|---|---|---|---|
| Low | Medium | High | ||
| Product risk | Low | No function testing required | No function testing required | No function testing required |
| Medium | No function testing required | No function testing required | Function testing required | |
| High | No function testing required | Function testing required | Function testing required | |
SCTO Computerized Systems Validation Policy for R
Document development, review and version history
Development and Review
| Name | Date | |
|---|---|---|
| Authored/Revised by | ||
| Reviewed by | ||
| Released by |
Version History
| Version | Date | Author | Summary of Changes |
|---|---|---|---|
| 0.1 | 2024-04-18 | Alan Haynes | Initial draft |
Introduction
This policy provides the framework for validating R and R add-on packages in use by Swiss Clinical Trial Organization (SCTO) and its SCTO network members1 for the purpose of creating R products in the context of clinical research. Validation may be executed on SCTO or CTU level, where the SCTO provides
- recommendations for R base installation validation,
- processes for R add-on package validation and
- a platform to serve as an inventory for documentation of all R add-on package validation performed by the SCTO and its network members according to this policy.
Validation activities in general ensure that computerised systems (CS) can be relied upon to consistently produce a product that meets predetermined specifications of accuracy. The formal process of validation results in a validation (documentation) package2.
The validation of a computerised system consists of the following elements:
- Infrastructure
- Hardware
- Software
- Processes
- Training
The validation activities focus on verifying that the software consistently fulfills the specified requirements. Processes must be in place to ensure that the infrastructure and hardware required for the functionality of the software are qualified and changes controlled. Additionally, all users and (if applicable) support personnel must be trained to use the software and follow related business processes.
Any GxP critical system supporting activities such as statistical analysis (e.g., in the context of clinical trials) should be validated according to the following international standards and guidelines:
- ICH E6: Guideline for Good Clinical Practice
- GAMP 5: A Risk Based Approach to Compliant GxP Computerized systems
- FDA 21 CFR part 11: Electronic Records; Electronic Signatures
- FDA 21 CFR part 11: Guidance for Industry
- FDA: General Principles of Software Validation
- Eudralex 4 Good Manufacturing Practice Guidelines, Annex 11: Computerised Systems
This SCTO policy is based on the ICH E6 guideline for Good Clinical Practice. FDA regulations and guidelines (US) and Eudralex 4 (EU) represent additional best practices for validation of computerised systems in the industry and may serve as a guideline for academical purposes.
Background
R is a ‘language and environment for statistical computing and graphics’ (source: the R file). It is an official part of the Free Software Foundation’s GNU project and is released under the Free Software Foundation’s GNU Public License . CTUs use R primarily, but not exclusively, in the preparation and analysis of data from supported studies. Internal use for other reporting, visualisation and business management might also take place, according to individual CTU needs, but is not the focus of this policy.
Installation and use of R is based on several levels and sources:
- The “official R distribution” (referred to as ‘R base installation’ in this document), which includes the R base and recommended packages (as defined in the R-foundation declaration with regards to validation and compliance, 2021) and is available via the Central R Archive Network (CRAN).
- Distribution of contributed R add-on packages provided by the community and available via CRAN.
- Distribution of R add-on packages provided by the community via other sources than CRAN (e.g., Bioconductor, Github, and various websites).
Additionally, R packages may be developed in-house for internal use only and not distributed via any of the channels mentioned above. If such packages or some of their functions are used in the GxP context (e.g., clinical trials), they must also be validated. This validation should, whenever feasible, follow the process outlined in this document and associated SOPs even if the R package is not shared with the SCTO community.
Scope
In Scope
- Recommendations for R base installation validation (the final process and all documentation has to be defined and prepared by each CTU according to their local processes)
- Processes for R add-on "intended for use” packages validation (incl. package risk assessment & functional testing)
Note
Processes for R add-on package validation described in this document are to be considered minimum requirements as shared by the SCTO platform. Individual organizations (CTUs) can define stricter processes.
Out of Scope
- Standards for IT infrastructure (to be defined on local level by the CTUs, see Section 5)
- R add-on package management to ensure traceability and reproducibility on R product level (to be defined on local level by the CTUs, see Section 5.3)
- Risk assessment and management of R products (to be defined on local level by the CTUs, see Section 5.4): Products are always CTU and clinical trial specific – a high-risk product may result in the need for additional validation activities for an R package, even if that package/ required function is available as “validated” on the SCTO platform.
- In general: any additional internal, organization specific, processes of CTUs.
