ISBT Science Series (2013) 8, 70–72

STATE OF THE ART 1D-H07-03 © 2013 The Author(s).ISBT Science Series © 2013 International Society of Blood Transfusion

Application validation versus infrastructure qualificationR. HullemanIT Architect & IT Security Officer, Sanquin Blood Supply, Utrecht, the Netherlands

An often used method for application validation is the “black box” approach.The functionality or application is tested against predefined protocols and theresults are compared to also predefined expected results. The underlying infra-structure is automatically validated in combination with the application.

Audit Authorities and GMP regulations (Annex 11, GAMP) ask for a QualifiedInfrastructure nowadays.

An IT infrastructure is a complex system of IT components working togetherto enable the user to “use the applications” that run on it.

To qualify an infrastructure the infrastructure has to be split up in parts; the“infrastructure components”. The process of building and changing these compo-nents has to follow strict Quality requirements.

Key words: annex 11, architecture, GMP, infrastructure, qualified infrastructure.

An IT infrastructure is a complex system of IT compo-

nents working together to enable the user to ‘use the

applications’ that run on it. As a result, there can be

many stakeholders involved in this process. Each stake-

holder has their own ‘truth’ or ‘view’ of the infrastructure

(Fig. 1). Fig. 1 shows a general overview of these stake-

holders and their views, although this will be different for

each organization.

There are many tools to manage these different views,

such as BPM (Business Process Management) for the Busi-

ness, Document Management for QA or a CMDB (Config-

uration Management Database) for the Service desk. In

general, these tools will cover more than one view, but

not all views. An EAMT (Enterprise Architecture Manage-

ment Tool) covers all views and the relationships both

within and between views.

Stakeholders are often not aware of other stakeholders’

views.

How does this relate to application validation and

infrastructure qualification?

An often used method of validation is the ‘black box’

approach. The functionality or application is tested

against predefined protocols and the results are compared

with the predefined expected results. The underlying

infrastructure is automatically validated in combination

with the application. This has an impact on different

stakeholders and their responsibilities.

An R&I (Risk and Impact) process as part of the Infra-

structure Change procedure must determine whether a

change has an impact on validated infrastructure compo-

nents. If this is the case, the application owner has to be

informed and he has to decide (again, often based on an

R&I) whether a re-validation is necessary and if so, the

extent of it.

However, Audit Authorities and GMP regulations

(Annex 11, GAMP) ask for a Qualified Infrastructure

nowadays. To qualify an infrastructure, the infrastruc-

ture has to be split up in parts, called components.

There is no standard definition of such an infrastruc-

ture component available today. The process of building

these components has to follow the Quality require-

ments (Fig. 2):

Furthermore, for each validated application there has

to be a list of all qualified components that are used for

that application.

Changes within the qualified components have to fol-

low a re-qualifying procedure before these components

can be used in production environments. This approach

limits the risks of unwanted and/or unknown infrastruc-

tural changes within validated systems and decreases the

amount of effort required for validation as a result of in-

frastructural changes.

Correspondence: R. Hulleman, IT Architect & IT Security Officer,Sanquin Blood Supply, Lundlaan 8, 3584 EA, Utrecht, the NetherlandsE-mail: r.hulleman@sanquin.nl

70

QACompliensproceduresaudits

UserMy devicesare always connected

AdministratorStatusconfigurationdetails

Architect

ElementsRelationsConstrainsAttributes

Service desk

WhoWhatWhereTicketsStatus

Manager

NumbersmoneycontractsSLA’s

EnterpriseVisionstrategypolicy’s

BusinessEmployeesprocessesproducts

Fig. 1 Stakeholders views on infrastructure.

© 2013 The Author(s).ISBT Science Series © 2013 International Society of Blood Transfusion, ISBT Science Series (2013) 8, 70–72

Application validation versus infrastructure qualification 71

On the other hand, the management of a qualified

infrastructure creates new stakeholders and views as

defined in Fig. 1.

The Application Owner wants to be aware of all the

components that are used while running his application

(Fig. 3):

QA wants proof of the qualifying status of all compo-

nents in use (Fig. 4):

Ideally both views are managed using appropriate tooling.

Disclosure

The author has no conflicts of interest to declare.

Requirementspecification

High level design

Low level design

Installation guide

Component installation

Installation qualification

Operation qualification

Fig. 2 Component Qualification V-Model.

Applicationowner Components

Fig. 3 Application Owner view on Qualified Infrastructure.

QA Componentsstatus

Fig. 4 Application Owner view on Qualified Infrastructure.

© 2013 The Author(s).ISBT Science Series © 2013 International Society of Blood Transfusion, ISBT Science Series (2013) 8, 70–72

72 R. Hulleman