Abbreviations & Definitions
| Terminology | Definition |
|---|---|
| CTU | Clinical Trial Unit. For purposes of this document: all SCTO network members. |
| CRAN | Comprehensive R Archive Network |
| EMA | European Medicine Agency |
| FDA | Food and Drug Administration |
| HLRA | High-Level Risk Assessment |
| HRA | (Swiss) Human Research Act |
| Intended for use package | "Intended for use” packages are add-on packages that comprise the functions required for a specific product and are typically loaded directly by the user during an R session. |
| Product | Any deliverable produced using R via the processes below. Typical statistical products include sample size estimation, statistical analysis plan, an analysis report etc. |
| QMS | Quality Management System |
| R add-on package |
|
| R Base Installation |
|
| SCTO | Swiss Clinical Trial Organization |
| SOP | Standard Operation Procedure |
| Validation Package | A set of documents that is prepared for documentation of the validation process. |
General R Validation Approach
The SCTO follows a risk-based approach to the validation of R. For the validation and assessment of risks, we differentiate between the following levels:
- IT infrastructure qualification (according to local CTU processes, see Section 5.1)3
- System level (R base installation, incl. recommended packages, according to local CTU processes, recommendations and examples provided by SCTO, see Section 5.2)
- Package level (R add-on packages/ functions used within those packages, according to SCTO processes, see Section 5.3)
- Product level (“intended use”/ outcome, according to by local CTU processes, see Section 5.4)
Important: To produce a product in R, under a validated environment, it must be ensured that R is running using a validated base installation version and qualified IT infrastructure with proper documentation, to ensure consistent and reliable results on all levels. The different levels build on each other:
- Qualified infrastructure provides the basis for the validation of the R base installation and any packages running on that installation.
- R base installation validation ensures that the basic installation of R (including recommended packages) provides a reliable framework on which additional packages can be installed (add-on packages) and functions from those packages executed.
- R add-on package validation ensures that all functions within an add-on package required for a specific product are sufficiently tested in relation to the package and product risk (see R Product Risk Assessment Metrics for details). This takes place by evaluating the base risk associated with an R package, and, upon necessity, performing specific function tests to ensure that functions required for a specific product (within an add-on package) produce consistent and reliable results from a statistical perspective (see R Function Testing SOP for details).
IT Infrastructure Qualification
The IT infrastructure qualification is managed at CTU level according to local IT processes. The risk associated with IT infrastructure components is usually low.
For the reliable use of R and statistical traceability it is important to note which IT infrastructure (specifically which operating system software and version) R is installed on and to ensure that the infrastructure on which R is running is qualified.
R Base Installation Validation
Every CTU must define:
- The minimal (validated) software version of the R Base Installation to be used at the CTU and a process of handling version changes.
- The R base installation validation package documenting the validation activities (see table below for recommendations).
The R base installation validation package is a set of documents that should be prepared to document the validation process. The following table lists all documentation that is typically prepared during a computerised system validation process according to global standards and guidelines. It additionally provides recommendations how this documentation may be covered when preparing an R base installation validation package. The exact content of the R base installation validation package (i.e., the required documentation) at a CTU should follow the local processes and all documentation must be prepared and approved by the CTU. For some of the documents listed below, the SCTO provides examples (as indicated under “Detailed Description”).
| Document | Detailed Description |
|---|---|
| R Base installation High-Level Risk Assessment (HLRA; also known as System Risk Assessment, SRA) | The HLRA is usually created once, with the first validation of an R base installation version and is valid for all future validated versions. It must be updated in case the scope/ intended use/ content of the software changes. The HLRA usually also documents the GxP relevance of the system and therefore the need to validate the system.
|
| Vendor Assessment | Vendor assessments are usually conducted with the first validation of a software version. Since R is an open-source software managed by a consortium, a traditional vendor assessment/ audit approach is not feasible. A critical review of “R: Regulatory Compliance and Validation Issues - A Guidance Document for the Use of R in Regulated Clinical Trial Environments” may suffice as vendor assessment and should be documented together with any gaps identified that may require attention during the validation of R and its packages. The assessment of this document should be repeated with a publication of a new article version, or in case the R consortium replaces the existing document, or periodically according to each CTU’s local periodic review processes.
|
| Validation Plan & Test Plan | The Validation Plan describes the details of the planned validation process, including required documentation and acceptance criteria for productive use. The Test Plan describes the testing strategy and testing process and may contain details on the tests to be executed. The exact content of both documents depends on the CTU’s local processes. The content of the two documents may also be covered in one “Validation & Test Plan”.
|
| (User) Requirements Specification | This document is usually created for the first validation of an R base installation version and should be reviewed, and if required updated, for future validated versions. It specifies the user requirements and intended use for the R base installation. It may also contain any compliance (e.g., data integrity), regulatory (e.g., personal data protection) and safety requirements (e.g., controlled access).
|
| Base installation (Functional) Risk Assessment | This document is usually created with the first validation of an R base installation version based on the user requirements or system functions supporting these requirements and should be reviewed and, if required, updated for future validated version.
|
| Software installation plan/ instruction | Typically, either the vendor or the local IT department provides a software installation plan/ instructions to follow when installing new software. In case of R, a specific “R software installation plan/ instruction” is not required. It should be sufficient to follow the instructions on CRAN when downloading and installing the new R base installation version. Important is that the installation of the R base installation and version management follow the CTU’s local processes for validated systems and that all versions installed are documented, including the date/ time of installation (see Installation Verification Document below). |
| Test scripts (“User Acceptance Tests”) | Test scripts are usually created with the first validated R base installation version and should be reviewed, and if required updated and/or new test scripts created, for future validated version. The tests must verify the functions of the R base installation supporting the user requirements. Test scripts provided by R may be used as-is or adapted/ extended as required. The scope of testing must be defined according to the CTU’s local processes and defined user requirements.
|
| Installation Verification document (TEST) | The purpose of this document is to provide evidence of the installation of a specific system version on an environment/ machine that is used for testing purposes before the new system version is released to production. In case of R this may be a separate document or an entry in an R repository or other “version tracker” (depending on your local IT processes). The following information should be captured:
Note: depending on your local processes it may not be feasible or even possible to do a preliminary “test installation” and perform tests before productive use of the new R base installation version (e.g., if R is distributed remotely by your local IT department). In this case, we recommend you still execute the tests after the installation and document the test execution. Should any issues be detected during testing, please inform your local IT department immediately. Ideally you implement a process that would ensure nobody is using the new R version for productive use before the tests are completed successfully (i.e., without major issues) and the validation & test report is approved (see “Validation & Test Report” below). |
| Executed test scripts (“User Acceptance Tests”) | Execute the pre-defined test scripts for each new R base installation version (i.e., follow the steps described in the test scripts) and document the outcome according to the CTU’s local processes.
|
| Traceability Matrix | Traceability between requirements and tests can be achieved by creating a separate document (traceability matrix) or by linking requirements and tests within the requirements and tests themselves. It is important, that whatever means is used, it is feasible to proof that all requirements are verified with a test (or if not tested formally, a rationale why the test is not required, e.g., low risk requirements which can be considered “verified” based on the experience by the user community). |
| Test Report and Validation Report | The Test Report and Validation Report are usually created (or at least updated to a new version) with every new R base installation version to be released for productive use. The main purpose is
The exact content of this report/ these reports depends on the CTU’s local processes.
|
| Installation Verification document (PROD) | The purpose of this document is to provide evidence of the installation of a specific system version on an environment/ machine that is used for productive purposes. In case of R, this may be a separate document or an entry in an R repository or other “version tracker” (depending on your local IT processes). The following information should be captured:
See also note under “Installation Verification document (TEST)”: In case of R base installation, the installation may only be documented once and not separately on “TEST” and “PROD”. Important is, that any version changes of the R base installation are managed and documented according to your CTU’s local IT change management processes. |
R Add-on Package Validation
The R Add-on Package validation package is a set of documents that should be prepared for the documentation of the validation process of an R add-on package following this policy and associated SOPs. The following table lists all documentation that is typically prepared during a computerised system validation process. It additionally provides details on how this documentation is covered for an R add-on package validation according to this policy.
| Document/ Activity | Detailed Description |
|---|---|
| Validation & Test Plan | No separate document is created. Rationale: The content typically contained in a Validation & Test Plan is determined, with respect to R add on packages, in the various steps of this policy and the associated SOPs and its documentation is specified therein as follows:
|
| Package High-Level Risk Assessment | The add-on package risk depends on factors described in the SCTO Risk metrics. The R add-on package high-level risk assessment should be documented according to the SCTO R-Package Risk Metrics on the SCTO designated platform. |
| (User) Requirements Specification | No dedicated (User) Requirements document is created. Rationale: The requirements and intended use of an R package and its functions can only be defined in relation to a product and the required outcome (“intended use”) of a specific function for that product. Therefore, the requirements can only be documented when planning the R product. Requirements shall be documented in the Statistical Analysis Plan or a Statistical Protocol or in other, similar documentation4. It is important that this “plan” indicates the intended use and what is required of the functions planned to be used within the R package. |
| Function Risk Assessment | The risk of separate functions within a package can only be assessed in relation to a product and the required outcome (“intended use”) of a specific function for that product (see Section 6). |
| Package installation plan/ instruction | There is no need for a separate installation plan or instruction. The installation follows a standard procedure using R base installation functions. One of the following procedures is followed:
|
| Test scripts | The process of writing and executing tests for the R add-on packages is covered in the SCTO Function Testing SOP. |
| Software installation verification (TEST) | No separate document is created. Rationale: The purpose of this document would be to provide evidence of the installation of a specific add-on package (version) for testing purposes. In the context of R add-on package validation it is not feasible to create a separate document. The tested R add-on package (version) functions are documented when following the SCTO Function Testing SOP. |
| Executed test scripts | Execute the pre-defined test scripts and document the outcome of each step as well as the overall outcome of the test script (see SCTO Function Testing SOP). |
| Validation & Test Report | The purpose of this document is to summarize all executed validation activities and their outcome, including testing and any defects found and/or any deviations from the original plan with a rationale. It documents the decision, if specific functions from an R add-on package (version) can be accepted for productive use or not and if there are any restrictions, specifies these restrictions (see SCTO Function Testing SOP). |
| Software installation verification (PROD) | No separate document is created. Rationale: The purpose of this document would be to provide evidence of the installation of a specific add-on package (version) for productive use. In case of an R add-on package and its functions the “productive use” is determined by the product upon calling library(). Therefore, it is not feasible to create a separate installation verification document. What needs to be ensured when using a specific function within an R add-on package:
|
R Product Validation
To be covered by local SOPs for statistical analysis execution at the CTUs. The R product validation should cover at minimum:
- Assessment of risk associated with the R product
- Assess the tools used within the R product
- Documentation for reproducibility and traceability
Risk Management
Given the different validation levels, also the risk needs to be assessed and managed on all those levels, specifically on:
- System level (R base installation, recommendations provided in this policy, documentation according to local CTU processes, see Section 5.2)
- Package level (R add-on packages, see R Package Risk Assessment)
- Product level (according to local CTU processes, see Section 5.4)
Depending on the outcome of the R add-on package risk assessment, the validation activities are adapted to be stricter for high-risk, or more high-level for low-risk packages. Thus, the testing of specific functions required for a specific product will be adapted depending on the combined risks from the package risk and product risk (defined on a local level):
User Training
All users performing statistical analysis and/or developing packages and creating products with R need to be qualified and trained according to their CTU’s guidelines.
All users (potentially) involved in validation activities (e.g., risk assessments, testing) must additionally be trained on this policy and the associated SOPs.
Periodic Review
Every 3 years the validation status of the R add-on packages in the SCTO validated package inventory should be reviewed if packages and/or functions were not updated and re-tested within that period. The review needs to be documented, even if no updates are required.
The periodic review of the R base installation validation package has to be defined and managed according to the CTU’s processes.
Associated Documents
- R Package Risk Metrics
- This document describes the metrics defining the risk of R add-on packages (development version).
- R Function Testing SOP
- This document describes the standard process for testing specific functions within an R add-on package (development version).
References
| Reference Title | Description |
|---|---|
| ICH E6: Guideline for Good Clinical Practice | International Council for Harmonisation, E6 Good Clinical Practice (1997) and Integrated Addendum to Good Clinical Practice (GCP) (2016) |
| The Good Automated Manufacturing Practice (GAMP) Guide 5: A Risk Based Approach to Compliant GxP Computerized Systems (ISPE/GAMP, 2 008) | Guideline for computerised systems validation in regulated environments issued by the International Society for Pharmaceutical Engineering (ISPE). Note that the content of GAMP 5 is not available online. |
| FDA 21 CFR part 11: Electronic Records; Electronic Signatu res | FDA regulation: Title 21—Food and Drugs, Chapter I - Food and Drug Administration, Department of Health and Human Services, Subchapter A - General, Part 11 — Electronic Records; Electronic Signatures (1997) |
| FDA 21 CFR part 11: Guidance for Industry | FDA guidance for Industry, Part 11, Electronic Records; Electronic Signatures - Scope and Application (2003) |
| General Principles of Software Validation; Final Guidance for Industry and FDA Staff (2002) | FDA guidance paper for computerised system validation. |
| EudraLex Volume 4: Good Manufacturing Practice (GMP) guidelines, Annex 11: Computerised Syst ems | European standard for comupterised systems validation. |
| R: Regulatory Compliance and Validation Issues - A Guidance Document for the Use of R in Regulated Clinical Trial Environm ents | R Foundation for Statistical Computing guidance document for the validation of R for the use in regulated environments. |
Footnotes
for purposes of this document referred to as CTUs = Clinical Trial Units↩︎
A validation package is a set of documents prepared for the documentation of the validation process itself.↩︎
For example, standards set by the local IT department.↩︎
User requirements for sample size estimation or power analyses are inherently the sample size or the power or a combination of both and do not need to be documented in a separate plan.↩︎